FERC Proposes to Close Gap in Bulk Electric System Cybersecurity

Feb 2, 2022

Reading Time : 3 min

Under the current NERC CIP Reliability Standards, network security monitoring requirements focus on “defending the electronic security perimeter”—such as through access point controls and monitoring for malicious communications—rather than on “potential vulnerabilities of the internal network.” Adding INSM requirements is “designed to address situations where perimeter network defenses are breached by providing the earliest possible alerting and detection of intrusions and malicious activity within a trust zone.” Early detection and response could, in turn, “reduce[] the likelihood that an attacker can gain a strong foothold and potential command and control, including operational control, on the target system.” INSM can also enable “collection of data and analysis required to implement a defense strategy, improves an entity’s incident investigation capabilities, and increases the likelihood that an entity can better protect itself from a future cyberattack and address any security gaps the attacker was able to exploit.”

FERC provides several objectives for NERC to address, noting that any new or modified CIP Reliability Standards should require covered entities to:

  1. “[D]evelop a baseline for their network traffic by analyzing expected network traffic and data flows for security purposes.”
  2. “[M]onitor for and detect unauthorized activity, connections, devices, and software inside the CIP networked environment (i.e., trust zone).”
  3. “[L]og and packet capture network traffic; . . . maintain sufficient records to support incident investigation . . . ; and . . . implement measures to minimize the likelihood of an attacker removing evidence of their Tactics, Techniques, and Procedures . . . from compromised devices.”

FERC seeks comment on “all aspects of the proposed directive,” including on: “(1) what are the potential challenges to implementing INSM (e.g., cost, availability of specialized resources, and documenting compliance); (2) what capabilities (e.g., software, hardware, staff, and services) are appropriate for INSM to meet [FERC’s] security objectives . . . ; (3) [whether FERC’s security objectives] for INSM [are] necessary and sufficient and, if not sufficient, what are other pertinent objectives that would support the goal of a having responsible entities successfully implement INSM; and (4) what is a reasonable timeframe for expeditiously developing and implementing Reliability Standards for INSM given the importance of addressing [the] reliability gap?” Finally, FERC welcomes comments on “the usefulness and practicality of implementing INSM to detect malicious activity in networks with low impact BES Cyber Systems, including any potential benefits, technical barriers and associated costs.”

The proposal shows that BES reliability and cybersecurity continue to be high priorities for FERC. Indeed, Chairman Richard Glick noted during FERC’s January meeting that it must continue to be vigilant against cyber threats. Commissioner James Danly highlighted FERC’s keen awareness of the risk and his appreciation for the unanimous vote to approve the proposal. Commissioner Allison Clements described the proposal as a “step in the right direction” and expressed her hope that NERC will move quickly to develop the Reliability Standards for FERC’s consideration. Commissioner Mark C. Christie voted for, but did not comment on, the proposal. Finally, new Commissioner Willie L. Phillips recognized that several steps remain before realization of the proposal’s purpose—including reviewing, analyzing and acting on any comments—and shared his hope that NERC will find a way to “expedite” its process to enable implementation of INSM standards as soon as possible.

FERC’s next action in this matter could come as soon as April or May 2022, but could take longer. It also is uncertain how long FERC will give NERC to file its proposed Reliability Standards if FERC ultimately directs it to do so in a Final Rule. Accordingly, any mandatory, enforceable rules likely are at least months away.


1 NERC’s CIP Reliability Standards currently in effect set forth criteria “to categorize BES Cyber Systems as high, medium, or low depending on the adverse impact that loss, compromise, or misuse of those BES Cyber Systems could have on the reliable operation of the BES.” The designated impact level then “determines the applicability of security controls for BES Cyber Systems that are contained in the remaining CIP Reliability Standards” as they currently exist.

Share This Insight

Previous Entries

Speaking Energy

March 10, 2025

On March 5, 2025, the United States Department of Energy (DOE) approved Golden Pass LNG Terminal LLC’s (GPLNG) request to extend a deadline to begin exporting liquefied natural gas (LNG) from its terminal facility currently under construction in Sabine Pass, Texas for 18 months, from September 30, 2025, to March 31, 2027 (the Order). The Order amends GPLNG’s two existing long-term orders authorizing the export of domestically produced LNG to countries with which the United States does and does not have free trade agreements (FTA).1  The Order does not amend the authorizations’ end date, which remains December 31, 2050. Under section 3 of the Natural Gas Act (NGA), the DOE may authorize exports to non-FTA countries following completion of a “public interest” review, whereas exports to FTA countries are deemed to be in the public interest and the DOE is directed to issue authorizations without modification or delay.

...

Read More

Speaking Energy

March 4, 2025

Join projects & energy transition partner Shariff Barakat at Infocast’s Solar & Wind, where he will moderate the “Tax Equity Market Dynamics” panel.

...

Read More

Speaking Energy

February 13, 2025

Oil & gas companies continue to identify and capitalize on opportunities related to the deployment of new energy technologies, with their approaches broadly maturing and coalescing around maximizing synergies, leveraging available subsidies and responding to regulatory drivers.

...

Read More

Speaking Energy

February 11, 2025

On January 30, 2025, the Federal Energy Regulatory Commission (FERC or the Commission) approved a Stipulation and Consent Agreement (Agreement) between the Office of Enforcement (OE) and Stronghold Digital Mining Inc. (Stronghold) resolving an investigation into whether Stronghold had violated the PJM Interconnection, L.L.C. (PJM) tariff and Commission regulations by limiting the quantity of energy made available to the market to serve a co-located Bitcoin mining operation.1 This order appears to be the first instance of a public enforcement action involving co-located load and generation and comes at a time when both FERC and market operators2 are scrutinizing the treatment of co-located load due to the rapid increase in demand associated with data center development.

...

Read More

Speaking Energy

February 5, 2025

2024 was about post-consolidation deal flow and a steady uptick in activity across the oil & gas market. This year, mergers & acquisitions (M&A) activity looks set to take on a different tone as major consolidation plays bed down.

...

Read More

Speaking Energy

January 30, 2025

The oil & gas industry is experiencing a capital resurgence, driven by stabilizing interest rates and renewed attention from institutional investors. Private equity is leading the charge with private credit filling the void in traditional energy finance and hybrid capital instruments gaining in popularity. Family offices are also playing a crucial role, providing long-term, flexible investments.

...

Read More

Speaking Energy

January 23, 2025

Under a second Trump presidency, the U.S. is expected to consider reversal of many of the Biden administration’s climate and environmental policies, in addition to a markedly different approach to trade policy and oil & gas regulation. This includes expanding oil & gas development on public lands and offshore, lifting the pause on liquified natural gas (LNG) exports to non-Free Trade Agreement countries and repealing the methane fee.

...

Read More

Speaking Energy

January 15, 2025

We are pleased to share a recording of Akin’s recently presented webinar, “Drilling Down: What Oil & Gas Companies Can Expect from Federal Agencies During Trump’s Second Administration.”

...

Read More

© 2025 Akin Gump Strauss Hauer & Feld LLP. All rights reserved. Attorney advertising. This document is distributed for informational use only; it does not constitute legal advice and should not be used as such. Prior results do not guarantee a similar outcome. Akin is the practicing name of Akin Gump LLP, a New York limited liability partnership authorized and regulated by the Solicitors Regulation Authority under number 267321. A list of the partners is available for inspection at Eighth Floor, Ten Bishops Square, London E1 6EG. For more information about Akin Gump LLP, Akin Gump Strauss Hauer & Feld LLP and other associated entities under which the Akin Gump network operates worldwide, please see our Legal Notices page.