Does Practice Make Perfect? Lessons Learned from Full-Scale Power System Incident Response Exercise
Vložit
- čas přidán 29. 08. 2024
- While threats to the energy sector occur daily, few utilities get the opportunity to fully test out their detection and response mechanisms to advanced threats in the real world. With the high demand for reliability, few grid operators would allow execution of simulated cyber-attacks on their live systems. The DOE-funded Liberty Eclipse project offers a unique opportunity for small and large utilities and coops to practice their combined IT/OT responses to a live red team executing attacks against an isolated power system on an island in New York. Both cyber teams and power operations teams must work together to detect and respond to attacks, even restoring the power system against extreme impacts. Lessons learned from these exercises reveal key takeaways for understanding what a real attack against the electric sector will look like, gaps in execution of the best-laid plans when the pressure of a real event is bearing down, and how organizations can better prepare for advanced attacks by optimizing participation in exercises. This presentation will discuss successes and opportunities for improvement both in how utilities can prepare for and respond to events, as well as how full-scale IT/OT exercises can be coordinated.
SANS ICS Security Summit 2024
Does Practice Make Perfect? Lessons Learned from Full-Scale Power System Incident Response Exercise
Megan Culler, Power Engineer & Researcher, Idaho National Laboratory
View upcoming Summits: www.sans.org/u/DuS
