Hearings and Business Meetings
Apr 10 2014
SD-366 Senate Dirksen Building 09:30 AM
Thank you, Madam Chair, for convening this morning’s oversight hearing. Our hearing title – Are We Doing Enough to Ensure the Reliability and Security of the U.S. Electric Grid? – is the central question we have posed today. But really, everyone in this room already knows the answer: we can always do more. The next and more important question is: how should we prioritize those efforts?
We can judge by the size of our audience this morning just how important this issue has become. When we’ve got standing room only on electric reliability, I think that says something about the importance of this issue. And we can judge from recent press reports that our first commitment should be to “do no harm.” Or, at least, no further harm. Recent stories about last year’s Metcalf incident and a FERC report detailing critical energy infrastructure information have served to sensationalize the issue of physical grid security. Instead of helping to protect the grid from attack, the disclosures we have seen potentially increase its physical vulnerability.
Last month, Chair Landrieu and I wrote asked the Energy Department’s Inspector General to review both the handling of this sensitive, non-public information and how it came to be published in the Wall Street Journal. Late yesterday, Inspector General Friedman issued a formal Management Alert informing FERC to the fact that this information should have been classified and protected from release at the time it was created. This revelation, with its national security implications, is extremely troubling. I commend Chair LaFleur for taking swift action in response to this report to secure this classified information.
Regardless of how sensitive, national security information was handled at FERC or found its way to a reporter – and we’ve asked the Inspector General to find out – the owners of the grid and their regulators are quick to respond to incidents such as Metcalf. Making use of the regulatory framework established by Congress in the 2005 Energy Policy Act, NERC provided needed information in a timely fashion. A number of government agencies, including FERC, DHS, and the FBI, undertook significant work with industry to promote mitigation measures. And last month, under the leadership of Chair LaFleur, FERC directed NERC to develop a mandatory standard on physical security within 90 days. Even before the standard setting process was underway, lessons learned from Metcalf were being applied.
As experts have recognized for some time, it is likely impossible to ensure that every part of the grid could withstand physical or cyber attack. Thus we need to redouble a properly-scaled and continuously-improving approach to grid reliability and security. After the facts about the universe of today’s threats are clear – or at least, clearer – we can debate whether new legislation is necessary.
Some are interested in empowering FERC to direct emergency actions to protect the grid. I have my own thoughts on that but clearly the Commission must do better going forward to protect non-public information from disclosure. But I will say it has been apparent for some time that we may need to empower FERC to protect the grid from our own federal actions. This sort of ‘everyday vigilance’ is not and need not be high profile, but it is vitally important. And we should never lose sight that for the electric grid, reliability and affordability must remain our core considerations. The challenge before us is how to maintain and improve reliability and affordability while keeping environmental performance in balance.
We have an impressive group of panelists before us today. I particularly want to thank Chairwoman Cheryl LaFleur for her steady leadership at FERC. Your extensive experience in the energy industry is indispensable as we tackle the myriad issues before FERC, including cyber and physical security concerns.
Thank you, as well, Madam Chair.