Senate Bill Looks to Boost Electric Grid Cybersecurity

As cybercriminals continue to set their sights on public utilities, a bipartisan effort led by Sens. Lisa Murkowski (R-AK) and Joe Manchin (D-WV) is aiming to turn up the dial on U.S. electric grid cybersecurity.

Recently passed by the Senate Energy Committee, The Protecting Resources On The Electric Grid with Cybersecurity Technology Act (S. 2556), referred to as the PROTECT Act, will direct the Federal Energy Regulatory Commission (FERC) to give incentives to electric utilities to encourage them to boost their cybersecurity technology. For those utilities not regulated by FERC, the bill will establish a grant and technical assistance program for advanced cybersecurity technology at the Department of Energy (DOE).

Intensifying cybersecurity threats:

In recent years, the vulnerability of the U.S. electric grid has come under scrutiny as foreign operatives have increased their efforts to attack U.S. public utilities and compromise the country’s electric supply. A new report from Siemens and the Ponemon Institute found the rate of cyberattacks on the utility industry may be worsening. Fifty-six percent of those surveyed reported at least one shutdown or operational data loss per year, and 25% were impacted by a so-called “mega-attack.”

Regulators are already on high alert, as earlier last year, FERC had introduced stricter standards on electric grid cybersecurity, expanding the scope of attacks utilities need to report to grid reliability regulators and the U.S. Department of Homeland Security. Murkowski, the chairwoman of the Committee on Energy and Natural Resources and Manchin, the committee’s ranking member, hope this bill will stimulate the considerable investment in technology, human resources, and training needed to address this ever-evolving threat.

In a release from the U.S. Senate Committee on Energy & Natural Resources, Murkowski said, “We know the threat of cyberattacks by our foreign adversaries and other sophisticated entities is real and growing. Our bill takes steps to ensure utilities across our country are able to continue investing in advanced, cutting-edge cybersecurity technologies while also strengthening the partnership between private industry and the federal government.”

Utilities need to boost cybersecurity now:

Unfortunately, the general public has become all too aware of what a cybersecurity breach can do to a company and its customers. And just recently, more than a dozen smaller U.S. utilities were targeted when hackers used “phishing” emails to try to embed malware to take control of the utilities’ computers.

So now more than ever, hardening cybersecurity defenses is an absolutely critical step utilities must take to protect themselves and the grid from being compromised by malicious actors. The federal government has the right idea in stepping up now to work with electric utility companies. It will require mobilizing the combined resources of the electric utility companies and the federal government to develop the technically advanced defenses essential to protecting the U.S. energy grid against the nation-states and other threat actors that either have built, or are building, sophisticated capable of exploiting cyber vulnerabilities in our existing infrastructure. If passed in the full Senate, this bipartisan effort will be an important step to ensuring the lights always stay on for the country’s homes and businesses.

In addition, the National Association of Regulatory Utility Commissioners has stepped up by issuing guidance for regulated utilities in this area through informational sessions and through its Critical Infrastructure Committee, which provides state regulators a forum to analyze and collaborate on solutions to utility infrastructure security and delivery concerns.

The original article can be viewed in its entirety here.

Alan M. Seltzer (LAW ’78) is a Shareholder at Buchanan, Ingersoll, & Rooney PC where he is the Co-Chair of the firm’s Power Generation, Renewable & Utility Practice Group. Alan focuses his practice on domestic and international electric, gas, water, and transportation matters with a concentration on transactions and litigation/appellate matters before various state and federal courts and administrative agencies.

Sue C. Friedberg is a Shareholder at Buchanan, Ingersoll, & Rooney PC where she is the Co-chair of the Cybersecurity and Data Privacy Group. Sue advises clients about the rapidly evolving standards of care for safeguarding confidential information and responding effectively to security incidents that threaten to compromise valuable or protected information.

Edward G. Hild is a Principal at Buchanan, Ingersoll, & Rooney PC where he works in the government relations practice group. Ed joined Buchanan after nearly 20 years on Capitol Hill, serving in various positions, most recently as chief of staff for U.S. Senator Lisa Murkowski (R-AK) and as legislative assistant, legislative director, and deputy chief of staff for former U.S. Senator Pete Domenici (R-NM). Ed has extensive experience in the authorization and appropriation processes in Congress, especially as they relate to the energy and natural resources industry and the defense industry.

Leave a Comment