Texas Power Outage: Implications for Critical Infrastructure Security and Resilience Policy

March 4, 2021 IN11629




INSIGHTi

Texas Power Outage: Implications for Critical
Infrastructure Security and Resilience Policy
March 4, 2021
The statewide power outages in Texas following a severe cold weather event in February 2021 illustrated
the vulnerability of electricity supply as a critical economic and safety function. The widespread failure of
electric generation facilities in severe weather conditions led to blackouts that affected millions of
residents and caused extensive property damage and loss of life. Much of the post-event commentary has
focused on the unique regulatory environment in Texas, which some observers fault for the lack of
adequate weatherization at critical generation facilities. Texas operates an electric grid that is largely
isolated from the national grid, and therefore exempt from Federal Energy Regulatory Commission
regulations applicable to interstate commerce. The federal policy framework for critical infrastructure
security and resilience (CISR) has generally received less public attention. This non-regulatory
framework provides authority and guidance for a broad range of voluntary public-private partnerships to
promote national CISR goals—including grid resilience. This CRS Insight provides an overview of the
federal CISR policy framework—focusing on its application to the risk management practices of the
electricity generation and distribution industry in Texas and elsewhere.
The National Infrastructure Protection Plan (NIPP), last updated in 2013 under Presidential Policy
Directive 21 (PPD-21) “Critical Infrastructure Security and Resilience,” describes key elements of the
CISR policy framework and provides high-level implementation guidance. The framework recognizes the
Energy Sector as one of 16 critical infrastructure sectors, and designates the Department of Energy (DOE)
as the Sector Specific Agency (SSA) responsible for coordinating sector-wide CISR initiatives with
governmental and non-governmental stakeholders. The Energy Sector consists of two subsectors—the
Electricity Subsector and the Oil and Natural Gas Subsector. The Energy Sector Specific Plan (Energy
SSP), published in 2015 in alignment with the NIPP, highlights severe weather events and disruption of
natural gas supplies—both of which occurred in Texas—as major risks to the Electricity Subsector.
Under the Energy SSP, DOE shares risk management responsibilities with private sector owner-operators
of critical infrastructure systems and assets in order to support national CISR goals outlined in the NIPP:
 Assess and analyze threats to, vulnerabilities of, and consequences to critical infrastructure to
inform risk management activities;
Congressional Research Service
https://crsreports.congress.gov
IN11629
CRS INSIGHT
Prepared for Members and
Committees of Congress



Congressional Research Service
2
 Secure critical infrastructure against human, physical, and cyber threats through sustainable
efforts to reduce risk, while accounting for the costs and benefits of security investments;
 Enhance critical infrastructure resilience by minimizing the adverse consequences of incidents
through advance planning and mitigation efforts, and employing effective responses to save lives
and ensure the rapid recovery of essential services;
 Share actionable and relevant information across the critical infrastructure community to build
awareness and enable risk-informed decisionmaking; and
 Promote learning and adaptation during and after exercises and incidents.
Several coordination and information-sharing bodies facilitate this work. Sector and subsector
Government Coordinating Councils (GCCs), co-chaired by DOE and Department of Homeland Security
(DHS) officials, coordinate activities of relevant agencies at all levels of government. Sector Coordinating
Councils (SCCs), organized and led by industry executives, operate in parallel to the GCCs to share
information between government and private sector stakeholders on risks and best practices. In addition,
Energy Sector and Subsector GCCs and SCCs sponsor Information Sharing and Analysis Centers
(ISACs), non-profit organizations that “collect, analyze and disseminate actionable threat information to
their members and provide members with tools to mitigate risks and enhance resiliency.”
Numerous Texas utilities maintain voluntary collaboration partnerships with these and other coordination
or advisory bodies under the NIPP framework. A wide range of risk assessment and information sharing
activity in the Electricity Subsector highlighted known risks of cold weather to grid infrastructure in
Texas and elsewhere prior to the February 2021 weather event. However, the scope of voluntary
Electricity Subsector infrastructure security and resilience investments to harden vulnerable systems and
assets in response to NIPP initiatives is less clear. The failure of energy infrastructure attributed to the
extreme cold weather suggests that further sector investments may be necessary.
The 2013 NIPP states that, “Government can succeed in encouraging industry to go beyond what is in
their commercial interest and invest in the national interest through active engagement in partnership
efforts.” This statement summarizes the premise of federal CISR policy as it has developed since the late
1990s—that private sector interest in avoiding business disruption and public interest in availability of
essential services necessarily align. In the wake of widespread power outages in Texas, some key
stakeholders in the Electricity Subsector have suggested that this premise is flawed.
In one such instance, Tom Fanning, a utility CEO and current co-chair of the Electricity SCC, asserted
that economic incentives predominated as the main factor influencing industry investment behavior. “If
the rules of the market don’t reward someone for resilience, they won’t get resilience,” he said.
However, regulatory requirements for reserve generation capacity or extensive winterization have been
controversial among some Electricity Subsector stakeholders, who have claimed that such requirements
could lead to wasteful and costly investments in unused capacity.


Congressional Research Service
3
Author Information

Brian E. Humphreys

Analyst in Science and Technology Policy




Disclaimer
This document was prepared by the Congressional Research Service (CRS). CRS serves as nonpartisan shared staff
to congressional committees and Members of Congress. It operates solely at the behest of and under the direction of
Congress. Information in a CRS Report should not be relied upon for purposes other than public understanding of
information that has been provided by CRS to Members of Congress in connection with CRS’s institutional role.
CRS Reports, as a work of the United States Government, are not subject to copyright protection in the United
States. Any CRS Report may be reproduced and distributed in its entirety without permission from CRS. However,
as a CRS Report may include copyrighted images or material from a third party, you may need to obtain the
permission of the copyright holder if you wish to copy or otherwise use copyrighted material.

IN11629 · VERSION 1 · NEW