Core Sector: Critical Infrastructure and Cybersecurity

Critical Infrastructure Policy and Practice, Energy Emergency Management, and Exercises

The links on this page offer a sampling of resources that describe government and industry strategies, tactics, and tools for protecting critical infrastructure in the U.S.. This collection provides key foundational materials that may be valuable for NARUC members, but it is not exhaustive.

Executive Orders


Department of Homeland Security (DHS)


Department of Energy (DOE)


Federal Energy Regulatory Commission (FERC)


Office of the Director for National Intelligence


Other Critical Infrastructure Links

Exercise Planning Tools

Upcoming Exercises

Past Exercises

  • EarthEx//20 (EIS Council, 2020)
    This "whole-of-world" emergency response exercise was conducted between September 1-October 31, 2020. More details are available here.
  • GridEx V (NERC, November 2019) gathered more than 450 organizations and 6,500 participants from industry, government agencies, and partners in Canada and Mexico to exercise response activities and capabilities to simulated cyber and physical attacks that affected the reliable operation of the electric grid. Lessons Learned Report
  • Clear Path VII (DOE, June 2019) examined the energy sector’s response and restoration roles, responsibilities, plans and procedures following a major earthquake along the New Madrid Seismic Zone (NMSZ), stressing interdependencies between multiple critical infrastructure sectors.
  • Shaken Fury (FEMA, 2019) used 7.7 magnitude earthquake scenario along the New Madrid Seismic Zone (NMSZ) to evaluate and improve the whole community’s response to a "no-notice" earthquake, identify gaps in resources, and implement a coordinated recovery strategy that prioritizes resources required for the response. The exercise was conducted in partnership with U.S. Department of Energy, U.S. Northern Command, state and local governments, and the private sector.
  • National Level Exercise (FEMA, May 2018) tested the ability of all levels of government, private industry, and non-governmental organizations to protect against, respond to, and recover from a major Mid-Atlantic hurricane. Several local, state, and federal exercises were integrated into the National Level Exercise, including Clear Path VI (DOE). Executive Summary
  • Cyber Guard (DOD/NSA, June 2017) was a week-long exercise that tested the response capabilities of energy, IT, transportation, and government experts to a major cyber attack. More than 700 cybersecurity operators and critical infrastructure experts participated in the exercise.
  • Cascadia Rising (FEMA, June 2016) was a three-day exercise that tested first responders and government emergency personnel in the immediate aftermath of a significant earthquake. After Action Report