Providing Value to Stakeholders Through Security Initiatives


By Tom O’Brien, senior vice president and chief information officer

Security is an important focus at PJM, and we continually invest in and explore ways to ensure that our systems, data and information are protected from the ever-changing threats we face today and anticipate tomorrow.

In 2018, PJM has completed a number of initiatives aimed at increasing information technology security and reliability for our members and stakeholders. We looked across the organization and identified key areas of focus. Our accomplishments include:

  • Adding security-related enhancements to PJM Tools
  • Continuing our commitment to the Tech Change Forum
  • Engaging in a cybersecurity dialog with state government officials
  • Improving our member communication process
  • Adding a security page on the PJM Learning Center

PJM‘s Tech Change Forum is now in its third year and continues to be a vehicle to provide stakeholders information about our systems and the changes we’re making to them. Through two-way dialogue and discussions, stakeholders have the opportunity to make requests and provide valuable feedback.

PJM’s dedication extends beyond our walls. We are an active participant in industry-wide drills, such as North American Electric Reliability Corporation’s GridEx biennial exercise. GridEx is designed to simulate a cyber/physical attack on electric and other critical infrastructures across North America and involves utilities, government and law enforcement at every level, first responders and the intelligence community, among other groups. The next GridEx is in the fall of 2019.

To provide better insight into the inner workings of PJM’s security operations, we held a cybersecurity roundtable with state government officials and consumer advocates. This platform gave us an opportunity to discuss how the region’s power grid operator is coordinating cybersecurity efforts through various federal, state and local partnerships.

But PJM’s commitment to security doesn’t encompass just the large, industry-wide activities; it extends to our everyday dealings with our members.

Protecting user accounts, data and information is paramount. We have enhanced security of the tools our stakeholders use by adding two-step verification to PJM Tools user accounts. Two-step verification ties user access to a company device, reducing the likelihood of unauthorized access.

With a keen focus on one of our core responsibilities – reliability – we have done substantial work to increase our ability to switch IT operations between PJM sites if an outage were to occur, resulting in less downtime to PJM’s systems.

We addressed recommendations from the 2017 Member Survey to improve how we communicate technology-related changes to stakeholders, developing a streamlined communication process to provide consistent, accurate and timely notification to our stakeholders.

The Security and Resilience Advisory Committee was established to drive value to the PJM membership on issues related to cyber and physical security, and resilience through effective collaboration, coordination and timely communications.

PJM continues to make advancements to increase the security and reliability of its technologies that protect our member’s information and the integrity of the grid. Every small change that PJM makes is part of the larger grid security picture.

Learn more about how PJM approaches, fulfills and coordinates security efforts on our PJM Learning Center page, Safeguarding the Grid.