A reliable, consistent energy supply is essential for keeping our hospitals, transport networks, schools and homes running; so keeping our electricity grid secure is something that we take very seriously.
Ensuring that our service is secure and resilient is of the greatest importance to us, so we commit significant resources and investment to maintaining the security of our organisation, with a strong focus on compliance with our regulatory obligations. These are set by regional Government bodies and regulators to ensure our interests are aligned with those of customers and society.
Keeping our information, data, physical infrastructure and property secure enables us to protect the UK’s energy supply and also provides our people – including colleagues, customers and stakeholders – with confidence in our organisation.
Being able to identify, protect, detect, respond and recover from potential threats is of paramount importance. So we use good practice frameworks to implement the appropriate security measures, whether that security relates to cyber, physical, personnel or people.
All of this allows us to effectively guard our organisation and also keep our colleagues protected.
People are our greatest asset in protecting the grid. We pride ourselves on having a diverse community of many long-serving employees who support our security culture and are confident enough to identify suspicious activity.
Our employees are empowered to speak up if they see something that doesn’t seem quite right. We make it easy and convenient to report suspicious behaviour, and we efficiently respond to all reports.
We have mature response, recovery and continuity plans in place that are shown to be effective against potential threats, ultimately minimising any impacts to our organisation, people and customers.
The diagram to the right provides insight into how effective our controls are. Over a 24-hour period, our cyber security teams identified 1.1m emails, all attempting to reach a National Grid email address – 0.7m of these were recognised as potentially malicious and therefore blocked from entry, with the remaining 0.4m deemed safe and allowed to reach their intended destination.
As technologies and threat landscapes evolve so do our security measures. We work closely with local law enforcement and government agencies to continuously review, update and test our security controls, to ensure we’re providing appropriate levels of mitigation and can respond proactively and efficiently.
As our organisation is so vast – with sites and offices spread out across the UK and US – we’ve heavily invested in physical security measures, with around-the-clock monitoring and surveillance. Some of our security measures you can see and some you can’t.
If you find yourself in or around a National Grid building, or near our physical infrastructure, and notice some concerning activity or receive an unexpected and suspicious-sounding phone call, message or email, please report it. You can report any suspicious activity to your local police force or via a nationwide helpline.
Report a cyber security incident
Email: [email protected]
Phone: 01926 653773 (UK) / 844-290-0722 (US)