Statement from FERC Chairman Richard Glick:

Chairman Glick and Commissioner Clements Call for Examination of Mandatory Pipeline Cyber Standards in Wake of Colonial Pipeline Ransomware Incident

“The cyberattack against the Colonial Pipeline system, which provides nearly half of the fuel supply for the East Coast, is a stark reminder that we must do more to ensure the safety of our nation’s energy infrastructure. 

“For over a decade, the Federal Energy Regulatory Commission (FERC), in coordination with the North American Electric Reliability Corporation, has established and enforced mandatory cybersecurity standards for the bulk electric system.  However, there are no comparable mandatory standards for the nearly 3 million miles of natural gas, oil, and hazardous liquid pipelines that traverse the United States.  

“It is time to establish mandatory pipeline cybersecurity standards similar to those applicable to the electricity sector.  Simply encouraging pipelines to voluntarily adopt best practices is an inadequate response to the ever-increasing number and sophistication of malevolent cyber actors.  Mandatory pipeline security standards are necessary to protect the infrastructure on which we all depend. 

“Therefore, I am pleased that Commissioner Clements is joining me today in my longstanding calls for mandatory cybersecurity standards for our nation’s pipeline infrastructure.”

Jim Hoecker, former Chairman of FERC and co-Founder of IPRO, will soon visit with Chairman Glick regarding the issue of cybersecurity. “I believe that the Chairman’s alarm and his concern that energy pipelines adhere to accepted industry standards and best practices regarding cybersecurity measures are well-founded,” stated Hoecker, “especially in light of recent revelations about major pipeline vulnerabilities. The key is the process by which we move in a positive direction. IPRO represents an industry-driven approach that promises to achieve better pipeline cybersecurity and ensure reliable natural gas and oil pipeline services in cooperation with the various agencies charged with protecting the energy community from the bad actors in the cyber realm.”