A few weeks ago I was on Capitol Hill at an event sponsored by the Lexington Institute discussing the growing role of the National Guard in protecting the nation's critical infrastructure from cyberattacks -- specifically the electric power grid. Risks to US critical infrastructures are growing significantly; the Department of Homeland Security reported a seven-fold increase in cyber incidents on critical infrastructures between 2010 and 2015.
The ability to reliably generate and deliver electric power is foundational to modern civilization, and it is taken for granted by most of us. It is hard to imagine a more important function on which every individual, and the whole nation, depends. Those charged with the responsibility of protecting our critical infrastructures face great challenges. The electric power grid is highly distributed, with nearly 5,000 different entities of widely varying size and capacity generating and/or distributing energy.
Historically, the greatest threats to the reliable generation and delivery of energy were environmental such as major storms and natural disasters, but this is changing. Some portions of the grid are particularly vulnerable to physical attack. More significantly, the grid is the subject of increasing cyber penetrations and outright attacks. Last December, a relatively simple cyberattack on a portion of the Ukrainian power grid disrupted power to hundreds of thousands of customers.
A Growing Challenge
While there is general federal oversight and regulation of the electric power industry, most of the governance, regulation, and protection of the individual entities and their assets occur at the state and local level. Major technological and organizational changes -- notably the rise of distributed energy resources, the advent of the smart grid, and the creation of micro grids -- are changing the industry, adding more players and points of entry into the system. These changes are also increasing the difficulty of protecting the grid.
At the Lexington Institute event, I learned that the National Guard is uniquely positioned, in terms of authorities, responsibilities, and capabilities, to support the ongoing defense of the nation against such threats. The National Guard is state-based and able to respond across both state and federal lines of authority. Moreover, because they are embedded in their communities, National Guard units are particularly well suited to understanding and responding to local situations.
Quietly and without much public recognition, the National Guard has been developing a sophisticated capability for cyberdefense. In addition to meeting their defined requirements to support the active duty military, individual Guard units are shaping unique capabilities and operational concepts that reflect the specific conditions and needs of their states. Guard cyber units in California, Maryland, Wisconsin, and Washington, for example, have established collaborative relationships with local utilities. In some instances, Guard units and utilities have conducted joint exercises. Since no two states or utilities are exactly alike, this one-on-one collaboration is particularly important. It is also an approach well suited to the organization and operation of the National Guard.
With 54 states and territories, there is a real value to the National Guard as a laboratory for experimenting on ways to protect public and private infrastructure. Whether providing risk assessments, creating cyber centers of excellence, or collaborating with local companies on security training, the National Guard is always ready and always there.