Today, it is not a matter of if there will be a cyber or physical attack. It is a matter of when. Hackers are more sophisticated and despite companies’ best efforts to prevent these incidents, the focus has shifted to managing these risks by improving our defenses. In today’s world, we know that anything can happen. How quickly we respond to an event affects our customers, our reputation and the reliability of the power grid. Our approach is to deter, detect, delay and respond if an event occurs.
In 2015, AEP created the position of Chief Security Officer (CSO) to strengthen AEP’s governance of enterprise security and ensure greater coordination of efforts, use of financial and operational resources, compliance with regulations and employee awareness. The CSO reports to the Chief Operating Officer.
We believe that the best security program we can have for the electric power grid is to maintain a resilient grid. We need to be prepared when incidents occur so that business can continue and we can protect the reliability of the grid. Where our focus was once directed primarily on prevention, today we are increasingly focused on how we respond when an incident does occur. One way we are doing this is the adoption of the nationally-known Incident Command System (ICS) for disaster preparedness and responsiveness. Used by the military, government agencies and other energy companies, ICS provides a consistent and proven crisis response platform to support business continuity and underpins AEP’s emergency restoration plan. ICS is being integrated into business continuity plans across AEP.
Another line of defense for AEP and the electric power industry is having a national inventory and access to critical spare parts for the power system. Grid Assurance™, an industry initiative led by AEP and several other companies, addresses vulnerabilities in the nation’s grid that were emphasized in a U.S. Department of Energy (DOE) report. In it, the DOE cited current grid protections as potentially inadequate “to address the security and reliability concerns associated with simultaneous failures of multiple high-voltage transformers.”
Grid Assurance will expedite responses to major events that damage the power grid – naturally or intentionally – by providing transmission-owning subscribers faster access to vital spare transmission equipment. This equipment, such as transformers and circuit breakers for substations, often requires lengthy production and delivery lead times. The expansion of existing inventory of spare equipment in the United States is important to assuring the resiliency of the nation’s electric grid.
Grid Assurance services will complement the Edison Electric Institute’s existing Spare Transformer Equipment Program (STEP), which can provide utilities access to transformers after a presidential declaration of a national emergency caused by terrorism. Grid Assurance will offer subscribers equipment (transformers, circuit breakers and other items) from an inventory that will meet their needs after a broader spectrum of qualifying events. In March 2016, Grid Assurance received approval from the Federal Energy Regulatory Commission (FERC) to move forward.
Planning for the unknown is difficult at best. But the stakes are high and the potential threat has led to new standards for cyber and physical security of the grid from the North American Electric Reliability Corporation (NERC). The next major revision of the NERC Critical Infrastructure Protection (CIP) Standards becomes effective July 1, 2016. The new Standard expands protections against physical and cyber-attacks on the power grid. AEP hosted its second NERC Reliability & Compliance summit in April 2016, bringing together executives from AEP, NERC and Regional Entities to which we belong, to focus on the evolving reliability/security regulatory environment and strategies to keep AEP’s compliance program in sync with the changes.
In July 2015, FERC approved a new physical security reliability standard (CIP-014), requiring owners and operators of transmission facilities to protect critical transmission substations and control centers whose damage by physical attack could threaten reliability of the system. In response, AEP classified its substations into tiers based on the critical nature of the equipment to determine the level of security needed. This tiered approach allows us to design security controls directly in to new infrastructure from the start, building the costs into capital projects as needed. It is a measured approach that allows us to be more proactive with existing and new infrastructure while balancing risk and cost.
AEP has designed a Security Awareness Training program for all employees covering physical and cybersecurity risks. The training is updated periodically to meet emerging cyber and physical threats and it places a shared responsibility for security with employees and the company.
We are also pushing cyber security deeper into the supply chain. We are working with our vendors to determine the level of security they have in place to understand and identify areas of vulnerability. We use surveys, questionnaires and other assessment tools to evaluate the risk they pose to AEP before we sign a contract. This approach allows our business units to better understand the risks so they can make more informed decisions about the level of risk they are willing to assume.