Homeland Security Committee Introduces HR 2195, a Bill to Secure the Nation’s Electric Grid
April 30, 2009 (WASHINGTON) — Today, Rep. Bennie G. Thompson, Chairman, U.S. House Committee on Homeland Security issued the following statement regarding the introduction of the “Critical Electric Infrastructure Protection Act” (HR 2195):
“The electric grid is highly dependent on computer-based control systems. These systems are increasingly connected to open networks such as the Internet, exposing them to cyber risks. Any failure of our electric grid, whether intentional or unintentional, would have a significant and potentially devastating impact on our nation.
For years, my Committee has been concerned about this possibility. In 2007, the Committee learned that the electric industry was not mitigating a dangerous control system vulnerability known as “Aurora.” We launched a series of investigations and held two hearings to understand what was being done in the public and private sectors to mitigate this and other cyber vulnerabilities.
The findings were disturbing. Most of the electric industry had not completed the recommended mitigations, despite being advised to do so by the Federal Energy Regulatory Commission and the North American Electric Reliability Corporation. This effectively left many utilities vulnerable to attacks. Furthermore, in spite of existing mandatory cybersecurity standards, the North American Electric Reliability Corporation (“NERC”) recently reported that many utilities are underreporting their critical cyber assets, potentially to avoid compliance requirements.
We must ensure that the proper protections, resources and regulatory authorities are in place to address any threat aimed at our power system. The Critical Electric Infrastructure Protection Act will do four things to improve our defensive posture:
• Provides FERC with the authorities necessary to issue emergency orders to owners and operators of the electric grid after receiving a finding from DHS about a credible cyber attack.
• Requires FERC to establish interim measures deemed necessary to protect against known cyber threats to critical electric infrastructure. This will improve existing mandatory standards.
• Requires DHS to perform ongoing cybersecurity vulnerability and threat assessments to the critical electric infrastructure, and provide mitigation recommendations to eliminate those vulnerabilities and threats.
• Requires DHS to conduct an investigation to determine if the security of Federally-owned critical electric infrastructure has been compromised by outsiders.
I believe that this legislation adopts a common-sense approach towards securing our electric grid from cyber attack, and I look forward to working with Senator Lieberman and the rest of our colleagues on bipartisan, bicameral basis to see that this bill is enacted.”
FOR MORE INFORMATION:
Please contact Dena Graziano or Adam Comis at (202) 225-9978
