Following a directive from the US Congress, FERC issued Order No. 893, providing incentive-based rates for public and nonpublic utilities to encourage voluntary investments in Advanced Cybersecurity Technology and...more
Entities in the energy industry are subject to a vast amount of reporting regulations. Earlier this year, the Securities and Exchange Commission (SEC) finalized rules regarding the disclosure of cybersecurity attacks, adding...more
The energy industry faces unique challenges when it comes to cybersecurity and working with vendors on digital transformation projects. Energy is one of the “critical infrastructure sectors” identified in Presidential Policy...more
FERC has issued its final rule paving the way for incentive-based rate treatment for electric utilities that make certain voluntary cybersecurity investments. As we first noted in 2020 when describing the proposed rule, the...more
The Cybersecurity and Infrastructure Security Agency (CISA) issued a request for information (RFI) on the new cyber incident reporting requirements for critical infrastructure owners as required by the Cyber Incident...more
President Joseph Biden signed the $1.2 trillion Infrastructure Investment and Jobs Act (the Act) on November 15, 2021, which allocates $550 billion in new spending over the next five years to improve US infrastructure,...more
11/16/2021
/ Biden Administration ,
Charging Stations ,
Clean Energy ,
Climate Change ,
Cybersecurity ,
Electric Vehicles ,
Energy Sector ,
Hydropower ,
Infrastructure ,
Nuclear Power ,
Popular ,
Power Grid ,
Renewable Energy
Virginia became the second state in the United States, after California, to pass a comprehensive data privacy law when the Virginia Consumer Data Protection Act (CDPA) passed both houses of the state legislature in February...more
6/15/2021
/ CDPA ,
Compliance Management Systems ,
Consumer Privacy Rights ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Data Collection ,
Data Controller ,
Data Management ,
Data Privacy ,
Data Protection ,
Electricity ,
New Legislation ,
Opt-Outs ,
Personal Data ,
Virginia
At its December open meeting, FERC proposed to establish rules for incentive-based rate treatments for voluntary cybersecurity investments by a public utility. If approved, the regulations would provide incentives for...more
Following significant pushback from the regulated community, FERC and NERC Staff jointly announced in a new white paper that filings and other submissions to FERC describing violations of cybersecurity reliability standards...more
At its June 18 open meeting, FERC issued a notice of inquiry seeking public input on cybersecurity-related enhancements to the Critical Infrastructure Protection (CIP) reliability standards. In light of the constantly...more
In an order issued on April 17, the Federal Energy Regulatory Commission (FERC) agreed to defer implementation of certain cybersecurity and operational reliability standards administered by the North American Electric...more
A constantly evolving framework of laws governing how multinational businesses can contact customers to how nonprofits report business income to how overtime is calculated and paid will influence how companies do business...more
2/3/2020
/ #MeToo ,
Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
Commercial Real Estate Market ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Department of Labor (DOL) ,
Disclosure Requirements ,
Employee Benefits ,
Energy Policy ,
Fair Labor Standards Act (FLSA) ,
FERC ,
Insurance Regulations ,
Intellectual Property Protection ,
IRS ,
Japan ,
Long Term Care Insurance ,
NAIC ,
New Legislation ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Rate of Pay ,
Retirement Plan ,
Russia ,
SECURE Act ,
Sexual Harassment ,
State Labor Laws ,
Tax Cuts and Jobs Act ,
Tax Exempt Entities ,
Tax Reform ,
White-Collar Exemptions
At its open meeting on November 21, FERC announced organizational changes to enhance the agency’s focus on cybersecurity threats and challenges to electric infrastructure. Commission staff unveiled five “focus areas” related...more
FERC Staff issued an October 4 report on Commission-led critical infrastructure protection (CIP) reliability audits completed during fiscal year 2019. The report provides lessons learned and identifies voluntary practices...more
Facing what it deems an “unprecedented number of FOIA requests” for nonpublic information related to utility violations of the North American Electric Reliability Corporation (NERC) critical infrastructure protection (CIP)...more
FERC recently approved proposed Reliability Standard CIP-008-6, which expands the mandatory reporting requirements for Cyber Security Incidents that attempt to compromise the operation of the bulk power system. Under the new...more
The supply chain risks facing electric utilities have long been a concern for industry stakeholders and regulators alike. Reflecting those concerns, NERC submitted a report on May 28 to FERC recommending the expansion of...more
FERC Staff issued a report on March 29 on Commission-led critical infrastructure protection (CIP) reliability audits completed for fiscal years 2016 through 2018. The report provides lessons learned from those audits, as well...more
The proposal would adopt NERC standards on accelerated deadlines and expand the scope of covered assets subject to supply chain risk management. If adopted, these standards could significantly alter the electric utility...more
The proposed Reliability Standards focus on vulnerabilities in vendor products and services and would regulate the utility procurement process....more
Amendments to Federal Power Act grant the DOE authority to order emergency protective actions by utilities, provide greater protections for Critical Energy Infrastructure Information, and exempt utilities from environmental...more
Major revisions to the existing cybersecurity requirements for electric utilities will focus on greater protections for the most critical assets but will also ensure that all assets receive some level of protection....more
Order will create a voluntary Cybersecurity Framework for designated critical infrastructure within a year.
On February 12, President Barack Obama signed an executive order directing the Department of Homeland Security...more
2/15/2013
/ Cyber Attacks ,
Cybersecurity ,
Cybersecurity Framework ,
Department of Energy (DOE) ,
Department of Homeland Security (DHS) ,
Executive Orders ,
Information Sharing ,
Infrastructure ,
NIST ,
Nuclear Power ,
Presidential Directives ,
Voluntary Standards