The Senate on Wednesday passed the Securing Energy Infrastructure Act, which would appropriate $10 million to create a pilot program to look at nondigital control systems and how to protect them against cyber attacks.
The bill, backed by Sens. Angus King, I-Maine, and Jim Risch, R-Idaho, would task the Department of Energy, in collaboration with other Federal agencies, with finding volunteers in the energy sector to pilot industrial control systems that “isolate and defend industrial control systems of covered entities from security vulnerabilities and exploits in the most critical systems of the covered entities.” The bill highlights analog and nondigital control systems, purpose-built control systems, and physical controls as areas to consider in the pilot program.
The bill would also create a working group to develop a national cyber-informed engineering strategy to isolate and defend the energy sector from cyberattacks on their most critical systems. The working group would be made up of members from Energy, the Department of Homeland Security, the Nuclear Regulatory Commission, the Office of the Director of National Intelligence, the Department of Defense, and industry.
“For years we’ve seen the danger of cyber-attacks grow as bad actors pursue larger and more sophisticated incursions on our vital systems, but the federal government’s response has not matched the severity of these threats,” said King. “This commonsense, bipartisan bill is an important step in the right direction, and will help protect America’s critical infrastructure from devastating attacks before they happen.”
King also noted that the bill was inspired by Russian attacks on Ukraine’s electric grid in 2015.
However, with its companion bill in the House, H.R. 3958, still stuck in committee, the chances of the Securing Energy Infrastructure Act being signed into law before the current session of congress ends are slim.