Senior decision-makers come together to connect around strategies and business trends affecting utilities.

36,497 Members

WARNING: SIGN-IN

You need to be a member of Energy Central to access some features and content. Please or register to continue.

Post

In Illinois, utility regulators are playing bigger role in smart-grid cybersecurity

Photo ByDepartment of Defense

Written By

Internet-connected sensors and software are helping utilities better manage loads, but they also create new vulnerabilities.

Growing exposure to smart-grid-related cybersecurity risks is forcing state regulators to play a bigger role in preparing utilities for potential threats.

The nation’s increasingly networked electric grid is helping utilities to more efficiently manage loads, including from variable renewables. As data-collecting, internet-connected meters and sensors become ubiquitous, though, they’re also creating new vulnerabilities: countless entry points to be exploited by hackers.

The Illinois Commerce Commission opened its Office of Cybersecurity and Risk Management two years ago. It remains a unique example of how utility commissions are approaching cybersecurity.

In late 2017 and 2018, the office brought electric, telecommunications, gas and water utility officials together into one room to practice responding to a fictional, but realistic, emergency. The tabletop exercises are part of the office’s larger goal of facilitating cross-sector collaboration so utilities can learn from each other.

“There are some big utilities in Illinois, and we got them together,” said Dominic Saebeler, the ICC’s director of cybersecurity and risk management. Utilities practice emergency protocols on their own, he said, but the goal of the exercises was to get them all in the same space, dealing with specific obstacles. For example, Saebeler said, “How would you respond to a weather event that also has a cyber part to it?” He was hesitant to give exact details to avoid tipping off hackers to potential risks, he said.

Planning for the first exercise, held in December 2017, began the summer before, when Saebeler and colleagues discussed the possibility of hosting the event with Illinois’ utilities. Once he knew utilities were receptive, he took the next three months to develop a Monopoly-like game board depicting a fictitious Illinois city resembling the service territory of any of the state’s utilities. To decide on the emergency scenarios, he used subject matter experts from the utilities, who told him whether specific situations were realistic.

He also approached emergency management officials — for example, the Illinois Emergency Management Agency, first responders and hospital officials — to gather feedback about what they’d ask of utilities in potential cyber-related emergencies. When Saebeler began planning for the second exercise, held this past December, he used the same game board with minor tweaks and new scenarios.

Read More

ENN Contributor's picture

Thank ENN for the Post!

Energy Central contributors share their experience and insights for the benefit of other Members (like you). Please show them your appreciation by leaving a comment, 'liking' this post, or following this Member.

Discussions

No discussions yet. Start a discussion below.

Get Published - Build a Following

The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.

If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.

                 Learn more about posting on Energy Central »