When it comes to ensuring a resilient energy grid capable of serving American customers no matter what comes our way, there are few things more vital than safeguarding the security of our nation’s system of energy pipelines.
Natural gas and the vast network of pipelines that deliver this cleaner burning fuel to users are critical not only for keeping energy prices stable for families and businesses, but for ongoing efforts to combat climate change. That’s why the Senate Energy and Natural Resources Committee held a hearing last week to discuss the challenges and opportunities that our energy grid and customers are currently facing. While the members and panelists spoke on a wide range of topics, one important issue was largely absent from the discussions: preparedness of our pipeline system to deal with emerging threats, particularly those that deal with cybersecurity.
Get the latest news, data and insights on key trends affecting energy and the environment.
Despite cybersecurity being the front-and-center issue for a broad spectrum of energy providers for years, the Department of Energy recently concluded that pipeline operators in the United States are not adequately prepared for cyberattacks and that natural gas pipelines specifically are “increasingly vulnerable to cyber- and physical attacks.” The memo specifically pointed out that natural gas can’t be stored on-site and suggested that over-reliance on natural gas leaves the nation at risk.
The memo, made public last month, drew more than one raised eyebrow from stakeholders in the energy sector, where millions of dollars and much planning have already been devoted to address this emerging issue and protect these valuable fuel delivery systems. Just look at the money. Producers in the oil industry are expected to devote nearly $2 billion by the end of this year to bolstering cyberdefenses around the energy grid.
Additionally, a commitment to coordination and data sharing by both the private and public sector is also evident and already underway in this space. Through the Oil and Natural Gas Information Sharing and Analysis Center, which was created in 2014 as a “dynamic cyber security hub” that shares and analyzes threat information, more than 50 companies, including a number of the nation’s largest natural gas pipeline operators, participate and share information on possible cyberthreats. This intelligence and its use are also being tested in threat simulations such as one conducted last year by North American Electric Reliability Corp. that included more than 6,000 stakeholders from utilities and government agencies taking part in an exercise that tested coordination and response to cyber- and armed assaults on energy resources.
Having recognized the magnitude of cybersecurity issues for well over a decade, industry and federal partners continue to build a robust defense network and establish a clearinghouse of information and best practices for utilities and infrastructure operators to utilize. For example, just this year, both the Transportation Security Administration and the National Institute of Standards and Technology — two key agencies involved in the security of our nation’s energy grid — released updated versions of their cybersecurity guidelines for pipelines.
The DOE is also assisting to help prepare our electric grid as cyber attempts become more and more advanced by cultivating new, practical solutions to this evolving issue. Just recently, the DOE announced plans to invest in new research and development projects that will develop innovative technologies tackling cybersecurity issues across the energy generation sector. Four of the 15 projects the DOE will oversee will help buttress the energy grid against cyberattacks with a total investment of about $1 million to ensure these important projects continue. Clearly, the agency has recognized, as has the energy industry, that more research and broad cooperation are the keys to practically addressing cybersecurity issues.
With these developments in mind, many in the energy industry were surprised at DOE’s statement about pipeline security. Among those is independent grid security consultant Tom Alrich, who explains that there is no evidence a cyberattack has ever disrupted the flow of natural gas or electricity in the United States and that there is no reason to believe that other energy sources such as coal are more cybersecure than natural gas.
Alrich is not alone in his confidence about energy security. The North American Electric Reliability Corp. concluded in its 2018 Summer Reliability Assessment that grid resilience is actually improving, despite new threats. The current approach of cooperation and investment is working, along with awareness that constant vigilance is required to stay prepared.
A combination of federal regulations and market forces has increased the use of natural gas for U.S. energy production. Natural gas is also a key ingredient to climate action, as the use of our nation’s abundant natural gas supplies has delivered near 30-year lows for carbon dioxide emissions from the electricity sector. That’s why lawmakers must understand that protecting our pipelines from threats is a matter of national security. But that’s also why they must carefully weigh claims about pipeline security.
Because of the importance of pipelines to the American way of life, lawmakers should pay close attention to discussions about cybersecurity threats and responses. As they do so, however, they should keep in mind the significant investment and careful planning of thousands of energy industry professionals and federal experts who continue working diligently to protect the grid. By focusing on the facts, lawmakers can help ensure that customers continue to benefit from a stable and secure American energy system.
Laura Schepis is the executive director of the Partnership For Clean Affordable Energy and currently serves as chairman of the National Energy Resources Organization.
Morning Consult welcomes op-ed submissions on policy, politics and business strategy in our coverage areas. Updated submission guidelines can be found here.