Skip to main content

tv   Hearing on Electric Grid Security  CSPAN  April 19, 2016 7:32am-9:38am EDT

7:32 am
have either one of you seem actions taken to deal with what i just said? is there clear direction given by the united nations on the civilian personnel? is their clue supervision, clear training, clear ways of being able to get the information on those who are violating so that they can be removed and held accountable? is there a clear line of responsibility and accountability from the united nations to the civilians that are in these countries in which we have the u.n. peacekeeping missions? >> two quick thoughts, which is first of all i think it's important to note the secretary-general did remove the head of the u.n. mission in c.a.r. when these charges first came to light. i think that's exactly the type of accountability that was long overdue and necessary.
7:33 am
and hopefully will send a signal to future civilian and military commanders that when missions that are under their supervision, as you said, they are responsible for making sure the troops are actually performing the duties in an ethical and principled way. if they fail to do that then they need to be dismissed from the job. in the case of central african republic, that did occur second of all, in terms of civilian employees, so that employers are deployed to all of these missions come we are seeing excessive training, human rights training. but as the previous panel indicated training is not a substitute for appropriate supervision of work. in the case of civilian employees we need to ensure that the people that are at the highest levels within each individual mission are fully responsible for the actions of their employees, and at the earliest possible moment the allegations were raised in such exportation of their reported to the right authorities in the
7:34 am
u.n. system and action and investigations are taken. in fact, the new immediate response against the u.n. has established to make sure that within five to 10 days that the actual evidence of crimes related to such exportation and abuse are preserved, is deployed into case of both civilian and military employees such couldn't agree more. >> historically with a command there's always been a challenge, and particularly colleagues reporting misconduct. we know that stark problems i would try to take action to do with it. on the civilian side, dr. brown, is that the same type of inherent problems on reporting colleagues misconduct? >> i believe so, yes. i believe there's the adage, there's a number of other problems, for example, prosecution would require the lifting of immunity as the start. it's also the way the system is currently constructed it would require the u.s. office of
7:35 am
internal oversight, services to investigate. we are talking there about u.n. staff investigating other u.n. staff. to our inherent conflicts of interest within the system that will need to be addressed. >> with the immunity, in other words, they are immune from criminal prosecutio prosecutiont country? >> in theory. >> i would also like to make a clerk the secretary-general invite has made it quite clear that no u.n. employed the subject of sexual exploitation and abuse, if they have immunity to will be waived. most civic employees who are deployed as part of peacekeeping missions actually did not have diplomatic immunity. in either case the second agenda at the u.n. team has made it quite clear diplomatic immunity will not apply. >> knowing the country to which the peace missions are situated, the capacity their to do with these types of issues are limited. >> that's correct. going back to the point of the
7:36 am
investigation itself, we have an inherent problem because you have a u.n. investigative body investigating possibly quite a senior official in the country. you have an inherent conflict of interest. used on the conflict of interest in my view, with the u.n.'s office of internal oversight investigating at tcc, a case at tcc or the discipline and conduct unit investigating it or even a human rights officer investigating it. but when it comes to u.n. staff, that conflict is exacerbated and i think that to be addressed. along with her if i may, along with the problems inherent in the reporting lines themselves. because there are multiple barriers to information moving up the chain. >> the question i think i would ask, i know we don't have the right people here, what capacity to the field in countries where
7:37 am
there are u.n. peacekeeping missions to be able to have the capacity to prosecute those who violate the law in those countries of sexual exploitation and abuse. that would be an interesting point to see how the united nations is hoping the country be able to hold accountable -- helping -- those violating these laws. >> of these employees need to be repatriated to their own country and need to be subject to prosecution at all. >> but for silly things -- for civilians and maybe even more complicated. >> correct. >> back to the pressure, mr. yeo, you talked about earlier wha when you've got thee expanding peacekeeping needs that are complex, you've got pressure for more of that to occur. i mean, i look at the types of populations, generally speaking,
7:38 am
that are being quote protected. i mean, is there some institutional disrespect for the types of people that these peacekeeping missions are being sent out to protect? is there something there that we need to understand? >> i think the disrespect that occurs is between individual soldiers and the disrespect that as a result of individual actions are taking, the crimes they are committing as a peacekeeper. but having visited many different even peacekeeping missions around the world, i am honestly shocked by the willingness of peacekeepers to serve away from their homes for sometimes months, years on end, protecting people they don't even know. they are doing it at great personal risk and you look at,
7:39 am
for instance, the peacekeepers in mali that are battling terrorist elements in mali. there have been dozens of peacekeepers killed just three french peacekeepers were killed yesterday in mali. i think most peacekeepers are absolutely committed to civilian protection. we had a wonderful american who was deployed to south sudan as part of the peacekeeping mission, and the military showed up at the gates can be made he turn over all the young men indicate and the absolute refuse. he stood indicate and he said you may not coming. and as a result, the people were saved. and, of course, he from my perspective is a hero for saving that. i was relieved and south sudan. ththere are 200,000 people today living in these camps that largely of their lives to the fact that we peacekeepers from around the world guarding these camps trying to do the best to protect the people inside who would otherwise be killed by other elements within the country. so it's very complex. i don't think there's a culture with a don't want to protect the
7:40 am
people they're supposed to protect. i think this is a case of individual soldiers doing wrong and they need to be punished. >> let me ask you this based on what you just said. are reducing today in this hearing getting an unbalanced view of this issue? >> no, i don't think so at all. what happened in c.a.r. to what happened in mali and what happened in terms of sexual exportation and abuse in these other countries is absolutely horrific. because the entire concept of u.n. peacekeeping a bad thing. they need to occur and most important and needs to occur a year from occur a year for two years ago. this will not be fixed overnight and we need to make sure there's bilateral and multilateral pressure for years to come so that 10 years from now we are not looking back at this and saying we worked on this 10 years ago. 10 years from now peacekeeping needs to be the model for how this i know this is something
7:41 am
jane holl lute who has been appointed by the secretary jewell and as former deputy secretary of department of homeland security is looking at, what are the best practices for training and command and control to make sure, how can we borrow from editors around the world including the united states to make sure we can work with the countries that are the backbone of peacekeeping to improve their performance. it is a long call and it will require a lot of bilateral and multilateral pressure. >> let me ask the question again, because the disrespect i was talking about is, you have the hierarchy of the united nations that has these complex missions as you mentioned and needs more anyway of peacekeepers. and yet are sending out countries that are known to have problems, i'm sorry. where as senator isakson mentioned, in many places rape
7:42 am
is certainly an act of war. it's part of warfare -- part of war. i was just in the balkans. it was an act of war, a part of war. so back to the disrespect i'm referring to. i'm talking about not the soldier to talk about at the human level. is there a sense that there's just so much in the way of need, and these populations, so what, is there something there that i'm missing? >> i think it was acceptance of this low-grade, what was it at the time as a low-grade ongoing problem, and acceptance extended for years on end. not just by the highest levels within the u.n. but by the u.n. member states including members of the security council. i don't think that acceptance is there any longer. if you look at what's new as a
7:43 am
result of what has happened we see for the first time ever military units being repatriated. you have for the first time ever policy endorsed by the security council saying no more units may be deployed if they have a track record of systematic abuse or the refuse to get back to you as to what they've done in terms of discipline or refuse to investigate. this is the first time they've done it. we need to ensure it is enforced so that units from the congo are not deployed in future peacekeeping missions unless they changed the way they do business. it's got to change at the u.n. is now committed to that and has been endorsed by the security council. i think the acceptance of these practices i think is over. >> dr. brown? >> if i may. i agree entirely with what mr. young has said. the u.n. has failed what i consider except that it itself has a problem and that's what needs to happen. there needs to be a recognition
7:44 am
that itself needs to reform itself and needs to recognize that it doesn't have you can build structured internally. and most of the measures that apply to the tccs most applied to the human. and furthermore that staff at the great risk in reporting the sexual abuse must be protected. we've had this terrible case with mr. campos which has just sent a chilling message to the system and that must be rectified otherwise we are going to find staff will simply not report. >> w wanell, ito thank both of our witnesses. this has been very helpful to us but it really starts with the recognition that sexual exploitation and abuse is not acceptable. and it has to be carried by the top leaders, so it starts with the top leadership of the united nations, and it has to be not
7:45 am
just understood by everyone in the leadership of the united nations. it has to be enforced by everyone in the hierarchy of the united nations. so that they understand that it's different than it's been in the past. doesn't mean people in the past did look at it as serious, but the institution didn't look at it as serious, and that has to change. but it requires a cultural change. without that you are not going to get the type of action that we want to see. the action we want to say is that the member countries that are participating in the united nations understand that cannot be tolerated, so the leadership impresses upon their participants that this will not be allowed and that if you are involved, it will be very severe, and that you are bringing disrespect to our country's participation and jeopardizing our standing and we are not going to allow that to happen. and it is not allowed.
7:46 am
that's what you're going to have to have for the to be the type of change we want to see occur. so yes, we have seen some encouraging signs. you mentioned some of the encouraging signs. the passage of the security council resolution. but we are far from declaring that has been accomplished in the culture of the united nations. that's something that is still a matter that many of us are concerned whether the message is clearly being broadcast the way it should. that's something we're going to continue to follow. enemy, i expect we'll take some additional action in congress. >> we want to thank you both. it's been a very powerful hearing and i think that your testimony, i hope your testimony is going to end up affecting people in that, hopefully, thousands of people who otherwise would've been sexually abused, raped, whatever, will not have that experience because of people like you who have been willing to testify in this
7:47 am
manner. i want to build on what you just said. in essence, because united nations is providing peacekeepers that, in some cases, not in every case, our sexually abusing people, our citizens here who work hard every day to raise the families and pay taxes, they are basically sending money, sending their hard earned money to an organization that has been unwilling to deal with the crisis within it. and that taints america. it taints that taxpayer money that we are sending. and i hope that somehow very soon the leadership of the united nations will understand that the american people, through their elected representatives, are not going to stand for us sending money to an organization that is
7:48 am
unwilling to do with this moral depravity that's taking place there, but not being willing to own up to a problem and deal with it in an appropriate way. so again we thank you. we appreciate it very much your time and to travel. the record will remain open through the close of business friday the and if you could respond fairly probably two questions, my senses you want to do that. we thank you again, and with that the meeting is adjourned. [inaudible conversations] [inaudible conversations]
7:49 am
[inaudible conversations] >> [inaudible conversations]
7:50 am
[inaudible conversations] [inaudible conversations] [inaudible conversations]
7:51 am
[inaudible conversations] [inaudible conversations] [inaudible conversations]
7:52 am
[inaudible conversations] [inaudible conversations] [inaudible conversations]
7:53 am
[inaudible conversations] >> our live coverage of the presidential race continues tonight for the new state primary. join us at 90s over election results, speeches and the reaction. take you on the road to the white house on c-span, c-span radio and c-span.org. >> this sunday night on q&a, historian talks about the hit broadway musical hamilton that is based on alexander hamilton and the work he did on the musical. >> he said i read your book on vacation and as i was reading it
7:54 am
the songs are rising off the page. i should really? he said hamilton's life is fascinating never get announcing what on earth is this guy talking about? the fact that a world-class ignoramus about hip-hop and he said to me on the spot, my first question he was can hip-hop the vehicle for telling this kind of very large and complex story. is that i'm going to educate you about hip-hop. he did on the spot. with hip-hop you can pack more information into the lyrics to any other form because it's dense and rapid. is to talk about the fact that hip-hop not only is blind in things come it has internal rhymes, he started educating me in all these different devices that are very, very important spent sunday night at eight eastern and.
7:55 am
>> craig fugate takes questions from lawmakers about whether the u.s. is prepared for an electric grid failure either from a cyber attack or natural disaster. this house transportation and infrastructure committee hearing is two hours. >> committee will come to order. today we are holding a hearing to export a critical and timely topic. there've been numerous congressional hearings on cybersecurity and how to stop the bad guys. what has not been discussed in great detail is what the consequences will be from a massive cyberattack that brings down, for example, a large portion of the electrical grid for an extended period of time. the purpose of today's hearing
7:56 am
is to answer an important question, with respect to cyber threats to the electrical power system, what consequences should the federal government tell states and local governments to prepare for? in other words, for how many people and for how long should states plan on being without power? the federal government does this now for almost every significant hazard we face. whether it is a category 5 hurricane hitting miami or an 8.0 earthquake in los angeles, the federal government has realistic estimates or scenarios for states and cities to plan. the federal government does not have this basic planning scenario for a cyber threat to the power system and there is a huge disparity in what different groups think is a potential scenario for which states and
7:57 am
local governments should prepare. and the difference would be significant for local governments. if the power is out for a few days, it can be an inconvenience, but if it is out for several weeks, or a month or more, the local government has to potentially plan for increased public safety, water treatment, sheltering or evacuation, fuel delivery for generators and many other contingencies. what should we plan for? ted koppel in his book says we should plan on six to 18 months of uninterrupted blackouts. the industry seems to say a cyberattack could at most cause an interruption in terms of days, not weeks. today, we are going to hear testimony from the federal emergency management agency, the department of energy, the department of homeland security's national protection
7:58 am
and programs directorate, the congressional research service, the north american electric reliability corporation, and representatives from the electrical industry. i hope to get an answer to this question for state and local governments. imagine what we would do without electricity for a day? a week? a month? a year? virtually all critical infrastructure is dependent on the electrical grid, particularly the lifeline sectors, telecommunications, transportation, water, and financial services. and if the goal of the bad guys is to collapse the u.s. economic system, they are going to try to cut off the power. there have been reports of hacking attempts on electrical facilities by foreign and domestic parties. our national security, public
7:59 am
safety, economic competitiveness, and personal privacy are at risk. according to the department of homeland security, the energy sector was the target of more than 40% of all reported cyberattacks. and even more disconcerting was the december 2015 cyberattack on ukraine's electric grid, which affected four dozen substations and left a quarter million people without power. at the same time as the attack on the grid itself, call centers were hit with a telephony denial-of-service attack as customers were trying to report the outages. if anyone thought this was a glitch, think again. the electrical grid is not only under attack from cyberspace, the electric power sector is all too familiar with the devastation storms like hurricane sandy can leave behind, or physical attacks like the 2013 incident at the metcalf substation in california.
8:00 am
thankfully, in the cases of storms and physical attacks, the power sector has strong plans in place and redundant systems to restore power quickly and avoid the loss of life and property. but i am concerned about a cyberattack. are their similar plans in place for industry and state and local government? will those redundancies provide the same types of protections .. best practiceticses, how we can
8:01 am
achieve a greater level of readiness all the way down to the local mayors and township supervisors. i'm encouraged to hear all industry talk about all hazards approach and focusing on mitigating the greatest risks. but i think there are some unique characteristics of the cyber threat that requires specific planning guidelines. i know we can not gold plate the system but given the indepencesy of electricity with our daily lives it is crucial we understand the risks and be prepared for likely consequences possible from the failure of that system. i look forward to this conversation today, starting with our witnesses and i thank you all for being here. i now call on ranking member mr. defazio, the chairman for his comments. >> thank you, mr. chairman.
8:02 am
mr. chairman, you certainly laid out well the potential threats of a cyberattack against our critical electrical grid. we know there is constant probing, some of it being done by nation states, not just terrorist groups. nation states hostile to the u.s. and we need to be certain of that we are as prepared, well-prepared as we can be. the the ukraine attack was harbinger of things to come. i do believe though that the all hazards approach can also cover the cyberattack area. the issue of probably most immediate concern for those of us that live in the northwestern
8:03 am
is a cascade earthquake of 9 or 9 plus which will inevitably knock out our grid. there will be exercises conducted, two exercises this year with the cooperation of the department of homeland security and all the local and state authorities in the region to simulate what would be possible in face of that sort of a disaster. many of the problems that could occur will be the same. you know the loss of transformers is particularly of concern and i will be probing that issue with some of the witnesses today. there is a question whether the federal government should be perhaps stockpiling of these transformers since now they're basically custom orders. they take six to 18 months. what if we lose a dozen, large, critical transformers because of an earthquake, tsunami or a cyberattack?
8:04 am
you know it seems to me kind of a no-brainer we should either through governmental sources or through, you know, cooperation with the industry be creating a critical infrastructure component stockpile here in the united states to deal with any an all of these sorts of potential attacks. in a coordinated physical and cyberattack could of course be the most devastating outside of a massive earthquake tsunami and again, many of the same issues arise and then one that doesn't get talked about very much anymore but we held a series of hearing on it years ago in the resources committee, then called the interior committee when we had jurisdiction over nuclear power is the potential for a bomb in place. that is a nuclear plant. if you destroy the backup system, take over the plant and
8:05 am
destroy the back-up system and incoming power you can create a meltdown. how good is our security a the our nuclear plants these days? i know this hearing will not get into this top i can. i don't know if it is of our jurisdiction. it is of concern to me. so i wanted to raise that concern too. like aviation, electricity, the grid, the and nuclear plants are of interest to terrorist groups and hostile nation states. so we've got to be prepared. so i'm pleased you're holding this hearing today. >> thank you. we'll have two panels of witnesses today. on our first panel we'll have administrator fugate, the current administrator of the federal emergency management agency. the federal coordinator for consequence management. assistant secretary hoffman from the department of energy's office of electricity, delivery and energy reliability.
8:06 am
this is the office charged with cord nighting the federal efforts to facilitate the recovery from disruptions in the emergency and energy supply. assistant secretary for infrastructure protection durkovich, from the department of homeland security. and mr. richard campbell, an expert at the congressional research service in the electric power sector. on our second panel we'll be joined by mr. gerry cauley, president and ceo of the north american electric reliability organization, international regulatory authority, whose mission is to assure the reliability of the bulk power system in america. mr. william spence, ceo of the ppl corporation, one of the largest investor-owned utility companies in the united states. and miss bobbi kilmer, president
8:07 am
and ceo of the claverack rural electric cooperative serving customers in the pennsylvania. since your record is made apart of the record, the subcommittee request that you limit your oral testimony to five minutes. start with our first panel, administrator fugate. you may proceed. >> thank you, mr. chairman, members, ranking members. i want to address your questions what do the local official need and what do they need to plan for and based upon our experiences seal dealing with other hazards based on disruptions, planning needs to managed in weeks. if there is not physical damage, but if you have damage to large transformers or generating capacity that will extend it. we know it is important for
8:08 am
initial response you provide for safety and security. lights are out, power out, we had major metropolitan areas and you have flury of people trapped in elevators and traffic control, you may need to to looking for problems rather than dealing with traditional call of 911 which may not be impacted as you pointed out before with denial of service attacks. ranking member talks about all hazards. hopefully your critical infrastructure has power and emergency power. you have the fuel supply you need. we have found that in many cases communities haven't planned for that. either they don't have critical equipment on backup power or don't have adequate fuel supplies. usually only enough fuel to run the weekly or monthly test but not to operate in crisis. generators are very expensive. in many cases there are options, such as putting in transfer switches. idea, what are the things required to keep the community
8:09 am
up and running until power at that can be restored that are lifelines. water, wastewater, communications hospitals and nye one one other dispatch facilities. generally these have emergency power but has to be planned for real, not just works during the monthly test. as you pointed out, mr. chairman, the duration starts driving additional issues. as we saw in new jersey, new york, longer you have power disruption more you have cascading effects from everything not being able to get to retail stores, grocery stores, others, gasoline distribution. as a community starts to recover to get back to normal, these all become challenges. so the planning really is based upon safety, keeping your primary life-support systems up, focusing on the restoration of the grid. and reality that your residential areas will be probably last to get power because you're going to get retail sectors and major core centers up first. the industry has shown a lot of
8:10 am
resiliency and capabilities of doing those things in physical destructions. we think the lessons we learned there would apply again to cyber. but cyber has a lot of unknowns. i will defer to my experts to my left on what those impacts are, potential threats and how likely these are but you saw how big is big? we actually looked at a natural phenomenon that is actually big, geomagnetic storms. the way our grid is built and vulnerabilities to very large transformers this administration develop ad working plan what we would do in the event of major geomagnetic storms impact on satellites and terrestrial is systems. we're looking at lessons from previous power outages to add to the natural response framework to look at power outages unique capabilities the federal government brings. this has to be a true working relationship with the utilities. we can not do this separate. it's a partnership.
8:11 am
it has to involve all levels. primary place we regulate power through the states through the utility regulatory operations the states manage. that framework this summer will be going to our senior leadership in the agencies to begin that process of concurrence and updating it. but it serves as a framework if something was to happen now, based upon lessons from sandy, going all the way back to previous hurricanes and other disruptions. challenges for people to look at, planning not for what they do every day, but what would happen if power was out not just hours or days or weeks? do they really understand what their capabilities are and things they need to do to insure their critical lifelines have enough power. trust me, sir, i've been through enough hurricanes to find out. too many facilities had enough emergency power to pass whatever requirements there, under full load in a crisis they failed. they didn't operate them under loads. they didn't maintain enough fuel in the systems for that. they didn't have contracts for firm deliveries when crisis
8:12 am
occurs. you really need to get people focused on this. if you going to provide emergency to power it has to be for real and operate long periods of time. you need to plan for this in phased approach. often times when it starts we don't know how long it will be out. we have i am mode i can't think response steps. you need to answer the question if power is not on in 72 hours, what are the next things we have to focus on. if we are out for a week what are the next things we have to focus on. story from industry is good. we learned how to get systems back up and bypass failed systems. sometimes we have to put people to run less efficient systems but we can get power back. i think there is both a good news story but there is still a lot we don't know. so against that, we're not going to be able to write a plan for everything that can happen. we need a plan based on consequences. we need better understanding of
8:13 am
duration of impacts that will shape guidance for state and local officials, dealing with power outages pretty much for cause of it. looking over time phrase with would be happening and what next steps are. a lot of lessons have been learned from natural hazards. the question on cyber is, how widespread and how many jurisdictions simultaneously will be impact. that is one difference that physical threat, earthquake, hurricane, we know the geographic area. with cyber it won't be defined by political or physical boundaries. that will be systemwide. that is another area we ask questions about. how dissimilar from the threat from geomagnetic storms. a ep detonation in space, largest potential impact to utilities. a lot of work has been done to minimize those impacts. mr. chairman i stand ready for questions. i want to try to answer your questions in my opening statements. >> thank you for your testimony.
8:14 am
before we move on i want to recognize ranking member of the subcommittee, mr. carson for his opening statement. >> well, chairman, thank you -- had hearing with the cia director. i didn't have access to my phone. i finally escaped i saw messages. my apologies. i think, mr. chairman for sake of time we should continue. i was one that was late. so thank you. >> thank you. we'll move on to assistant secretary hoffman. you may proceed. >> chairman barletta, ranking member carson, members of the subcommittee, thank you very much for focusing attention on importance of being prepared for an outage and for the opportunity to discuss the department of energy's role in helping insure resilient, reliable, and flexible electricity system, in increasingly challenging environment. our economy, national security,
8:15 am
even health and safety of citizens depend on reliable delivery of electricity. the mission of the office of electricity and delivery and energy reliability is to strengthen, transform, and improve our energy infrastructure to insure access to reliable, secure and clean sources of energy. we are committed to working with our public and private sector partners to protect the nation's critical energy infrastructure. including the electric power grid, from disruptions whether because by natural or man-made events including severe weather, physical attacks and cyber attacks. a crucial factor in meeting these challenges is to be proactive and cultivate what i call an ecosystem of resilience. a network of owners and operators, regulators, vendors, federal partners and consumers acting together to strengthen our ability to prepare, respond and recover. our organization works on in depth strategies, products and
8:16 am
tools to inform and educate state and local officials in energy emergency preparedness activity. this is done through forums, training, tabletop exercises that include federal, state and local energy officials. in the area of cybersecurity, as part of administration effort to improve electric sector cyber capability, the department of energy and industry partners developed the electric sector cyber capabilities maturity model. that is an evaluation tool that helps organizations prioritize and develop cybersecurity capabilities. in april doe will lead clear path four, in portland, oregon and washington, d.c. clear path is an inneragency exercise focused on testing and evaluating the energy sector roles and responsibilities with, and response plans utilized for cascade reduction zone, 9.0
8:17 am
earthquake or tsunami. when a response is required or needed the department of energy serves as lead agency for this response under the national response framework and under fema's leadership. the department of energy works with industry and federal partner to assess the impacts of disaster on local and regional energy infrastructure, coordinate delivery of assets, monitor and report on restoration efforts and provide situational awareness to key decisionmakers at the state, the white house and our inneragency partners. doe also provides strategic leadership by requesting and facilitating development of an energy information sharing and analysis center as well as the development of an electric sector coordinating council. this council is a group of leaders from across the electric sector that meet regularly with government to coordinate and share information. when power goes out, the local
8:18 am
utility is the first responder. should any threat or emergency exceed the capability of any local or private sector resources, the federal government and the electric sector through the council will engage coordinating a response for this type of crisis. congress enacted several important new security measures. this act affirms d.o.e.'s responsible and cybersecurity organization, development of a transformer reserve plan. in addition the fast act provides the secretary of energy with a new authority. upon declaration of a grid security emergency by the president, the secretary can issue orders to protect and restore critical electric infrastructure or defend critical electric infrastructure. this allows d.o.e. to respond as needed to cyber threats or physical threats to the grid. the department is actively
8:19 am
engaging in the process and procedure for implementing this new authority. the keys to strengthening resilience are not only better, are not only understanding threat insight and response but also through innovation. advanced technology and innovation in cybersecurity storage, micro grids, will also help the industry get ahead of these risks n conclusion the threats will continue to evolve but d.o.e. is working diligently to stay ahead of the curve, to accomplish this, we must invest in resilience, encourage innovation and use the best practices to help raise the sector's cyber and physical security maturity as well as strengthen local and senate response and recovery capabilities. thank you for your time and this concludes my remarks. i look forward to any questions you have. >> thank you for your testimony, assistant secretary hoffman. assistant secretary, durkovich you may proceed.
8:20 am
>> good morning, chairman barletta, ranking member carson and members of the subcommittee. my name is caitlyn durkovich, assistant secretary within the national protect shin sector in the department of homeland security. thank you for opportunity how npdd. leads security of our nation's infrastructure to support the federal government's preparedness for response to and recovery from all hazard events including the physical impacts of cyber incidents. i want to begin by acknowledging the electric grid is a top priority of this administration and the department of homeland security. it is also worth underscoring, as you will hear from our industry partners later, the grid by its very design is resilient. it is complex network of electric infrastructure networks that has built in redundancies and adapt to changing demand, climate and host of other factors. in the short the electric grid
8:21 am
has been engineered with one principle in mind, reliability. thousands of companies work together with the government to run the most reliable grid in the world. and while over 85% of the nation's electricity infrastructure is in private hands, the federal government recognizes we must work in partnership with industry to protect our grid because of its importance to national security, economic prosperity and community resilience. i have the privilege of working with industries that span 16 critical infrastructure sectors and can say with confidence that the electric industry take as multilayered approach to risk management and is committed to continuous adaptation based on lessons learned from real world events and exercises and understanding of dynamic risk variety. industry and government acknowledge however, we can not stop every threat and natural hazard and we must be prepared to respond to a range of events and their consequences. the federal government voluntary partnership with the electric
8:22 am
sector which is defined under the national infrastructure protection plan reached knew levels in 2012 following two important events. the first was report published by the presidential advisory committee, the national infrastructure advisory council in 2011, on the resilience of the electric and nuclear sectors and called for the most senior executives from industry and government to convene on a regular basis to craft a risk management agenda that was reflective of the increasingly chaotic threat environment. nearly a year later our country woke to the scenes of earthquake tsunami and subsequent failure at fukushima power plant in japan that put emphasis on the need for the public and private sector in the united states to come together to plan for a catastrophic national incident. for nearly four years now, 30 ceos representing the breadth of the electric power industry have comprised the electric sector coordinating council and meet regularly with their counterparts at dhs, d.o.e., and other members of the inner
8:23 am
agency to address growing number of sophisticated factors at that put our grid at risk. this risk management approach is focused insuring that the consequences of the most catastrophic events are minimized and value of our relationship is strengthened by identifying joint priorities, enabled by robust information sharing, continuous planning and regular testing and exercise of these plans. projects conducted through this partnership include action-oriented information-sharing around physical and cyber events including "heartbleed" and black energy. a 2013-2014 campaign around threats to substation recommended security best practices and importance of reporting suspicious activity. electric sector coordinating council playbook which is crisis management playbook to enable senior executives from industry and government to coordinate on response and recovery issues and work with the dhs and d.o.e. with the electric coordinating
8:24 am
council on efforts to institutionalize coordination with other life line functions. in addition to our work, dhs works directly with owners and operators help enhance their security and resilience posture. understanding dependencies and inner dependencies and state and local and tribal partners for range of possible scenarios. this engagement would not be possible without a cadre of security specialists around the country who engage with asset owners on regular basis to help them understand the risks posed by physical and cyber threats, perform assessments and share information to insure they are connected to the broader homeland security to include state and local officials. in ppd also works with partners across the government in event of a needed response to a major disaster or attack resulting in failure of the electric grid. nppd supports fema during response operation an helps understanding of infrastructure of concern in impacted area and
8:25 am
decision support in prioritizing restoration and recovery. as well as insuring resilience of communication infrastructure. during a cyber communication incident, nppd's national cybersecurity and communications integration center is able to coordinate with state, local and private sector partners including law enforcement and intelligence communities so that the full capabilities of the federal government can be brought to geir in cord plated manner. cyberemergency response team is the response component of the provides on sight support to private sector industrial control system and owners and operators n conclusion government and industry engaged unprecedented effort to assess and mitigate risks from cyber attacks and physical sabotage and natural disasters all which can result in disrupt the electric grid. the cyber and infrastructure protection agency, this
8:26 am
transition would elevate cyber operations and provide more comprehensive, more coordinated risk management support to our stake hold that's reflect growing convergence of cyber and physical threats. chairman barletta, ranking member carson and members of the subcommittee thank you again for the opportunity to appear before you today to discuss nppd's efforts to physical and cyber threats. >> thank you for your testimony. mr. campbell, you may proceed. >> my name is richard campbell i'm a specialist in policy for the congressional service, crs. on behalf of crs i would like to thank the committee for inviting me to testify today. my testimony will provide background on possible consequences of failure of electric grid, roles of selective parties an objective challenges in the recovery efforts. i should note crs does not advocate policy or take
8:27 am
positions on specific legislation. electric power general race to vital to the commerce and daily functioning of united states. while the electric grid operated historically with high level of reliability, various parts of electric power system are vulnerable to natural, operational or man made events. natural events include severe weather an even solar storms. operational events can result of failures of grid components or systems. man-made events would include actual attacks on the grid. the extent to which these events could damage the grid would depend upon the severity of the incident. much of infrastructure which serves the u.s. power grid is aging. as the grid is modernized new technologies utilizing two-way communication and other digital capabilities are being coordinated with internet connectivity. while they can improve the efficiency and performance of the grid -- >> mr. campbell, can you pull the microphone a little closer?
8:28 am
>> okay. >> thank you. >> while the advantages improve the efficiency and performance of grid may increase vulnerability of cyber attacks launched from the internet. in 2014 national security agency have seen indrugses into industrial control systems with apparent keepability to take down the control systems that operate u.s. power grids and water systems and other critical infrastructure. although there has not been a cybersecurity event resulting in a power outage in the united states, the potential still exists for system attacks across a wide scale, long-lasting outage. the first blackouts attributed to cyberattack happened in ukraine in december 2015. the attack targeted industrial control and righting systems at multiple regional utilities. other critical infrastructure was also targeted, apparently in an attempt to impair recovery efforts. a report released by the national research council in
8:29 am
2012 concluded while informed terrorists could black out a large region of country for weeks or even months, it said if such an attack occurred during times of extreme weather, hundreds or thousands of deaths could occur from heat stress or extended exposure to the cold. systemic attack of this sort could cost the u.s. economy hundreds of billions of dollars. recovery from a well--planned cyber and physical attack on the grid could be complicated by cost and vulnerability of critical components. for example, the strategic destruction of critical high voltage transformers could use up limited inventory of spare units. it may take months or years to build new units. the electric utility industry generally prepares for outages from weather-related events and uses potential for major cybersecurity attempt or security event as low probability risk. if it is a severe enough to be a federally declared disaster, people marks the federal
8:30 am
emergency management agency can provide financial assistance for local utilities companies for efforts. department of energy has new authority to order electric utilities and north nerc electric reliability corporation, nerc. to implement new security measures in the act. however, given the potential for damaged to the nation's economy from a major attack on the grid, some might suggest that the greater focus on recovery is needed and should become as much a part of the a grid security strategy as the efforts to secure the grid. a focus on recovery should consider the mutual dependence and implications to other critical infrastructure of on electric grid failure and how quickly such impacts could proliferate if not planned for in advance. congress may also want to consider how the grid of the future will address cyber and physical security concerns. incorporating elements to increase system resiliency as it develops will aid in reducing
8:31 am
vulnerability in the system. finally nerc has stated after major grid disruption, restarting generation and energizing transmission distribution systems will be a priority. prestoring service communication systems, fuel and water supply and treatment and hospital customers will be secondary priority. congress may want to consider how planning for subsequent restoration of services would proceed to insure all communities are kept informed and treated equitiably as possible. this concludes my brief remarks. >> first round ever questions, limited five minutes of. if there additional questions, following first round we'll have additional rounds. questions. as needed. and i will, i women start with administrator fugate, coo you
8:32 am
please walk, committee through a timeline of consequences that we could expect to experience in the event after large-scale and prolonged power outage which is result of a combined. what consequences quill state an local governments an residences get out. put my hair's hat back on. listening to a lot of the how prepared we are, what we can, what is typical, what is unlikely and what we're going to do but i'm not consequenced that we connected dots all the way down to local government. . .
8:33 am
>> i want to be prepared for
8:34 am
that worst case circumstance. so, for example, in the first few days there will be thousands of people stuck in elevators. hospital and other critical infrastructure will need fuel for generators. waste disposal may have serious problems. and at some point people may start to self-evacuate in large numbers. please walk us through that timeline of increasing consequences as the duration of this scenario increases. >> mr. chairman, first challenge, having actually had this happen during accidents where human error caused power outages, we don't know at first how long it's going to be out. and often times you're not aware what's happening outside. situational awareness will be key, because your initial response will not be any different. we've had numerous communities go through power outages, very substantial, that resulted in mass rescues and elevator
8:35 am
operations dealing with traffic control issues. commuter rail being knocked off of electricity. we've seen those. i think most communities that are doing effective planning, those are things that they will be doing almost from the beginning. what's critical, and this goes back to what my partners to the left will be focused on, is this a short-term duration, or is it longer. we faced this in florida, actually, when i was still in the state. we had power knocked out that was not occurring in any set pattern, it was occurring around the state simultaneously, we didn't know what was going on. next question was will this go into the night hours, because if so, the governor will call out the national guard for additional law enforcement support. again, you start focusing on immediate life safety, safety in your communities. because when you lose power, you have to provide a much more visible form of policing and give people a sense of safety in their communities. that's going to require more map power, more people on the -- manpower, more people on the streets.
8:36 am
my generators are now running, what systems are needed next in and this is important, a lot of communities do not plan for refueling in a crisis. and there are certain contractual things you have to have x those deliveries from suppliers may not be local. again, we were shipping fuel as far away as philadelphia back into new jersey and new york to provide gas. we found all kinds of regulatory challenges. but again, you start going, okay, my first steps, pretty much my emergency response. my next step is the next 72 hours. which of my critical facilities will start running out of fuel or are having generator problems. by this time we would, hopefully, have assessed this as a much larger event than local. we start mobilizing resources from the outside, generate arers, fuels, other -- generators, fuel, other things to keep those things on. electricity has got a lot of problems, but water and waste water are almost impossible to
8:37 am
make up the difference in dense populationsings. there's not a good way to manage that if those systems go offline for a matter of time. once i get past my 72 hours and i'm starting to talk my first week, now you start looking at what's the retail sector supply chain look like? florida learned this hard lesson that many of our gas stations, grocery stores and pharmacies now have emergency power or transfer switches because as we were dealing with power outages measured in weeks literally from hurricanes -- and some of our duration of outages went to almost a month -- we found that retail was doing a lot of things that we had to start supporting because they were bringing in generators, they were getting themselves back open. but we weren't doing it as a partnership. we actually found ourselves competing with them. so you really want to plan this. and i think most communities that initial response if they've got good plan, they have done this, or they are prepared to do it. it's once you get past 72 hours that i think they really need to start thinking through their plans; where are they going to
8:38 am
get fuel and where will being the next points as we saw with new jersey and new york. initially, it was the rescues and the trapped people, tough like that. a lot of people evacuated. but then it became the fuel, it became pharmacies, grocery stores. you started seeing cat decading effects. -- cascading effects. and those are the things that once you're past 72 hours, you need to start planning, okay, i'm out for a week, two weeks, three weeks. utilities aren't waiting. you're not going to get power back to everybody, and you are not going to get back particularly to your residential areas. can you get lotter back up and -- life support back up and running. it won't be easy, it will be difficult, but the thing is to continue to trade off. where can i make activities to buy more time to keep my population stable. evacuations, maybe self-evacuating where people have that option, they will, but
8:39 am
you won't see large numbers, because it's unlikely in widespread outages there's going to be places to go to. so, again, it becomes this time of stabilization, continue to look at the down-range impacts. what we're able to brick up where -- bring up where we prioritize that. but the reality is in almost all these areas including the cyber as well as the physical, residential areas are probably going to be the last ones to get that power. so can you get enough life support and infrastructure going to keep the supply hines open. your not going to have what the normal consumption rates are, you may have to do with what governor christie did and rationing gasoline. but this means you have to plan out not just the power went out, but now or what are the impacts of that as you go through time acts. and then hopefully this is what our partners are work on, to give you better information about how much time are we talking about before key systems come up. when will we get the final power turned back on. in the absence of information, i think that generates its own
8:40 am
problems. if we know it's going to be out for three weeks, we can plan. people are more resilient than we give them credit for, but the lack of information, that in and of itself -- i ran out of time, mr. chairman -- >> that's okay, because it's important. that's what i'm trying to get at is are these conversations and who's responsible for these conversations with people at the local level? this is an unknown. if there's a storm coming, a hurricane, an ice storm, we're prepared for that. we can expect -- we know it's coming, an earthquake not so. you don't know it's coming. but still, we have experience with that. but a widespread cyber attack with a physical attack attached to it is unknown. and who's having that conversation with people at the local level that we don't know? it could be out a week, it could be out longer than a week. you need to be prepared. and are those conversations actually happening? i don't, i'm not convinced that they are. and that's where the life will
8:41 am
be lost. and i think we need to begin to find out how do we connect the dots, who's responsible to having those conversations down at the lowest level of the people who will be first charged with trying to protect lives? i'm going to turn to ranking member carson for his questions. >> thank you very much, chairman barletta. madam hoffman, your testimony notes that the department's research and development activities with respect to developing space transformer components, what is the cost to manufacturers when we're making these alternative components, and has a domestic manufacturer been identified so that we can insure that there's no disruption to its prior usage? >> so thank you very much for the question. transformers are very critical
8:42 am
component to the electric sector that was, as was stated in the testimonies and some of the conversations earlier. with respect to transformers, the price of a transformer ranges anywhere between $5 million to $10 million. so these are significant components. so what do we need to do as we look forward, what is our research program or what are the activities doing, looking for dealing with the transformer issues. it's, first of all, looking at the spare components that, the spare transformers that industry has, and then industry's looking at having spare capacity on their system. we're also looking at how do we develop the next generation transformer which might be a transformer that you have the ability to produce more quickly and also have more standardization and flexibility. so that includes in our research component the development of power electronics and hybrid transformers.
8:43 am
our 2017 budget request has a very strong program looking at transformers which is about $10 million in which we're going to look at developing the next generation transformers as well as doing testing of transformers to make sure we understand any vulnerabilities that may exist. >> thank you. administrator fugate, in the event of a widespread outage, what are fema's plans for communicating with citizens on response and recovery efforts when there is essentially zero electricity? >> not much different than -- not much different than what we have faced in other significant outagings. we have a variety of tools. first of all, welcome within the emergency alert system, the radio stations, tv stations, many of these have emergency power. tv stations, partner radio stations, we can get signals in. in addition, if we lose a transmitter, this will be something we will be looking at in oregon. it's not uncommon that you're
8:44 am
going to lose radio, tv stations in the area of impact. but we work with the fcc for the non- impacted stations to get power to get the signal back in. that's why we encourage the idea of fm chips in cell phones, have that battery-powered radio. people need to receive it to get the information. but a part of this is going to be where the information's coming from. we are going to be working through the governor's office, because governors and their teams are are going to be the best information at the local level. our job really on the federal side is to provide the backup and tools required. and we're prepared to work with the fcc and broadcasters to get signals from the outside. in addition, we have gone as far and we did this in the sandy response, bringing in satellite communications and set up wi-fi in some of the areas that have lost some of the cellular communications. but we have another backup, and self-disclosure are, i am an amateur radio operator. i think sometimes the more we look at the complexity of our risk, we forget that we have some very resilient systems that
8:45 am
aren't part of government, but they are often times the last thing running when everything else has failed. we look at our systems and satellite technology working with non-impacted stations how to broadcast in, amateur radios are all part of that. but it's important that people take the steps to be able to get the information when we can get the signal in, and that's why it may seem very passe in an area of streaming everything that a battery-powered radio may be that lifeline and communication link to get information. because we have seen even in a large scale like katrina, stations outside the area could broadcast in, but you had to have a way to receive the information. >> and lastly, madam durkovich, have our systems been identified so we have a clear comprehension of system dependencies and even cascading impacts from a widespread power outage regardless of the cause?
8:46 am
>> thank you very much for that question, ranking member carson. we work very closely with the utility owners, with our partners at doe as well as nerc and ferc to understand the most critical aspects of the electric grid. we have a number of programs that we leverage to help assess the vulnerabilities of these particular assets and to work with owners and operators to help enhance the security and resilience to provide recommendations. but equally important, as you will hear later from jerry cauley who's the president and ceo of nerc, we have a series of standards that are intended to guiled the security -- to guide the security of some of these most critical assets. increasingly, within my office, we are working to better understand the dependencies is and interdependencies on some of these critical energy assets to
8:47 am
be able to visualize what a outage is, the impacts it is going to have to other key lifeline sectors and to be able to provide that information as leaders to include administrator fugate and those of the utilities are working to get power restored. thank you. >> thank you, ma'am. chairman, i yield back. >> thank you. chair recognizes mr. meadows for five minutes. >> thank you, mr. chairman, for this important topic. i think this is one of the interesting aspects that i get asked about more than anything else. let me be tell you why i'm a little bit troubled here today, is that i hear a lot of rhetoric that acts like we have our act together from a federal standpoint when really the vast majority of the job that gets done is really with the stakeholders, with those public utilities that for years have
8:48 am
been prepared for mass outages. but perhaps the scope of the threat, the cyber threat -- and when we're talking about mass outages, you know, we can talk about hurricane sandy, we can talk about, you know, other storms. they're used to that. i'm just telling you, i used to work for an electric withdrew tilt many years ago -- utility many years ago. i was around when the doe was actually formed. so when we look at this, to suggest that the federal government is here to help, i want to make sure that you're helping. and the chairman talked about the real communication that's being done. the real communication that's being done is really being done by the public utilities at the local level. if any is getting done, you know? it's crickets when it comes to the the other federal agencies as it relates to this. now, i say that as a criticism only because we have to figure out that we're sick before we
8:49 am
start to figure out the diagnosis and how to fix it. so let me ask assistant secretary hoffman for your help on one particular area. in your testimony you were talking about national security and how you can reprioritize and make sure that those national security interests are supplied by public utilities or governmental agencies. here's my concern. many of our national security interests actually have their own generating and own distribution capacity. and yet i find them woefully underprepared for cyber attacks. you know, some of them are primary meet herred at the point of entrance -- metered at the point of entrance. they do the distribution. so as we look at this, what kind of turf war do we get in between dod and doe with regards to being ready for a cyber attack that would have national security implications?
8:50 am
>> thank you, congressman, for that question. be when we deal with any sort of event, we are going to act as a whole of government. so whether -- >> but who's in charge? he's the problem is, and i've dealt with a number of agencies. so we get fema that comes in, and we get local emergency management responses. and what you have is you have different people saying different things. so with regards to national security, who's in charge of the power grid? is it doe, or is it dod? >> the owners and operators are ultimately in charge of the power grid. the support to the power grid is going to come both from doe with respect to working with the owners and operators to restore power. do to -- dod has responsibility with respect to national security and protection. so from a physical security perspective, we may look at law enforcement to help with the utilities to protect substations. it depends on the event, but the
8:51 am
response will be coordinated. >> all right. so you have a plan, a coordinated plan that i could look at today on how that would happen. >> so for -- >> that you can give to this committee. in terms of -- because here's what happens is, is most of the time an event happens, and then you go out and figure out the problems, you know? mr. fugate was talking about the fact that we learned lessons from each event that we have. but the problem is with a cyber event as we're looking at in the ukraine, you know, here we have an outage to over 200,000 people where it was cut off. but the real problem is they were in the system for almost six months, and we didn't know about it. so i guess the question is how many times are we getting attacked, and are they in our systems without our knowledge? >> well, you bring up a good point, congressman, thank you. but the issue is every event and every incident, as administrator fugate brought up, is going to be different. and we're going to have to think
8:52 am
about the capabilities. when somebody can take someone's access credentials, we have to think about that and look at that as an industry. so we're taking the lessons learned -- >> that's more of a physical threat. i want to go back to the cyber aspect, because what we're doing is -- and i heard ms. durkovich talk about this, is we're looking at risk management. and really what we need to start to focus on is a real comprehensive plan on how we're going to partner with the private sector or public utilities on doing this. because what happens is we get a little check box, and we say, well, we've gone, and we've talked to x, y, z, and we've asked them to make sure that they are vigilant about cybersecurity which most of them are. but yet what happens is, is we don't have a comprehensive plan at a federal level to look at how we can support them in the event of a national attack that would come in the way of cyber. so i'm, you know, i'm not talking about storms, i'm not talking about stealing a credential. i'm talking about the real
8:53 am
attacks that we get hit with every single day. do we know, have we done a risk assessment where we have intelligence, and have we shared that with the public utilities? because a lot of times we have this national security concern that we don't want to share that with an outside, you know, group because of national security concerns. >> so you bring up -- thank you. you bring up very good points in your discussion. first of all, we follow the national response framework. as administrator fugate talked about, regardless of whether it's a physical, cyber or weather-relateed event, we are going to act as a whole of government in responding to that. with respect to your question on intelligence, we are sharing information with the private sector. dhs and doe regularly host classified briefings with the private sector to share actionable information. and that is the information that the utilities are able to take back and really do response force. with respect to specific events such as the ukraine incident,
8:54 am
ics alert has provided very specific actionable information. doe, working with the electric sector information-sharing and analysis center, has provided actionable information to the industry to learn from these events and prepare. and that's what's important. each event is going to be different. we have to take those events and learn from them. >> i've run out of time. i'll yield back, mr. chairman. thank you for your patience. >> thank you. chair recognizes mr. de blasio for five minutes. >> thank you, mr. chairman. i regret i had to to step out to go to a hearing upstairs. we should, the committee should lock at not scheduling hearings in different subcommittees at the same time. administrator fugate, i think you made a number of excellent point, and when you talked about being a ham radio operator, obviously, that is a potential backup. i was recently in japan, and one of their greatest regrets is that they didn't have enough deep ocean sensors, and they
8:55 am
underestimated the size of the sue tsunami. and they did manage to get out a warning with that original estimate before the electrical grid went down, and they had no further ability of broadcasting and warning people. therefore, many people sheltered in places that actually were below the crest of the tsunami and died. so they have now moved to a cell phone-based system and required resilient cell towers to be built. are we looking at anything like that here in the u.s.? >> yes, sir. part of the charge you gave us in the fcc was to develop wireless emergency alerts which, working with the carriers, we actually implemented faster than we thought. right now every cell phone being manufactured today is required to be able to transmit a wireless emergency alert, part of the emergency alert system. tsunami warnings are built into those. so if there's a triggering event, the originator for that
8:56 am
will be the national weather service tsunami warning centers, in the case of oregon, it's going to be the alaska warning center. it would go out. it is geo-coded to the areas of impact, so those counties would get their notifications over their cell phones. you cannot -- you don't have to opt in, you don't have to sign up. the only thing you can do with a cell phone is turn it off and not get the alert. a assume namemy alert -- tsunami alert would be issued and go out. one of the challenges, it's hard to get the magnitude of the tsunami, so the evacuation zones pretty much have to be what's the maximum risk, we've got to move now. a phased approach, we generally don't have time, particularly with cascade ya, it's too close to the coast. if you feel shaking, you've got to move to higher ground. even with a warning, you only have minutes to move. but the cell phone system now as soon as the weather service issues a warning, it will get transmitted to those areas.
8:57 am
we've actually seen this occur already. but it has answered this question of what will wake people up in the middle of night, and your cell phone buzzing and humming and making strange noises was the whole purpose of the wireless emergency alert system. >> and when a phone's manufactured after what date were required to have that, do you know? >> it started, i believe it's -- i'd have to look at the last date, but it's been the last -- 2010, 2011, that all new handsets. apple, the ios was the last of the handsets to incorporate this in. and so pretty much all the new handsets now have this. and as we see the replacement cycle of cell phones, we're actually now in third, fourth, fifth replacement cycles, so we're getting good penetration with those systems. >> that's great. i've actually been on an airplane where we were held on the ground because of thunderstorms, and everybody's cell phone started buzzing as they had a tornado alert or something, i can't remember what
8:58 am
it was. >> yes, sir. >> so that is great progress. to the honorable ms. hoffman, just on the issue i raised earlier, you know, the transformer issue. it does seem really critical, and they are very expensive. they are cumbersome, hard to move. but, i mean, where are you at in evaluating the potential or possibility of having some, you know, backup or replacement transformers in a strategic reserve? you're analyzing that that, or e are you at in that process? >> thank you very much, congressman, for the question. the transformer reserve plan that was required as part of the fast act is in progress. we have contracted with oak ridge national laboratory to do an assessment with respect to transformers. the transportation issues, my sort of where they would be --
8:59 am
any sort of where they would be placed, volume inside. as you are well aware, the transformers in the united states are quite unique, and we have to also look at a power hell process for how do we -- parallel process for how do we look at additional manufacturing. we are in the process of assessing the transformer manufacturing in the u.s. doe has several reports out with respect to transformer manufacturing. there are several manufacturing entities in the u.s. including georgia transformer, abb, ge and hyundai. those are the transformer manufacturers in the u.s. is that enough capacity we need? i would say we need more capacity with respect to transformers. so it's important that we continue to look at a transformer-sharing program. so we are in progress and on target to meeting that deliverable for the committee. >> so what was the timeline that was established for the -- >> the timeline that was established in the fast act was one year from enactment, so it
9:00 am
would be due in december. >> okay. great. are you aware whether or not the regional power administration, the bondable power administration is, you know, are you working with them? because they, obviously, have most of the, are interlinked in some places with private but for the most part provide for the, you know, power transmission and high voltage power transmission. and half of that, well, part of it is dc. so we actually have two different sets of transformers. >> so thank you very much for highlighting that. yes, we are working with the power market administrations. they are a core asset to the department of energy as well as a core asset to the electric infrastructure writ large. so they are a very important part of the conversation. as required by the fast act, we will do consultation with industry and with experts in this area. >> okay, thank you. thank you, mr. chairman. ..
9:01 am
the fast act recognizes the criticality of these transformers as well as the need to assess where are we at with respect to any sort of need for a plan to develop a plan for transformer spare capacity. so what this means is really evaluating the spare capacity in the united states, the ability to transport transformers. so we should have a transformer stockpile, if necessary, where
9:02 am
it should be located. because of the different sizes and dimensions of transformers. part of the plan what we're looking at with oak ridge national laboratories, with industry is assessing a number of transformers, the size of transformers meaning to different voltage classes, and where the transformers could potentially be needed to be located because of transportation issues. the industry has had discussions with the class a railroads and look at the transportation of transformers. you may not be aware but a lot of substations are in very remote locations. so really the criticality and some of the time is not only manufacturing the transformers but it is the transportation of those transformers to a location. >> will you be considering a timeline for manufacture of transformers in the study, and when can we expect the result? >> yes. we have started looking and have
9:03 am
had several reports out with respect to transformer manufacturing. those were on the always website, but the result will be included in the report in december. >> to discuss calls for reimbursement a new report? >> part of the request is to look at policy implications and the cost and financing of that. we're going to work within the department of energy with our energy policy and systems analysis group and this is what are some of the financial implications to developing a transformer reserve. >> thank you. in my opinion the epa continues to overregulate the energy industry. and with that i don't think they have the ability to determine or examine the requirements. mr. fugate, i'm sure you are aware based on what i had her as of december of 2015, we are retiring of duty epa policy,
9:04 am
retiremenretiremen t or converting 81,423 megawatts, or 499 units based on regulation. has fema done an examination of how the epa regulations affect the grid and the capacity? are you interested in doing that? even with the capacity is that you know the ramifications of the loss of the 499 units and the 81,000 plus megawatts? >> be honest we really depend on our partners and dhs that do that. we are not subject matter experts. we determine for our infrastructure protection what that means and what the effects are. having come from florida i will tell you as we've seen these types of changes, using dependency move from coal-fired to natural gas to peter units. we had to start point for what happened there. unique expense of having a natural gas pipeline saturday to
9:05 am
lightning strike knockout of a natural gas to southern a part of the state. we realized we had a tremendous dependence on natural gas peaker units. we were fortunate we had moderate weather. >> if i could just -- i got a limited amount of time. so if the marketing it to go, we are getting, which part are you getting that information from? who is assessing the effect of the regulation, the loss of capacity and the timing of that loss? who's doing that other partners speak what i would depend upon my partners to the left. we look at image as a function of government. there are numerous part of the regulatory and response structure your we concentrate -- >> with all due respect to ask your partner to your left, are you tracking that? >> thank you very much for the question.
9:06 am
the department does look at reliability implications with respect to any sort of master change. with respect to the clean power plan, it is really going to be as the states develop their implementation plans. the assessment will occur with the regional reliability entities and independent system operators where they will coordinate and understand the reliability impacts. >> you don't know what it is up front are you don't assess that it occurs? you don't know so many plans and so much capacity is leading in ohio or pennsylvania or alabama? you don't know that in advance and make an assessment of the potential risk that is involved? >> so thank you. from a wide spread reliability point of view, d.o.e. believes the clean power plant of the regulation will not have any widespread reliability impacts
9:07 am
but the specific -- >> hold on. with the chairman intelligence, you believe that but deeply that because you have empirical data to support that or you believe that because somebody is telling you that or you believe that because you don't have any reason to disbelieve it? >> the utilities will work hard to ensure reliability of the system. our past experiences as any sort of reliability concerns come up, they're a strong coordination within the industry to address any sort of reliability impacts. >> if you thought there was going to be a reliability impact based on the regulation and the capacity reduction that you would essential exonerate or waive the requirements for a period of time to make sure the capacity remains? do you have a policy to do that or is it a thought to that? what is your point you to come up against something that doesn't comport with what you think it should be? >> within the clean power plan
9:08 am
the states as they develop their clean power plan, their state plans, they will be courting dating with the reliability entities, the isos and the rto is looking to any potential blood build applications. >> how does that work? i look in a multistate organization, it's not state-by-state. it's multi-states that all feed into the same grid. how does one states plant affect another? who coordinates whether reliability or capacity issues in that regard? >> states are required to coordinate with pgm, and pgm has and will continue to be reliability analysis for the region. >> thank you, mr. chairman. i appreciate your indulgence. >> chair recognizes mr. sires. >> thank you, chairman, for holding the string, and ranking member. i represent the eighth district of new jersey which got hoboken and some of the other areas which have hit very hard by
9:09 am
sandy. ever learned anything about -- if i learned anything about our infrastructure is how unprepared we were for storm or anything else. and there's plenty of blame to go around everybody always point to the federal government but reality, states could do a lot of things at do a lot of things at the local to do a lot of things and the power companies could do a lot of things. i always think tha of the exampe that i gave this was before, as an example, there was a generator in a flood zone, and the power company was protecting it with the chain-link fence. so when it flooded, obviously the chain-link fence did not hold the water back. what i'm trying to get at is, these are the kind of simple things that we can do to protect this particular transformer. the other thing was in terms of,
9:10 am
you were talking about another regard. on account we have plenty of gas, quite frankly, but they couldn't pull it. so a simple thing -- pump -- move the gas from the containers to the people. i mean, it would have sufficed. so when i say to you that everybody shares the blame in this, i just hope that we have come from the sandy far enough to learn some of these mistakes, and we are correcting them. mr. fugate, will you please tell me we've come a long way from where we worked speak what we have come a long ways. we haven't gone far enough. you point out what i see as the real challenge in which cyber highlights.
9:11 am
the tendencies to plan for what we are used to dealing with, not for what can happen. again as you point out we put a fence around a generator in a flood zone. the raising of a generator is if the power goes out, one of the likely power outages issued at a coastal storm. you're more concerned that somebody breaking in and damaging the transformer. that's the trap to fall into. this is what the chip is raising. cyber is due. a lot of the things will not be new in response to the consequences that if we don't know what we are planning against we may run the risk of only planning for what we've been used to having, meet -- maybe disruptions that are strictly local and not plan for what could happen and plan against it. as you point out we try to promote these lessons, but it seems to again be one of our challenges. how do you get people to change? let's talk about gas stations. that's a private entity. putting in a generator is a cost. you can ship a generato generat, does a workable because most of
9:12 am
those utilities were run underground and it's hard to get a generator hooked up to it. iin some states they put in incentives that gas stations would be required to put in a transfer switch. it was a good compromise. that what they did lose power we could ge get generators in thei, hook it up and podcast. this is where we've got to be careful. it's easy to say this is the fix, and to ask to thank for. this is the trade off of what would make sense either through incentives, tax credits, oversight to get these changes. i can't ask a business to lose money if their other partners or competitors are not doing the same thing. at the same time, you've got to put a generator in every gas station. that's not also nestled a great idea. of putting any transfers -- transfer switch was a good lesson. we plan for what we have experienced in the past, and that doesn't always scale up for the future impacts.
9:13 am
we have put the information out there but the receptiveness of that audience is oftentimes based upon do they perceive as a threat as applying to them. as you know, we talked about hurricanes and hurricane evacuations. most people said we don't have hurricanes. we have nor'easter's. it's getting people for plan. in many cases we know this impacts our but it's a chance of getting people to plan for what can happen, not what they are prepared to do based on only their past experiences. we don't have a lot of experience with cyber. part of this is what are we planning against? and then what would we do differently? if that requires resources, where are those resources coming from? >> i also think that we have to be prepared post and he or, because when the issues we still problem with new jersey people are still out of their homes years later. to me that's unacceptable to or
9:14 am
three years later that we have these issues where people come with insurance, with the valuation of the property. i mean, somehow we have to be prepared for some of these things because impacts real people. >> it does. our experience is coming out of hurricane katrina five years after that we still have 5000 families living an in traveled o because we did have the right answers. building after disasters time-consuming, a lot of hurdles. i agree it is ideal to get people back in their homes as quickly as possible that requires a lot of things that go beyond even some of my progress. it's really as you pointed state, local -- >> sorry. not putting the blame on you. i'm also putting the blame on the locals and a state that we should prepare for any of these storms or whatever we have. thank you, mr. chairman. >> thank you. chair recognizes mr. massie. >> thank you, mr. chairman. i'm going to yield as much of my time as he might consume to the
9:15 am
children from north carolina. >> i thank the gentleman from kentucky for yielding. ms. hoffman, i want to follow up on one thing because as you talk about the transformers and having these backup transformers as the redundancy. one of my major concerns is that decisions that get made by d.o.e. or dhs or fema all of a sudden what we did is we transfer that liability to others better providing service. right now all utilities have backup transformers, primarily for distribution purposes, but even for larger transmission related transformers and switches. however, if you're going to make a decision, it directly impacts rate holders for two reasons. if they are having to have
9:16 am
$10 million transformers sitting there, i don't know that they can get a return on that investment necessarily. if you start to extrapolate that out, if it's not in service, it's kind of like generating capacity, there's a certain length of time they have been noted to bring that online so that they can get a return. ultimately, it affects the ratepayer. anything that you do. we start to look at the security implications of what i would encourage both of you to do is look at it as we went from fema, is that it is a federal redundancy that is required, not the redundancy that needs to be done by utility to you to delete to utility. do i have that commitment you look at it as a federal obligation versus a private obligation? >> yes, congressman. thank you. >> icu nodding your head. for the record both of them said yes. let me finish with one other i
9:17 am
guess concern when we're talking about sharing and a classified setting with the stakeholders. have all the utilities are dissipated into a secured setting where you have let them know of both the threats, potential and real threats that we already have experienced? so you were saying that we have done that and a classified setting, and i just find it interesting. i'm not challenging you but i want to drill down on that because i don't know of too many, you know, maybe the big utilities but there are hundreds of utilities. so they come into a classified study and said this is your risk, this is where it is. that's your testimony here today? >> so thank you for that question. information sharing occurs at multiple levels. we do of classified information with the electric sector coordinating council which is a 30 ceos that comprise the whole sector.
9:18 am
so they are investor-owned utilities, municipals, co-ops to participate in that information sharing, that classified information. in addition we have had one day weekends were we brought a larger section of utilities in did you classified information sharing. we have done that. dhs has done we general information sharing, meetings where they have had opportunities to bring folks and and information. so it occurs on multiple levels. have we hit every single one of -- >> i'm not saying, i wanted it to be system and because i will yield back to my good friend from kentucky here in just a couple of seconds but i want to make sure i'm clear. as we get the stakeholders, ma what i wanted to be is more than just a box that we are checking all. i want dvi. i want all of the groups that are there to buy in and say we have a plan -- eei.
9:19 am
we do it for mass outages extend and other hurricanes. we haven't done that i believe adequately as it relates to cyber. to have both of you commitments you will double your efforts to include domestic oldest? >> yes, we will. one thing i would say codified so we are doubling our efforts is the great ex-exercise that happens between industry and utilities where we are exercising them. >> i will yield back to my good friend. spent i just have a brief question that occurs to me during mr. meadows question come which is of this class of information, if we sought to get a refund that what you make yourselves available in a classified setting for us as we contemplate what sort of legislation might be necessary? >> yes, we would be glad to have a briefing with you. >> is that the case for everybody? >> yes, sir. of course,.
9:20 am
>> mr. fugate? >> i would originate most of the data but most of the regulation of classified information would come from my partners to the left. >> understood. thank you very much and i yield back. >> with respect to time for our second panel, we are going to move on and i think if i can summarize, and i thank you all for participating today. i think if i can summarize, mr. fugate, that play for local and state governments needs to be in terms of weeks, not days. and that's important because that's the first time i've actually heard what we need to begin to look at in the event of an attack. to get i want to thank you all for your testimony. your comments have been very helpful in today's discussion. we will now call on our second panel. [inaudible conversations]
9:21 am
>> i remind you of the subcommittee's request to limit your oral testimony to five minutes. mr. cauley, you may proceed. >> good morning, chairman barletta, ranking member carson and members of the subcommittee. glad to be here today. my name is gerry cauley, i'm president and ceo of the north american electric reliability corporation, a nonprofit overseeing the reliability and
9:22 am
security of the power grid in the united states, candidate and a portion of mexico. we have authority to sign by congress to develop and enforce standards affecting rely but as hud of the grid. and authorities overseen by the federal energy raiders were commission. we can all the great electricity is the most critical lifeline sector for national security, for other lifeline sectors like finance come water and transportation for the economy and for public safety. everyday we are reminded of the sisters of our job related to security in the great. there have been terrorist attacks in france and indulgent and even your domestically. there have been attacks and data breaches across various industries and across government. of particular relevance to our grid on december 23, 2015, there was a cyber attack in the ukraine which was launched against redistribution companies in which the perpetrators gained control of the redistribution companies and for able to put
9:23 am
out the lights for 225,000 customers for up to six hours. a team from the u.s. went to investigate that incident in the ukraine including a member of the nerc the staff. what i can tell you is cyber threats are real i think we're very different situation in the ukraine as compared to what we have in the united states, north america. our security controls in north america are very different. we are the only industry with mandatory and enforceable reliability standards affecting physical and cybersecurity. we are currently in the fifth generation of our cybersecurity standards. they are risk-based standards based on nist type control so they are adaptable. we have a very robust compliance monitoring and enforcement program. system operators use modern
9:24 am
controls to ensure the security of the system, including separation of corporate and business systems from control systems. physical access controls, patch management, aggressive threat hunting and mitigation, and employed contractor training and many other measures that they take. we've established the electricity sector carnegie council as we heard at the highest levels of industry and government including ceos and top officials from government. ceos and boards of our companies take security very seriously, and security as one of their highest priorities on a regular basis. out information sharing and analysis center, the i suck, provide robust information sharing regarding physical and cyber threats. engagement of issued leaders we've gone through a review and upgrade of the capability of the isac which is closely integrated with acidity operations and
9:25 am
information sharing at individual companies as well as state fusion centers and other sectors. we also operate a tool called crisp which is way to monitor the electronic internet traffic tiki sites around the industry and compare that traffic to threats and vulnerabilities that we are unaware of the worldwide, and warned of utilities about issues they may be experiencing in real-time. in the unlikely event of a successful cyber or physical attack, i believe that we are well-prepared. ferc and nerc complete a study of the restoration and recovery capability plans and doesn't exercises of nine major companies in industry and that report is available publicly and is posted on the nerc website but it demonstrated the preparation is there and that the plans have been exercised.
9:26 am
as you heard before on november this past year nerc led by whati believe is the largest grid security exercise in the world. called great ex-three. over 400 entities in north america anticipated, over 4400 registered users an and in my estimation it was probably closer to 10,000 actual participants. a distributed play portion, this is where we are an essential component place and we inject the attacks outward into the power companies are actually engaged in the exercise locally in the own control centers come in the own substations and power plants. they received information from us. that portion of the exercise, i apologize for my voice. just getting over a cold. that portion of the exercise lasted two days. on the second day there was an executive tabletop which but altogether for senior executives from industry and government.
9:27 am
the scenario concluded cyberattacks, physical attacks including active shooters, truckmounted explosive devices in unmanned surveillance drones. this hypothetical event was extreme and it was intentionally extreme to go beyond our capability and to test the system. really the point was to find out what can we learn and what do we need to do to improve. during the distributed play exercise we caused outages on a similar fashion. no one was controlled are affected but we simulated 5 billion customers who were out, entering the executive session to invoke all the policy questions at the national level that we are looking to pull out. we have 15 million customers out, and the outages are projected to be extended for weeks and even into months to really push the question that the chairman is trying to raise today. participating entities worked through their emergency procedures. they had extensive contacts with local law enforcement and first responders. actually those local government
9:28 am
officials and first responders did participate in the exercise. we had in the exercise we have the white house, dhs, d.o.e., the department of defense, cyber command, nsa, fema and illinois and wisconsin national guard are some of the players who participated. a number of key takeaways were to make sure that we were able to better coordinate between industry and government in terms of the situation assessment. and what do we communicate to the public. it would be a constant race with regard to information to the public. we all kno know social media avs are very quick and we want to make sure we're getting reliable information out to the public. we are focused on ensuring unity of effort and unity of scale it we can resolve all of our resources from both industry and government together. looking forward i would say in this exercise we will continue
9:29 am
to expand the role of state and local governments and participants in the exercise to make sure we could exercise some of the things that chairman is looking to get come which is how do we engage, inform and set expectations. i look forward to your questions. >> thank you for your testimony. mr. spencer. >> good morning. my name is william spence, president and chairman and ceo of ppl corporation to we deliver electricity to more than 10 million customers in the u.s. in the uk. beyond my roll overseeing ppl's operations also on the e. i committee on reliability and business continuity. also a member of electricity subcommitsubcommit tee, or subsector coordinating council that you heard about earlier today. they serve as the principal liaison between the federal government and electric power sector to protect against cyber threats to the nation's power grid. protecting the nation's power grid as your earlier is not on a
9:30 am
topper of the federal government councils which operated for the industry. we have a strong record of working together closely in all kinds of disasters and storms. along with th the government partners to identify, assess and respond to all threats. the electric sector takes the defense in depth approach to protecting great asset for this includes three key elements. the first is a rigorous mandatory enforceable and regularly audited reliability standards. course -- close quotation among industry and with government partners at all levels. and thirdly, efforts to prepare, respond and recover should power grid operations effect. our industry already maintains hundreds of spare transformers. i do believe that came up earlier but you should do with it. in addition we just launched as an industry a new project called
9:31 am
grid assurance. undergrad assurance many of them major utilities in the sector are coming together to establish regional centers but we will not only store a spare transformers and other critical equipment necessary to quickly recover the power system in any type of event. among all the critical infrastructure sectors you should know, the electric sector invest more annually than any other critical infrastructure sector. last year alone we invested more than $100 billion. regarding security standards and regulations, we are subject to nerc's reliability standards. entities violating -- found violating these buildings face up to $1 million a day. our interest is the the only industry subject to these mandatory federally enforceable cyber and physical standards. the industries also implement the requirements for physical security as part of a broader
9:32 am
suite of nerc standards and using voluntary standards as well to drive improvement. secondly, we're coordinating close with the federal government, sharing threat information between the government and industry to protect the great. according to the national infrastructure advisory council, the electric power sector is viewed as a model for how other critical infrastructure sectors can more effectively part of with government. our intent is to keep it that way. the electric subsector coordinating council brings senior government and industry executives like myself together with agency officials to improve sector wide resilience against all-hazards and potential threats. that the fcc at our electric information sharing and analysis center offer programs like the cyber risk information sharing program which we share information on potential threats. this isn't anywhere think the federal government has been helpful to the industry allow us to utilize proprietary hardware and software that was developed
9:33 am
at the national lab and is now helping to protect the grid. we now have over 75% of u.s. customer base covered industry participation in this critical program. the escc is all focused on several key areas including planning and exercising responses. the last exercise was a combined cyber and physical threat. we are ensuring rapid threat communication amongst shareowners and stakeholders, also developing government help technologies on electric power systems that improve situational awareness and cross sector coordinatcoordinat ion. last but not least we're focused on incident response and recovery efforts. electric power companies plan and exercise for a broad range of potential threats. we share crews and equipment in times of trouble and we drill for potential emergencies. for our part, ppl is actively engaged in ppl is actively engage an industry effort i've highlighted in pursuing an
9:34 am
aggressive offense and best approach to protecting the power grid. thank you and i look forward to your questions. >> thank you for your testimony. >> chairman barletta, ranking member defazio and all members of the committee, thank you for inviting me to testify today on our electric cooperatives manage the consequences of a power outage. regardless of the cause getting a restored quickly and safely requires advanced thinking and planning. my name is bobby kilmer and am testifying on behalf of claverack rural electric cooperative and the national rural electric cooperative association. claverack delivers electricity to member owners at over 18,000 locations in rural northeastern pennsylvania. we have low consumer density, averaging less than six consumers per mile of line and was are primarily residential accounts. we are one of pennsylvania's 13th electric cooperatives, and our distribution system is not directly connected to the bulk power system.
9:35 am
the national rural electric cooperative association is a service organization dedicated to representing the national interest of electric cooperatives and the consumers. we represent more than 900 not-for-profit consumer owned rural electric utilities that provide electricity to over 42 main people in 47 states. electric co-ops are accountable to the consumer members. those same members oh and govern the co-op store locally elected board of directors. electric co-ops reflect the values of their membership and are uniquely focused on providing reliable energy of the lowest reasonable cause. responded to power outages is a major part of our business. assessing the situation, knowing who to call in determining how to proceed is imperative, and it requires coordinate efforts in the public and private sectors during major events. one of the seven principles of the cooperative business model is cooperation among cooperatives. this cooperation is integral to our emergency planning and
9:36 am
response. in pennsylvania the electric cooperatives statewide association plays an important role in emergency coordination. electric co-ops have new agreements between one another so that during a major event the process of securing additional crews and resources to simplify. there's also a national cooperative database which facilitates cross state mutual assistance. as i noted in my written testimony this network help our statewide secure crews from state pashtun florida to assist us in the restoration following hurricane center. also important are the relationships we have with state and local government agencies. during major events our association is in regular contact with the pennsylvania public utility commission in the pennsylvania emergency management agency. the statewide communicate outage information as well as requests for assistance and other governmental divisions on our behalf.
9:37 am
locally we are in touch with her county emergency management agencies. we advise them of outages in their countries and expected restoration times. this allows them to coordinate with other organizations like the red cross to set up services such as warming shelters but we have close relationships with local police and fire departments. along with other agencies and utilities we persist in tabletop exercises which simulate emergency scenarios and strengthen our community networks. communication with our members is important. we always provide the option to speak with a live customer service representative. we use outgoing telephone messages, informational postings on our website and social media, a jewish radio and television broadcasts which could be used even in the event the internet is down to keep members and the public informed about outages. we test our business continuity and disaster recovery plans annually, and we have plans in

15 Views

info Stream Only

Uploaded by TV Archive on