A First For The Nation: NERC Completes First Grid Security Exercise

NERC is an international, independent, not-for-profit organization, whose mission is to ensure the reliability of the bulk power system in North America. Here is a bit about them from their website at http://nerc.com :

The North American Electric Reliability Corporation’s (NERC) mission is to ensure the reliability of the North American bulk power system. NERC is the electric reliability organization (ERO) certified by the Federal Energy Regulatory Commission to establish and enforce reliability standards for the bulk-power system. NERC develops and enforces reliability standards; assesses adequacy annually via a 10-year forecast, and summer and winter forecasts; monitors the bulk power system; and educates, trains and certifies industry personnel. ERO activities in Canada related to the reliability of the bulk-power system are recognized and overseen by the appropriate governmental authorities in that country.

NERC just completed a first for our country: They coordinated/facilitated and led a exercise involving more than 75 industry and government partners. This tremendous activity was the result of lots of hard work and applied vision under NERC’s VP and CSO Mark Weatherford. Mark is a highly regarded cybersecurity and IT professional with experience in the US Navy and the State of California. Mark has recently received a Presidential appointment to the Department of Homeland Security, which means this exercise will be one of his last major duties at NERC. He leaves there having made a huge difference, and will now be called upon to continue to improve things in the federal cyber community.

For more on the NERC exercise, see the press release below:


November 17, 2011

WASHINGTON, DC – More than 75 industry and government partners
participated in the North American Electric Reliability Corporation’s (NERC)
first cybersecurity readiness exercise, GridEx 2011, this week.

Ending today, the two-day exercise is part of NERC’s ongoing security
readiness program to assess NERC and the industry’s crisis response plans and
validate current readiness in response to a cyber incident. GridEx, which NERC
plans to sponsor bi-annually, also allowed enhanced collaboration between
NERC, the industry and government stakeholders.

“GridEx 2011 is an opportunity for NERC, industry stakeholders and
government partners to work together and identify gaps in the overall security
posture of the grid,” said Mark Weatherford, vice president and chief security
officer at NERC. “Most importantly, it will provide data to help the electricity
sector focus resources to better address cybersecurity issues.”

GridEx, modeled after the Department of Homeland Security’s CyberStorm
exercise series, allowed participants to respond to scenario events as they
would in the case of a real-time incident. This will enable participants and
leadership to assess, test and validate existing crisis response plans; and to
adjust plans as needed in an exercise setting.

Participants included NERC and Regional Entities, electric sector utilities,
Department of Energy, Department of Homeland Security and Department of
Defense, as well those from the Federal Energy Regulatory Commission and
Canadian agencies. For more information on NERC’s cybersecurity program,
click here or visit NERC’s website at www.nerc.com.

Original post

Leave a Comment

Leave a comment

Leave a Reply