The House on Tuesday unanimously passed by voice vote three bipartisan bills aimed at strengthening the cyber security of the nation's electric grid and energy infrastructure, including creating a new assistant secretary position within the Department of Energy focused on energy emergency and cyber security.
"Right now, our aging electric grid is uniquely vulnerable to cyber-attack, putting our communities at risk of being disconnected by bad actors or foreign governments seeking to sow chaos," Rep. Frank Pallone (D-N.J.), chairman of the House Energy and Commerce Committee, and Rep. Bobby Rush (D-Ill.), chairman of the Energy Subcommittee, said in a statement. "Together, this legislation works to dramatically improve our cyber security and our readiness to combat potential attacks."
The Energy Emergency Leadership Act (H.R. 362), introduced by Rush and Rep. Tim Walberg (R-Mich.), requires the DoE to vest energy emergency and energy security functions for infrastructure, cyber security, emerging threats, supply, and emergency planning, coordination, response and restoration at the assistant secretary level. The bill also requires the department to help technical assistance and response capabilities for energy security threats, risks and incidents if requested by state, local, tribal governments or an energy sector entity.
The Cyber Sense Act of 2020 (H.R. 360), introduced by Reps. Bob Latta (R-Ohio) and Jerry McNerney (D-Calif.), would have the DoE establish a voluntary "Cyber Sense" program to test the cyber security of products and technologies intended for use in the bulk-power system, including industrial control systems and operations technologies.
The bill also directs the department to establish and maintain cyber security vulnerability reporting processes and a related database and to provide technical assistance to electric utilities, product manufacturers and other stakeholders to develop solutions to mitigate vulnerabilities in products uncovered through the test program. Another provision of the bill urges the DoE to consider incentives for the energy sector to use the results of the test program in the design of products and technologies for use in the bulk-power system.
The Enhancing Grid Security through Public-Private Partnerships Act (H.R. 359), introduced by McNerney and Latta, requires the department to work with federal and state agencies, and industry stakeholders, to develop a voluntary program to implement maturing models, self-assessments and auditing methods for assessing the physical and cyber security of electric utilities. It would also provide training to electric utilities to address cyber security supply chain management risks.