Press Release

FOR IMMEDIATE RELEASE: March 29, 2012
CONTACT: Jen Neville, 720-962-7054, neville@wapa.gov

WESTERN TESTS CYBER SECURITY PROCEDURES

Two Western IT employees use laptops to create a cyber incident responce exercise
The IT team at Western’s office in Lakewood, Colo., hosts an exercise March 29 to test employees’ responses to a cyber secure concern.

LAKEWOOD, Colo.—Western conducted an agency-wide cyber incident response exercise today, March 29, with an observer from DOE’s Office of Electricity. In addition to making Western’s security stronger, this exercise satisfies mandatory requirements from North American Electric Reliability Corporation’s Critical Infrastructure Protection Program and the Federal Information Security Management Act of 2002.

Making sure issues are discovered and contained quickly is the Information Technology department’s main goal, since security of Western’s systems is vital to its ability to reliably deliver power to customers and communities throughout the West.

The exercise scenario: A vandalized-substation where no equipment was found missing but now discrepancies are showing up on some of the critical energy infrastructure. During the two-hour exercise, participants walked through how to determine what the cause was and to whom the situation should be reported.   

“We need to know why key decisions are made and when,” said Western’s Operations Center Manager Jim Ball.

“We want to be as realistic as possible; so we have the processes and procedures in place to be prepared for a real event if-and-when one occurs,” said Chief Information Officer Eun Moredock.

The exercise successfully verified Western’s procedures and gave maintenance staff, as well as IT and physical security employees an opportunity to practice the steps and communicate the necessary information when responding to cyber security incidents.

“This will make us better prepared in case of a real incident,” said John Work, the IT project manager who led the exercise.

-30-