[Congressional Bills 117th Congress]
[From the U.S. Government Publishing Office]
[H.R. 2931 Reported in House (RH)]

<DOC>





                                                  Union Calendar No. 67
117th CONGRESS
  1st Session
                                H. R. 2931

                          [Report No. 117-93]

 To provide for certain programs and developments in the Department of 
    Energy concerning the cybersecurity and vulnerabilities of, and 
    physical threats to, the electric grid, and for other purposes.


_______________________________________________________________________


                    IN THE HOUSE OF REPRESENTATIVES

                             April 30, 2021

Mr. McNerney (for himself and Mr. Latta) introduced the following bill; 
       which was referred to the Committee on Energy and Commerce

                             July 19, 2021

Additional sponsors: Mr. Bucshon, Mrs. Lesko, Mr. Keller, Mr. McKinley, 
  Mr. Burgess, Ms. Kuster, Mr. Michael F. Doyle of Pennsylvania, Mr. 
           Soto, Ms. Spanberger, Mr. Davidson, and Mr. Taylor

                             July 19, 2021

 Reported from the Committee on Energy and Commerce; committed to the 
 Committee of the Whole House on the State of the Union and ordered to 
                               be printed


_______________________________________________________________________

                                 A BILL


 
 To provide for certain programs and developments in the Department of 
    Energy concerning the cybersecurity and vulnerabilities of, and 
    physical threats to, the electric grid, and for other purposes.


 


    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Enhancing Grid Security through 
Public-Private Partnerships Act''.

SEC. 2. PROGRAM TO PROMOTE AND ADVANCE PHYSICAL SECURITY AND 
              CYBERSECURITY OF ELECTRIC UTILITIES.

    (a) Establishment.--The Secretary of Energy, in coordination with 
relevant Federal agencies and in consultation with State regulatory 
authorities, industry stakeholders, and the Electric Reliability 
Organization, as the Secretary determines appropriate, shall carry out 
a program to--
            (1) develop, and provide for voluntary implementation of, 
        maturity models, self-assessments, and auditing methods for 
        assessing the physical security and cybersecurity of electric 
        utilities;
            (2) provide training to electric utilities to address and 
        mitigate cybersecurity supply chain management risks;
            (3) increase opportunities for sharing best practices and 
        data collection within the electric sector;
            (4) assist with cybersecurity training for electric 
        utilities;
            (5) advance the cybersecurity of third-party vendors that 
        work in partnerships with electric utilities; and
            (6) provide technical assistance for electric utilities 
        subject to the program.
    (b) Scope.--In carrying out the program under subsection (a), the 
Secretary of Energy shall--
            (1) take into consideration different sizes of electric 
        utilities and the regions that such electric utilities serve;
            (2) prioritize electric utilities with fewer available 
        resources due to size or region; and
            (3) to the extent practicable, utilize and leverage 
        existing Department of Energy programs.
    (c) Protection of Information.--Information provided to, or 
collected by, the Federal Government pursuant to this section--
            (1) shall be exempt from disclosure under section 552(b)(3) 
        of title 5, United States Code; and
            (2) shall not be made available by any Federal, State, 
        political subdivision or tribal authority pursuant to any 
        Federal, State, political subdivision, or tribal law requiring 
        public disclosure of information or records.

SEC. 3. REPORT ON CYBERSECURITY AND DISTRIBUTION SYSTEMS.

    (a) In General.--The Secretary of Energy, in coordination with 
relevant Federal agencies and in consultation with State regulatory 
authorities, industry stakeholders, and the Electric Reliability 
Organization, as the Secretary determines appropriate, shall submit to 
Congress a report that assesses--
            (1) priorities, policies, procedures, and actions for 
        enhancing the physical security and cybersecurity of 
        electricity distribution systems to address threats to, and 
        vulnerabilities of, such electricity distribution systems; and
            (2) implementation of such priorities, policies, 
        procedures, and actions, including an estimate of potential 
        costs and benefits of such implementation, including any 
        public-private cost-sharing opportunities.
    (b) Protection of Information.--Information provided to, or 
collected by, the Federal Government pursuant to this section--
            (1) shall be exempt from disclosure under section 552(b)(3) 
        of title 5, United States Code; and
            (2) shall not be made available by any Federal, State, 
        political subdivision or tribal authority pursuant to any 
        Federal, State, political subdivision, or tribal law requiring 
        public disclosure of information or records.

SEC. 4. ELECTRICITY INTERRUPTION INFORMATION.

    (a) Interruption Cost Estimate Calculator.--The Secretary of 
Energy, in coordination with relevant Federal agencies and in 
consultation with State regulatory authorities, industry stakeholders, 
and the Electric Reliability Organization, as the Secretary determines 
appropriate, shall update the Interruption Cost Estimate Calculator, as 
often as appropriate and feasible, but not less than once every 2 
years.
    (b) Indices.--The Secretary of Energy, in coordination with 
relevant Federal agencies and in consultation with State regulatory 
authorities, industry stakeholders, and the Electric Reliability 
Organization, as the Secretary determines appropriate, shall, as often 
as appropriate and feasible, update the following:
            (1) The System Average Interruption Duration Index.
            (2) The System Average Interruption Frequency Index.
            (3) The Customer Average Interruption Duration Index.
    (c) Survey.--The Administrator of the Energy Information 
Administration shall collect information on electricity interruption 
costs, if available, from a representative sample of owners of electric 
grid assets through a biennial survey.

SEC. 5. DEFINITIONS.

    In the Act, the following definitions apply:
            (1) Electric reliability organization.--The term ``Electric 
        Reliability Organization'' has the meaning given such term in 
        section 215(a)(2) of the Federal Power Act (16 U.S.C. 
        824o(a)(2)).
            (2) Electric utility.--The term ``electric utility'' has 
        the meaning given such term in section 3 of the Federal Power 
        Act (16 U.S.C. 796).
            (3) State regulatory authority.--The term ``State 
        regulatory authority'' has the meaning given such term in 
        section 3 of the Federal Power Act (16 U.S.C. 796).
                                                  Union Calendar No. 67

117th CONGRESS

  1st Session

                               H. R. 2931

                          [Report No. 117-93]

_______________________________________________________________________

                                 A BILL

 To provide for certain programs and developments in the Department of 
    Energy concerning the cybersecurity and vulnerabilities of, and 
    physical threats to, the electric grid, and for other purposes.

_______________________________________________________________________

                             July 20, 2021

Committed to the Committee of the Whole House on the State of the Union 
                       and ordered to be printed