A string of Governmental announcements have increasingly sounded the alarm about the growing cybersecurity threat facing the energy sector. Among other things, these reports have announced that state-sponsored cyber actors have successfully gained access to the control rooms of utilities. The hackers, one of the reports notes, could have used such access to cause blackouts.
Against this backdrop, it is unsurprising that energy regulators have increasingly focused their attention on cybersecurity issues. Consistent with this focus, the Federal Energy Regulatory Commission (“FERC”) recently issued a final rule approving three mandatory Reliability Standards that the North American Electric Reliability Corporation (“NERC”) proposed to improve the electric industry’s safeguards against cybersecurity threats. FERC also used the rule to direct NERC to expand scope of the Reliability Standards so that they covered Electronic Access Control and Monitoring Systems (“EACMS”) associated with medium and high impact bulk electric system (“BES”) Cyber Systems.
Procedural History. FERC’s approval comes over two years after it first directed NERC to develop Reliability…
