The House Energy and Commerce committee unanimously passed a package of bipartisan cybersecurity bills Thursday targeting the energy sector, including legislation that would reauthorize and fund a critical federal cybersecurity assistance program for rural electric utilities across the country.
The Rural and Municipal Utility Cybersecurity Act, introduced by Reps. Mariannette Miller-Meeks, R-Iowa, and Jennifer McClellan, D-Va., reauthorizes the Rural and Municipal Utility Advanced Cybersecurity program at the Department of Energy, which funnels hundreds of millions of dollars in federal grants and technical assistance every year to help rural utilities and cooperatives defend against cyberattacks and other threats.
The program was created through the 2022 Infrastructure Investment and Jobs Act and is widely viewed in the energy sector as a cybersecurity lifeline for badly underfunded electric utilities that would otherwise be a weak link in the nation’s energy cybersecurity or reliability.
Smaller utilities play a crucial role supporting the nation’s energy grids, but many lack sophisticated IT or cybersecurity operations. Industry officials say it’s not uncommon for some entities to have one or two IT or cybersecurity officials, if that. The bill approves $250 million in additional grant funding for the program over the next five years, part of which would go to implementing more modern cybersecurity technologies and enhancing information sharing.
Speaking ahead of the vote, Miller-Meeks said her Iowa district’s electric cooperative must serve rate payers across 20 different counties and faces “the same threats as metropolitan systems but with fewer resources.”
“At a time when cybersecurity attacks on our critical infrastructure are escalating and we have not yet authorized an appropriations bill for DHS, small and rural utilities need resources to defend against nation state actors and sophisticated threats,” she said.
Ranking member Frank Pallone, D-N.J., leveled his own criticism, claiming that the reauthorization was “held up for countless months due to senseless delays” by Energy officials.
Another bill, the Energy Emergency Leadership Act, would move responsibility for the cybersecurity functions of the Office of Cybersecurity, Energy Security and Emergency Response under a single, Senate-confirmed assistant secretary.
The bill’s chief sponsor, Rep. Laurel Lee, R-Fla., directly cited reports of ongoing threats to the nation’s energy sector from Chinese state-sponsored hackers as a driver of the legislation.
“At the same time our electric grid faces an increasingly complex threat landscape, state sponsored threats like Volt Typhoon have actively targeted U.S. critical infrastructure, including our electric grid,” said Lee. “These are real and ongoing threats from foreign adversaries seeking to undermine our national security and economic stability.”
The committee also passed bills that require states to include cybersecurity in their energy plans, clarify the Secretary of Energy’s role promoting and coordinating cybersecurity of the nation’s oil and natural gas pipelines, and codify a pilot Energy Threat Analysis Center.
The post Congress looks to revive critical cyber program for rural electric utilities appeared first on CyberScoop.
–
Read More – CyberScoop
