Ninth Annual Grid Security Conference highlights public, private information sharing
The North American Electric Reliability Corporation (NERC) and the SERC Reliability Corporation recently hosted the ninth annual grid security conference, GridSecCon, which highlighted the importance of strong public and private sector information sharing.
More than 600 security experts from across North America attended the two-day conference to share information, including best practices and lessons learned. The conference emphasized the programs required to protect the grid from constantly changing cyber and physical security threats.
“Security and reliability are inextricably linked and respect no geographic boundaries,” NERC President and CEO Jim Robb said in his opening remarks. “Events like GridSecCon help us plan and prepare for contingencies through training, information sharing, and lessons learned. Better grid security across North America depends on our strong partnerships to stay ahead of adversaries and mitigate a dynamic set of emerging threats.”
Other keynotes included Karen Evans, assistant secretary, Office of Cybersecurity, Energy Security and Emergency Response, Department of Energy; Brian Harrell, assistant director, Cybersecurity and Infrastructure Security Agency, Department of Homeland Security; Tom Fanning, chair, president and CEO, Southern Company; Brian Thumm, vice president, Performance Improvement and Risk Management, SERC.
“We know our industry is strong and takes security risks seriously; however, we must remain vigilant as our adversaries continue to develop more sophisticated campaigns that place the North American grid at risk,” Thumm said. “Regional Entities within the Electric Reliability Organization (ERO) Enterprise work directly with industry members to enhance and improve our security posture, and events like GridSecCon help further that collaboration.”
Panel discussions during the conference focused on trade associations and grid security advocacy, assessing potential physical security threats, responding to drone threats, the nexus between physical and cyber security threats, cyber supply chain threats, and potential emerging threats. On the day before the start of the conference, training sessions were held on topics such as physical security, threat intelligence, human error, and the supply chain.
