The Coronal Mass Ejection Long-term Power Outage workshop was held in Seattle, Washington on May 23, 2019. Funding was provided by the Washington State Homeland Security Region 6 Critical Infrastructure Working Group from the FFY 2017 State Homeland Security Program from the Department of Homeland Security via Washington State Military Department and King County Office of Emergency Management. It was designed as a full-day workshop that included speakers presenting information on the Coronal Mass Ejection (CME) hazard and warnings systems, impacts from regional power outages, current planning efforts and engagement of the audience in breakout discussions exploring how to address the hazard and mitigate potential impacts.

​This interdependencies workshop focused on a long-term electrical system blackout caused by a CME event striking North America. While most power outage planning revolves around other natural hazard events like windstorms, earthquakes, or terrorism, this exercise took a look at a long-term power outage with widespread impacts to urban, suburban, and rural communities. While concentrating on critical infrastructure, the human impacts to people and systems such as our healthcare institutions was also included in the workshop. Participants were briefed on the current planning the Washington State Department of Commerce Energy Office is conducting on fuel prioritization and hybrid electrical systems. The Washington State Emergency Management Division provided insight on the catastrophic planning conducted by the State to address a CME scenario. 

​NOAA Space Weather Prediction Warning Center estimates a G5 Geomagnetic Storm will cause the following types of impacts:

Click on the links below to view the materials used during the Court Case Enactment during the 5th Annual Idaho Interdependencies Summit.

Educational Slides
Dam Shame PowerPoint
FNL Dam Agency Jury Instructions

The 2016 Idaho Cybersecurity Interdependencies Workshop explored the growing challenges of cybersecurity and its impact on overall economic and physical security. Hosted by the Idaho Office for Emergency Management and the Center for Regional Disaster Resilience, this meeting also featured a special track for small business leaders.

​Idaho Cyber Interdependencies Agenda
Small Business Information

In the face of emerging risks to economic and national security, action is needed to address crucial regional infrastructure interdependencies in energy, telecommunications, transportation, water systems and other infrastructures. Third in a three year series meant to develop an Idaho Partnership for Infrastructure Security, the workshop advances several cross-sector initiatives. 

One of the outcomes of these meetings was the creation of a stakeholder-prioritized action plan for the state of Idaho that is a culmination of recommendations from workshops, projects, and activities over the past three years. Stakeholders identified these recommendations as high priorities for the state. Recommendations include

• Develop training materials and a cyber resource website for the State of Idaho
• Continue to host annual statewide Cyber Interdependencies Workshops
• Develop a public-private information sharing platform to send alerts, warnings, and share updates with vetted, trusted stakeholders across the state. 

The Idaho Cyber Security Interdependencies Workshop was held October 8, 2015 in Boise Idaho at the St. Alphonsus Regional Medical Center. More than 130 participants from both public and private sectors, and from across the Pacific Northwest, took part in the exercise that focused on current cyber threats, common challenges for securing data and continuing operations despite cyber disruptions.

Idaho Lieutenant Governor Brad Little and Brigadier General Brad Richy, Chief of the Idaho Bureau of Homeland Security, spoke at the event along with other experts on cyber security preparedness, response, supervisory control and data acquisition systems.
​
Through this event, participants sought to improve their own cyber plans by challenging their planning assumptions, gained a greater understanding of their interdependencies and built relationships with others across the state and region.

View the Event Summary and Report
View the Agenda

​This workshop was the second event in a three year initiative to develop a public/private sector partnership for resilience in the state of Idaho. In 2016, Idaho Bureau of Homeland Security (IBHS) and the Pacific NorthWest Economic Region (PNWER) Center for Regional Disaster Resilience (CRDR) will develop an Action Plan for the development of an Idaho Public/Private Sector Resilience Partnership.

One of the most prevalent topics of the workshop was around the need for holistic cyber security—calling on organizations to move cyber security planning beyond the Information Technology departments and involve executive leadership, legal, and human resources. There is a strong need to train all staff members. According to IBM’s 2014 Cyber Security Intelligence Index, 95 percent of all security incidents involve human error. This can take many forms, from clicking on links, giving away passwords, or failing to follow security protocols.

Every company has cyber security risk and should have a cyber security plan. From small businesses to sectors that are not typically seen as cyber focused, like agriculture, there are cyber security risks. There are also many great tools in the State of Idaho for getting assistance in building cyber security plans and responding to cyber security incidents that need to be shared and made more easily accessible to all organizations.

For all organizations, it is essential to have governance and policies around cyber security in place before having to respond to an incident. These would include policies around protecting data and procedure for response, including structure (the incident command system was recommended) and involvement of law enforcement. With these policies in place, organizations can test their systems through exercises and help build a security culture in an organization.

A common theme was the acceptance of breach. Not all information within an organization is equally sensitive and critical. By accepting that some cyber attacks will be successful, and focusing extra levels of security on the most important data, organizations can use their limited resources more effectively.
​
Identifying key information is a vital part of assessing the risk in each organization. The risk assessment also includes security protocols, equipment, software, public presence, business type, and all other aspects of a business that might make it an easy or desirable target for cyber attackers. Risk will never be fully eliminated—as long as computers, automation and the internet are needed to complete business tasks, an organization will have cyber risk.  All parts of a cyber plan should attempt to mitigate that risk, while helping identify procedures for protection of critical data and detecting access to or loss of that data. Too often companies don’t know they have been breached until they are informed by an outside agency. 

Based on participant feedback, planning team input, discussion outcomes, and common themes from the day’s speakers, the following recommendations were developed:

• Develop training materials and regular webinars and other training opportunities to help organizations grow cyber security plans and facilitate information sharing.
• Provide training for executive leadership, legal departments, human resources, and other key departments to encourage organization-wide cyber security.
• Grow state-wide knowledge of the Idaho cyber security annex through training and outreach.
• Provide resources specific to small businesses and sectors where cyber security may not be prioritized (example: agriculture).
• Develop a single repository for cyber security preparedness information
• Develop formal partnership for information sharing around cyber security and other critical infrastructure concerns

Over 115 participants gathered at the Hewlett Packard Campus in Garden City, Idaho on November 13, 2014 for the Idaho Cyber Security Interdependencies Workshop hosted by the Idaho Bureau of Homeland Security (IBHS) with assistance from the Pacific NorthWest Economic Region (PNWER) Center for Regional Disaster Resilience (CRDR). The one day workshop provided information on current Cyber threats, and best practices utilized to develop organizational Cyber Security plans. Guest speakers, panel discussions, and round table facilitated conversations contributed to a very successful workshop.

The event was developed over the course of four months through a series of conference calls and meetings. The planning team included local public and private sector organizations, including: Idaho National Laboratory (INL), MK Hamilton & Associates, Office of the Idaho State Controller, Office of the Idaho Chief Information Officer, Idaho Bureau of Homeland Security, Petso Financial Consultants LLC, University of Idaho, Hewlett Packard, Idaho State Police, Zions Bank, Idaho Transportation Department, and St. Luke’s Health System.

This workshop was the first in a three year initiative to develop a public/private sector partnership for resilience in the state of Idaho. In 2015 IBHS and PNWER CRDR will host a table top exercise to help identify interdependencies and gaps in existing partnerships. Following that, the team will develop a Action Plan for the development of an Idaho Public/Private Sector Resilience Partnership.

View the Event Summary and Report
View the Agenda