Obama cybersecurity order would create program for power grid, other networks

The anticipated order comes after congressional efforts to pass cybersecurity legislation stalled last summer, in part because of disagreements on how to treat such networks.

Republicans wanted to avoid setting standards — even voluntary ones — because they were concerned about adding regulations.

GOP lawmakers instead preferred strengthening legal protections for private firms that share information with the federal government regarding suspicious activity on their networks — though that approach invited the backlash of civil liberties groups.


Democrats and Obama shared some of the same fears as civil liberties groups, while adding that Republicans’ desired information-sharing provisions for critical networks were too lax. They said entities like the electric grid were too vital and needed some sort of accountability system, voluntary or otherwise.

Jon Wellinghoff, chairman of the Federal Energy Regulatory Commission, will likely welcome news of the cybersecurity order.

The nation’s top electric grid regulator has repeatedly warned the nation’s power grid is vulnerable to attack. Last month, the Department of Homeland Security said 40 percent of cyberattacks last year targeted the energy sector.

Wellinghoff has consistently called on Congress to establish some sort of federal cybersecurity authority to govern the electric grid. Currently, a bevy of federal, regional and local jurisdictional conflicts complicate who can step in to prevent malicious activity on the power grid.

The proliferation of “smart grid” technology has shed new light on cybersecurity concerns at electric utilities. The term refers to a range of devices that communicate with each other through the Internet.

Federal officials have cautioned that the Internet-based technology affords attackers many different external ports to enter networks. Previously, electricity information traveled through proprietary networks, which required internal access for attacks.