In their annual media call April 4, NERC CEO Jim Robb and Electricity Information Sharing and Analysis Center (E-ISAC) CEO Manny Cancel said that while the reliability landscape continues to grow more complex, the ERO Enterprise is focused on grappling with any problems that might emerge.
The call covered a wide range of topics, including the in-progress Interregional Transfer Capability Study (ITCS) and last year’s GridEx VII security exercise, the report for which NERC also released this week. (See NERC Flags Communication, Coordination in GridEx VII Report.)
In his opening remarks, Robb said the ERO is “about halfway through” its three-year plan for 2023-2025 and that he feels “very good about where we are” and what it has accomplished so far. Nevertheless, he also acknowledged that NERC’s agenda has become full over the last year, with orders from FERC on inverter-based resources and cold weather standards and Congress’ mandate for the ITCS, which must be submitted to FERC by December.
Because of the new assignments, particularly the ITCS, NERC has had to reconsider its work plan priorities, and some of the activities that were planned for 2023 and 2024 could not be completed in the original time frame, Robb said. In addition, some of the new hires who were intended to work on the ERO’s work plan priorities were shifted to the ITCS.
“We did go back through our priorities and talked with the board and pushed a few of them off to this year and beyond,” Robb said. “One of the major ones we wanted to do was a comprehensive assessment of market rules and how they do — or in some cases, don’t necessarily — support reliability going forward. We decided that was something that was important to be done, but not as urgent as some other things.”
Robb emphasized that NERC has focused on making sure its added responsibilities, like the ITCS, don’t result in unexpected financial burdens for the registered entities that ultimately fund the ERO through its assessments. The added expenses for 2023 and 2024 were largely met by using the organization’s financial reserves, and the CEO added that “a few things have broken our way” concerning the ERO’s investments that have allowed it to “absorb the work.”
Robb also said that as the ERO works on next year’s budget, it has made a commitment not to “surprise [stakeholders] with anything next year” in terms of major financial deviations from the three-year plan.
E-ISAC Monitoring Active Threats
Cancel noted that the E-ISAC — which celebrates its 25th anniversary this year — has seen “significant ramifications” from global geopolitical issues such as Russia’s invasion of Ukraine and Israel’s military actions in Gaza, along with the ongoing tensions between Taiwan and China. These have manifested in a “dramatic increase in malicious cyber activity.”
The E-ISAC continues to view China as a “top cyber threat,” Cancel said, citing the Volt Typhoon hacking group that CISA said this year had been actively infiltrating U.S. infrastructure operators for at least five years. (See CISA Highlights China Threat in 2024 Priorities Report.) However, Russia, Iran and North Korea also “continue to demonstrate advanced capabilities” to undermine U.S. infrastructure through vulnerabilities on electronic networks. Cancel said these threats demonstrate the need for vigilance and effective internal network monitoring.
Physical security threats remain a top concern for the E-ISAC as well, with Cancel noting the organization reviewed more than 2,800 physical security events in 2023. He added that this number did not represent a “substantial increase beyond the elevated threat that started [in] 2022.” Cancel also observed that about 3% of the physical security incidents in 2023 affected the grid, but none led to cascading outages. The most serious incidents involved ballistic damage, theft, intrusion, tampering and vandalism.
Cyber and physical attacks were both part of the plan for GridEx VII, which Cancel noted involved 15,000 individual participants from 252 registered organizations in the two-day distributed play portion and 230 individuals in the executive tabletop. Cancel attributed the drop in participating organizations — with last year marking the smallest number of groups since GridEx II — to changes in “the way we count the participants,” but he said the number of individual attendees represented a significant achievement for the event.
“Fifteen thousand people across the U.S. and Canada … spent two full days participating. That’s quite a compelling statistic,” Cancel said. “And on the executive tabletop, we’ve seen no decrease there. We continue to get the CEO participation across the electricity sector in the United States and Canada, and I’m also very pleased that we get the appropriate leadership from the federal governments there as well.”