QinetiQ (Lead Exercise Integrator), with strategic partner Inzpire, working in partnership with the National Cyber Security Centre (NCSC) and the Department for Business, Energy and Industrial Strategy (BEIS) successfully completed the first ever series of UK sector-wide, cyber resilience exercises for the UK’s Critical National Infrastructure (CNI) Electrical Distribution organisations.
Cyber-attacks on individuals, commercial organisations, CNI and Government departments are increasingly common and constantly evolving, impacting on reputation, safety and share price. Whether it is due to hacktivists, cyber criminals or nation states, the cyber threat is one which the UK is trying to stay one step ahead of, in an environment without traditional boundaries and where the threat cannot always been seen and the impact is not immediately obvious.
Future generations of board level executives, operational managers and technical engineers must be equipped with the knowledge, skills and confidence in cyber capabilities to maximise the opportunities that cyberspace creates and ensure resilience against the potential threats. Cyber Security needs to form part of ‘business as usual’ activities, requiring education, training, operational planning & preparation and consideration throughout a capability or service lifecycle. Only then will an organisation be able to increase the awareness, skills and knowledge of operations within cyberspace and better understand how to plan and respond to threats, and to synchronise operations in both the physical space and cyber domains.
QinetiQ’s expertise, with over 20 years of experience in providing training, exercising and operational assurance, has been applied to the UK’s electricity sector in a first of its kind series of sector wide cyber resilience exercises. Exercising increases the confidence of individuals, teams, organisations and sectors in their ability to identify, protect, detect, respond and recover in order to sustain operations in the event of cyber-attack.
QinetiQ as the Lead Exercise Integrator, working in partnership with BEIS, NCSC and strategic partner Inzpire, facilitated a series of exercises collectively known as “PowerPlay”. PowerPlay was specially designed and executed to prepare and equip the electricity sector’s engineering, operational and executive teams with the knowledge, skills and confidence in their processes and technologies to maximise the opportunities that cyberspace creates whilst ensuring resilience against the cyber threat.
The three exercises, started with an operational / command & control focused exercise to understand the role of individual organisations and how communications and decisions are made within the context of a much larger, coordinated sector wide incident. Following this was a live-exercise focused on the 3rd party supply chain (without knowledge that they were being exercised) to examine how they would analyse and fuse multiple cyber-incidents to create common situational awareness and coordinate incident response. The exercise series culminated in a large, distributed exercise involving over 170 participants at 13 different locations across the UK and abroad. A complex set of inter-connected events played out based on attacks varying from spearphishing to more specialist attacks on both IT and Operational Technology networks.
Dr Richard Randel, Principal System Engineer Cyber, Information and Training at QinetiQ said: “The exercise demonstrates how QinetiQ can work with Government partners and the CNI sector, bringing together our capabilities and experience, to increase the resilience of the UK and recognise the importance of exercising as a means to assure operations.“
John, Scottish and Southern Electricity Networks said: “We would like to thank the NCSC for the invitation and our subsequent involvement in the sector-wide cyber security test. The challenge and results from the scenario exercising has been invaluable in applying improvements to our emergency planning and resilience processes, along with recognising the importance of cross industry support and alignment during such events.”
A participant said: “It provided us with a greater awareness of the cyber threats within the sector and how all business functions need to work together to respond to a cyber-incident.”