April 8, 2019

Sponsor

T&T Spotlight: Updated Agenda, Tracks, Speakers Coming Soon!

[Editor’s Note: Over the next few months, we will highlight sessions at the June 17-21 Telecom & Technology conference. Registration information is here!]

Cybersecurity, data, smart-grid deployments, broadband, and much more will be discussed at UTC’s upcoming Telecom & Technology annual meeting.

Registration is now open for the June 17-21 meeting in Fort Worth, TX.

In the coming days, we will be rolling out a detailed agenda, including concurrent session tracks on utility communications policies, cybersecurity, data, AMI deployments, utility broadband issues, and so much more.

We will host an intriguing general session during the June 19 luncheon featuring trade association executives and senior officials from the Energy Storage Association, the Common Ground Alliance, the North American Transmission Forum, EPRI, and the Smart Electric Power Association.

Additionally, Tuesday, June 18 will feature summits, trainings, and 101 courses on the IP Transition, small-cell deployment, enterprise architecture for utilities, and security incident response.

You will not want to miss this event!

Have you registered yet? What are you waiting for?

Stay tuned for more detailed information, available here: https://utctelecom.org/

Sen. Kennedy to FCC: Protect Incumbents in the 6 GHz Band

Sen. John Kennedy (R-LA) urged the Federal Communications Commission (FCC) to protect incumbent users, particularly energy and water utilities, as it considers opening up the 6 GHz spectrum band for unlicensed purposes.

In an April 1 letter to FCC Chairman Ajit Pai, Sen. Kennedy noted the importance of the 6 GHz band to utilities and other critical-infrastructure industries (CII). He pressed the FCC to ensure that its actions in the band do not interfere with these crucial industries.

“Allowing unlicensed use in the 6 GHz band without adequate interference protections would pose significant risks to safety and operational reliability of utility systems,” Sen. Kennedy wrote.

Sen. Kennedy’s letter came on the heels of the deadline for reply comments in the 6 GHz proceeding. In late March, UTC and a coalition representing nearly every electric utility in the U.S., along with the nation’s oil and gas companies and thousands of water and wastewater utilities reiterated their opposition to the FCC’s proposal to open the band to unlicensed use (Industry Intelligence, March 25, 2019).

In his letter, Sen. Kennedy notes that the nation’s need for spectrum is growing but that the FCC’s proposal in the 6 GHz band “does not adequately balance the public interest in protecting the safe, reliable and secure delivery of essential services by utilities and other CII.”

To that end, he is also unconvinced that the proposed “automated frequency coordination” measures to protect against interference will as planned. “Given the importance of essential energy and water services to our nation’s wellbeing, I encourage you to consider how this proposal could impact the critical infrastructure industries who rely on the 6 GHz band for their vital communications networks,” he wrote.

Sen. Kennedy’s letter is an important milestone in UTC’s advocacy in this proceeding. The letter was covered by Politico, a widely read media outlet covering policies and politics in Washington.

Please contact the UTC Public Policy Team with any questions.

Federal Panel Zeroes in on Utility Communications Networks

Securing utility communications networks took centerstage at a high-profile federal conference late last month.

Members of the Federal Energy Regulatory Commission (FERC, the Commission) and the Department of Energy (DOE) heard from a panel of electric utility chief executives, government intelligence experts, and other industry stakeholders about the importance of protecting utility infrastructure—and, critically, their communications systems—from cyber and physical attack.

“The threats we face are transforming and increasing,” said FERC Chairman Neil Chatterjee, in opening up the March 28 joint technical conference between FERC and DOE.

FERC and DOE held the conference–the first of its kind between FERC and DOE—to review cyber and physical threats to the grid, along with incentives and cost-recovery mechanisms to encourage utilities and other regulated entities to invest in appropriate cyber and physical security measures (Industry Intelligence, March 25, 2019).

Charles Kosak, Deputy Assistant Secretary within the Department of Defense’s Defense Continuity and Mission Assurance, told the assembled commissioners and DOE officials that utility critical infrastructure are being eyed by U.S. adversaries for potential attack. “We have adversaries who are targeting our infrastructure,” he said. The U.S. and private sector “need to anticipate where our adversaries” are headed.

To that end, two investor-owned utility CEOs—Nicholas Akins of American Electric Power and Christopher Crane of Exelon—said the electric utility sector is focused intently on protecting their systems and making their infrastructure more resilient.

Both Mr. Akins and Mr. Crane said that their companies are interested in laying fiber-optical ground wire across their infrastructure to secure critical communications.

“Our focus is to put as much fiber-optics as we can,” Mr. Akins said, noting his company is working with telecommunications vendors on related issues.

Additionally, the firms and vendors who provide many utility telecommunications services are not regulated by either federal or state entities, creating another level of uncertainty, panelists said. Some of these providers “do not grasp how integral they are to the whole network,” said Jay Emler, a Commissioner with the Kansas Corporation Commission.

Meanwhile, panelists also discussed the need for utilities to control as much of their networks as possible. While numerous utilities own a significant portion of their communications network, not every utility has the resources to do so, panelists said.

Laying fiber is expensive, said Kevin Wailes, CEO of Lincoln Electric System and Co-Chair of the Electric Subsector Coordinating Council. While public-power utilities, he said, are making investments into securing their systems, they must also weigh the costs. This is why a more strategic, focused approach to cyber and physical security makes sense for smaller utilities.

Mr. Wailes also questioned whether the federal government should provide rate incentives for security investments, as doing so “could result in investments in the wrong things.”

Additionally, two state commissioners noted that many of the threats to utility infrastructure are on the distribution system, which is regulated by states. Yet with the intelligence community situated at the federal level, more needs to be done to educate state commissioners and staff on the threats that exist, Commissioner Paul Kjellander of the Idaho Public Utilities Commission said.

Please contact the UTC Public Policy Team with any questions.

Comment Deadlines Set in FCC’s 900 MHz Proceeding

Comments on the Federal Communications Commission’s (FCC, the Commission) proposal to realign the 900 MHz spectrum band for broadband use will be due in early June, with reply comments due about a month later.

In a notice published last week in the Federal Register, the FCC set the deadline for initial comments for June 3, with reply comments due July 2.

The FCC last month approved a notice of proposed rulemaking to make a portion of the 900 MHz band available for broadband.

Specifically, the FCC proposes a 3×3 MHz broadband segment and reserves the remainder of the 900 MHz band for continued narrowband operations. The broadband segment would be located between 897.5-900.5 MHz/936.5-939.5 MHz, leaving two separate narrowband segments–-a 1.5×1.5 MHz (896-897.5/935-936.5 MHz) below the broadband segment and a .5x.5 MHz segment (900.5-901/939.5-940 MHz) above the broadband segment (Industry Intelligence, March 18, 2019).

With the comment deadlines set, UTC will engage with its members as it determines its next steps. Any comments UTC files will adhere to the tenants in the resolution the UTC Board of Directors passed last summer.

Please contact the UTC Public Policy Team with any questions.

FERC Report Offers Additional Suggestions to Improve Security

A new federal report found that the cybersecurity processes and procedures adopted by most utilities in the U.S. are meeting government standards to shore up protection of the U.S. transmission system.

However, the report also concluded that there are other measures utilities could take that are not found in the federal requirements which could also improve security.

The report, released late last month by the Federal Energy Regulatory Commission (FERC, the Commission), marks the conclusion of a series of audits FERC’s offices of Electric Reliability and Enforcement performed of numerous electric utilities over a three-year period which began in 2016.

FERC staff conducts non-public audits of several unnamed utilities and their compliance with the North American Electric Reliability Corporation’s (NERC) Critical Infrastructure Protection (CIP) standards each year. Its findings, the commission said, “may be generally beneficial to the utility based cybersecurity community to improve the security of the” Bulk Electric System (BES).

In its report, FERC staff said that most of the processes and procedures implemented by the audited utilities “met the mandatory requirements of the CIP Reliability Standards. However, there were also potential compliance infractions found. Additionally, staff noted observations of practices that could improve security but are not necessarily required by the CIP Reliability Standards. Therefore, this report includes recommendations regarding cybersecurity practices that are voluntary.”

FERC initiated the audits about eight years after it adopted the first eight NERC CIP standards in January 2008. The standards are designed to mitigate the cybersecurity risks to BES facilities, systems, and equipment, which, if destroyed, degraded, or otherwise rendered unavailable as a result of a cybersecurity incident, would affect the reliable operation of the grid.

Commission staff performed the audits through data requests, interviews, teleconferences, and site visits, the agency said.

Among the lessons learned in the audits are that utilities should enhance their processes and procedures for security awareness training and consider implementing valid security certificates within the boundaries of BES cyber systems with strong encryption to properly authenticate internal connections.

Additionally, the report encourages utilities to consider encryption tools for Interactive Remote Access to protect data being sent across utility infrastructure.

“This report demonstrates that utilities have done and will continue to do everything they can to secure their systems against potential cyberattacks,” said UTC Vice President of Government Affairs, Policy, and Cybersecurity Sharla Artz. “We appreciate the lessons learned from these audits and will communicate the results with our members. This report makes clear something that utilities have known for a long time—standards, while important, are not the panacea to a safe and secure grid. To truly harden our infrastructure, a partnership between the federal government and private industry is critical.”

UTC’s Security, Risk, and Compliance Committee holds monthly webinars on these and related issues. Please contact the SRCC team with questions.

Upcoming Events

A snapshot of upcoming UTC webinars, events, and conference calls

  • April 9: UtiliSite Committee Webinar—For more information, contact Bob Lockhart
  • April 16: Utilities Broadband Committee Call—For more information, contact Brett Kilbourne
  • April 17: IT/OT Committee Call—For more information, contact Bob Lockhart
  • April 18: Telecom Committee Call—For more information, contact Brett Kilbourne
  • April 18: Public Power Division Call—For more information, contact Sharla Artz
  • April 19: Security, Risk, and Compliance Committee Webinar—For more information, contact Sharla Artz
  • June 17-21, 2019: Telecom & Technology annual meeting