Who has cybersecurity authority in the utility industry?

In the middle of an election year, and amid repeated calls for a smart grid transition, the chairman of the United State Federal Energy Regulatory Commission (FERC) is voicing his concern over a lack of utility cybersecurity authority. According to Chairman Jon Wellinghoff, the situation is urgent:

Nobody has adequate authority with respect to both the electric and the gas infrastructure in this country regarding known vulnerabilities. If I had a cyber threat that was revealed to me in a letter tomorrow, there is little I could do the next day to ensure that that threat was mitigated effectively by the utilities that were targeted.

Although Wellinghoff spoke most recently at an industry event in Washington D.C. yesterday, it wasn't the first time he's raised the red flag around security issues. The FERC chairman says he's been pushing for the authority to enforce security measures in the utility industry for six years. That's more than a little disturbing given that new security threats seem to pop up with increasing regularity.

Wellinghoff's also not the only one calling for a more secure electric grid. Back in March, the former CIA director James R. Woolsey spoke at another industry conference about the need to address grid security attacks. In his speech, Woolsey highlighted the fact that a single attack on the electric grid could take down major food, water and communications networks.

According to reporter Zack Colman from The Hill, Congress has been slow on the uptake with cybersecurity legislation. However, the White House administration is considering an executive order if the Senate can't agree on a new bill addressing cybersecurity issues in the utility industry.

Image credit: pgegreenenergy on Flickr

This post was originally published on Smartplanet.com