Disclaimer: MRO is committed to providing non-binding guidance to industry stakeholders on important industry topics. Subject matter experts from MRO’s organizational groups have authored some of the articles in this publication, and the opinion and views expressed in these articles are those of the author(s) and do not necessarily represent the opinions and views of MRO. The following article was written by Daniel Graham, Chief Security & Compliance Officer, Basin Electric Power Cooperative  

Many of you participated in this year’s GridEx VIII, the E-ISAC’s biennial electric sector exercise that tests response and recovery from coordinated cyber and physical attacks across the bulk power system. The exercise includes electric utilities, government entities, and other critical infrastructure partners.

Participation continued to grow in 2025, with more than 370 organizations taking part in GridEx VIII, up roughly 50 percent from about 250 in 2023. The E-ISAC also reported a seventy-percent increase in the participation of small and medium utilities, along with more Canadian entities, underscoring that this is an exercise for utilities of all sizes.

Increased participation was not the only change this year. The E-ISAC implemented new options to make GridEx more accessible. Even if you missed the full-scale North American exercise on November 18–19, 2025, you could still benefit from the GridEx materials, if:

The E-ISAC has made new, right-sized tools available. For example, “GridEx-in-a-Box” is a pre-packaged, scaled-down version of the full GridEx drill, designed specifically for small or resource-constrained utilities. GridEx-in-a-Box includes abbreviated Master Scenario Events Lists (MSELs) built around two short scenarios. One focused on physical security, and one focused on cyber security. Utilities can select from pre-made cyber and physical injects, use what is most relevant to their systems and risk profile, and leave out the rest. This allows a small planning team to run a focused, realistic exercise.

The E-ISAC also offers a tabletop scenario for entities with limited bandwidth or those who are new to GridEx. This option is a “plug-and-play” slide deck with facilitator notes. It is well suited for those who want to walk through roles, responsibilities, and decision-making, without staging a full, real-time exercise.

Participating in GridEx can also support compliance activities. GridEx provides the opportunity to exercise incident response plans and help meet testing expectations in the standards, such as CIP-008 and CIP-003. CIP-008 requires incident response plan testing at least once every 15 calendar months, and CIP-003 has a 36-month testing requirement. The GridEx-in-a-Box and tabletop tools can be used to meet testing requirements or to supplement internal exercises in off years.

For more information, visit the E-ISAC website.

About the Author