Electric cooperatives’ participation in North America’s largest cybersecurity tabletop exercise jumped by 120% after GridEx developers tailored options to increase participation by small utilities.

GridEx VIII, held Nov. 18-19, saw 77 electric co-ops join compared to 35 that registered for the biennial exercise in 2023.

"For GridEx VIII, we developed new participation options designed with small and medium utilities in mind, meeting them where they are and providing materials that can be easily adapted to fit their needs,” said Michael Ball, CEO of the Electricity Information Sharing and Analysis Center (E-ISAC), which runs GridEx under the North America Electric Reliability Corp.

"This led to a significant jump in participation, more than doubling the number of NRECA members joining the exercise compared to GridEx VII.”

NRECA and its Cybersecurity Member Advisory Group (CS-MAG) further leveraged the E-ISAC’s work to adapt the materials and produce a live webinar of a five-hour simulated GridEx tabletop exercise conducted by a fictional utility, Uncanny Valley REA. The Nov. 18 webinar attracted an additional 140 co-op attendees, with 86 joining a roundtable discussion hour afterward.

“The NRECA GridEx observation webinar was conceived to demystify the complex GridEx exercise and to make it more accessible to cooperatives,” said Meredith Miller, principal data scientist at NRECA.

“NRECA and CS-MAG used the options tailored to small utilities by E-ISAC for this year’s GridEx and took that one-step further so that there was a zero-barrier approach to GridEx participation. We hope this leads to even more co-op participation in 2027.”

The NRECA observation webinar showcased the importance of having business continuity plans that involve the critical operations of every department for deliberate decision making during a cyberattack.

Louisville-based Kentucky Electric Cooperatives hosted the NRECA GridEx webinar and lauded the drill for its reinforcement of collaboration and preparation in a realistic environment.

“Hosting NRECA and the CS-MAG at our facilities allowed us to bring a national-level exercise directly into our cooperative environment,” said Chris Hayes, chief technology officer at the 26-member co-op statewide association. 

“It’s rare to have the time and structure to validate whether the actions you think you would take in a real incident actually align with how others would respond with varied backgrounds. That shared, end-to-end workflow provided insight that’s difficult to replicate through tabletop discussions alone. Most importantly, it created momentum that we’re excited to carry forward into future cybersecurity training and incident-response exercises.”

NRECA plans to build and incorporate additional resources around the simulation to aid co-ops in preparing for future GridEx participation.