Skip to main content
close search
site logo
Dive Brief

FERC expands cybersecurity reporting standards to include non-disruptive incidents

Published June 21, 2019
Iulia Gheorghiu's headshot
Iulia Gheorghiu Editor
Adobe Stock

Dive Brief:

  • The Federal Energy Regulatory Commission (FERC) approved on Thursday an order to expand reporting requirements for attempts to compromise the national grid, a move it expects will improve the security of the bulk electric system.
  • The order mandates reporting of cyber events and creates guidelines for the content, along with filing deadlines and how the reports are to be disseminated. The changes will "enhance the reliability of the Bulk-Power System by providing a more accurate picture of the rapidly changing cyber threat landscape," FERC staff said at a presentation yesterday during its open meeting.
  • On the same day, FERC Commissioner Cheryl LaFleur announced she will leave in August, creating the second nomination spot for the Trump administration to fill. Her final FERC public meeting will be in July.

Dive Insight:

Previous to the order, reports were only required when an incident had compromised or disrupted reliability tasks. However, as the North American Electric Reliability Corp. (NERC) stated in its annual report of the U.S. power grid's 2018 performance, cyber events to cause non-reliability disruptions have continued to grow.

While no cyber or physical security incidents resulted in loss of load last year, NERC warned that cybersecurity vulnerabilities on the electric grid "are increasing."

"It is vital that we ensure that NERC and the Department of Homeland Security have all the information needed to understand the evolving threat landscape for industrial control systems," Chatterjee said in a statement.

Reports and updates on cyber events will be sent to NERC's Electricity Information Sharing and Analysis Center and the Department of Homeland Security's National Cybersecurity and Communications Integration Center.

The new reliability standard is in response to a directive from FERC Order 848. It gives utilities or responsible entities the flexibility to develop assessments needed for their systems while creating a standard for reporting on attempts to compromise cyber systems associated with electronic security perimeters, physical security perimeters, and electronic access control/monitoring systems.

Filed Under: Regulation & Policy

Editors' picks

Company Announcements

View all | Post a press release
Uplight’s Platform Empowers Utilities to Improve Business Customer Engagement
From Uplight
October 31, 2024
TESCO Solidifies Leadership in Electric Meter and EV Charging Station Accuracy
From TESCO - The Eastern Specialty Company
November 12, 2024
Oncor System Resiliency Plan Approved by PUCT
From Oncor
November 14, 2024
Survey: Spanish-Speaking Households More Likely to Struggle Paying Their Electric Bills
From Smart Energy Consumer Collaborative (SECC)
October 29, 2024
Editors' picks
Latest in Regulation & Policy
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell