The Federal Energy Regulatory Commission (FERC) established a division to mitigate cyber threats on the electric grid Thursday, but noted it still lacks many of the enforcement capabilities it needs from Congress.
The office will let FERC set best practices and communicate with private-sector firms about cyber vulnerabilities through “existing statutory authority,” the regulator said in a Thursday statement. Joseph McClelland will leave his post as director of electric reliability to head the new division.
While FERC Chairman Jon Wellinghoff said forming the new Office of Energy Infrastructure Security is unrelated to developments on Capitol Hill and in the White House, he has consistently lobbied Congress to give a federal agency more enforcement and monitoring power on the electric grid.
"The new office will undertake these activities using the Commission’s existing statutory authority," Craig Cano, a FERC spokesman, told The Hill on Thursday. "There is no change in the position expressed by Commission officials in congressional testimony that current limitations in Federal authority may not fully protect the grid against cyber and physical threats."
But that authority might not come from Congress any time soon. The Senate has stalled on cybersecurity legislation, with a deal looking unlikely this session.
However, the White House is circulating a draft executive order on cybersecurity. That order would create a voluntary program in which companies on critical infrastructure networks — such as the electric grid — meet government-set best practices and standards.