On February 5, 2021, the Federal Energy Regulatory Commission (“FERC”) published proposed regulations in the Federal Register that would provide federal financial incentives to utilities that voluntarily increase certain cybersecurity measures above those required by the Critical Infrastructure Protection Reliability
FERC
FERC issues notice of proposed rulemaking to extend reporting requirements for cyberattacks targeting the energy sector
On July 23 and 25, 2018, the U.S. Department of Homeland Security (DHS) held public briefings about an attempt by a state-sponsored Russian hacking group to target control systems for U.S. electrical grids and power plants. DHS’ webinar explained that the hackers obtained access to vendors providing computer services to electric utilities companies. This initial access enabled the hackers to gain entry to power company control systems through a complex series of security compromises lasting quite some time.
Energy cybersecurity still high on Washington agenda
Growing concern over the risk of cyberattack on our energy infrastructure continues to spur legislative and administrative action. In the last two weeks alone, both chambers of Congress and the Federal Energy Regulatory Commission (FERC) have made advancements with regard to proposals for strengthening the security of the national electric grid.