Phoenix Convention Center • Phoenix, Arizona When Prevention and Preparation May Not be Enough: Resilience and Recovery for the Electricity Sub-Sector Operational Resilience and Recovery ] David Batz Director, Cyber & Infrastructure Security Edison Electric Institute August 12, 2015
14
Embed
Phoenix Convention Center Phoenix, Arizona When Prevention and Preparation May Not be Enough: Resilience and Recovery for the Electricity Sub-Sector Operational.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Phoenix Convention Center • Phoenix, Arizona
When Prevention andPreparation May Not be Enough:Resilience and Recovery for the
Electricity Sub-Sector
Operational Resilienceand Recovery
]
David BatzDirector, Cyber & Infrastructure Security
Edison Electric InstituteAugust 12, 2015
Energy Exchange: Federal Sustainability for the Next Decade
Edison Electric Institute
U.S. investor- owned electric companies
Our members:Represent 70% of US
Power IndustryProvide electricity for
220 million AmericansOperate in all 50 states
and DCEmploy more than
500,000 workers
Energy Exchange: Federal Sustainability for the Next Decade
• Engineered for fault tolerance• In the face of failure scenario:
RespondRestoreRecover
Bulk Electric System Resilience
4
Metcalf Incident April 16, 2013 WSJ 2/2014
Assault on California Power Station Raises Alarm on Potential for Terrorism
Sniper Attack On Calif. Power Station Raises Terrorism Fears
High-Powered Attack On PG&E Substation Raises Concerns About Combined Threats to Grid
U.S. Risks National Blackout from Small-Scale Attack
Energy Exchange: Federal Sustainability for the Next Decade
International Resilience
• Voluntary Program• Provides access to transmission and
generation step-up (GSU) transformers and related equipment, including bushings, fans, and auxiliary components.
• An Online tool to– Communicate equipment needs– Identify points of contact for
equipment• Utility-to-Utility arrangements are made offline
Energy Exchange: Federal Sustainability for the Next Decade7
• Transformers and other critical, long lead-time equipment• Qualifying events like physical attacks, electromagnetic pulses,
solar storms, cyberattacks, earthquakes and severe weather events
• Industry-based initiative that plans to own and maintain equipment at secure, strategically located warehouses, and to offer additional logistics support to expedite equipment transportation to impacted sites. Grid Assurance will not be FERC-regulated, but plans to charge cost-based subscription fees, similar to FERC-regulated transmission, to facilitate subscribers’ ability to recover expenses.
Grid Assurance
Energy Exchange: Federal Sustainability for the Next Decade
EEI Threat Scenario Project
Energy Exchange: Federal Sustainability for the Next Decade
• Coordinated Cyber Attack• Advanced Persistent Threat • Disruption of Voice and Data Services • Coordinated Physical and Cyber Attack • Insider Sabotage • Pandemic• Supply Chain Disruption or Compromise • Catastrophic Human Error• Intentional Electromagnetic Interference• Distributed Denial of Service
Identification of Top Threats
Energy Exchange: Federal Sustainability for the Next Decade
Spectrum of Threat Actors• Nation States (and their surrogates)
• Sophisticated Terrorist Organizations (and their surrogates)•Mercenary Criminal Organizations
• Domestic Extremist Organizations (and their surrogates)• Elite Hacker Organizations• Co-opted Third Party Maintenance
Providers• Disgruntled Insiders
(as well as threat-specific variations of the above actors)
Energy Exchange: Federal Sustainability for the Next Decade
Your Turn: Questions
Energy Exchange: Federal Sustainability for the Next Decade12
Backup Slides
Energy Exchange: Federal Sustainability for the Next Decade