Our commitment to protect our employees, customers, facilities and the reliability of our electric system includes safeguarding our assets against cybersecurity threats. As cyberattacks to the electric sector increase in number and sophistication, cybersecurity experts warn that the consequences of a successful attack could jeopardize public safety, as millions of households and businesses could be left without electricity.
We evaluate threats to our system’s communications network by employing Threat Intelligence Management to detect and enhance responses to cyberattacks. This approach improves our ability to work with government partners to strengthen system security and the resilience of critical infrastructure. Our enterprise cybersecurity program incorporates best practices, and we maintain compliance with federal and state regulations.
Our cybersecurity team is responsible for oversight, governance and direction, cybersecurity strategy, and awareness and training for all our employees and contractors. Employees and contractors with network accounts are required to take cybersecurity awareness and anti-phishing training annually. The cybersecurity team is also tasked with incident response and root cause analysis; vulnerability and risk assessments; regulatory compliance and patch management oversight; security application support; and support and configuration of cybersecurity hardware and software.
To support the need for continuous monitoring and detection, we created a Transmission Security Operations Center (TSOC) where we use a unique set of technologies to assess security events from a physical, cyber and operational technology perspective. The TSOC is responsible for performing threat analysis; conducting investigations; analyzing security metrics and trends; reporting to company leadership and our Board Audit Committee; and sharing security information with industry, government and regional partners.