- Not enactedThe President has not signed this bill
- The senate has not voted
- The house has not voted
Committee on Energy and CommerceEnergyIntroducedJanuary 9th, 2019
- house Committees
What is House Bill H.R. 370?
Cost of House Bill H.R. 370
In-Depth: Rep. Fred Upton (R-MI) reintroduced this bill from the 115th Congress to require the DOE to undertake a variety of activities to improve the physical and cyber security of pipelines and LNG facilities:
“Since its inception, the Department of Energy (DOE) has performed a vital energy security mission to ensure the supply and delivery of fuels and power in emergencies. Over time, DOE has developed the information tools and technical capacity to respond to emergencies and develop advanced technologies to protect the nation’s energy infrastructure, especially against cyber threats. In recent years, Congress reemphasized DOE’s responsibility to respond to both physical and digital threats against our energy systems through the passage of the FAST Act of 2015. Of course, for DOE to effectively carry out its responsibilities, it must account for each interrelated segment of the nation’s energy infrastructure, including pipelines, which are subject to an array of other federal authorities. This is why I introduced the Pipeline and LNG Facility Cybersecurity Preparedness Act to address this issue. This legislation requires the Secretary of Energy to establish a program to improve cooperation between federal agencies, states, and industry in order to ensure the safe and dependable flow of energy across the United States. This will help boost both the physical resiliency and cybersecurity of energy pipelines and liquefied natural gas facilities. The threat of damage from a disaster or an attack on our energy infrastructure is no longer a matter of ‘if,’ but ‘when.’ Congress must act swiftly to provide DOE with the tools it needs to enhance preparedness and protections of our energy systems. It is time to enact legislation that confronts these threats and improves the resiliency and reliability of our nation’s energy infrastructure.”
The Troutman Sanders Pipeline Practice group argues that current rules and regulations on pipeline security are insufficient:
“Both the electric utility industry and the oil and gas industry face increasing cyber threats from nation-states, criminals and terrorists. While oil and gas pipelines and LNG facilities are subject to limited PHMSA regulations regarding physical security, there are no mandatory requirements regarding cybersecurity. TSA Guidelines are designed to assist the industries in developing a reasonable security and cybersecurity plan that is sufficiently protective of its assets. While those requirements are only voluntary, they are nevertheless likely to be perceived as minimum best industry practices by insurance companies and in litigation. For that reason, it is advisable for operators to review and consider any changes to their own plans and procedures. The promulgation of at least minimal security regulatory requirements may be worthy of consideration at this point, given the increase in both cybersecurity threats as well as pipeline sabotage, as well as which agency is best positioned to promulgate them.”
In the current Congress, this bill has one bipartisan cosponsor, Rep. David Loebsack (D-IA). In the 115th Congress, it passed the House Transportation Committee and placed on the House calendar, but never received a vote. In the previous Congress, it had one cosponsor, Rep. David Loebsack (D-IA).
Of Note: Currently, the Transportation Security Administration (TSA) within the Dept. of Homeland Security (DHS) is in charge of pipeline security. However, the Federal Energy Regulatory Commission (FERC) has argued that the DOE is better-positioned to impose mandatory cybersecurity requirements on pipelines and ensure their enforcement. Republican FERC commissioner Neil Chatterjee says, “A pipeline outage, which may be connected to eight or nine generators, poses far more significant consequences today than it did in the past.” Democratic FERC Commissioner Richard Glick also supports a bigger role for the DOE.
Summary by Lorelei Yang
(Photo Credit: iStockphoto.com / zorazhuang)