Good morning, mr. Chairman. I think the witnesses for coming this morning. An incredibly issue an incredibly important issue we need to care about and make a policy on. Your meeting to discuss the state of cybersecurity and the grid and the continuing threats facing Americas Energy infrastructure. We continue to see increasing threats to the grid originating both at home and abroad. And glad to see the doe firm and others taking steps. Our energy grid serves as the backbone to our economy, Touching Every aspect are our lives every aspect of our lives. Reliable grid is crucial to the National Security and a clean energy future. For lawmakers to enable innovative advancements that we can improve the security and reliability of our electric grid, we must work on a bipartisan basis. And, actively engage with leaders as we are doing today. The modernization and innovation of our Energy Infrastructure is already underway. What was once a oneway Delivery System has evolved to a Dynamic Network where information and energy flows both ways. Technological advancements are both are also bone are also born from the need to secure the energy grid from physical and Cyber Threats. Technology allowing for the rerouting of power and Quick Response in the event of a tag is being displayed is being deployed across the grid. Cooperation among federal, local, and state governments is essential. Given the cyber environment, it is more important than ever that congress pursue policies that continue to foster these exciting developments and support our grid infrastructure. This is an issue i am passionate about. Component is a threat to our physical and National Security, making it imperative we invest in grid modernization and security. Proud tohy i am cochair the grid innovation caucus with my good friend from across the aisle. Together, we are focused on providing a forum to discussing solutions about the many challenges facing the grid and educating congress and staff about the importance of securing the grid in relation to the economy, Energy Security, and technologies being utilized to enhance grid capability. This work has informed the introduction of two bills on the topic. Both of which have already been marked up by the subcommittee. Their aim is to bolster americas electric infrastructure by encouraging coordination with the department of energy and the letter utilities. , hr 359, the enhancing Grid Security through Publicprivate Partnership act, we create program to enhance the physical and cybersecurity of the electric utilities through assessing security vulnerabilities and increasing cybersecurity trading and data. It would require the cost estimate calculator, which is used to calculate the investment owned utility investment the internal investments. It would ensure accurate calculations. The other bill makes important headway in protecting grid infrastructure. The cyber sense act would create a program to identify products securityhe testing and program. It provides all the benefits of reliable letter power to the american people. It is essential we make the system as secure as possible as Cyber Attacks do pose a serious threat to the electric grid. Any vulnerable component in our grid. Is a threat to our security. This bill will go a long way to strengthening the system. I think him for his partnership. I want to thank 8 i want to take a moment to mention my support for hr 362, the Energy Emergency leadership act. New bill would establish doe assistance, secretary positions with jurisdiction over all energy, emergency, and security functions related to Energy Supply and cybersecurity. Went to mention my support for one more bill on this topic. And facilities and cybersecurity preparedness act sponsored by rigging member ofated by Ranking Member them. This would require the secretary of energy to establish a Program Related to the physical security and cybersecurity for pipelines and liquefied natural gas facilities. The bill show our committee is positioned to examine the issues before us as we look to put america on a path to better securing our toady system. I yield back to the chairman. Chairman to thank the the gentleman t. The chairwoman is in chicago this morning. Friend and colleague. The flight was canceled. Agreederney graciously to sit in as chair for me last night. I am here now. Mcnerney thank measure personally thank mr. Mcnerney personally for agreeing to sit in the chair for me in my absence. As you can see, i am here. I appreciate the sentiment. I also appreciate the confidence you have shown to me, mr. Chairman. The chair recognizes esther upton, the raking member of the subcommittee for five minutes for the purposes of Opening Statements. Im siding hear about your friend. Im grateful you did knocking on that plane because i drove home through that storm. I do not think that plane smart. Continues theg ongoing oversight of cybersecurity threats to the electric grid. A rarity all of us have had. While this is the first hearing on the topic, the subcommittee has been raising questions about persistent and emerging threats to the electrical grid. Hearings hearings and over the course of the session. Building on the work we have done over the last congress as. It is unquestionable that ensuring a reliable supply of electricity is vital to our security, health, and welfare. Electricity enables telecommunications, financial transactions, delivery of energy, and agriculture. Business and industry to make the goods and services of our modern society. The powers are hospitals, our household, and everything else. Its face it. Lets face it. The u. S. Has the worlds most complex electrical grid. While we have a welldeveloped system of operators to ensure the lights stay on, we are confronting new challenges every day and adopting to a changing generation. Newre also responding to threats and working to strengthen the security of the nations grid. The integration into the system of new Digital Technologies that are essential for keeping up with the energy needs constantly add vulnerabilities. Vulnerabilities are being added by electric generating units. Combine that with a rapid expansion of Cyber Capabilities by more of americas adversaries and safeguarding transmission many of the structures in place today at ensure the system can mitigate and respond to cyber can be traced to this committees legislative work. To2005, we authorized ferp c to establish reliability standards. In 2015, this committee wrote provisions, including the fast doe to strengthen the authorities and to facilitate the sharing of threat information from private sector asset owners and the federal government. As a federal agency with leading expertise and the cybersecurity threats against it, it is imperative we arm the doe with the tools and authority to protect our electricity system from the transmission lines to the generating stations and their pipelines. Most recently, we developed legislation to elevate the does functions overseeing cybersecurity and improve information sharing, emergency planning, and other activities in this jurisdiction. That work is continuing. Hasunately, the department used its own authorities to implement leadership over cybersecurity and to improve interagency coordination. Against that backdrop, todays hearing provides a great opportunity to update the subcommittee on what these agencies are doing to advance cybersecurity practices, protections, and response planning. Can to hearing from secretary karen evans who heads the office on Cyber Security she testified in september last year. She had been on the job produced a couple weeks. Though she brought along federal experience to the table as soon she sat down. I look forward to discussing the current work and how well it is exercising the role in exercising the threat, and how she plans to address those challenges. Fromll be hopeful to hear the regulators of the electric grid. Heads thee, who office of electric reliability. These entities serve as the front lines of oversight of electric grade protection. I met you in learning on what learning what measures they are working on. The risks of massive blackouts can be hard to think about. The cybersecurity realities of today require we face these risks headon, that we be sure our agencies and appropriate groups have the tools in the toolbox and the information they need to address the risk and that they are prepared for the consequences of attacks. I yield back. The chair recognizes mr. Malone for five minutes for the purposes of an opening statement. Thank you. We are here to get an update from federal agencies about how they are addressing Cyber Threats to our electricity grid. Our enemies are developing new techniques to compromise and attack our grade. It is important the federal government and electricity and the electric industry remain vigilant in ensuring the grid is secure. Our committee has been conducting robust oversight in a bipartisan fashion for years. Todays hearing is a public form to discuss how the federal government is addressing Cyber Security challenges. Committee also continues to receive closed door briefings under stammer classified matters. Our witnesses all take cybersecurity of the grid seriously. I believe secretary perry made the right decision in creating the position of assistant secretary for cybersecurity, Energy Security, and Emergency Response to focus on these issues. T month, subcommittee that would enshrine a statute divisiond support new in the doe. I look forward to bringing more bills up from markup soon. He must be active and vigilant when it comes to cybersecurity. The firstwe had reported malicious cyber event activity ined grid the western facility. We must they ahead of anyone who is a cyber threat. Nercreciate the work of continue enhancing this rule implements new reliability standards that respond to supply chain risk Malicious Software by requiring responsible entities to develop and implement security controls for industrial control systems, hardware, software, and services. These are the types of forwardlooking actions we need to protect our grid against attack. While this hearing is not specifically about Pipeline Cybersecurity, i would be remiss not to mention how important that is to our grid system. Have a reliable pipeline system. Never one to find ourselves in a different situation. I make i remain concerned about the lack of resources the transportation and Security Administration i look forward to hearing about ways they could address the safety gaps. If tsa continues to devote scant resources to these matters, we must look at other options to keep these pipes secure. Thank you to our witnesses for being here today. I yield back. The gentleman yields back. The chair now recognizes the wrecking member of the committee, mr. Walton for the purposes of an opening statement. Good morning, mr. Chairman. I am delighted to have this hearing. As we have learned in previous hearings, in todays highly connected world, the threat of Cyber Attacks, the importance of electricity is growing. One of our responsibilities is to renew and revise laws and policies that concern the reliable livery of energy. This is part of the black letter jurisdiction and something well take seriously the matter which party is in the majority. This mornings hearing continues this important work and focus on this and focuses on the status. We will hear testimony from our witnesses today. Your key players in keeping the lights on. The department of energy, the regulatory commission, and the north American Electric reliability corporation. Each of your organizations has a will in creating standard settings, oversight of standards, sound engineering, all of that as it relates to the power system. I look forward to hearing update from the witnesses, especially on coordination and sharing among the federal and to tease and industries. That is always an issue and continues to be. Our past oversight has examined some of the work doe has done to carry out a thirst carry out its responsibility. Identifyingd vulnerabilities and mitigating risk. I have seen some of his work firsthand. Especially in the northwest at the Pacific NorthwestNational Laboratory in washington state. I went to the idaho National Laboratory. Terrific people working in those labs. Doing amazing work on behalf of the country. They provide the analytical tools. They provide the testbeds and other capable of lease that are helpful for all kinds of industries and systems we rely on. Tools in thence cybersecurity sharing information have proven especially helpful in identifying systematic Cyber Attacks across the Energy Sector. Hearld be interested to how this approach is being expanded broadly as it relates to supply chain risk and Operational Technology systems. Switches and supervisory control. As more connected devices and smart grid technologies are added to the grid, the vulnerabilities will continue to grow. Centralion sharing is to the strong cyber defenses. This is especially important as our grade becomes more interconnected. How the pipeline systems are part of the system. We have to think about how pipelines are part of the energy system. Pipelines follow under separate regulatory regimes. The department of energy must maintain visibility over pipelines to ensure delivery of electricity to consumers. Codifying the Emergency Response role. Providing Technical Assistance to the industries. It is important to enhance coordination of response should attacks succeed at a large scale. Members of this panel have had the benefit of briefings over the past few years to understand Emergency Response exercises in the electric sector. An update will also be useful today. Technical assistance, information sharing, and deployment of Innovative Technologies and best practices to get ahead of the threats is ever more urgent. He must be sure our Critical Infrastructure credit standards are uptodate and flexible to meet the risk. Must make sure we are providing federal agencies the tools needed to serve the industry and the nation more effectively. We have a real responsibility. Hearings like this will help us do our job better. Thank you for having this oversight hearing. Thank you to our witnesses for your testimony. With that, i yield back the balance of my time. Now like to will welcome our expert witnesses for todays hearing. Left, the honorable karen evans. She is the assistant secretary of the of is of cybersecurity and Emergency Response. She serves in the u. S. Department of energy. Mr. J andrews. Odge senior he is the director of the office on thetric reliability federal Regulatory Energy commission. Sitting next to mr. Dodge is mr. Jim rob, the president and chief executive officer of the north American Electric reliability corporation. Witnessesthank the for being here today. We would look forward to your testimony. Begin, i want to give you a tutorial. I would like to explain the lighting system. In front of you is a series of lights. The light will initially be green. Yellow whenll turn you have one minute remaining. Please begin to rev up your testimony at the yellow light. Willt will return turn bright red when your time expires. Said, assistant secretary evans, you are now recognized for five minutes. You, sir. Evans thank tonk you for the opportunity discuss the continuing threats facing our energy and per structure. Focusing on cybersecurity, Energy Security, and resilience of the Energy Systems is one of the secretaries top priorities. By the administration proposing and congress affirming, the opposite of cybersecurity and Emergency Response, secretary has clearly demonstrated his commitment to achieving the goal of Energy Security and more broadly, National Security. Our nations Energy Infrastructure has become a primary target for hostile cyber actors. That was statesponsored and nonstatesponsored. The frequency, scale, and sophistication of Cyber Threats continue to increase. Ther incidences have potential to disrupt energy services, damage highly specialized equipment, and even threatened human health and safety. The release of the National Cyber strategy in 2018 reflects the administrations commitment to protecting america from Cyber Threats. The department of energy plays a active role in supporting the critical Energy Infrastructure. The efforts reflect a concerted response to the emergence of Energy Cybersecurity and resilience as one of the most important security challenges. Fostering partnerships with private stakeholders and