Federal Energy Regulatory Commissions looks to add cyber security requirements for pipelines

Fuel Fix:
If you have turned on the news or picked up a paper lately, you have probably seen reports that foreign enemies are increasingly launching cyber-attacks on America's critical infrastructure, including energy facilities. To address these threats, electric grid operators must comply with mandatory standards overseen by the Federal Energy Regulatory Commission (FERC) that protect against cyber and other attacks that threaten the reliability of our electric service.

Natural gas pipelines are not subject to similar standards. But given the increasing threats we face, the time has come to establish them for natural gas pipelines.

Abundant and affordable natural gas has facilitated a major shift in the United States' electric generation mix. The emergence of natural gas as a significant part of the fuel mix has greatly raised the stakes for pipeline cyber security.

Although FERC has the authority to issue certificates for new interstate gas pipelines and set their rates, the Commission does not have responsibility for pipeline security. That charge falls to the Transportation Security Administration, the same agency that is responsible for overseeing the security of 851 million aviation passengers per year, 138,000 miles of railroad track, and 4 million miles of highway.

In May 2017, TSA confirmed that it had just six full-time employees to oversee the security of the more than 2.7 million miles of natural gas, oil, and other hazardous liquid pipelines that traverse the country. In addition, although it has the authority to enforce mandatory standards to protect gas pipeline infrastructure from cyber-attacks, TSA has chosen to rely, instead, on voluntary standards.

Natural gas pipelines have a long history of providing reliable service. But given our growing dependence on natural gas in conjunction with the escalating potential for cyber-attacks, we cannot simply hope for the best.

In our view, Congress should vest the responsibility for pipeline security with an agency that fully comprehends the nation's energy sector and has sufficient resources to address the growing cyber security threat to gas pipelines. As the Sector-Specific Agency for energy security, the Department of Energy could be an appropriate choice. Such a move would be particularly timely given the Energy Department's recent announcement that it will be forming an office specifically focused on cybersecurity.

Regardless of where Congress vests this responsibility, the regulator must have the statutory authority, resources, and commitment to implement mandatory cybersecurity standards for gas pipelines. We will be the first to admit that mandatory standards are not a panacea.
...
This piece was written by FERC regulators.  I think the companies that operate pipelines have adequate incentives to protect their main income stream, but they might benefit from having some central standards to work with.  They would also benefit from having a central group that the various pipeline companies can brainstorm with and share information on what attacks they are dealing with and how best to deal with the attacks.

The US government has evidently developed some cybersecurity tools but fears using them because of potential retaliation.  This is the equivalent of having only nuclear weapons to defend yourself.  They may not be the right tool in the box for dealing with low-level attacks.  I think they need tools that immediately identify the source of the threat and allow the US to fry the computers used to attack US infrastructure.  That should be a goal of cyber security.

Comments

Post a Comment

Popular posts from this blog

Should Republicans go ahead and add Supreme Court Justices to head off Democrats

Washington Post: Some Democrats eye adding more justices to the Supreme Court to change its ideological bent The once-remote idea has gained the attention of liberals angered by the GOP push to remake the federal courts. Probably the easy way to defeat this court-packing scheme is for Trump to propose doing the same thing now.  It would lead to Democrat denunciations and claims that it would be wrong, thereby blowing up any attempt by them in the unfortunate event of Democrats winning a presidential election.
Read more

29 % of companies say they are unlikely to keep insurance after Obamacare

Conn Carroll: A new survey of 368 midsize to large companies found that 29% of them are considering terminating their active employee health care plans when Obamacare is full implemented in 2014. Only 71% of employers surveyed said they did not expect to drop their health coverage, while 20% said they did not know and 9% said they were planning to exit. The latest survey, conducted by Towers Watson, echoes an ealier survey by McKinsey & Co. finding that 30% of private-sector employers were planning to drop their employee health insurance coverage by 2014. When the Congressional Budget Office crunched Obamacare's spending numbers, they estimated that only 7% of employees currently covered by employer-sponsored plans would lose their plans. ... This means the cost of the health care fiasco will be hundreds of billions more than estimated by the CBO and Congressional Democrat. It is also clear that Obama's pledge that you could keep your health care plan if you wanted t
Read more

Bin Laden's concern about Zarqawi's remains

James Robbins: ... Bin Laden suggests that President Bush should allow Zarqawi’s body to be returned to his family in Jordan, but this is a matter that is up to the Jordanian government, which so far has not shown much interest in facilitating a homecoming. Bin Laden mocks King Abdullah II, calling him a Coalition minion, and asking “w hat scares you about Abu Musab after he’s dead? You know that his funeral, if allowed to happen, would be a huge funeral showing the extent of sympathy with the mujahedin.” A large crowd would definitely turn out, though most people would be on hand to demonstrate their anger and disgust. Last November’s hotel bombings in Amman , masterminded by Zarqawi, are still fresh in people’s memory, and mentioning them to Jordanians has the same visceral impact as memory of the 9/11 attacks does here. Jordan has adopted a zero-tolerance policy towards those who choose to mourn the country’s least favorite son, and four opposition members of parliament who paid con
Read more