The National Security Agency (NSA) and Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint alert warning that, over recent months, hackers have been attempting to target Critical Infrastructure (CI) by exploiting Internet-accessible Operational Technology (OT) assets. The alert notes recently observed tactics from the hackers, including spear phishing and
Electric and Gas Utilities

White House Issues Executive Order Restricting Foreign Equipment in Bulk Power System
Last Friday, May 1, the White House signed an executive order prohibiting Federal Agencies and U.S. persons from acquiring, importing, transferring, or installing any bulk power system (“BPS”) equipment in which:
- the transaction involves bulk-power system electric equipment designed, developed, manufactured, or supplied, by persons owned by, controlled by, or subject to the jurisdiction or
…
FERC and NERC Provide Industry Guidance to Ensure Grid Reliability Amid Potential Coronavirus Impacts

On March 18, 2020, the Federal Energy Regulatory Commission (FERC) and the North American Electric Reliability Corporation (NERC) announced steps to ensure that operators of the bulk electric system can focus resources on safety and reliability during the COVID-19 emergency. FERC and NERC are advising all registered entities that they will consider the impact of…
FERC Approves Heightened Cyber Incident Reporting Standards

On July 19, 2018, the Federal Energy Regulatory Commission (FERC) issued a final rule (Order No. 848) directing the North American Electric Reliability Corporation (NERC) to develop and submit modifications to NERC Reliability Standards related to Cyber Security Incident reporting. FERC recognized that, under the current Cyber Security Incident reporting Reliability Standard, incidents are only…