Homer Electric Association (HEA) is a member-owned generation and distribution utility in the Kenai Peninsula of Alaska. In addition to the transmission and distribution network, HEA operates a generation plant and battery energy storage system. 

HEA replaced the aging control center OT systems with modern advanced distribution management systems, SCADA, and generation management systems. One key driver was implementing a system that meets or exceeds the NERC and Alaska Critical Infrastructure Protection standards, which are paramount in safeguarding the network.

Even though not all CIP standards apply to HEA due to meter count and generation capacity, HEA strived to meet the standard requirements to ensure cyber security. For example, during a typical week, HEA encounters 5 million plus network attacks. This presentation will discuss the best practices to meet SCADA and control center security standards and how smaller utilities like HEA with limited resources can effectively implement complex OT systems to provide authentication, encryption, access control, hardening, intrusion detection, cyber incidence response, and serial communication protection. 

Key Takeaways: 

• Proactive threat hunting and adaptive defense mechanisms to detect and respond to cyber threats.
• Incidence response protocols and collaboration mechanism