In a move to heighten cybersecurity protections, two senators are pressuring the Federal Energy Regulatory Commission (FERC) to step up its enforcement of groups that oversee access to the electric grid’s computer systems.
In a letter to FERC Chairman Jon Wellinghoff on Tuesday, Sens. Lieberman (I-Conn.) and Susan Collins (R-Maine) raised concerns with the digital certificates that verify an energy company’s access to the grid’s systems.
The senators charged that the two “authorized certification authorities” who clear power firms or electronic devices seeking access to the electrical grid “may be failing to meet cybersecurity requirements.”
Both authorities had been handing out certificates with a 30-year life span, which is 10 years more than FERC permits, they said in their letter.
“As these certificates form the foundation for the cybersecurity of the electric grid, it is critically important that their security requirements be enforced to ensure protection against malicious actors,” Lieberman and Collins wrote. “If these allegations are true, the violations could undermine part of the security system protecting our grid.”
Lawmakers on both sides of the aisle have expressed growing concern that the nation’s electrical grid could be vulnerable to a cyberattack.
Many electrical networks operate on "smart grid" technology, which rely heavily on computers and information systems.
Collins and Lieberman jointly sponsor cybersecurity legislation that would grant the Department of Homeland Security authority to set standards for critical infrastructure networks like the electric grid.
Those enforcement measures for critical infrastructure networks, however, are absent from S. 2105, the Republican-backed cybersecurity bill. Senate Republicans contend allowing the government to set industry standards would add burdensome regulations for companies.
Earlier Tuesday, Senate Energy and Natural Resources Democratic staff said Sen. Jeff Bingaman (D-N.M.) would revive S. 1342, which gives FERC and the Energy Department broader authority in emergency cyber situations. The measure would also give FERC more say in setting cybersecurity standards.
Bingaman’s bill was reported out of committee with bipartisan support last year. It could become a possible amendment to cybersecurity legislation.
Bob Simon, Democratic senior staff director on the Senate Energy Committee, told reporters he would coordinate with Senate Majority Leader Harry Reid (D-Nev.) to “find a way to work with that process.”
Reid has said he wants to tackle cybersecurity this year; however, with two weeks left, concerns are growing that senators won't have enough time to draft a compromise measure.