The North American Electric Reliability Corp. has revealed some of the lessons learned from its fourth-ever security exercise that challenged industry and government stakeholders with simulated physical and cyberattacks on the grid.
Facilitated through NERC’s Electricity Information Sharing and Analysis Center network portal, or E-ISAC, the grid reliability organization March 30 released some recommendations and findings from its industry-wide, two-day GridEx IV exercise.
Bill Lawrence, director of the E-ISAC, said the GridEx IV event encompassed 18 extremely difficult scenarios, both at the so-called "distributed-play" level and a more elevated "executive tabletop" level for senior industry executives and government officials. "You might as well practice against the best out there, and the scenarios that we've come up with simulate [the capability of known adversaries] to the max extent possible in an unclassified setting," he said during a media briefing.
The NERC report recommended strengthening utility coordination and the sharing of E-ISAC information with other critical infrastructures in case of a severe event, and the declassification of sensitive information so utilities can prevent and respond to attacks. Stressing the need for "communications resiliency," Lawrence said backup communications channels are needed by utilities and other participants in case telephone and internet services become unavailable in a large-scale cyber or physical attack.
The report also recommended increasing utility coordination and sharing of information with law enforcement, state and local governments, and the federal government.
"That state and local government relationship with the electric utilities is extremely important," said Lawrence. "A lot of the response will start at the state and local level, and for electric utilities to either have folks embedded in these state emergency operation centers, or fusion centers, would be extremely beneficial to getting coordination [and] communications right."
At the national level, NERC said the U.S. government's Electricity Subsector Coordinating Council and the Energy Government Coordinating Council should enhance the way they communicate. The report further recommended that the two councils work with the U.S. Department of Energy to create consultation processes to help ensure the appropriateness of any emergency orders.
The GridEx report also cautioned that utilities will need "extraordinary levels" of government financing to help recovery efforts following a severe attack. Finally, the report favored continuing promotion of a Cyber Mutual Assistance Program among members, stakeholders, critical supply chains, and the U.S. National Guard.
NERC and E-ISAC said they will continue to work with industry and government stakeholders to enhance the power sector's readiness and improve the GridEx program with the recommendations and lessons gleaned from the latest exercise.