Utilities joined forces with partners in government, law enforcement and industry last week to test response and recovery from cyber or physical incidents that threaten to bring down energy infrastructure.
GridEx V continued the operational exercise launched by the Electricity Information Sharing and Analysis Center’s (E-ISAC) and held every two years. Goals of the two-day exercise include practicing incident response plans, enhancing lines of communication, and collaboratively sharing lessons learned.
“Today, we face a hybrid threat. There are very few cyber-only or physical-only incidents,” Brian Harrell, assistant director for infrastructure security at the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), told HSToday. “As our world grows more interconnected, and our infrastructure grows more interdependent with other systems and functions, we must look at our risks from both a cyber and a physical perspective.”
CISA was a partner in planning GridEx V, with a scenario featuring direct cyber and physical attacks on energy infrastructure and examining the cascading impacts to the communications sector.
“Critical infrastructure security and resilience requires a clear understanding of the risks we face and a whole-of-community effort that involves partnership between public, private, and nonprofit sectors, and CISA is committed to providing the support needed to prepare and respond to critical infrastructure threats and incidents,” Harrell said.
Organizations participating in GridEx V were either active players or watchful observers, and planners are encouraged to make the training scenarios as realistic as possible. Sensitive details about the exercises are not disclosed to the public. The event also included an executive tabletop exercise with industry and government leaders.
“GridEx was a terrific opportunity for Dominion Energy to test its recently completed Threat Response and Analysis Center (TRAC) located in Richmond, Va.,” Adam S. Lee, Dominion Energy Services’ vice president and chief security officer, told HSToday.
“Integrating our Cyber Security Operations Center and our Physical Security Operations Center enabled our security workforce to manage crisis events like those simulated in GridEx more effectively,” he added. “Dominion Energy’s business and IT organizations, along with federal, state, and local government agencies, partnered with the TRAC for the entirety of the exercise. GridEx strengthens relationships among Dominion Energy’s business units, the TRAC, and our government partners.”
“GridEx is a great opportunity for trade associations in the electricity subsector to coordinate with our federal government partners and NERC,” Sam Rozenberg, engineering services security director at the American Public Power Association, told HSToday. “We had more than 100 public power utilities participate in GridEx V; that’s a 200 percent increase over GridEx IV in 2017.”
“Clearly, public power understands the importance of exercising to prepare to respond to cyber threats,” he said. “The Association and our members will review lessons learned and develop measures to build our resiliency and crisis response.”
Harrell stressed that the impacts from a disruption of these systems “can have wide ripple effects across the country, impacting emergency response, transportation, and the economy.”
“Managing these risks in advance involves preparing for all hazards, reinforcing the resilience of our assets and networks, and remaining vigilant and informed,” he said. “CISA will work across the critical infrastructure enterprise to close gaps and strengthen security and resilience on any recommendations where we have a role to play or resources that can assist.”
“I want to emphasize, however, that everyone plays a role in the nation’s security and resilience, and we must coordinate and collaborate across every level government, private sector, and other community organizations. This exercise embodies CISA’s vision of defending against today’s threats and working to secure our tomorrow. Exercises by their very nature are a critical part of enhancing our nation’s critical infrastructure security and resilience. By challenging and practicing our incident plans in a no-fault, safe, environment we are able to identify areas that work well and identify areas that need improvement.”