The federal government shutdown had “no notable impact” on logistics or planning for the upcoming GridEx VIII grid security exercise. ERO stakeholders, including Michael Ball, the new CEO of the Electricity Information Sharing and Analysis Center, said during a Nov. 17 media call.
GridEx VIII runs Nov. 18-20, with the first two days dedicated to a distributed play portion and an executive tabletop scheduled for the final day.
Both sessions are based on a scenario “designed to reflect real-world cybersecurity and physical threats,” Ball said. The scenario includes climate change impacts such as wildfires and heat domes, and attacks coinciding with a major world sporting event, an E-ISAC official told a NERC committee in September. (See E-ISAC Updates NERC Committee on GridEx VIII Scenario.)
“Well over 15,000 participants” from more than 370 organizations have signed up to participate in this year’s exercise, Ball said, a significant increase from the 252 organizations that took part in GridEx VII in 2023. (See NERC Flags Communication, Coordination in GridEx VII Report.) Ball called the growth “a real testament to engagement by small- and medium-sized utilities,” which comprised 70% of the new participants.
Canadian involvement is up from the last GridEx as well, Ball said, reflecting “the interconnectedness between Canadian and U.S. operations.” The CEO also emphasized the involvement of companies across the “broad spectrum of interconnectedness with other [critical infrastructure] sectors,” particularly natural gas, water, wastewater and telecommunications.
“I think what’s really important is cross-border [engagement], not just in North America, but across industries … makes us even stronger,” Bell said. “That’s going to be an aspect of this [exercise], and it’s really an important mission overall … to ensure that reliability and resilience of the [grid], and its significant ties into the grid security focus.”
Tim Kocher, deputy director of the Department of Energy’s Office of Cybersecurity, Energy Security and Emergency Response, echoed Bell’s comments, saying that partnerships both within and beyond the energy sector “are crucial to the work that we do to advance energy … security and resilience across the board.”
“Just in 2023, CESER … sponsored or participated in 36 energy sector exercises … across cyber, physical and natural scenarios,” Kocher said. “So we know that it takes all of us coming together, each with our own authorities on the government side and capabilities with our energy sector partners to prepare for and respond to the complex threats facing the sector today. Ultimately, GridEx is not just an exercise: It’s a national commitment to resilience.”
Along with the government shutdown, GridEx VIII will also happen in the wake of significant changes to the critical infrastructure security picture, such as the expiration of the Cybersecurity Information Sharing Act of 2015 on Sept. 30 and the Trump administration’s decision to terminate the Critical Infrastructure Partnership Advisory Council in March. (See Lawmakers Divided on CISA 2015 Reauthorization.)
Ball acknowledged that the E-ISAC had “certainly tracked” the end of CISA 2015, but the law’s temporary expiration — it was renewed through Jan. 30, 2026, as part of the continuing resolution signed by President Donald Trump on Nov. 12 — had caused “no impact to the level of [information] sharing or design of the scenario.”
Edison International CEO Pedro Pizarro added that the administration had “efforts underway to consider replacements for” the information sharing protections in both CISA 2015 and CIPAC. Tri-State Generation and Transmission Association CEO Duane Highley said that during a “recent cyber incident,” his organization had found that “all those channels of communication” with the E-ISAC and the federal government remained “open throughout the shutdown.”
“This is critical stuff, and it still works,” Highley said. “So despite the [termination of] CIPAC, we still have means of being able to communicate those threats and share them.”
