Monday, October 1, 2012

Utilities to Commerce Chairman Rockefeller: Let's Talk and Team on Cybersecurity

We've been watching the back and forth for several years now.  2010's GRID Act didn't make it across the legislative finish line, and a similar fate just befell the Cybersecurity Act of 2012.

In response to a recent letter (read THIS first if you can) from Senate Commerce Committee Chair Jay Rockefeller, the four most significant electric utility groups banded together to craft a response.  And what a great response it is!

I'll give you an excerpt or two here, but at 3 pages you really should read the letter in full.  Here's the part I'll highlight:
Your letter references the voluntary program that the Cyber Security Act of 2012 would have created to “empower the private sector to collaborate with the government and develop dynamic and adaptable voluntary cyber security practices.” We want to be clear that we do not oppose such a regime, provided it does not seek to supplant the existing regulatory structures and public-private coordination already taking place in the electric and nuclear power sectors, even in the absence of new cyber-security legislation. 
So with extremely caveats, the industry groups would have (and do) embrace the basic thrust of the recent bill. Let's do one more ... this one is from near the closing ... and corroborates what I've been hearing utility execs plea for lately:
Given the differences of opinion evident in the Senate debate, it may be difficult for Congress to agree on a government-wide framework for cyber security that accounts for all 18 critical infrastructure sectors ... In the meantime, in the absence of consensus, we would encourage Congress to act on legislation improving information-sharing capabilities among government and industry. 
Got the idea? Now get the whole thing ... HERE. I hope others find this as significant a development as I do, and let's see where this conversation takes us.