Speakers at a SERC Reliability-hosted webinar praised the commitment by utilities and other stakeholders to address the grid’s ongoing and emerging risks but warned that their adversaries also remain inventive and committed.

“There’s this saying, ‘A rising tide lifts all boats,’” Chad Kitchens, senior lead analyst at Entergy, said at the regional entity’s 2026 Regional Risk Webinar on March 10. “It seems every year the tide is coming in higher, and we have to keep our head above water, [which] requires a greater investment in newer technologies [and] newer control measures.”

The webinar focused on risks identified in SERC’s biennial Regional Risk Report, last released in 2025 and covering the years 2024 to 2026, with a focus on extreme physical events including sabotage and attacks, and exploitation of cybersecurity vulnerabilities. (See Weather, Supply Chain Top SERC Risk Rankings.) Participants included security specialists from electric utilities, law enforcement and consulting firms.

In the first panel, Kitchens joined Jon Carstensen, utilities vertical manager at security firm IQSIGHT, and Mike Hazell, private sector coordinator for the Florida Fusion Center, an information-sharing program managed by the Florida Department of Law Enforcement, to discuss the industry’s response to physical threats. Hazell warned listeners that recent news about attempts by violent extremists to target electric infrastructure showed “the age of security through obscurity is over for us.”

“As the industry adapts and starts to invest in [security], our adversaries are also adapting, and they’re adapting to the point where they’re doing deliberate targeting,” Hazell said. “They are doing the research to understand what … a critical asset is for, not only the energy sector, but the sectors that have interdependencies with the energy sector.”

Hazell pointed to a worrying trend of extremists borrowing tactics and even motivations from each other in what he called “a salad bar approach to rhetoric and ideologies.” He said the attack in February by a New York man against a substation in Boulder City, Nev., was an example of this development.

After Dawson Maloney of Albany, N.Y., drove his rented car, loaded with weapons, through the substation fence and killed himself with a shotgun, authorities found several documents in a hotel room he rented, including military pamphlets on improvised weapons, books on magic from the 17th century and novels promoting white supremacy and terrorism. (See Police, FBI Seeking Motive in Nevada Grid Attack.)

Hazell said the incident shows the need for collaboration among utilities, law enforcement and the cybersecurity community “to outpace our adversaries” by sharing threat intelligence while protecting sensitive information that adversaries could use for their attacks.

Kitchens agreed that “we have to up our game,” suggesting that utilities consider machine learning and artificial intelligence technology to help keep up with threats. As an example, he mentioned video monitoring systems with analytic functions that can classify observed objects and notify operators to anything out of the ordinary.

“I think the biggest thing that I’m excited about is just being able to [use] those analytic and AI capabilities to filter out the noise that traditionally you get when you do that,” Kitchens said. “It’s making more efficient use of the people you have, which allows you the potential to ingest more sites into your [security operations center] and provide a larger sense of protection.”