Skip to main content
close search
site logo
Dive Brief

Utility industry casts doubt on FERC's proposed cyber standards

Published Sept. 25, 2015
Robert Walton's headshot
Senior Reporter

Dive Brief:

  • The utility industry is pushing back on some proposals made by the Federal Energy Regulatory Commission  (FERC) to address cybersecurity weaknesses. A coalition of industry groups doubt FERC's authority to make some changes, questioning whether others are necessary, Fierce Energy reports. 
  • FERC has been trying to address cybersecurity across the utility supply chain, but a broad group of power providers say regulators lack authority to oversee third-party providers on the grid.
  • Moreover, the coalition told FERC that its revised critical infrastructure protection standards already address many security issues, and that regulators may be overstating the risk involved.

Dive Insight:

Over the summer, federal regulators laid out a series of modifications to critical infrastructure protection reliability standards designed to address growing concerns that the nation's bulk generation and transmission systems are vulnerable to cyberattacks. The Federal Energy Regulatory Commission (FERC) wanted the utility industry to develop new security protocols, including standards for data flowing across unsecured third-party networks.

But in comments filed this week by a broad range of utility groups, the industry cast doubt on FERC's authority to regulate some areas and said the issue overall may be blown out of proportion.

"While the Trade Associations agree that CIP and cybersecurity risks form a high priority strategic matter for the electric industry, no events or disturbances have taken place that indicate a problem or emerging pattern or trend," the group told FERC.

The coalition includes the American Public Power Association, the Edison Electric Institute,
Electric Power Supply Association, the National Rural Electric Cooperative Association, Electricity Consumers Resource Council, Transmission Access Policy Study Group, and the Large Public Power Council.

The groups also said FERC's CIP V5 standards already "address a broad range of supply chain issues," and cast doubt on the commission's ability to regulate third-party providers which are rapidly becoming a major player on the grid.

"The commission has no direct oversight authority over third-party suppliers or vendors and, in addition, cannot indirectly assert authority on them through jurisdictional entities," the groups said. FERC's rationale behind its claim to regulate them has no limits, the group said, and "without such limits, the Commission ostensibly could seek to regulate under the blanket rationale of 'supply chain' any number of areas, including fuel procurement or labor relations."

In July, Lloyd's of London issued a report aimed at informing the insurance industry as to the potential impacts of a widespread attack on the U.S. power grid. The analysis showed the total economic loss could range from $243 billion up to $1 trillion in the most damaging scenarios.

Recommended Reading

Filed Under: Regulation & Policy

Editors' picks

Company Announcements

View all | Post a press release
Oncor System Resiliency Plan Approved by PUCT
From Oncor
November 14, 2024
TESCO Solidifies Leadership in Electric Meter and EV Charging Station Accuracy
From TESCO - The Eastern Specialty Company
November 12, 2024
ABB launches next-generation medium voltage drive, designed to enhance industrial performance …
From ABB
November 19, 2024
Regional grid operator holds board meeting at boycotted hotel, drawing criticism from climate …
From Fix the Grid Campaign
November 06, 2024
Editors' picks
Latest in Regulation & Policy
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell