Critical Infrastructure Protection & Resilience North America

Brian Harrell

Brian Harrell, CPP

Managing Director, Enterprise Protective Services

Duke Energy Corporation

USA

Brian Harrell is the Managing Director of Enterprise Protective Services (EPS) at the Duke Energy Corporation where he leads the enterprise-wide physical security efforts to protect Generation, Transmission, and Distribution of electric power. In addition, EPS provides pipeline, aviation, and dam security, as well as executive protection and investigations (physical and digital).

Brian is nationally recognized for his efforts on critical infrastructure protection, continuity of operations, and enterprise risk management. Prior to coming to Duke Energy, Harrell was the President and Chief Security Officer at The Cutlass Security Group, where he provided critical infrastructure companies with consultation on risk mitigation, protective measures, and compliance guidance. He has been instrumental in providing strategic counsel and thought leadership for the security and resilience of the power grid and has helped in identifying and understanding emerging threats. Advising corporations throughout North America, Harrell has worked to increase physical and cybersecurity mitigation measures designed to deter, detect, and defend critical systems. Harrell is also a Senior Fellow at The George Washington University, Center for Cyber and Homeland Security (CCHS) where he serves as an advisor on infrastructure protection and cybersecurity policy initiatives.

Prior to starting his own firm, Harrell was the Director of the North American Electric Reliability Corporation’s (NERC) Electricity Information Sharing and Analysis Center (E-ISAC) and was charged with leading NERC’s efforts to provide timely threat information to over 1900 bulk power system owners, operators, and government stakeholders. During his time at NERC, Harrell was also the Director of Critical Infrastructure Protection Programs, where he led the creation of the Grid Security Exercise, provided leadership to Critical Infrastructure Protection (CIP) staff, and initiated security training and outreach designed to help utilities “harden” their infrastructure from attack.