The Government Accountability Office has found that the Federal Energy Regulatory Commission failed to comply with a GAO 2011 recommendation to coordinate and craft strategies with other agencies to track whether the electricity industry complies with voluntary cyber measures.
GAO said in a testimony Wednesday to a House Committee on Science, Space, and Technology subpanel that FERC was able to evaluate the challenges to efforts that seek to protect the electricity grid from cyber threats.
Some of those challenges cited by GAO in 2011 include the lack of a holistic industry approach to cybersecurity, absence of a forum for cyber threat information sharing and lack of metrics intended to measure industry’s efforts to secure smart grid systems.
According to GAO, the Energy Department and the Department of Homeland Security have begun to launch efforts to advance the implementation of updated smart grid-focused cybersecurity standards issued by the North American Electric Reliability Corporation in 2013 and the National Institute of Standards and Technology in 2014.
GAO also recommended that agencies should pay “continued attention” to protecting the country’s electricity grid from potential cyber attacks.