Officials with public power utilities recently detailed how they benefited from participating in the Liberty Eclipse Full-Scale Exercise (FSE), an annual cybersecurity preparedness exercise hosted by the Department of Energy’s (DOE) Office of Cybersecurity, Energy Security, and Emergency Response (CESER).
Officials from the following public power utilities participated in this year’s exercise:
• LADWP
• CPS Energy
• Guam Power Authority
• New York Power Authority
• Easton Utilities
• Lansing Board of Water & Light
• KEYS Energy Services
• Lawrenceburg Utility Systems
“We know that cybersecurity is the backbone of national security,” said Alex Fitzsimmons, Director of CESER. “Foreign adversaries are using digital tools to disrupt critical infrastructure -- we must work together to secure and harden the energy sector.”
The exercise brought together operational technology and cybersecurity experts from the energy sector and federal partners to validate the security of their cyber defense systems, plans, policies, and procedures.
The Liberty Eclipse FSE is unique in that it moves beyond the theoretical and into the world of the practical, where real-time results and consequences of response choices become clear. It isn’t discussion-based like a typical tabletop exercise and instead puts participants on the spot just like they would be in a real cybersecurity scenario.
The collaboration and testing that results from Liberty Eclipse, along with its unique format, has made it one of the CESER’s best preparedness exercises and an illustration of the value of such exercises across the Federal government and industry.
“The Liberty Eclipse exercise gave me a deeper appreciation for how interconnected our power infrastructure really is, from generation through transmission and distribution, and how cyber threats can ripple across those systems,” said Marty Patterson, Director of Cybersecurity at Lawrenceburg Utility Systems.
“Watching control room operators and security teams coordinate during simulated attacks highlighted how critical detection and response are to keeping the grid resilient. What I learned will help guide future improvements to both our operations and cybersecurity efforts,” Patterson said.
“Our preparedness and response plans need real-world testing, and federal exercises like Liberty Eclipse help us meet those objectives,” said Dana Sotoodeh, Public Relations and Stakeholder Engagement Manager at CPS Energy.
“These cybersecurity drills help CPS Energy validate our existing plans and identify resource needs, leading to more effective incident responses during emergencies, such as cyberattacks,” Sotoodeh said.
Nathan Chew, a Systems Analyst from Florida public power utility KEYS Energy Services, also praised the exercise.
“Outside of networking with other cyber professionals, Liberty Eclipse enhanced my knowledge and skills regarding current threats to critical infrastructure,” Chew said. “A key takeaway was seeing how municipal utilities, large utilities, and the military collaborated to address complex security challenges, ultimately strengthening our security frameworks.”
"The 2025 event was both amazing and eye opening,” said Kris Bremer, Systems Analyst at KEYS Energy Services.
“I don’t often ask this question; however, from the many participants - I asked myself the question from a cyber perspective, ‘Who is the most dangerous person in the room?’ Aside from my curiosity mentioned, the real-world exercise was just that, very real, and demonstrated what could happen when an IT environment has been breached and access to OT has been achieved by threat actors. I had the pleasure of interacting with cyber red & blue teams, operations, and those that hosted the 2025 event. Thank you for sending me to this valuable training.”
“Participating as an observer in Liberty Eclipse was an extraordinary opportunity,” said Carlos Guadrón, Senior Real Time Systems Engineer at the New York Power Authority. “It created a rare chance to network with the Department of Energy, the National Guard, and utilities both local and global, all while providing a safe environment to practice large-scale incident detection and response without impacting the grid,” Guadrón said.
“The collaborative environment and expert-led classes gave me valuable insights into shared challenges and emerging solutions,” Guadrón said. “Connecting with other public power utilities, such as the Tennessee Valley Authority, and being able to discuss the specifics of their cybersecurity programs while seeing examples from other utilities executed in real time was an especially impactful learning experience. I left the exercise with new ideas and relationships that will directly strengthen the work we’re doing at NYPA. I hope we can return next year as full participants and continue building resilience and relationships across the energy sector.”
“The Liberty Eclipse full-scale exercise serves as a unique opportunity to evaluate both offensive and defensive security techniques against an isolated, yet realistic, control systems testbed environment in collaboration with a nationwide contingent of utility organizations,” said James Ekstract, Senior Cyber Security Analyst at NYPA. “The ability to observe all facets of the exercise from the perspectives of various roles, gain access to training and expertise from experienced practitioners, and interact with representatives from fellow utilities makes for a valuable experience. I fully encourage fellow utility organizations pursue attendance.”
“The biggest value for me was working side-by-side with other utilities like Eversource, Florida Power & Light, Keys Energy, and Lansing Board of Water & Light,” said Scott Sears, Manager of Software Engineering at Maryland public power utility Easton Utilities, in discussing how he benefited from participating in the exercises.
“Adding in perspectives from international partners such as the Australian Signals Directorate and TasNetworks made Liberty Eclipse a true test of resilience I can bring back to Easton,” he said.
“The Liberty Eclipse exercise provides an environment where we can test our cyber defenses against threats modeled after what we are seeing in the wild from our nation-state adversaries,” said Fred Christie, Chief Information Officer at Easton Utilities.
“Working side-by-side with energy cyber experts from IOUs, munis and coops from all over the US is a learning experience second to none! The relationships we have built over the past two years of participation in Liberty Eclipse are life-long and invaluable,” he said.
“Participating in the exercise put us through a series of live vignettes on real equipment and underscored a critical truth: fast, structured communication between Control Center Operators and the Cyber Team is essential to limiting impact,” said Guam Power Authority’s Ronald Navarra.
“We left with sharpened situational awareness and practical experience coordinating live SOC and Operator actions. To take part, our team traveled about 9,600 miles from Guam, reflecting our dedication to security and sector readiness. The value extended beyond our walls: we connected with peer utilities and partners facing similar challenges.”
“Liberty Eclipse 2025 was an invaluable opportunity to engage in real-world scenarios that tested our readiness as defenders of critical infrastructure. The live exercise highlighted vulnerabilities and gave me personally actionable tasks to bring back to executive leadership. I made lasting connections with peers across the industry—relationships that will strengthen our collective ability to secure the systems our communities depend on. Every public utility should have the chance to participate in this experience,” said Ray Moore, Manager, Operations Technology, at Lansing Board of Water and Power.
The Liberty Eclipse exercise currently leverages the Liberty Eclipse Testbed Environment located in New York.
The testbed environment and the annual full-scale exercise allow participants to work together in an environment that represents the electric grid and the systems and utilities that support it. It includes cybersecurity components found in a real-world substation, is energized, but disconnected from the nation’s grid, minimizing real risk.
Operating against teams posing as attackers and adversaries, participants test their capabilities to deal with simulated cyberattacks and the ability of their software and hardware to recognize, identify, and defend against malicious acts.
Through this exercise series, participants validate the security of their systems, confirm the strength of their response plans, and identify avenues that attackers might seek to exploit when trying to gain access. The scenario runs in a low-stress, no-fault environment where participants are encouraged to collaborate and challenge assumptions.
The exercise also fosters relationship building between OT staff, cyber experts, and utilities.
