The Cybersecurity and Infrastructure Security Agency (CISA) issued a request for information (RFI) on the new cyber incident reporting requirements for critical infrastructure owners as required by the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA).
FERC, CFTC, and State Energy Law Developments
Be sure to check out the latest issue of Empowered, our energy industry newsletter.
The North American Electric Reliability Corporation (NERC) filed its 2022 NERC Standards Report, Status and Timetable for Addressing Regulatory Directives summarizing the progress made and plans for addressing the reliability standard-related directives issued by applicable governmental authorities. NERC reported that since March 29, 2021, the date of NERC’s last annual report, it filed petitions with the Federal Energy Regulatory Commission (FERC) addressing four reliability standards-related directives.
The Federal Register recently published the US Department of Energy’s (DOE) notice of Request for Information (RFI) seeking public input on energy sector supply chains. The RFI requests that stakeholders provide comment on a wide variety of issues concerning supply chains of energy and related technologies.
As has been reported, a recent ransomware attack has caused an interstate pipeline and fuel supplier to much of the eastern United States to shut down its operations. Although the attack did not compromise operational systems, the company opted to cease operations as a precautionary measure.
FERC approved revisions to three Critical Infrastructure Protection (CIP) North American Electric Reliability Corporation (NERC) Reliability Standards to expand the scope of the assets subject to supply chain cybersecurity requirements and related obligations. Supply chain cybersecurity continues to be a focus of NERC, energy industry stakeholders, and government regulatory and securities agencies.
President Joe Biden signed an executive order on February 24 to address possible vulnerabilities in the supply chains of critical national economic sectors, including the energy sector. The executive order directs various executive departments and agencies to complete, in coordination with private stakeholders, a series of assessments to evaluate the resiliency of supply chains in those key sectors. In his prepared remarks, President Biden explained that the order was prompted partly by concerns surrounding shortages in semiconductors, which are vital components of electronic devices used in everything from mobile phones to motor vehicles.
In May 2020, US President Donald Trump issued Executive Order 13920, banning the unrestricted import or use of certain categories of bulk-power system electric equipment from foreign adversaries, with a focus on Russian and Chinese equipment suppliers. The future of that regulation is now up in the air.
The US Congress adopted extensive federal energy policies in the Energy Act of 2020 (Energy Act), which President Donald Trump signed into law on December 27 as part of the Consolidated Appropriations Act, 2021.
At its December open meeting, FERC proposed to establish rules for incentive-based rate treatments for voluntary cybersecurity investments by a public utility.