Bills aim to bolster electric grid's cybersecurity
The chairmen of the House and Senate committees that oversee homeland security plan to introduce legislation today that would expand the authority of the Federal Energy Regulatory Commission (FERC) to protect the country's electricity grid from cyber threats. The legislation would also require the Homeland Security Department to conduct ongoing assessments of cyber threats to the nation's critical electricity infrastructure and recommends corrective measures.
The measures Rep. Bennie Thompson (D-Miss.) and Sen. Joseph Lieberman (I-Conn.) are set to introduce would give FERC the authority to require utility companies to take protective action against cyber threats identified by national security agencies. The legislation would also give FERC the authority to issue rules or orders to protect critical elements of the electricity infrastructure. The commission would also be able to issue emergency rules or orders without prior notice if a threat is imminent.
In addition, the bill would require DHS to investigate whether the federally owned portion of the electricity infrastructure has been compromised and report its findings to Congress. The department would also have to assess cyber threats to the critical infrastructure on an ongoing basis and provide mitigation recommendations.
Private companies own and operate much of the electricity infrastructure. After the Wall Street Journal recently reported that spies had infiltrated the electricity grid, Thompson promised to introduce legislation to deal with the problem. He cited "a significant gap in current regulation to effectively secure this infrastructure."
"The effective functioning of this infrastructure is highly dependent on computer-based control systems that are used to monitor and manage sensitive processes and physical functions," a draft of his legislation states. "In the interest of national security, and to enhance domestic preparedness for and collective response to a cyber attack by a terrorist or other person, a statutory mechanism is necessary to protect the critical electric infrastructure against cybersecurity threats."
Meanwhile, Rep. John Barrow (D-Ga.) introduced a separate bill (H.R. 2165) April 29 to deal with known cybersecurity threats to the bulk power system and provide emergency authority to deal with future threats to that system. Rep. Henry Waxman (D-Calif.), chairman of the House Energy and Commerce Committee, co-sponsored the measure.
That committee's Communications, Technology and the Internet Subcommittee plans to hold a hearing May 1 on cyber threats to critical infrastructure such as the electricity grid.
Ben Bain is a reporter for Federal Computer Week.