Speakers at NERC’s annual GridSecCon security conference on Wednesday urged their colleagues to get involved in the Electricity Information Sharing and Analysis Center’s (E-ISAC) biennial GridEx security exercise, with one panelist calling the event a “perfect opportunity” to test emergency operations plans in a highly realistic setting.

Like last year’s event, GridSecCon 2022 was held online because of lingering concerns over the COVID-19 pandemic. (See GridSecCon Panelists Share Cyber Supply Chain Fears.) NERC, the E-ISAC and ReliabilityFirst hosted this year’s conference.

The ERO holds GridEx every two years. Each exercise consists of two parts: a two-day distributed play in which participants across the country work a core scenario developed by the E-ISAC and customized by each organization, and an executive tabletop hosted for leadership of various organizations, including investor- and publicly owned utilities, government entities, and grid operators, as well as representatives from other industries.

Last year’s GridEx VI saw participation in the distributed play portion of the exercise decline for the first time since the event was first held in 2011, which organizers attributed partly to the pandemic and partly to changes in how participants were counted. (See NERC: GridEx Lessons Already In Use.) NERC confirmed earlier this year that planning is already underway for next year’s GridEx VII, which is scheduled for Nov. 14-15, 2023.

This year’s GridSecCon featured two separate panels focused on the security exercise. The first focused on recommendations from GridEx VI, while the second dealt with preparations for GridEx VII and the threats that it will need to consider.

“One of the neat things about GridEx is its amazing flexibility,” Peter Grandgeorge, state national security and resilience programs adviser at Berkshire Hathaway Energy, said in the first session. “And this is part of why I think it’s so successful across the board, and it’s why we’re here today talking about it, because this exercise keeps building … both in the sheer amount of folks involved, but also in depth.”

Grandgeorge and his fellow panelist Lance LaBreck, CAISO’s business continuity manager, noted how the exercise had grown since their organizations began to participate. Grandgeorge reminisced about “sitting around a table [with] about 50 folks” the first time BHE participated in the distributed play in 2013, a number that had grown to 600 by GridEx VI.

LaBreck said one of the most satisfying elements of the evolution of GridEx over the years is its expansion to include stakeholders beyond the electricity industry itself, with input now welcomed from government bodies and other infrastructure sectors like natural gas and telecommunications. He said exercises like this are an opportunity to build relationships with these players so that a utility’s emergency personnel are not meeting them for the first time during a crisis.

“The key part I try to bring up again and again, focused specifically to the electricity subsector, is [that] we are all interconnected … what’s upstream and what’s downstream of us,” LaBreck said. “And if we don’t leverage this training opportunity … at every level we can within the organization, it’s a missed opportunity. There is no other place where you have the ability to bring in your incident command, your cyber and physical security components, [and] your operators to work together internally [and also] to interface with your state emergency management agency [and] your local county … to leverage that relationship.”

In the second panel, Jesse Sythe, the E-ISAC’s GridEx program manager, said the organization’s intent with the exercise is to foster a “train-like-you-fight, fight-like-you-train mentality.” Adrienne Lotto, senior vice president of grid security at the American Public Power Association, said utilities should take advantage of the training opportunity and not be afraid of exposing weaknesses in their defenses.

“I guarantee … you will find gaps and lessons learned. But that’s OK,” Lotto said. “It’s all part of the continuous process to improve, and I think there’s always value to be driven from the exercise.”