The North American electricity grid is one of the largest, most complex networks ever created, and every sector of our economy depends on it. While the grid is robust and highly reliable, the cyber and physical security threat landscape we face is dynamic and requires constant vigilance and agility.
As part of the North American Electric Reliability Corporation’s (NERC) role in addressing cyber and physical security threats, its Electricity Information Sharing and Analysis Center (E-ISAC) hosts a grid security exercise every two years. The two-day exercise – GridEx – simulates widespread, coordinated attacks on the power grid in large areas across North America. Nearly seven years after the first exercise in 2011, the GridEx series has become a vital part of how industry and government officials prepare for, and respond to, grid emergencies.
Our most recent exercise – GridEx IV – took place last November, garnering a record 6,500 participants from 450 organizations across the United States, Canada, and Mexico. Based on feedback from former participants, the 2017 exercise was designed to shift early in scenario from operational impacts toward rapid recovery from the attacks to better exercise crisis response plans. Exercise participants communicated situational awareness and recovery progress with each other, involving industry personnel and government emergency management agencies, law enforcement, and the intelligence community.
Key lessons learned from GridEx IV include improving coordination with local law enforcement, enhancing communication with other critical sectors such as finance, and increasing the participation of third-party vendors of cyber and physical security services that work for utilities.
For our next exercise in November 2019, the E-ISAC will continue to work with industry and government partners to develop another challenging scenario that allows participants to exercise their crisis response and recovery plans under difficult, simulated problems designed to overwhelm even the most prepared organizations.
Like past GridEx events, GridEx V will include direct engagement with the Electricity Subsector Coordinating Council (ESCC), a group of 30 industry CEOs, and the Energy Government Coordinating Council (EGCC), with senior leaders from the federal government, chaired by the departments of Energy and Homeland Security.
Feedback, in terms of recommendations and lessons learned from industry and other GridEx participants, is an important part of the exercise process, and it has led to critical changes in how the government and industry protect the grid and respond to grid emergencies.
For example, following GridEx II in 2013, industry leaders developed the ESCC Playbook, which provides a framework for how senior industry and government executives coordinate response and recovery efforts during major emergencies. The Playbook has been tested and refined through a series of exercises, and it informed how the industry responded to a number of events, including hurricanes Harvey, Irma, and Maria.
The industry Cyber Mutual Assistance (CMA) program is another example of how GridEx has helped improve industry’s emergency response capabilities. During GridEx III in 2015, industry executives identified the need for a program that helps electricity companies restore critical computer systems following a major cyber incident. The CMA program – based on the industry’s traditional mutual assistance networks – was developed by the ESCC in 2016. As of today, the CMA program includes more than 142 companies that serve about 80 percent of all electricity consumers in the United States and Canada. Other ESCC work with regards to spare equipment and resilient communications capabilities are also a result of previous GridEx III recommendations. The recommendations from GridEx IV have been delivered to the ESCC and EGCC for consideration leading up to GridEx V in 2019.
As we begin preparations for the next exercise, we look forward to identifying additional ways that industry and government can work together to improve our current capabilities and ensure that the bulk power system in North America is secure and resilient. Events like GridEx are a key part of the E-ISAC’s mission, and, our team remains keenly focused our mission to reduce cyber and physical security risk to the electricity industry.
The views expressed here are the writer’s and are not necessarily endorsed by Homeland Security Today, which welcomes a broad range of viewpoints in support of securing our homeland. To submit a piece for consideration, email HSTodayMag@gtscoalition.com. Our editorial guidelines can be found here.