The electric industry has performed well during the coronavirus pandemic but needs to improve its ties to state officials, maintain vigilance on cybersecurity and develop plans for operating control rooms remotely, NERC CEO Jim Robb said Thursday.
“I know my workforce feels very, very stressed in the environment that they’re in because they don’t have the normal work hours that going to and from the office created and because of people having to communicate more electronically,” Robb told attendees of WIRES’ virtual Summer Meeting, adding that NERC’s email traffic increased by 500% in April over February.
“That creates a lot of opportunity for opportunistic actors to play on anxiety and just the distraction that people have” through phishing emails, such as those spoofing Johns Hopkins’ website “saying, ‘click here for the latest information on COVID in your state,’” Robb said. “You can’t take your eyes off the ball for a second. … Our adversaries were very, very active, and I think all of the work that the sector has done to prepare appropriate cyber defenses and encourage proper cyber hygiene among its staff has also served us very, very well.”
Improved Collaboration
Robb said he was pleased with the improved collaboration and cooperation between FERC, the Department of Energy, the Department of Homeland Security, the FBI and NERC and its Electricity Information Sharing and Analysis Center (E-ISAC).
“Relationships across those entities haven’t always been perfectly smooth by any stretch of the imagination. But I think everybody came together during this period of crisis to really work together for the common good,” he said. “The level of information coming out of the government that we could share with the industry through the ISAC is I think at an all-time high in the last three to four months.”
Joseph McClelland, director of FERC’s Office of Energy Infrastructure Security, told the conference that the “unprecedented mass telework,” combined with the use of new procedures and tools, created “a perfect storm” of cyber risks.
He also praised the collaboration between the federal government and NERC, citing the role of the E-ISAC and DOE’s Office of Cybersecurity, Energy Security and Emergency Response (CESER) in distributing information to industry.
“The intel we received, particularly from the Department of Energy … has been timely and very actionable. We’ve been able to share that intel between agencies as well as with NERC and the ISAC. And in turn, the ISAC would share back with us,” McClelland said. “I think adversaries do well when there’s walls and separation between the entities that are affected. COVID, for one reason or another, has helped really dismantle the walls. I’d really like us to build on the models we’re using now and take that further if we can.”
While the industry’s collaboration with federal agencies has improved, Robb said the pandemic highlighted a need to also strengthen relationships with state officials. “One of the things we learned was many things happen at the state level as opposed to the federal level. I think more attention needs to be paid to building … relationships between the asset owners and operators and emergency response departments and infrastructures in the states,” he said.
New Dimension to Resilience
The pandemic has also added a new dimension to the concept of resilience, Robb said. “Most of the time when we think about resilience, we’ve always thought about the physical characteristics of the grid: Do we have enough redundancy built into it? Are we able to recover quickly? I think what this event has taught us is the importance of the resilience of the workforce — the ability to get people quickly into safe places to continue to perform their critical operations.”
The industry isn’t well equipped to deal with “what would happen if you couldn’t get workers isolated safely in a control room and you actually had to run your system remotely,” Robb said. “We published some guidance through the ISAC on how that could be done securely. But I think that’s one of the lessons learned coming out of this: that we spend much more time on which is the way to actually operate the system from a remote posture.”
Disrupted supply chains also are a concern for NERC — for both personal protective equipment and supplies needed for electrical maintenance and repairs. Although the industry hasn’t faced major problems thus far, Robb said, “people are going to have to think about inventory management differently.”
Continuity plans will need to be revised based on lessons learned, he said. NERC’s 2010 report on high-impact, low-frequency event risks included a chapter on pandemic planning.
“I think it was a great starting point for the industry, but I don’t think any of us, when that was put in place, contemplated something as long-lasting and impactful and devastating as the COVID [pandemic] has been. I think at the end of this — whenever the end is — we will need to take a very thorough look back and log all the things that we wish we had done earlier on,” Robb said.
“Everybody had pandemic plans. They were all exercised on occasion. I think now that we’ve lived through [COVID-19], we might exercise those with more purpose than we might have before.”