FERC Focus: Physical, Cyber Risks
The Federal Energy Regulatory Commission has established an office responsible for identifying, communicating and seeking comprehensive solutions to potential cyber and physical security risks to FERC-jurisdictional infrastructure.
The Office of Energy Infrastructure Security is intended to leverage the commission’s existing resources with those of other government agencies and private industry “in a coordinated, focused manner,” FERC Chairman Jon Wellinghoff said at the panel’s September meeting.
Effective mitigation of cyber crime and physical threats will require “a significantly more agile approach” than is presently available, he emphasized, requiring rapid interactions among regulatory, industry and federal and state agencies.
The new office’s efforts will be concentrated in four areas:
• Developing recommendations for identifying, communicating and mitigating potential cyber and physical security threats to jurisdictional energy facilities using existing statutory authority;
• Providing assistance and advice to other government agencies, jurisdictional utilities and Congress regarding potential cyber and physical threats and vulnerabilities;
• Participating in interagency and intelligence-related coordination and collaboration efforts with federal and state agencies and industry representatives on cyber and physical security matters related to jurisdictional energy facilities; and
• Conducting outreach with private sector owners, users and operators of energy delivery systems regarding identification, communication and mitigation of cyber and physical threats.
The infrastructure security office will be directed by Joseph McClelland, who has headed FERC’s Office of Energy Reliability since its 2006 inception. In making the announcement, Wellinghoff emphasized that the new office’s work would complement, and not replace, the commission’s existing regulatory processes for reliability.
The commission also underscored that it will continue to work closely with its certified reliability watchdog, the North American Electric Reliability Corp., following the reorganization.
“We can expect the new energy infrastructure security office, in addition to the FERC Office of Electric Reliability, to work closely with NERC on cyber security standards and related issues,” said Barry Lawson, NRECA associate director, power delivery and reliability.
“In addition, NRECA staff will continue working with Joe McClelland in his new position, and we will look to better understand the OEIS role at FERC and make sure NRECA members understand this as well.”
To sign up for the latest Regulatory Watch news alerts, click here.