In its third simulated test of the security of the power grid, the North American Reliability Corporation (“NERC”) reported general progress across the electric utility industry in defending against physical and cyber threats, while also identifying several areas for further improvement.
The NERC exercise, dubbed GridEx III, took place over two days in November 2015 and involved more than 4,400 individuals from 364 industry, law enforcement and government organizations across the United States, Canada and Mexico. The main objectives of the exercise were to test crisis response and recovery, improve communication, identify problem areas and engage senior-level leadership in the organizations involved.
Despite broadly meeting these objectives, NERC nevertheless called for improvements in communication systems and protocols, particularly in the incident response capabilities of the Electricity Information Sharing and Analysis Center (“E-ISAC”) portal and coordination with law enforcement and other governmental agencies.
E-ISAC acts as a kind of highly-specialized “antivirus” application for the power sector, collecting and sharing information regarding malware indicators identified by electric utilities or government agencies. For the exercise, NERC created a “mirrored” version of the E-ISAC portal and found it unable to track and respond to the flood of distress calls and other inquiries it received, with critical information getting lost or buried. This made it difficult for participants to distinguish important information coming from the portal during the exercise, a problem which may have been compounded by redundancies and other inefficiencies in industry information sharing and reporting practices, according to the NERC report.
Similarly, NERC reported that the exercise revealed the need, in the event of a major and persistent disruption in electricity service, for far greater levels of coordination across federal, state and local government agencies to the power sector and aid the public at large.