Powering Strong Communities
Security and Resilience (Cyber and Physical)

Grid Security Roundtable Exercise Yields a Series of Key Takeaways

A grid security roundtable exercise held over the summer at NORAD in Colorado Springs, Colorado, resulted in a robust series of key takeaways including that the Department of Defense should work with Sector Risk Management Agencies and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency to further enhance ongoing resilience efforts across critical infrastructure, a recently released report said.

The report was released by CISA and the U.S. Northern Command.

Adrienne Lotto, the American Public Power Association’s Senior Vice-President for Grid Security, Technical & Operations, and Travas Deal, CEO of Colorado Springs Utilities, participated in the grid security roundtable exercise, along with senior government and energy industry leaders representing some of the nation's most critical energy infrastructure.

CISA’s Strategic Plan for 2023-2025 sets goals and objectives to expand visibility of risks to infrastructure, increase CISA’s ability to respond to threats and incidents, and optimize collaborative planning and implementation of stakeholder engagements.

Through a series of high-level engagements, the United States Northern Command and CISA agreed to hold the exercise at NORAD. The roundtable exercise included scenarios involving physical and cybersecurity threats.

Along with DOD working with Sector Risk Management Agencies and CISA to further enhance ongoing resilience efforts across critical infrastructure, the report also listed the following as key takeaways:

  • Recommend establishing a DOD hosted a bi-annual meeting with CISA and industry partners to discuss current threat indicators, continuity concerns and best practices.
  • Recommend continued exploration and engagement with existing exercises, roundtables, and engagements with a focus on continuity of operations, including GRIDEX and the Electric Subsector Coordinating Council.

In the area of information sharing, the report said that all participants, particularly the DOD and industry partners acknowledged the requirement to provide timely access to threat and vulnerability information in order to make informed risk response decisions.

Key takeaways are:

  • Partners must continue to shift communications plan from top-down models to collaborative model where information moves in both directions, and the priority intelligence requirements are cooperatively developed between government (local, state, federal) and industry, and then communicated externally to entities such as the media;
  • Recommend expanded coordination with fusion and state emergency operations centers to consider homeland defense and plausible threat scenarios with regard to their response, communication, and emergency management processes. Any residual issues should be addressed by the coordinating councils.

With respect to the topic of prioritization, the report said that national-level prioritization of critical infrastructure is an ongoing effort that requires national level prioritization of National Critical Functions. Restoration priorities for the electricity sector are established by utilities, in coordination with state and local authorities, as well as critical customers, such as DOD. The federal government can advise, but the federal government has limited ability to mandate restoration priorities.

A key takeaway in this area is that industry asked the DOD to identify and share its critical requirements (through CISA) in the next 6-12 months.