• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

Electric Power Supply Association

  • Podcast
  • About EPSA
    • Our Policy Principles
    • EPSA Members
    • Our Staff
    • Careers
  • Contact
  • FAQ
EPSA

EPSA

  • Filings
    • Federal Energy Regulatory Commission
    • Federal
    • Judiciary
    • State
    • ISOs/RTOs
  • Newsroom
    • Press Releases
    • Media Contacts
    • Power Moves Newsletter
    • Factsheets and White Papers
    • Opinion and Commentary
    • Social Media
    • Podcast
  • Competitive Solutions
    • Reliable Power
    • Cost Savings
    • Environmental Progress
      • Competitive Emissions Policy Primers
    • Energy Innovation
    • In Your State
  • For Members
    • EPSA Membership
    • Committees
  • PowerFacts Blog
Home / Newsroom / Press Releases / EPSA Joins Trades Coalition on Details of Cyber Security Legislation

July 21, 2015

EPSA Joins Trades Coalition on Details of Cyber Security Legislation

By EPSA

Energy Reliability and Security Discussion Draft: Critical Electric Infrastructure Security

New Federal Authority to Address Grid Security Emergencies Would Be Most Effective by Focusing on Immediate Threats

Key Message

New federal authority is appropriate to address imminent grid security emergencies, but it is not necessary or appropriate for dealing with grid security vulnerabilities as those are addressed through the existing FERC/NERC process in coordination with owners and operators of the bulk-power system.

Background

Section 1204, Critical Electric Infrastructure Security, of Title I of the Committee’s Architecture of Abundance discussion draft would give the Secretary of Energy new authority to address imminent grid security emergencies while facilitating the protection and voluntary sharing of critical electric infrastructure information.

It could be beneficial for a single federal agency – in this case the Department of Energy – to have authority to order specific emergency measures to protect the bulk-power system in the event of a real grid emergency. However, such emergency authority need not—and should not—be expanded further to include all types of grid vulnerabilities, which are already addressed under current law, industry standards and best practices.

Since 2005, Section 215 of the Federal Power Act has provided a statutory and regulatory framework for addressing bulk-power system reliability and cyber security. Under Section 215, the North American Electric Reliability Corporation (NERC), working with electric industry experts, regional entities and government representatives, develops mandatory and enforceable reliability and security standards that apply across the international bulk power system. The Federal Energy Regulatory Commission (FERC) has authority to approve or remand those standards for modifications. Penalties for violating FERC-approved standards can reach $1 million per day per violation. The electric power industry is the only critical infrastructure sector with such standards.

Under Section 215, FERC, on its own initiative, can direct NERC to develop a standard to address a specific matter, which could include vulnerability issues. The Commission has exercised this authority in recent years with regard to geomagnetic disturbances and physical security, for example.

In response to concerns about the length of time it takes to develop standards, NERC has made continued improvements to shorten the time it takes develop its standards. Recently, the NERC standards development process proved successful in the development of physical security standards, which NERC and industry stakeholders crafted and approved for submission to FERC in 77 days.

Important Points

  • Vulnerabilities are not the same as emergencies or threats, which involve a higher level of urgency and risk.
  • Giving the Department of Energy emergency authority to address vulnerabilities would negatively impact the reliability regime established in section 215 of the Federal Power Act, which could result in duplicative, conflicting, or unworkable standards across the diverse North American grid and would undermine the effectiveness of NERC as an international standards-development body.
  • Cybersecurity information sharing legislation that has already passed the House will provide government and the private sector important new tools and incentives to promptly share information about cyber threats and vulnerabilities. Sharing clear and actionable information about vulnerabilities and remediation strategies among affected stakeholders and public-private partnerships are the most effective ways to address all but the most urgent emergency situations.
Download Press Release

Filed Under: Press Releases

Primary Sidebar

  • Media Contacts
  • Press Releases
  • Power Moves Newsletter
  • Factsheets and White Papers
  • Opinion and Commentary
  • Social Media
  • Podcast

Share

Home Page Help Area

Sign up for EPSA’s Power Moves newsletter – a monthly update on the road to a cleaner, affordable and reliable energy future that works for all Americans.

LEARN MORE

Footer

1401 New York Ave. NW
Suite 950
Washington, DC 20005

p 202.628.8200
f 202.628.8260

  • Facebook
  • LinkedIn
  • Twitter
  • Home
  • About EPSA
  • Filings
  • Newsroom
  • For Members
  • Contact
  • PowerFacts Blog
  • FAQ

Copyright © 2022 | Electric Power Supply Association. All rights reserved. | Privacy Policy >