Overview

Protecting the nation’s energy grid and ensuring a reliable supply of energy are top priorities for America's electric companies. The energy grid is a complex, interconnected network of generation, transmission, distribution, control, and communication technologies, which can be damaged by natural events—such as severe storms—and by malicious events, such as cyber and physical attacks.

Today, the electric power industry is forging ahead with a series of initiatives to safeguard the energy grid from threats and is partnering with federal agencies to improve sector-wide resilience to cyber and physical threats. The industry also collaborates with the National Institute of Standards and Technology, the North American Electric Reliability Corporation, and federal intelligence and law enforcement agencies to strengthen its capabilities.

As threats to the grid grow and become more sophisticated, the industry remains committed to continuing to strengthen its defenses.

Protecting the Energy Grid for Customers

Electric Distribution System Cybersecurity Is Critical in Today’s Interconnected Society

Key Facts

~$30 billion in 2022
AHR INITIATIVES
EEI member companies invested nearly $30 billion in 2022 in adaptation, hardening, and resilience (AHR) initiatives to strengthen the nation’s transmission and distribution infrastructure.
Industry-Government Partnership
ELECTRICITY SUBSECTOR COORDINATING COUNCIL (ESCC)
The ESCC serves as the principal liaison between the federal government and the electric power industry, with the mission of coordinating efforts to prepare for, and respond to, national-level disasters or threats to critical infrastructure.
Planning and Exercises
emergency situations
Electric companies plan and regularly exercise for a variety of emergency situations that could impact their ability to provide electricity.

Electricity Subsector Coordinating Council (ESCC)

The Electricity Subsector Coordinating Council (ESCC) serves as the principal liaison between leadership in the federal government and in the electric power sector, with the mission of coordinating efforts to prepare for national-level incidents or threats to critical infrastructure.

Protecting the energy grid from threats that could impact national security and public safety is a responsibility shared by both the government and the electric power sector. The ESCC facilitates and supports policy- and public affairs-related activities and initiatives designed to enhance the reliability and resilience of the energy grid. These activities include all hazards, steady-state preparation, and emergency preparedness, response, and recovery for the nation’s electricity sector.

ESCC Web site

ESCC Brochure

ESCC Ransomware Preparedness

Cyber Mutual Assistance Program

Protecting the Energy Grid Against EMPs and GMDs

Protecting the nation’s energy grid and ensuring a reliable and affordable supply of energy are top priorities for America’s electric companies. The energy grid’s complex, interconnected technologies may be impacted by bursts of electromagnetic energy, such as naturally occurring geomagnetic disturbances (GMDs) or malicious, man-made electromagnetic pulses (EMPs). To address these potential hazards, the electric power industry is working hard to enhance the resilience of the energy grid, to mitigate the potential impact of an EMP, and to accelerate recovery from potential incidents.

In response to the low-likelihood, high-consequence threat of a high-altitude EMP (HEMP) to the energy grid, the electric power industry is working with the Electric Power Research Institute (EPRI) and with our government partners to better understand the impacts of a HEMP. This research helps us to make scientifically informed investment decisions for mitigation measures and to identify ways to leverage existing response and recovery programs and capabilities.

EEI Statement on EMP Executive Order

Grid Security: Protecting Against EMPs and GMDs

EEI Statement on EPRI’s New Report on the Potential Impact of an Electromagnetic Pulse on the Electric Transmission System

EPRI EMP Report & Grid Security: Key Messages

Mitigating the EMP Threat – by Dr. Michael Howard, President and CEO, EPRI (Electric Perspectives, May-June 2019)

Model Procurement Contract Language Addressing Cybersecurity Supply Chain Risk

To facilitate managing cybersecurity supply chain risks, a committee of representatives of EEI member companies developed this model to align cybersecurity requirements and to encourage adoption by the vendor community. Recognizing the importance of procurement in managing supply chain risk, the member companies who developed the model focused on the processes required by the NERC supply chain risk management reliability standard—CIP-013-1—and they also included language that goes beyond this requirement with the goal of improving cybersecurity. The model is a starting point for negotiations with vendors and service providers—it should not be considered a best practice or requirement, and it can be adopted/adjusted as appropriate. Version 3.0 released in October 2022 reflects evolving industry best practices, including refinement of industry standards, it adjusts notification timeframes and other time-specified requirements, and it modifies language where appropriate.

Model Procurement Contract Language Addressing Cybersecurity Supply Chain Risk

Security Matters

Security Matters is a recurring article series in EEI’s Electric Perspectives magazine.
Remove component.

Members-Only Resources

EEI Issue Communities

The EEI Security Issue Community provides members with an online forum to facilitate policy development, information exchange and networking. Members can communicate and share ideas, participate in discussion forums, send email blasts, create file libraries, organize conference calls, and keep track of important dates and upcoming events.

Learn More

Additional Resources