In an effort to assess federal and private efforts to improve cybersecurity in the United States energy sector during the ongoing pandemic, the full Senate Energy and Natural Resources Committee held a hearing this week attended by executives and administration officials alike.
That pandemic, said Ranking Member Joe Manchin (D-WV), has forced the industry to accept and adapt to new troubles and vulnerabilities exacerbated by more employees working remotely. It has also been a lesson in how preparation is key — and how devastating a lack of preparation can be. Therefore, a significant focus for the committee was on how to improve collaboration on cybersecurity and critical infrastructure protection efforts.
“You all know well that threats to critical infrastructure are serious and increasing,” Manchin said. “Legacy grid systems were not designed to defend themselves against modern cyberattacks, and, as they grow more and more connected to the internet, our electric systems grow more and more vulnerable.”
Attending the hearing were witnesses Alexander Gates, senior advisor at the U.S. Department of Energy’s Office of Policy for Cybersecurity, Energy Security and Emergency Response; Joseph McClelland, director of the Federal Energy Regulatory Commission’s Office of Energy Infrastructure Security; Steve Conner, president and CEO of Siemens Energy, Inc.; and Thomas O’Brien, senior vice president and chief information officer for PJM Interconnection.
Of particular concern is how interconnected the larger system is. One company could be rather exhaustive in its efforts at security, but without collaboration, another link in the chain could still leave the grid exposed. Manchin hit on this point when engaging with O’Brien, pondering if PJM, for example, could test other companies to see if they were up to PJM’s standards, and to assess potential vulnerabilities. However, O’Brien disagreed.
“That’s something that we don’t feel is in our jurisdiction based on how we operate,” O’Brien said. “We do collaborate a lot with the members, but we don’t do that. Let me clarify; we do extensive red teaming and penetration testing on our own systems. What we don’t do is red teaming and penetration testing on our member company’s systems, where data flows into us.”
For his part, Manchin implied he would follow-up with PJM and similar entities to pursue opportunities for security testing throughout the system, not just on their end.
The power industry and policymakers should consider implementing several recommendations now to meet expected supply shortfalls prior to the start…
Looking to cut down on the difficult nature of the work for humans and improve consistency of the outcome, the…
Toledo Edison this month began a massive streetlight conversion project through Sylvania, Ohio, installing the first of 1,650 LED replacements.…
Peter Sena III has been named the new chairman and CEO of Southern Nuclear, a subsidiary of the Southern Company.…
The U.S. Department of Energy’s (DOE) Argonne National Laboratory (ANL) is con structing a research and development (R&D) facility to…
A program that provides a 10 or 20-percentage point boost to the investment tax credit for qualified solar or wind…
This website uses cookies.