Cyber security is an increasingly prevalent issue today − both in the public sphere, as well as behind the scenes, as businesses and public agencies work to secure their organizations from cyber attacks.
In its role as Reliability Coordinator for Ontario, the IESO is responsible for enforcing Critical
Infrastructure Protection − including cyber security − standards set by the North American Electric Reliability Corporation (NERC).
Those standards identify certain actors in the electricity sector (including some generators, transmitters, local distribution companies and the IESO itself) as critical asset owners. They are classified as such because they control facilities or equipment that, if damaged or somehow compromised, would affect the reliability of the bulk power system.
Critical assets can include control centres, transmission substations and certain large generation facilities. They also include cyber assets (like IT systems) that support and protect critical assets.
Though the IESO has long used information technologies to monitor and operate the bulk power system, broader digitization throughout the sector is creating the potential for new vulnerabilities. As such, cyber security has rapidly developed into an essential component of power system reliability.
The IESO has developed rigorous internal practices aimed at mitigating cyber threats. It also works closely with industry peers and government agencies to share information on cyber events and best practices.