NERC GridEx III security exercise shows considerable improvement against security threats
The North American Electric Reliability Corporation (NERC) released a summary of its most-recent grid security exercise, GridEx III, on Thursday, noting considerable improvement in preparedness and response in the event of a security threat.
GridEx III simulated a cyber and physical attack on a grid. Participants were tested through spontaneous attack scenarios to portray the need for absolute preparedness in the event of a real attack, with participants finding that the single most important factor in emergency response was communication, including communication within the organization, across the energy industry, with the national government and with the public.
“Security exercises, like NERC’s GridEx, are essential for industry and government partners to experience a worst-case, advanced-threat scenario to better prepare against any real crisis events,” Stakeholder Engagement Associate Director Bill Lawrence said. “Participating in GridEx allows industry, government partners, and other stakeholders to share information and exercise a comprehensive approach to securing the bulk power system.”
NERC reported that the Electricity Information Sharing and Analysis Center should be updated to better allow for emergency communication between members. The exercise also discovered room for improvement regarding cyber and physical security incident reporting and the need to enhance collaboration with local law enforcement and emergency responders during a real attack.
