FERC recently approved proposed Reliability Standard CIP-008-6, which expands the mandatory reporting requirements for Cyber Security Incidents that attempt to compromise the operation of the bulk power system.
FERC, CFTC, and State Energy Law Developments
The supply chain risks facing electric utilities have long been a concern for industry stakeholders and regulators alike. Reflecting those concerns, NERC submitted a report on May 28 to FERC recommending the expansion of requirements addressing supply chain cybersecurity risks for electric utilities, concluding that the scope of those requirements needed to expand to match the scope of the cybersecurity risk.
FERC Staff issued a report on March 29 on Commission-led critical infrastructure protection (CIP) reliability audits completed for fiscal years 2016 through 2018. The report provides lessons learned from those audits, as well as voluntary recommendations on cybersecurity practices to enhance the protection of electric infrastructure from cyberattacks.
The North American Electric Reliability Corporation (NERC) petitioned the Federal Energy Regulatory Commission (FERC) on March 7 to approve a revised reliability standard for electric utilities aimed at enhancing existing cybersecurity incident reporting.
The US Government Accountability Office (GAO) issued a report on December 18, 2018, identifying significant weaknesses in the Department of Homeland Security’s (DHS) Transportation Security Administration’s (TSA) Pipeline Security Program management and recommending improvements to address those weaknesses.
A new report by the National Infrastructure Advisory Council (NIAC) concludes that the nation is not prepared to adequately respond to a catastrophic power outage.
The Senate Energy and Natural Resources Committee on November 15 favorably advanced the nominations of Dr. Rita Baranwal (Assistant Secretary of Energy (Nuclear Energy)) and Bernard McNamee (Member, Federal Energy Regulatory Commission) to the full US Senate.
Eighteen governors, members of the Governors’ Wind & Solar Energy Coalition, issued an open letter on November 9 to the Federal Energy Regulatory Commission (FERC) to encourage the development of needed electric transmission that they claim existing federal efforts are insufficient to address.
The US Department of Homeland Security (DHS) announced the formation of the Information and Communications Technology (ICT) Supply Chain Risk Management Task Force (the Task Force) on October 30.
On October 18, the Federal Energy Regulatory Commission (FERC or Commission) issued Order No. 850, adopting a suite of reliability standards proposed by the North American Electric Reliability Corporation (NERC) to address the cybersecurity risks posed by supply chains for industrial control system assets and services in critical electric utility environments.