GridEx VII simulation exercise tests electric power industry’s response to threats
GridEx VII, an energy grid security and incident response exercise, took place this week to test the readiness of the electric power industry.
The biennial event, put on by the North American Electric Reliability Corporation’s (NERC) Electricity Information Sharing and Analysis Center (E-ISAC), gives members and partner organizations a forum to practice how they would respond to and recover from coordinated cyber and physical security threats and incidents.
The two-day decentralized exercise, held Nov. 14 and 15, featured electric company leaders and federal and state government officials testing their incident response protocols and coordination during simulated cyber and physical security attacks.
Among the goals and objectives of GridEx VII is to:
- Exercise incident, operating communications, mutual assistance, and crisis management response plans;
- Respond to imminent cyber, physical, and other threats with the potential to affect the reliable operation of the grid;
- Enhance coordination with state/provincial and local governments, suppliers supporting critical operations, and industry partners to facilitate restoration;
- Manage interdependencies with the natural gas sector, telecommunications sector, and other critical infrastructure sectors;
- Exercise response to IT and communications systems failures;
- Respond to emergency events in a remote or hybrid environment with reduced staff availability and limited access to resources.
NERC developed the scenario and the supporting tools for GridEx VII with a team of subject matter experts. Past participants have said the exercise has helped them enhance their operational capabilities by responding to the realistic and challenging simulations. Due to the success of the event, participation rates have increased over time.
Among the participants was the Edison Electric Institute (EEI).
“The top priority of electric companies is protecting our nation’s energy grid,” Edison Electric Institute President and CEO Tom Kuhn said on Thursday. “Participating in NERC’s GridEx series with our government partners gives EEI and our member companies the opportunity to test our security measures as an industry. It also allows us to strengthen our coordination through our time-tested partnership, the Electricity Subsector Coordinating Council (ESCC). Together, we will continue to focus on prevention, resilience, and strategic redundancy to manage risk.”
The ESCC plays a key role, serving as the principal liaison between leadership in the federal government and in the electric power industry. The mission of the group is to coordinate efforts to prepare for and respond to national-level incidents or threats to critical infrastructure.
Further, the CEO-led ESCC facilitates and supports activities and initiatives designed to enhance the reliability and resilience of the grid, including the establishment of the Cyber Mutual Assistance program. This initiative brings together cyber experts who stand ready to support other electric companies in the event of a major cyber incident.
Following the event, NERC will produce a report outlining the newly identified opportunities for industry and government stakeholders to improve and enhance their collective security posture.
