At its October monthly meeting, the Federal Energy Regulatory Commission adopted new reliability standards addressing cybersecurity risks associated with the global supply chain for Bulk Electric System Cyber Systems. The new standards expand the scope of the mandatory and enforceable cybersecurity standards applicable to the electric utility sector.
Continue Reading FERC Adopts Supply Chain Risk Management Reliability Standards
FERC
Attacks Targeting Oil and Gas Sector Renew Questions About Cybersecurity
Recent press reports indicate that a cyber attack disabled the third-party platform used by oil and gas pipeline company Energy Transfer Partners to exchange documents with other customers. This incident and others raise questions about cybersecurity across the U.S. pipeline network.
Continue Reading Attacks Targeting Oil and Gas Sector Renew Questions About Cybersecurity
DOJ Accuses Iranian Nationals of “Brazen Cyber Assault” on Universities and Government Agencies
The U.S. Department of Justice has unsealed an indictment accusing nine Iranian nationals of engaging in a “massive and brazen cyber assault” against at least 176 universities, 47 private companies and 7 government agencies and non-governmental organizations, including the Federal Energy Regulatory Commission. …
Continue Reading DOJ Accuses Iranian Nationals of “Brazen Cyber Assault” on Universities and Government Agencies
FERC Proposes to Adopt Reliability Standards Designed to Mitigate Cybersecurity Risk
On January 18, 2018, the Federal Energy Regulatory Commission issued a Notice of Proposed Rulemaking that proposes the adoption of new mandatory Reliability Standards designed to mitigate cybersecurity risk in the supply chain for electric grid-related cyber systems.
Continue Reading FERC Proposes to Adopt Reliability Standards Designed to Mitigate Cybersecurity Risk
FERC Issues Notice of Proposed Rulemaking Aimed at Expanding Data Breach Reporting Obligations
On December 21, 2017, the Federal Energy Regulatory Commission issued a Notice of Proposed Rulemaking aimed at expanding mandatory reporting obligations in relation to cybersecurity incidents. …
Continue Reading FERC Issues Notice of Proposed Rulemaking Aimed at Expanding Data Breach Reporting Obligations
NERC Releases Draft Standard for Cybersecurity Supply Chain Risk Management
On January 19, 2017, the North American Electric Reliability Corporation released a draft Reliability Standard CIP-013-1 – Cyber Security – Supply Chain Risk Management which addresses “supply chain risk management for industrial control system hardware, software, and computing and networking services associated with bulk electric system operations.”…
Continue Reading NERC Releases Draft Standard for Cybersecurity Supply Chain Risk Management
Federal Energy Regulatory Commission Publishes Final CEII Regulations
Last month, the Federal Energy Regulatory Commission published its final Regulations Implementing FAST Act Section 61003-Critical Electric Infrastructure Security and Amending Critical Energy Infrastructure Information. The CEII Regulations are intended to implement new authority granted to FERC by the Fixing America’s Surface Transportation Act, which became law in December 2015.
Continue Reading Federal Energy Regulatory Commission Publishes Final CEII Regulations
FERC Proposes to Accept Updated CIP Standards and Calls for New Cybersecurity Controls
On July 16, 2015, the Federal Energy Regulatory Commission issued a new Notice of Proposed Rulemaking addressing cybersecurity requirements in the critical infrastructure protection reliability standards.
Continue Reading FERC Proposes to Accept Updated CIP Standards and Calls for New Cybersecurity Controls
Recent Federal Government Activity on Cybersecurity
The absence of congressional action on cybersecurity legislation has spurred efforts by various entities to exert influence over cybersecurity policy. This blog post contains a client alert that focuses on a number of those efforts, including the Federal Energy Regulatory Commission’s creation of a new cybersecurity office and the North American Electric Reliability Corporation’s action on cybersecurity Critical Infrastructure Protection standards.
Continue Reading Recent Federal Government Activity on Cybersecurity
White House Proposes Cybersecurity Legislation
On May 12, 2011, the Obama administration announced a comprehensive cybersecurity legislative proposal that would affect many government and private-sector owners and operators of cyber systems across multiple industries. This blog post provides analysis of the key issues outlined in the proposal.
…
Continue Reading White House Proposes Cybersecurity Legislation