In May, the House and Senate Appropriations Committees approved legislation providing fiscal year 2019 funding for the Department of Energy (“DOE”). Both the House and Senate versions of the funding bill include significant cybersecurity funding components aimed at addressing emerging cybersecurity threats to U.S. energy infrastructure.
On April 11, the Senate Appropriations Energy and Water Development Subcommittee held a hearing on the fiscal year 2019 DOE budget proposal. In his testimony, Secretary of Energy Rick Perry acknowledged that “among the most critical missions at the Department is to develop science and technology that will ensure Americans have a resilient electric grid and energy infrastructure. Protecting this infrastructure means it has to be resilient and secure to defend against the evolving threat of cyber and other attacks.”
On May 24, the Senate Appropriations Committee approved its Fiscal Year 2019 Energy and Water Development Appropriations bill (S. 2975), which includes funding for the DOE’s cybersecurity programs and initiatives. Notably, the bill recommends $260 million for the Office of Cybersecurity, Energy Security, and Emergency Response (“CESER”), which is $164.2 million above the amount requested in the President’s budget. The Committee’s report also includes certain policy directives accompanying the funding recommendations. In recommending $81 million in cybersecurity funding for Energy Delivery Systems, for example, the Committee expressed its support for the “extension of cyber risk information sharing tools” and the continued investment in power system vulnerability research initiatives. The report also highlights the Committee’s focus on agency crosscutting initiatives, including a “Cybersecurity Crosscut,” which directs DOE to “develop a plan that integrates all of the Department’s cybersecurity research, development, and deployment investments.”
The House version of the bill (H.R. 5895), approved by the House Appropriations Committee on May 16, provides $146 million for CESER, $50.2 million above the President’s budget request, but $114 million less than in the Senate bill. In the accompanying Committee report, the House appropriators echo their Senate counterparts’ focus on risk information sharing among public and private stakeholders, as well as the need to provide additional dedicated research and development funding for energy delivery system cybersecurity.
While the full House is expected to vote on a package of three appropriations bills, including H.R. 5895, as soon as this week, it is unclear as to when the Senate will consider S. 2975. We will continue to monitor the bills’ progression and provide updates on any significant developments.