The Federal Energy Regulatory Commission (FERC) is the primary federal agency regulating electricity and natural gas infrastructure. However, currently the Commission only has the authority to protect the electrical grid from cyberattacks.
An op-ed by FERC Commissioners Neil Chatterjee and Richard Glick shows how the agency is trying to rectify this situation by asking that pipeline cyber protection responsibility to be moved from the Homeland Security Agency’s Transportation Safety Administration (TSA) to the Department of Energy’s newly-formed cybersecurity office.
While there is an element of a simple bureaucratic turf war in the disagreement, this issue also relates to the resiliency and reliability of the 2.7 million miles of natural gas, oil and liquids pipelines in the United States. In fact, this issue is especially important as the Trump administration attempts to bail out coal and nuclear generators without regard to its impacts on wholesale electricity markets.
The administration’s attempt to bail out aged and inefficient coal plants on national security grounds is specious at best, blatant rent-seeking at worse. FERC has a different view on resilience, and all five commissioners were conspicuously silent on Tuesday when asked at a Senate hearing whether the ordering of bailouts for electric power plants on national security grounds was justified. As reported in a Twitter thread by Gavin Bade of Utility Dive:
New Mexico Senator Martin Heinrich: “Do any of you believe we are facing a national security emergency in wholesale power markets?”
Five FERC regulators: [Silence]
Heinrich: “Let’s move on.”
Earlier this year, several federal agencies investigated a series of cyber-attacks on software systems used by a number of U.S. natural gas pipeline companies. In their op-ed, Chatterjee and Glick highlight the fact that only six people at the TSA are tasked with security the 2.7 million miles of U.S. natural gas, oil and other liquid pipelines. Also, despite having authority to enforce mandatory security standards on pipelines, the TSA only asks for voluntary standards, while FERC mandates them for electric utilities.
A quick transfer of authority from the TSA to DOE would probably do wonders for pipeline cybersecurity in the near-term. It also speaks to the expertise and professionalism that is keeping even Trump supporters from supporting a broader attempt to undermine whole electricity markets just to benefit certain domestic industries.
Chatterjee and Glick’s comments are an attempt to preempt the administration from future bureaucratic hostage-taking of pipeline cybersecurity. It is a shame that the administration – which has lowered regulatory barriers and government interference in so many other areas of the economy – has allowed the security of the U.S. pipeline grid to become a bargaining chip for special interests.
Image credit: QiuJu Song