The North American Electric Reliability Corporation (NERC) conducted the first sector-wide grid security exercise, GridEx 2011, on November 16-17, 2011. The exercise was designed to validate the readiness of the Electricity Sub-sector to respond to a cyber incident, strengthen utilities’ crisis response functions, and provide input for internal security program improvements. In advance of exercise execution, a diverse group of industry stakeholders engaged in an eight month planning process to design the exercise construct, craft a relevant scenario, and recruit a representative player set. GridEx 2011 featured a hybrid discussion and operational-based exercise format that combined a geographically distributed environment for operators and a tabletop exercise for executive leadership. A scenario was crafted to fully engage the diverse stakeholder set, promote coordination during the exercise, and highlight urgent cybersecurity issues facing the sector. The scenario featured advanced persistent threat attributes that propagated across the bulk power system (BPS) and eroded trust in critical grid functions.