Utility industry casts doubt on FERC’s proposed cyber standards
Over the summer, federal regulators laid out a series of modifications to critical infrastructure protection reliability standards designed to address growing concerns that the nation’s bulk generation and transmission systems are vulnerable to cyberattacks. The Federal Energy Regulatory Commission (FERC) wanted the utility industry to develop new security protocols, including standards for data flowing across unsecured third-party networks.
But in comments filed this week by a broad range of utility groups, the industry cast doubt on FERC’s authority to regulate some areas and said the issue overall may be blown out of proportion.
“While the Trade Associations agree that CIP and cybersecurity risks form a high priority strategic matter for the electric industry, no events or disturbances have taken place that indicate a problem or emerging pattern or trend,” the group told FERC.
The coalition includes the American Public Power Association, the Edison Electric Institute,
Electric Power Supply Association, the National Rural Electric Cooperative Association, Electricity Consumers Resource Council, Transmission Access Policy Study Group, and the Large Public Power Council.
The groups also said FERC’s CIP V5 standards already “address a broad range of supply chain issues,” and cast doubt on the commission’s ability to regulate third-party providers which are rapidly becoming a major player on the grid.