CONFERENCE On Demand: Cyber AI & Automation Summit - Watch Now
Connect with us

Hi, what are you looking for?


Training & Awareness

250 Organizations Take Part in Electrical Grid Security Exercise

Over 250 organizations take part in GridEx VII, the largest North American exercise focusing on the security of the electrical grid.

GridEx VII security exercise

More than 250 organizations took part last week in GridEx VII, the seventh edition of the biennial exercise focusing on the security of the electrical grid in the United States and Canada.

GridEx is organized by the Electricity Information Sharing and Analysis Center (E-ISAC) at the North American Electric Reliability Corporation (NERC) and is the largest grid security exercise in North America.

GridEx VII focused on testing crisis response and recovery plans for cyber and physical threats targeting the electrical grid.

A report detailing the exercise and lessons learned, which will help improve the security of the grid, is expected to be released in the first quarter of 2024. 

The report published for the 2021 GridEx exercise revealed that the previous edition’s objectives included strengthening coordination between the US and Canada, as well as coordination between the electric sector and the natural gas and telecoms sectors. 

Other objectives focused on the handling of misinformation, and response to a supply chain-based compromise of critical components. 

Attacks aimed at power grid systems are not uncommon. Mandiant reported recently that the notorious Russian threat group Sandworm used novel OT attack techniques in an operation that caused an unplanned power outage in Ukraine. 

In September, Symantec reported that a China-linked threat actor maintained access to a compromised national power grid in Asia for as long as six months. 

Advertisement. Scroll to continue reading.

Related: Security of North American Energy Grid Tested in GridEx Exercise

Related: US Electric Cooperative Association Launches Commercial OT Security Solution

Related: FERC, NERC Conduct Study on Cyber Incident Response at Electric Utilities

Related: US Announces $70 Million Cybersecurity Boost for Rural and Municipal Utilities

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Training & Awareness

Google has announced a new training program for cybersecurity analysts and those who graduate will get a professional certificate from Google.

Management & Strategy

750 cyber specialists have participated in Defence Cyber Marvel 2 (DCM2), the biggest military cyberwarfare exercise in Western Europe.

Management & Strategy

Addressing the people problem with effective approaches and tools for users and security practitioners will enable us to work smarter, and force attackers into...

Management & Strategy

Tips for making a presentation that will help improve the state of security programs and reflect favorably on the presenters and their companies


Security awareness training isn’t working to the level it needs to. Social engineering, however, is getting better. Why doesn’t awareness training work, and how...


The PCI Security Standards Council (SSC), the organization that oversees the Payment Card Industry Data Security Standard (PCI DSS), this week announced the release...

Management & Strategy

UK-based cybersecurity training solutions provider Immersive Labs announced on Wednesday that it has raised $66 million in new capital.