Hillerød Forsyning supplies 75% of the Municipality of Hillerød (nearly 8,000 customers) with district heating, around 360,000 MWh/year.
…
Hillerød Forsyning: Large-scale emergency drill
The emergency drill was well underway. Then came a bomb threat that escalated the situation
Realism was at the forefront when Hillerød Forsyning, in collaboration with Dubex, the police and rescue services, ran through a large-scale emergency drill on 3 September. It was a test of the contingency plan that Dubex has helped to design.
Hillerød Forsyning handles district heating, waste, water and wastewater and is part of the community’s critical infrastructure. Security of supply has a high priority, and therefore Hillerød Forsyning has a contingency plan that becomes effective in the event of fire, accidents, natural disasters and terrorist threats, for example. Dubex has been involved in developing the IT part of the contingency plan and has thus also contributed scenarios for the exercise.
“Over 99.9 percent of the time, we have stable production and completely normal operations,” says Energy Director. Anders Buchardt Møller-Hansen. “Our contingency plan takes effect if something unexpected happens that could threaten security of supply. And it has to be practiced, because it happens so extremely rarely in reality. We need to maintain our competencies.”
He is supplemented by engineer, Jens K. Vium, Head of Production and Supply, who was on-call on Thursday, 3 September: “We’ve held internal drills before, but this one extended to the whole organisation and to the police and several services. And it was launched with the message that an underground cable had been cut.”
The incident was part of the scenario that Dubex had developed. When the connection to the IT system fails, crucial monitoring is lost, and the on-call system is activated. It initiated the drill and, consequently, the testing of how IT security interacts with the rest of the emergency services.
“The police and fire brigade responded and from there, the central on-site commander takes command and attends to the internal and external communication. No one else is allowed to comment when the on-site commander takes responsibility for the operation of the process which, incidentally, for this drill ended with the bomb exploding.”
When the threat escalates, we go on standby
Someone is on-call 24/7 at Hillerød Forsyning and is alerted about a breakdown in IT operations because it can affect the mechanical operation and security of supply. This does not mean that the organisation goes on standby immediately.
“We respond and investigate the alarm on site to ensure operation continues,” explains Jens K. Vium. “Minor errors must be remedied, while larger errors can mean that we go on standby and consult the contingency plan. In this drill, a bomb threat at the CHP plant was suddenly received and, of course, that escalated the situation.”
Energy Director, Anders Buchardt elaborates: “The head office received a bomb threat and we then moved to the next level. When there are threats to people or security of supply we go on standby, and one of the first things we do is evacuate the building. In this case, Jens was physically present to attend to the evacuation and make sure that the building was closed and locked. We always put life above material assets.”
“The police and fire brigade responded, and from there it’s the central on-site commander who takes command and attends to the internal and external communication. No one else is allowed to comment when the on-site commander takes responsibility for the operation of the process which, by the way, ended with the bomb exploding,” explains Jens K. Vium.
Link between IT and emergency preparedness must be tested
Dubex has been involved in preparing the IT contingency plan, and Dubex was also responsible for the IT part of the drill. Sofie Freja Christensen, who is Governance, Risk & Compliance Consultant at Dubex, talks about the preparations:
“We helped set up the scenario with the incidents, where the first step is for a cable to be cut so that the connection to the IT system fails. The next step is escalation, which should also be as realistic as possible so that the chain of command could be tested. No one was briefed in advance about the drill, and we placed importance on testing the interaction between IT and the general emergency preparedness. The drill had to put maximum pressure on the participants to see how it works in practice.”
"Does Dubex then step back when the drill begins?"
“No, on the contrary,” emphasises Sofie Freja Christensen. “I participated as a game-maker throughout the drill and was able to contribute via cue-cards and dialogue so that the exercise did not take a wrong turn. Along the way, we could influence and possibly escalate the situation on the fly, so that Hillerød Forsyning and the participating services would get the greatest possible benefit from the large apparatus that had been set up.”
Sofie Freja Christensen has also participated in the subsequent evaluation and reporting and would like to emphasize how important that part is: “What went well and what went less well? Where are the weak points when the system comes under pressure? These are the things that are being uncovered under realistic conditions.”
Evaluation of the activity in three ways
Back to Energy Director, Anders Buchardt and duty manager, Jens K. Vium. They were unaware that it was a drill when it got underway and escalated to a large-scale format. How have they benefited in the aftermath?
“We’ve evaluated the drill in three different ways,” says Energy Director, Anders Buchardt. “Firstly, whether the technical contingency plan has worked as intended. Secondly, whether we are, purely administratively, on a par with such a dramatic situation. And thirdly, whether we managed to follow the plan when it all began to get out of control. The contingency plan is like a fire extinguisher that hangs on the wall. It is rarely – hopefully never – used but when it comes down to it, it has to work.”
Jens K. Vium, Head of Production and Supply, adds: “We followed the plan as we should, but were also able to emphasise the importance of more or less weekly updating of the plan with names and numbers, etc. Mind you, in both analogue and digital form.”
“The drill put the spotlight on things along the way, some of which have been ‘aha’ experiences. For example, when we need to gather a large group of people who are being evacuated from a building.”
Exemplary collaboration with Dubex along the way
Since both Anders Buchardt and Jens K. Vium were unaware of the drill, they are also not the right people to ask about how the collaboration with Dubex proceeded behind the scenes. Senior Consultant Per Brøndum, on the other hand, can come with a comment here, because he has been responsible for the drill in collaboration with Sofie Freja Christensen and her Dubex colleagues:
“When we started working on a large-scale drill, it was clear to us that the IT part was key in relation to the rest of the emergency preparedness,” states Per Brøndum from Hillerød Forsyning. “So Dubex sat at the table during the preparations and played an important role in writing the script.”
IT operations is a crucial prerequisite for security of supply, and therefore an IT-related incident was set aside for the drill. Dubex has also been involved in the evaluation at Hillerød Forsyning, which resulted in a 10-page report sent on to Energinet and is, of course, also shared among the participants of the drill.
“The drill put the spotlight on things along the way, some of which have been ‘aha’ experiences. For example, when we need to gather a large group of people who are being evacuated from a building. Now that could be done in a better way,” explains Senior Consultant Per Brøndum and summarises : “The collaboration with Dubex has been really good. They came up with invaluable input during the preparations. They were present during the drill and managed things well in relation to the script. And they were a significant driving force behind the preparation of the final report with the evaluation of the drill.”
About Dubex
Dubex is a market-leading cyber security partner, supporting 500+ locations worldwide.
Since 1997 we have helped companies and public institutions managing risk, adapting to changes and grow more flexibly. With deep industry and technical expertise, a comprehensive product portfolio and a proven track record, Dubex is the ideal partner for IT teams who want to contribute to their company’s success.
Dubex is today a full-service IT security company, helping with security products, governance, processes, implementation, analysis, operational support, full operation of our customers’ solutions and more. We also offer a wide range of security services, including penetration testing, monitoring and security incident management.
Address tomorrow’s challenge, today.
Talk to an expert about how we can secure your business