The North American Electric Reliability Corporation (NERC) will conduct its second sector-wide grid security exercise, GridEx 2013, from November 13-14. The geographically distributed exercise is designed to prepare the electricity sector to respond to a cyber incident and strengthen utilities’ crisis response functions.
This is the second GridEx exercise. For the first GridEx in 2011, 75 industry and government organizations from the United States and Canada participated. NERC’s objectives for GridEx II are:
• Exercise the current readiness of the electricity industry to respond to a security incident, incorporating lessons learned from GridEx 2011.
• Review existing command, control and communication plans and tools for NERC and its stakeholders.
• Identify potential improvements in physical and cybersecurity plans, programs and responder skills.
• Explore senior leadership policy doctrine and triggers in response to major grid reliability issues.
GridEx II will involve hypothetical exercises as well as discussion among geographically distributed operators as well as a a tabletop exercise for executive leadership. The majority of participants will take part from their normal work environments. During the one and a half days of the live exercise play, participants will receive sequenced email messages that detail scenario conditions. Based on this information, participants will engage in both internal response measures and external information sharing activities. An Exercise Control cell, based in Washington, DC, will manage scenario distribution, monitor exercise play and capture response activities.