A massive breach using software from Texas-based SolarWinds Corp. in 2020 is one example of how attackers can bypass such defenses through trusted vendors, FERC said.
“We can’t let our guard down on cybersecurity at all and we need to continually monitor whether the standards are appropriate,” FERC Chairman Richard Glick told reporters in a Thursday briefing. Companies need to be vigilant against hackers trying to get in and “if they do get into the system, it’s important to know it as quickly as possible, to have knowledge of it and to be able to take action on it.”
There is a 60-day comment period for the proposal. After that, the commission is expected to order the North American Electric Reliability Corp., the international body charged with reducing risks to energy grids, to revise or submit new rules to address the gap.
Share This: