Substation Physical Security Best Practices

Live Streaming Online June 27-28, 2023

An EUCI Program

Click Here to register $1195

If you are unable to attend at the scheduled date and time, we make recordings available to all registrants for three business days after the event

Protecting the nation’s electric substations and ensuring a reliable supply of energy are top priorities for the electric power industry. The shear vastness of the grid’s infrastructure requires utilities to prioritize critical substations that would have the most severe impacts on reliability if impacted by a security event, but what about the rest of the substations?

EUCI’s comprehensive conference will discuss threats, preparation, prevention, and resiliency plans while examining the effectiveness of security measures at stations. Register today to hear firsthand from other utilities and industry experts on what best practices they use to protect their substations.

Learning Outcomes

  • Listen to NERC’s review of CIP-014-03 and where the standard fits in today
  • Review E-ISAC’s physical security update of the threat landscape and mitigation sources
  • Assess the Department of Homeland Security’s comprehensive threats to substations and mitigation strategies
  • Hear from Exelon on what should be assessed to provide value for lowering physical risk
  • Engage in an interactive panel discussion on security challenges and solutions
  • Review how social media monitoring is helping CPS Energy identify threats
  • Discuss AECI’s position on CIP standards and their impact on the industry and reliability
  • Assess the steps in a cost-benefit analysis for allocation of resources to manage risks


9:00 a.m. – 4:45 p.m. Central Time

9:15 – 9:20 a.m. :: Welcome Announcements

9:20 – 10:10 a.m. :: CIP-014-3 Physical Security Review

This presentation will discuss the protection of transmission stations and transmission substations. NERC’s CIP-014-03 was created to identify and protect transmission stations and transmission substations, and their associated primary control centers, that if rendered inoperable or damaged as a result of a physical attack could result in instability, uncontrolled separation, or cascading within an interconnection. This presentation will review the history, components, and possible updates to the rule.

Sushil Subedi, CPA, CISA, CISSP, CEH, Security+, Network+, Senior CIP Assurance Advisor – Compliance Assurance, North American Electric Reliability Corporation

10:10 – 11:00 a.m. :: Physical Security Threat Landscape to the North American Grid

We will discuss a physical security update on the threat landscape to the North American grid, including information related to mitigation sources and potential suspicious indicators.

Lauren Alexander-Binns, PMP, Physical Security Analyst, Electricity Information Sharing and Analysis Center – North American Electric Reliability Corporation

11:00 – 11:20 a.m. :: Morning Break

11:20 a.m. – 12:10 p.m. :: Substation Threats – More Than Just Physical

Substations today face a wide array of threats from a variety of adversaries – from geopolitical to geomagnetic. Our nation’s substations are under constant threat. Because every critical infrastructure sector depends on the nation’s substations and because that dependency will only grow as we continue the transition to an even higher level of technology in a future driven by energy and information, we must become more aware of the threats, the vulnerabilities and the adversaries which watch every day for new ways to interrupt the energy we need. In this presentation, we’ll learn the nature of these threats and some of the strategies and mitigations we can employ to protect both the substation and our ability to provide energy to the nation.

Ronald Keen, Senior Advisor, Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security

12:10 – 1:10 p.m. :: Lunch Break

1:10 – 2:10 p.m. :: Assessing All Security Considerations to Lower Your Physical Security Risk

This presentation starts with the assumption that utilities are never going to be able to reduce their physical security risks to 0%. What considerations should be assessed to provide the best value for lowering risk? We will discuss and review full security considerations that utilities should be reviewing and implementing mitigation resolutions for.

Mike Melvin, Director – Corporate Security, Exelon

2:10 – 2:30 p.m. :: Afternoon Break

2:30 – 4:00 p.m. :: Best Practices for Improved Physical Security Panel Discussion

This interactive panel discussion will discuss a broad range of physical security topics from the vantage points of utilities, consultants, and a federal agency. While this is an opportunity for attendees to ask questions of the panelists, some of the pre-decided topics that will be discussed are key control for stations, challenges with drones, CIP, gunshot/drone detection and other technology developments, as well as lessons learned from events. 

Landon Jones, CPP, PSP, PCI, Senior Security Consultant, Burns & McDonnell

Donnie Thorson, PCI, Corporate Physical Security Manager, Nebraska Public Power District

Ronald Keen, Senior Advisor, Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security

Mike Melvin, Director – Corporate Security, Exelon

Jason Briseno, Integrated Security Analyst & Southwest Texas Fusion FLO, CPS Energy


9:00 a.m. – 12:00 p.m. Central Time

9:15 – 10:05 a.m. :: Open Source: Social Media Monitoring For Threats and Partnerships with Law Enforcement

  • Social media monitoring for threats will cover tools, trends, events, and groups.
  • Partnerships with Law Enforcement will cover networking through Field Liaison Officer (FLO) programs, trainings, and joint investigative efforts.

Jason Briseno, Integrated Security Analyst & Southwest Texas Fusion FLO, CPS Energy

10:05 – 10:50 a.m. :: Meeting and Exceeding the CIP Standards

When NERC’s CIP standards were released and accepted, utilities upgraded critically deemed substations to meet those standards helping to increase overall reliability of the system to minimize the aftermath of an attack, theft, or vandalism. What did this mean for a utility? What is next and how did AECI meet and exceed the standards? This presentation will discuss the CIP standards and their impact on the industry, reliability, and what may come.

Todd Bennett, Managing Director Reliability Compliance & Audit Services, Associated Electric Cooperative Inc.

10:50 – 11:10 a.m. :: Morning Break

11:10 a.m.– 12:00 p.m. :: Substation Physical Security through Risk and Resilience Planning

How can organizations and utilities best manage physical security risks and vulnerabilities to substations?   Join our presenters to hear real-life examples about developing a security program centered around improving physical security through risk and resilience planning.  Successful security programs integrate people, processes, and technology to form a holistic protection system. Regulatory compliance often directs how these three pillars come together, but an enterprise understanding of risks and the organization’s capacity to withstand them through resilience should be considered as physical security is planned, assessed, improved, and implemented. During this session, attendees will learn about Risk Analysis and Management for Critical Asset Protection (RAMCAP) and how a RAMCAP approach can facilitate completion of not only a risk assessment, but a deeper understanding of organizational resilience to drive cost-benefit analysis of physical security measures and appropriate allocation of resources to manage physical security risks. 

Kandace Jennings, PMP, RIMS-CRMP, Security Risk Analyst, Gannett Fleming, Inc.

Alicia Baehr, PSP, CPD, Manager – Security Compliance, Gannett Fleming, Inc.

12:00 p.m. :: Conference Adjourns