Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Webinar: Sample Cybersecurity Procurement Clauses for EV Charging Infrastructure

April 18, 2023

The Joint Office has partnered with Pacific Northwest National Laboratory and Idaho National Laboratory to develop sample cybersecurity procurement clauses, which may assist state agencies or others in writing requests for proposals and contracts for National Electric Vehicle Infrastructure (NEVI) Formula Program EV charging station installation and operation.

The purpose is to assist the states in establishing a secure life cycle approach to EV charging infrastructure that begins at the discharge of the procurement agreement. The sample cybersecurity procurement clauses were gleaned from best practices derived from industry publications, research, and interviews with the U.S. Department of Transportation and state departments of transportation.

Audience members left the webinar with a better understanding on how the sample procurement clauses may be used to:

  • Help states clearly communicate expectations and requirements.
  • Ensure cybersecurity is included throughout the procurement life cycle.
  • Provide a starting point for the acquisition process.
  • Empower states to select clauses that are most applicable to their specific procurements.

Key takeaways

  • Across many sectors, grant programs have various requirements, requiring some level of cybersecurity planning. He emphasized that these sample cybersecurity clauses are meant to empower the state or the user to select the clauses that are most applicable to their situation and the type of procurements that they will be using.
  • It is important to bake cybersecurity into any design process.
  • Requiring a third-party annual evaluation of the installed system is a useful way to measure effectiveness of meeting cybersecurity requirements. Cybersecurity is a changing field that will evolve over time. Accordingly, the contracts themselves may need to have the clauses updated.