Cyber Threats Make Electrical Power Grid Vulnerable

Information-sharing continues to be the goal of electric utilities when it comes to cybersecurity. And, according to a July 18 article written by Kenneth Corbine, a panel recently appeared before the Senate Committee on Energy and Natural Resources to ask any cybersecurity bill approved in the future allow for a more fluid information-sharing system about cyber threats. The panel asked that the information flow freely between public and private entities and the federal and state authorities.

“We’re often challenged by the lack of information,” said Gerry Cauley, president and CEO of the North American Electric Reliability Corporation, as quoted in Corbine’s article. “And this is where in cyber the partnership between industry and government in terms of information to help us understand those risks and to be able to adapt to them is very important."

The utilities seem to be warranted in their request. According to Gregory Wilshusen, director of information and technology at the Government Accountability Office (GAO), his agency has evaluated the Department of Homeland Security’s (DHS) practices with regard to information sharing. The results were concerning, Wilshusen said, because oftentimes the DHS only provided broad information or even waited too long to issue threat warnings.

It does seem, however, that lawmakers clearly see a need for change. During the recent hearing, committee Chairman Jeff Bingaman (D-NM) said he will renew efforts “to advance a bill that would vest the Department of Energy and the Federal Energy Regulatory Commission (FERC) with greater authority to oversee the electric industry in a bid to strengthen security.”

In related news, Federal Energy Regulatory Commission (FERC) Joseph McClelland, director of FERC’s Office of Electric Reliability, suggested that any power grid and cybersecurity legislation authorize the organization to “take preemptive action to thwart an attack, expand its authority beyond the bulk power system, and protect the confidentiality of information.”

For more information about electric power grid vulnerability and cybersecurity legislation, visit: