The House Energy and Commerce Committee decided unanimously by voice vote on Wednesday to advance three energy cybersecurity bills to the full House.
The bipartisan bills seek to establish requirements of the Secretary of Energy or to provide for certain Department of Energy (DOE) programs regarding the electric grid's physical or cybersecurity vulnerabilities. Timelines have yet to be established for House votes on any of the bills.
The National Academies of Sciences, Engineering, and Medicine published a report last year, commissioned by Congress, on the grid’s vulnerabilities, given cyber attacks and natural disasters. Efforts to pass energy legislation addressing grid security and resilience floundered in 2016 when a broadly supported Senate bill was never brought to the House floor.
Rising concern over threats to the U.S. electric grid, from cyberattacks led by Russian hackers to natural disasters, have prompted more congressional efforts to strengthen resilience and security.
The committee voted to favorably report each of the three bills, which all have bipartisan co-sponsors, and their corresponding amendments to the House.
Rep. Fred Upton, R-Mich., submitted H.R. 5175 with an amendment, seeking to require the Secretary of Energy to conduct research on the preparedness of pipelines and liquefied natural gas facilities against physical security and cybersecurity threats. On the industry side, the American Gas Association, the Interstate Natural Gas Association of America and the Association of Oil Pipe Lines had issued letters of support to the committee for the bill.
“We’re confident about the prospects of H.R. 5175 in the Senate,” a spokesman for Upton told Utility Dive in an email.
Scott Aaronson, vice president of security at the Edison Electric Institute, mentioned the group's support for these bills, then-drafts, in his March testimony before a House Energy and Commerce subcommittee. Specifically, regarding Rep. Jerry McNerney’s, D-Calif., H.R. 5240, Aaronson commended the bill's requirement of a DOE-led report on cyber and physical security of energy distribution.
The third grid security bill, H.R. 5239 introduced by Rep. Bob Latta, R-Ohio, is nearly identical to House legislation passed last Congress, calling on DOE to create a voluntary program to identify cybersecurity products to protect bulk power system assets.
House and Senate offices have held “some preliminary bipartisan discussions” on the bills which have gone well, according to a spokesman for Latta.
The Senate has led broadly-supported bipartisan efforts to update grid cybersecurity. During the last Congress, Sens. Lisa Murkowski, R-Alaska, and Maria Cantwell, D-Wash., expressed disappointment with House Speaker Paul Ryan, R-Wisc., when their Senate energy grid modernization bill was never brought up for a vote. The Senate fast-tracked a new version of Murkowski and Cantwell’s energy bill in 2017.
A spokesman for Cantwell told Utility Dive that these House cybersecurity bills are more or less from the Senate’s energy bill. According to the Senate aide, Cantwell remains keen on using any avenue to get the energy bill passed, but her office does not anticipate a big ticket piece of legislation happening in the months leading up to the midterm elections.
In February, Cantwell and Sen. Martin Heinrich, D-N.M., introduced a grid security bill, S.2444, to create programs within the DOE to address supply chain vulnerabilities and response capabilities.