“It is time to establish mandatory pipeline cybersecurity standards similar to those applicable to the electricity sector. Simply encouraging pipelines to voluntarily adopt best practices is an inadequate response to the ever-increasing number and sophistication of malevolent cyber actors. Mandatory pipeline security standards are necessary to protect the infrastructure on which we all depend.
NAESB has been engaged with the Department of Energy via Sandia National Labs Surety Assessments to verify the integrity and effectiveness of commercial cybersecurity standards embodied the the Natural Gas industry's Electronic Delivery Mechanism NAESB standards, since the late 1990's. NAESB's Wholesale Electric Quadrant (WEQ) standards for Public Key Infrastructure (WEQ-012) have been protecting the Wholesale Electric industry data communication market infrastructure for almost 20 years without a single reported breach. The success of these NAESB cybersecurity standards are evidence of NAESB's Technical Proficiency in the development and maintenance of effective cybersecurity standards for the Natural Gas and Electric industries. This announcement from FERC raises an important point and a critical call for action: Mandatory pipeline security standards are necessary to protect the infrastructure on which we all depend