When Smart Grid Legal News interviewed PJM’s CEO Terry Boston earlier this month, he identified cyber security as the problem that kept him up at night. Clearly, Terry is not the only person who worries about cyber security, and that includes members of Congress. On December 15, 2011, U.S. Rep. Peter T. King (R-NY), Chairman of the Committee on Homeland Security, and Rep. Dan Lungren (R-CA), Chairman of the Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies, introduced the Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness Act of 2011 (the “PRECISE Act”). This bill (H.R. 3674) would amend the Homeland Security Act of 2002 to require the Department of Homeland Security (“DHS”) to identify cyber security risks to critical infrastructure, including the electric grid, and develop methods to mitigate these risks.
The legislation requires DHS to identify cyber security risks on a sector-by-sector basis and to collect existing performance standards to determine the best methods to mitigate identified risks, and calls for the appointment of a “lead cyber security official” within DHS to coordinate the Department’s cyber security activities with the Department’s other infrastructure protection activities.
The legislation would also establish the National Information Sharing Organization (NISO), a private-sector-controlled, not-for-profit organization to facilitate best practices, provide technical assistance and enable the sharing of cyber-threat information. NISO would be run by a board of directors composed of representatives from five different Federal Agencies, including DHS, and 13 members of the private sector, including members representing the Communications, Electric, Oil and Gas, Health Care and Financial infrastructure sectors. Here is a great section-by-section summary of PRECISE.