My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
6.1a ERMUSR 03-13-2017
ElkRiver
>
City Government
>
Boards and Commissions
>
Utilities Commission
>
Packets
>
2014-2024
>
2017
>
03-13-2017
>
6.1a ERMUSR 03-13-2017
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
3/10/2017 2:17:46 PM
Creation date
3/10/2017 2:17:25 PM
Metadata
Fields
Template:
City Government
type
ERMUSR
date
3/13/2017
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
95
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
AMERICAN <br /> PUBLIC <br /> Dowis �► <br /> �� ,... ..i.-�TM <br /> ASSOCIATION <br /> Powering Strong Communities <br /> ISSUE BRIEF January 2017 <br /> • <br /> Cybersecurity and the Electric Sector <br /> Summary for non-compliance.Additionally,FERC can instruct NERC <br /> The electric utility industry(including public power utilities) to develop new or revised reliability standards with a very short <br /> takes very seriously its responsibility to maintain a strong elec turn-around time. <br /> tric grid and it is the only critical infrastructure sector besides To date, the electric utility sector's Federal Power Act(FPA) <br /> Section 215 processes and its actions beyond the Section 215 re- <br /> nuclear power that has any mandatory and enforceable federal <br /> gime have prevented a successful cyber-attack causing operation- <br /> regulatory standards in place for cybersecurity.As the grid <br /> l <br /> evolves,unfortunately,so do threats to its integrity.The threat consequences on the bulk electric system in the United States. <br /> of cyber-attacks is relatively new compared to long-known phys That said,APPA has long recognized that increased information <br /> ical threats,but an attack with operational consequences could sharing and appropriately tailored liability protection would <br /> further enhance the industry's ability to guard against cyber-at- <br /> occur and cause disruptions in the flow of power if malicious <br /> tacks.As such,the Association strongly supported passage of the <br /> actors are able to hack into data overlays used in some electric <br /> generation and transmission infrastructure.Furthermore,such Cybersecurity Act of 2015,which was incorporated as Division <br /> an attack could also cause public power utilities to incur liability N of H.R.2029,the Consolidated Appropriations Act,2016. <br /> for damages.While the American Public Power(Association or The Act set up policies and procedures for sharing cybersecurity <br /> APPA) believes that the industry itself,with the North American threat information between the federal government and private <br /> Electric Reliability Corporation(NERC),has made great strides entities(which include public power) and between private enti- <br /> in addressing cybersecurity threats,vulnerabilities,and potential ties and provides limited liability protection for these activities if <br /> emergencies,it recognizes that emergency situations warranting conducted in accordance with the Act. <br /> In addition to the Cybersecurity Act of 2015,the Association <br /> federal involvement may arise. <br /> strongly supported Section 61003 of P.L. 114-94(the"FAST <br /> Act"),which gave the Secretary of Energy broader authority to <br /> Background and Congressional Action address grid security emergencies under the FPA and clarified <br /> The electric utility sector is the only critical infrastructure sector the ability of FERC and other federal agencies to protect sen- <br /> besides nuclear power plants(a part of the overall sector) that sitive Critical Electric Infrastructure Information(CEII)from <br /> has any mandatory and enforceable federal regulatory regime public disclosure under the Freedom of Information Act(FOIA) <br /> in place for cybersecurity. Congress approved the standards and other sunshine laws.Specifically,the provision directed that <br /> regime for the bulk power system in the Energy Policy Act of FERC-designated CEII be exempt from disclosure for a period <br /> 2005 (Section 215 of the Federal Power Act). Under Section of up to five years with a process to lift the designation or chal- <br /> 215,NERC,working with electric industry experts,regional lenge it in court and established sanctions for the unauthorized <br /> entities,and government representatives,drafts reliability and disclosure of shared information.FERC issued a final rule to <br /> cybersecurity standards that apply across the North American implement this provision on December 21,2016. <br /> grid,inclusive of Canada. Participation by industry experts and Outside of the legislative process,the Association and its <br /> compliance personnel in the NERC standards development members,as well as other utilities,continue to participate in <br /> process ensures that the standards are technically sound,fair, the NERC Critical Infrastructure Protection(CIP)standards <br /> and balanced.The Federal Energy Regulatory Commission drafting process on cyber and physical security. (See APPA's <br /> (FERC) has the power to then approve or remand those stan- "Physical Security and the Electric Sector"issue brief for more <br /> dards as they apply in the United States.To ensure compliance, information on the physical-security standard.)As attacks on <br /> critical electric infrastructure are ever-changing,so must be the <br /> NERC conducts rigorous audits and can levy substantial fines <br /> PubticPower.org II <br /> 193 <br />
The URL can be used to link to this page
Your browser does not support the video tag.