Tag archives: Energy

Incentivizing public utilities to enhance cybersecurity: FERC’s proposed regulation

Photo of Will Daugherty (US)Photo of Susan Ross (US)By Will Daugherty (US) and Susan Ross (US) on Posted in Cybersecurity
Norton Rose Fulbright - Data Protection Report blog

On February 5, 2021, the Federal Energy Regulatory Commission (“FERC”) published proposed regulations in the Federal Register that would provide federal financial incentives to utilities that voluntarily increase certain cybersecurity measures above those required by the Critical Infrastructure Protection Reliability Standards (“CIP Reliability Standards”) or by the NIST, Framework for Improving Critical Infrastructure Cybersecurity (“NIST Framework”). (86 Fed. Reg. 8309-8325 (Feb. 5, 2021).)

To obtain the incentive, these voluntary measures must “materially enhance the cybersecurity posture of the bulk-power system by enhancing the applicants’ cybersecurity posture substantially above levels required by CIP Reliability Standards, to the benefit of ratepayers.”   The … Continue Reading

FERC issues notice of proposed rulemaking to extend reporting requirements for cyberattacks targeting the energy sector

Photo of Susan Ross (US)Photo of Alexis Wilpon (US)By Susan Ross (US) and Alexis Wilpon (US) on Posted in Compliance and risk management, Cybercrime, Data breach
Data Protection Report - Norton Rose Fulbright

On July 23 and 25, 2018, the U.S. Department of Homeland Security (DHS) held public briefings about an attempt by a state-sponsored Russian hacking group to target control systems for U.S. electrical grids and power plants. DHS’ webinar explained that the hackers obtained access to vendors providing computer services to electric utilities companies. This initial access enabled the hackers to gain entry to power company control systems through a complex series of security compromises lasting quite some time. … Continue Reading

Energy cybersecurity still high on Washington agenda

By on Posted in Regulatory response
Data Protection Report - Norton Rose Fulbright

Growing concern over the risk of cyberattack on our energy infrastructure continues to spur legislative and administrative action.  In the last two weeks alone, both chambers of Congress and the Federal Energy Regulatory Commission (FERC) have made advancements with regard to proposals for strengthening the security of the national electric grid.… Continue Reading

Energy cybersecurity – a critical concern for the nation

By on Posted in Compliance and risk management, General, Regulatory response
Data Protection Report - Norton Rose Fulbright

We have long recognized that effects of cyber-attacks are not limited to the virtual space, and can affect our physical environment. For example, a stolen trade secret may lead to a competitor who copies the design, to lost sales, to lost jobs. However, the relationship between cybersecurity and physical security is far more direct and significant in the energy sector. There are many examples of devastating impacts stemming from energy infrastructure disasters, and the energy sector’s ever increasing automation and reliance on the digital world for its operations vastly increases its vulnerability to cyber-attacks. The energy sector comprises one of … Continue Reading

LexBlog