At PJM Interconnection, I have the privilege of leading a team of information technology professionals on the daily mission of ensuring reliable electricity across 13 states and Washington, D.C., to power life as we know it in the modern world.
Serving the electricity needs of 65 million people is a critical job that never stops. As part of that ongoing mission, cyber and physical security are critical to the life, health and safety of PJM’s customers. It is a reality that the energy industry is confronted daily by threat actors trying to wreak havoc, especially on the electrical grid. PJM, the electric industry and federal and state governments make security a priority to ensure optimum preparedness and response. Our systematic risk management approach embraces collaboration and coordination to identify, protect, detect, respond and recover from threats.
While I have extensive experience in the cybersecurity field, my experience as a wrestling coach for more than two decades has taught me valuable lessons about defending yourself against a relentless opponent and learning how to defeat them. I have seen athletes competing against wrestlers of all sizes and strengths, including disabled athletes who excelled on the mat.
You Are the Defense
As operators of the bulk electrical system, we must defend ourselves daily against individual attacks, and, like in wrestling, we are our own backup. But defending against adversaries is also a team sport. We work hard to develop a vigilant workforce. In the face of ever-changing threats, cybersecurity expertise is highly sought after. At PJM, we compete for the right people by robustly supporting education and career growth, and partnering with universities and many branches of the government for training and experience.
We also drive internal campaigns, drilling PJM’s entire workforce to train them how to detect email phishing attempts. We know how tough it can be to reverse a position, and we know we are only as strong as our weakest link. Equipping staff with skills, techniques and situational awareness helps keep the opponent in a defensive position.
Because the threats we face are constantly morphing and adapting, we know that the team approach extends beyond our walls. At PJM, we cultivate partners, internally and externally, who look at problems differently, including the Electricity Subsector Coordinating Council (ESCC), the Electricity Information Sharing and Analysis Center (E-ISAC) and the Cybersecurity Risk Information Sharing Program (CRISP), to name just a few.
This collaboration with different points of view is critically important. When our team has eyes on new ways to solve a problem, we improve our position to understand the ever-changing threat landscape.
Know Your Strengths, Weaknesses
It’s important to defend and navigate through obstacles by focusing on your own strengths and managing through your weaknesses. At PJM, we know the technology at our gates is constantly shifting, requiring us to wield innovative tools and approaches. We have to be ready to react to anything – including moves that we have never seen before from our opponents.
We also have experts in-house who constantly scour our systems for vulnerabilities. When we find weaknesses, we fix them. One of our new initiatives utilizes machine learning to recognize threats and report anomalies. Actors with malicious intent are increasingly armed with their own machine-driven forces to constantly probe system defenses. PJM wields artificial intelligence technology to aid in defending our systems. This is another layer of defense to help identify areas where we might be vulnerable.
PJM gains expertise and experience by testing our limits with trusted partners. PJM drills annually with our transmission owners and conducts practice sessions with industry and other critical players. Feedback from the emergency drills and tabletop practice sessions held over the years consistently reveals that valuable situational awareness for greater security relies on increasing the depth and weight of outreach, communication and coordination.
For example, PJM is preparing to collaborate on extreme attack scenarios this November. That’s when some 7,000 individuals and organizations, including utilities and stakeholders, will participate in GridEx V, a two-day, national exercise that gives participants the chance to show how they would respond to, recover from and communicate through coordinated cyber and physical security threats and incidents. With our trusted partners, we don’t compete on cybersecurity – we collaborate.
We strengthen our culture. We question our assumptions. We never stop learning. We regularly drill within our trusted network in the energy sector as well as the U.S. Departments of Homeland Security, Defense, Energy, the FBI and the Federal Energy Regulatory Commission. As we collaborate and coordinate with other regional transmission organizations across North America, we use our eyes and ears together against the constantly-evolving threats to our common interest.