Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

Ballooning energy demand means reassessing resilience, DOE cyber chief says

(McCrary Institute)

By Don Kauffman

Electricity demand is surging fast enough to force a rethink of what “keeping the lights on” means in 2026 — and DOE’s Alex Fitzsimmons argues the cyber side of that story is being misunderstood if it stays stuck in an IT-only frame.

In a Cyber Focus podcast conversation with host Frank Cilluffo, Fitzsimmons — the Trump administration’s acting under secretary of Energy and director of the Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response (CESER) — tied the government’s “energy dominance” agenda to a blunt reality: load growth from data centers and AI is colliding with an energy system that still has to withstand storms, nation-state threats and supply chain vulnerabilities.

For Fitzsimmons, the most consequential cyber risk sits in operational technology — the systems that run generation and the grid — rather than the breaches and privacy failures that dominate public attention. “That’s when you’re talking about life or death. Literally. Privacy, data breaches, all of these things are important. They matter. They matter. But OT matters more. Keeping the lights on matters more,” he said.

That framing sits atop a second pressure point: who pays to expand the system. Fitzsimmons argued the political durability of the AI-driven buildout depends on preventing ratepayers from being forced to subsidize private load growth. “These tech companies recognize that for their technology to be politically and economically viable, that the American people cannot be shouldered with the burden of new data centers,” he said, adding that companies have “pledged to pay for all of the associated generation and transmission network upgrades that are necessary to connect the load that they’re seeking to build.”

Fitzsimmons also described DOE’s view of the reliability math underneath the demand story. He said a DOE resource adequacy effort concluded the country was on track to lose a large tranche of “reliable dispatchable generation” while simultaneously needing to build new supply and infrastructure to meet the AI-era load curve. “We were set to lose 100 gigawatts of reliable dispatchable generation by 2030, at the same time that we may need to build 100 gigawatts of generation and associated infrastructure to win the AI race and onshore manufacturing and meet all of these goals,” he said. Fitzsimmons said the administration’s response has been to “rapidly reverse that policy and that path” with a three-part strategy to “stabilize, optimize and grow the energy system.”

But Fitzsimmons also argued that the buildout can’t come at the expense of resilience and security — particularly as the grid becomes more digitized and more distributed. “We have to do it securely so we can’t sacrifice security for speed,” he said, pointing to supply chain exposure and vulnerabilities tied to newer grid technologies as risks that can scale alongside expansion.

That warning sharpened further when Fitzsimmons described what he sees as the modern threat posture: adversaries already inside systems, waiting for a moment of leverage. “We’re very concerned about prepositioning nation-state threat actors inside critical infrastructure, holding it at risk for a time and place they’re choosing,” he said.

Taken together, Fitzsimmons’ argument is that the demand surge is pushing the U.S. to add infrastructure faster — and that the test is whether that expansion can happen without widening the grid’s attack surface or deepening supply chain dependence.

For more on this and other important cyber topics, check out the full catalog of Cyber Focus podcasts.

Click to listen highlighted text!