Yesterday, Senate Homeland Security and Governmental Affairs Committee Chairman Joseph Lieberman (I-CT) and House Homeland Security Committee Chairman Bennie Thompson (D-MS) introduced a bill that would dramatically increase the authority of the Federal Energy Regulatory Commission (FERC) to respond to cyber threats to the nation’s power grid. Under the proposed bill, the Critical Infrastructure Protection Act (H.R. 2195 and S. 946), FERC would have the authority to immediately respond to cyber threats identified By the Department of Homeland Security (DHS). In introducing the bill, Senator Lieberman stated: “We rely on cyberspace for so much of what is at the heart of our way of life. And our systems are not protected. We are focusing on the electricity cyber structure today because electricity is what so many critical sectors of the economy depend on.”
The proposal is a direct response to recent events and threats, including news reports noting that the U.S. electrical system has been “routinely penetrated and compromised” By foreign actors, and the ongoing industry efforts to connect grid control systems to open networks. In addition, the bill notes that industry compliance with the existing Critical Infrastructure Protection (CIP) Reliability Standards has been problematic, as revealed By the recent North American Electric Reliability Corporation (NERC) report indicating that only 23% of utilities reported having Critical Cyber Assets. The bill suggests that this indicates that “many utilities are underreporting their assets, potentially to avoid compliance requirements.” Read more…