On Nov. 13 and 14, more than 6500 people participated in the North American Electric Reliability Corp.'s (NERC) energy grid security and incident response exercise, GridEx V. The participants represented more than 425 organizations from across the electric power industry and federal and state governments. The two-day exercise was designed to test cyber and physical security incident response protocols and coordination among industry and government stakeholders from the United States, Canada, and Mexico.
“The NERC's GridEx series offers an invaluable opportunity for industry and government officials at all levels to evaluate crisis communications and security and response plans in order to identify new risks and develop actionable mitigation strategies,” said Edison Electric Institute (EEI) President Tom Kuhn. “Through the CEO-led Electricity Subsector Coordinating Council (ESCC), GridEx also helps us to enhance cross-sector coordination and develop a more detailed understanding of interdependencies and potential impacts to other critical infrastructure sectors.”
The ESCC serves as the principal liaison between leadership in the federal government and in the electric power sector, with the mission of coordinating efforts to prepare for national-level incidents or threats to critical infrastructure. The ESCC also facilitates and supports policy- and public affairs-related activities and initiatives designed to enhance the reliability and resilience of the energy grid.
One example is the electric power industry’s Cyber Mutual Assistance (CMA) program, which was tested during GridEx V. During a previous GridEx, several industry executives identified the need for a program that would help electric companies restore critical computer systems following a major cyber incident. The CMA program — based on the industry’s traditional mutual assistance networks — was developed and launched by the ESCC within a year. More than 145 entities — including investor-owned natural gas and electric companies, electric cooperatives, public power utilities, Canadian electric companies, and RTOs/ISOs — now participate in the program, which covers approximately 80% of U.S. electricity customers and 75% of U.S. natural gas customers.
Following the completion of GridEx V, the NERC was expected to produce an after-action report outlining the newly identified opportunities for industry and government stakeholders to enhance their collective security posture.
“Protecting the energy grid from threats that could impact national security and public safety is a responsibility shared by both the government and the electric power industry,” said Kuhn. “Together, we will identify and apply the lessons learned from GridEx V, as we continue our work to enhance energy grid security and resiliency.”