The Platform


The U.S. power grid is especially vulnerable to natural and man-made disasters.

The U.S. electrical grid is a complex, interconnected network of technologies focused on power generation, transmission, distribution, systems control, and communications. Some have called it the largest and most complicated machine ever built.

Over the past decade, the grid has been damaged by natural disasters, such as severe storms, and malicious events perpetrated by humans, such as physical and cyberattacks. Cyberattacks are a growing concern, since Iran, North Korea, China, and Russia have been caught trying to tamper with U.S. utility infrastructure, breaking into such facilities with an eye toward disabling mission-critical systems. Based on federal law enforcement and intelligence agency statements, it seems that Russia and China have managed to succeed, at least on a small scale, with grid disruption activities.

Increasingly, it seems the work of ensuring a reliable energy supply for the future hinges on a difficult problem: protecting a vulnerable and aging energy grid. Government and industry executives have come to appreciate how susceptible to cyberattacks many of the grid’s core elements have become. Attacks out of Russia have been nearly constant during the past few years, and a 2016 Kremlin attack has been widely studied.

As threats to the grid grow and become more sophisticated, the electric power industry is becoming focused on strengthening its defenses. Today, some leaders in the electric power industry are working with the nonprofit Edison Electric Institute (EEI) through a series of initiatives to safeguard the energy grid from threats. These EEI member companies are partnering with federal agencies to improve sector-wide resilience to cyber and physical threats.

To strengthen its own private-sector capabilities, the industry collaborates with partners offering specific assistance, including the National Institute of Standards and Technology, the North American Electric Reliability Corp., and many federal intelligence and law enforcement agencies such as the FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency. EEI says that its own member companies “invested more than $25 billion in 2021 in adaptation, hardening, and resilience initiatives to strengthen the nation’s transmission and distribution infrastructure.”

One industry-government partnership is the CEO-led Electricity Subsector Coordinating Council (ESCC), which is the principal liaison between the federal government and the electric power industry on efforts to prepare for and respond to national-level disasters, including cyber threats to critical infrastructure. The ESCC works across the entire electricity industry with the Electricity Information Sharing and Analysis Center (E-ISAC), which only works with utilities. The goal is to develop actions and strategies that help protect the U.S. grid and prevent a spectrum of threats from disrupting electricity service.

The ESCC represents all segments of the industry: CEOs and executives from electric companies, public power utilities, rural electric cooperatives, and trade association leaders. Through the ESCC, the industry works closely with its government counterparts, including senior administration officials from the White House, federal agencies, and law enforcement and national security organizations. Canadian electric company executives are also represented due to the international makeup of the North American energy grid.

Planning and exercises are critical elements of the national strategy for emergency situations. Electric companies regularly prepare for a variety of situations that could impact their ability to provide electricity during emergencies.

We know that the different key components of the U.S. electric grid are vulnerable to cyberattacks. A successful malicious act is quite likely to result in catastrophic, widespread, lengthy blackouts and other losses of electrical services. Foreign and domestic adversaries have the capability to launch cyberattacks that could disrupt critical infrastructure.

Grid owners and operators, many of which are small- to medium-sized companies, have to overcome many obstacles to counter this threat. A 2019 Government Accountability Office review of cybersecurity risks faced by the grid identified five of the most significant challenges: Hiring a sufficient workforce; limited sharing of classified threat information between the public and private sectors; resource constraints; reliance on other critical infrastructure vulnerable to cyberattack; and uncertainty about how to implement cybersecurity standards and guidance.

This article was originally posted in Electrical Contractor Magazine.

While advocating for systemic change over 4 decades, Gordon Feller has been called upon to help leaders running some of the world’s major organizations: World Bank, UN, World Economic Forum, Lockheed, Apple, IBM, Ford, the national governments of Germany, Canada, US – to name a few. With 40 years in Silicon Valley, Feller’s 300+ published articles cover the full spectrum of energy/environment/technology issues, reporting from more than 40 countries. Obama/Biden appointee to Federal comm. on innovation; Global Fellow at The Smithsonian; Winner: Prime Minister Abe Fellowship, Japan.