Partnerships

Cyber Security

In our highly interconnected world, the ability to deliver reliable power – and maintain a reliable energy infrastructure – requires robust cyber security capabilities. As part of its cyber security mandate, the IESO is leading efforts to boost sector resilience by building collaboration, establishing partnerships and enhancing information-exchange and analysis.

Partnerships

Collaborating to ensure a reliable power system

The grid is made up of many different working parts all of which need to operate in close coordination with one another. Cyber events have the potential to impact not just one organization, but also all their interconnected parts and peers. While each organization has its own cyber policies and protocols, establishing a channel to share situational awareness and best practices can help those organizations better meet the cyber risks we all face.

The IESO continues to work closely with its strategic partners, market participants, and regulatory entities to deliver on its accountability to provide cyber security services to the broader electricity sector.

Canadian Centre for Cyber Security (Cyber Centre)

As Canada’s authority on cybersecurity, the Cyber Centre works side by side with partners, like the IESO, to identify, address and share knowledge about systemic threats, risks and vulnerabilities. Established in 2018, the IESO’s partnership with the Cyber Centre enabled the launch of Lighthouse, which relies on the Centre’s expertise to provide actionable threat-intelligence information in near real-time.

The E-ISAC, a division of the North American Electric Reliability Corporation, gathers and analyzes security data, shares appropriate data with stakeholders, and communicates mitigation strategies with its stakeholders. The E-ISAC helps to reduce cyber and physical security risk to the electricity industry across North America by providing unique insights and collaboration.

Ontario Energy Board (OEB)

In 2017, the OEB, in conjunction with the IESO and other industry partners, developed a framework for the transmission and distribution sector, based largely on those developed by the U.S. National Institute of Standards and Technology (NIST) and Privacy by Design. Since its implementation, local distribution companies have been required to evaluate their risk, establish cybersecurity objectives, and identify their capabilities relative to those risks on an annual basis. In recognition of our unique position at the centre of the sector, in 2018 the OEB amended the IESO’s licence to include responsibility for cybersecurity of the bulk power system – a move that enables the IESO to lead collaborative efforts to promote electricity sector cybersecurity readiness.

Did you know?

Testing 1, 2, 3

Every two years, the IESO participates in NERC’s GridEx, a two-day grid security exercise that enables participants to test how well they could respond to and recover from simulated cyber and physical security threats and incidents – and benefit from the collective lessons learned.