As we witness our confusing, chaotic, yet often courageous struggle to overcome the coronavirus pandemic, clear lessons emerge:
- Politics often wins over science.
- A reliable, organized supply chain is essential.
- Existing federal government emergency powers, if used quickly, could help put us in front of a rapidly escalating crisis.
- Policies that pit state against state are wasteful and hazardous, and
- A national challenge requires a planned, coherent, and coordinated national solution.
History shows us that America is best when we are united, all pulling in the same direction toward a common goal, or against a common enemy. That is how we solved challenges in the past, whether war, economic depression or recessions, diseases, natural disasters, terrorist attacks — even the race to put a man on the moon.
These lessons demonstrate that we must take a unified and cohesive approach to another looming threat to our national security — an attack that disables our electric grid. Operationally, our nation’s electric system, like our health care system, has been recognized as a world leader, but it is, as we have seen in our health care system, not invincible.
Electricity is the lifeblood of almost everything we do and the backbone of our critical infrastructure. It powers health care, communications, transportation, financial services, manufacturing and commerce, clean water, food and agriculture and emergency services. Without it, our economy and even our way of life, grinds to a halt.
The threat to our electric system is very real and growing at an alarming pace. Power companies and federal agencies record millions of attempted hacks every day. We are in the middle of a war — a largely invisible cyber war, but a war, nonetheless.
Unfortunately, the existing structure of the electric power industry could lead to a fractured approach to winning that war. The current disjointed response to the pandemic has too many parallels.
The energy industry is regulated at the bulk power level by four federal agencies — the Federal Energy Regulatory Commission, the Nuclear Regulatory Commission, and the U.S. Departments of Energy and Homeland Security. Consumer-facing, retail supply is regulated by 51 utility commissions, and literally thousands of local governing boards that oversee operations at municipal and rural power companies. The Department of Defense also owns and operates critical electric system assets.
Bringing all of these entities together to reach agreement on a coordinated plan to upgrade grid cybersecurity — more than 9,500 power plants, 240,000 miles of high-voltage transmission lines and more than 5.5 million miles of lower-voltage distribution lines — is a Herculean task. But it must be done. Without preparation, our nation is vulnerable to unimaginable peril.
Some cooperative efforts to foster coordination on emergency planning and response at the national level are already in place between the utility industry and the federal government at the CEO level. But more must be done now — much more. Our complex grid requires clear, unified policies coupled with incentives to invest in advanced cybersecurity protection. Without those, we face disastrous attacks on the grid that could leave us literally powerless.
We must develop a unified national policy that:
- Dramatically streamlines the regulatory system on this issue;
- Incentivizes investment by the electric power industry in advanced cybersecurity protection; and,
- Brings together federal and state regulators with the power industry to develop effective and dynamic cyber defense protocols that address grid vulnerabilities — NOW.
The power industry, the U.S. government and the American people share a common goal of maintaining a steady, reliable supply of electricity. We also share a common threat that puts our homes, offices, hospitals, factories, food, water, and our EMTs, police and firefighters at risk. If we share a common threat, we must share a common plan to confront that threat and have that in place before we are attacked.
Making the entire grid more robust and resilient — harder to hack, more difficult to disable or dismantle, and faster to repair or restore — is costly, but those costs will be more than mitigated by avoiding the devastating and deadly effects of a successful cyberattack.
Rising to this challenge is urgent. Gen. Douglas MacArthur said: “The history of failure in war, or in any other human endeavor, can be summed up in two words: ‘too late.’”
We have entered a moment in history where we can do the right thing and avoid future generations from concluding we were too late or that we lacked the imagination to prepare for the unthinkable. The need is real, and the time is now. Let’s get on with it.
U.S. Gen. Michael V. Hayden is the former director of the National Security Agency, the former director of the Central Intelligence Agency and an adviser to Protect Our Power,
Morning Consult welcomes op-ed submissions on policy, politics and business strategy in our coverage areas. Updated submission guidelines can be found here.
Get the latest global energy news and analysis delivered to your inbox every morning.