In the event of a cyber incursion, what should the energy provider do? What are the key steps in containing, eliminating, and surviving the attack? Afterward, what are the must-dos to minimize damage and recover successfully from the event? If experiencing a cyber security breach is not a question of "if" but "when", then energy companies must correctly prepare now for an environment in which such incidents are practically certain to occur.
The Energy Cyber Security Forum is focused on providing real-world preparation to utilities and other energy provider companies for successfully dealing with cyber security threats. Critical precautions and enabling technologies are examined in detail, with the aim of preparing energy companies for the threats that face their unique type of ICS infrastructure.
Topics to be addressed include:
- The current status of nation-state level APTs for the energy industry
- Defense-in-depth networking strategies
- Dealing with various protocols in the network (utility protocols, manufacturing protocols, etc.)
- Data protection
- Architecting a network security solution to address cyber threats
- Creating a culture of cyber compliance within a utility
- Holisitc approaches to achieving greater network visibility
- Integrating natural gas, oil and pipeline industry as it relates to smart grid, SCADA & control systems security
- Addressing the IT / OT divide
- Protecting substations and distribution and transmission infrastructure from cyber attacks
- Cyber security for operational technologies and smart systems
- Ensuring grid SCADA and PLC grid control networks cyber security
- What works, what doesn't, and what to put in place
- Steps for recovering from an industrial control system cyber breach
- Best practices in reducing human sources of vulnerability
- And more
Who Should Attend?
- Energy company executives and network security managers
- Electric, water and gas utility executives
- Cyber security and IT / OT professionals
- Software and hardware technology providers
- Planning and risk management analysts
- SCADA and industrial control system managers
- Cyber seccurity consultants and analysts
- Executives at energy management service providers
Enhanced COVID-19 Health & Safety Measures
Ensuring the safety of attendees is our top priority. Toward this end, all attendees are required to be fully vaccinated and will be asked to wear a mask when attending sessions inside the conference venue. The conference meeeting rooms have been treated with MicroShield 360, an anti-microbial coating which kills and prevents pathogens from living on surfaces. Hand sanitizer will be available, and HEPA-certified air filters are in use within the conference venue.
Option to Attend Virtually
If company travel restrictions prevent an attendee from participating in-person, the option is avaialable to attend virtually via GoToMeeting. This enabled attendees to:
- Interact live with speakers and fellow participants during the session's scheduled timeslot
- Access presentation PDFs and session recordings post-conference
- Set up one-to-one meetings, facilitated by SGO
- Participate live in all Q&A discussion sessions
- Access to attendee list
AGENDA
Tuesday, April 5, 2022
6:00 - 8:00 pm PDT
Pre-Conference Drink Reception and Dinner hosted by Network Perception
Wednesday, April 6, 2022
8:00 - 9:00 am PDT
Welcome Coffee and Registration
9:00 - 10:15 am PDT
Preparing, Responding, and Recovering from a Cyber Security Incident - It is a Team Sport
This panel will discuss practices that today's electric company use to prepare for, or if needed recover from cyber security incidents. In addition to sharing about the industry Cyber Mutual Assistance program, panelists will also discuss tactics that owners and operators should consider today to prepare for a potential future 'bad day'.
- David Batz, Senior Director, Cyber & Infrastructure Security, Edison Electric Institute, profile
- Brian Barrios, CISO / VP, Cybersecurity & IT Compliance, Southern California Edison, profile
- Lance Mueller, CISSP, CISM, Director, Cybersecurity, Risk & Compliance, Sempra / SDGE / SoCalGas, profile
10:15 - 10:45 am PDT
Networking Coffee Break
10:45 - 11:30 am PDT
Micro-Segmentation: What Is It and How to Implement It
The rise of sophisticated attacks against industrial control systems has shown that cyber threats can move laterally by exploiting weakness in network access control. This presentation will show how micro segmentation can be a robust layer of defense against modern attackers. As organizations embark on a journey towards cyber resiliency and zero trust architecture, we will define the core concepts and provide practical recommendations to implement micro segmentation the right way.
- Robin Berthier, CEO, Network Perception, profile
- Todd Chwialkowski, NERC Senior Compliance Specialist, EDF Renewables, profile
11:30 - 12:15 pm PDT
Challenges with Securing Remote Operations
Some of the key challenges with securing remote operations for Operational Technology (OT) networks since the pandemic began include:
- Providing vendor access remotely to equipment in a simple and secure manner
- Enabling OT multi-factor authentication
- Protecting and isolating data communication protocols to the OT network
- Implementing a zero-trust framework
This presentation will explore these key challenges for securing both IT/OT converged operations and OT-only remote operations. We will also discuss best practices for both enhancing existing secure access technology as well as implementing a new logical access layer for sites that currently do not have remote operations capability.
- Bill Moore, CEO and Founder, XONA
12:15 - 1:15 pm PDT
Lunch Break
1:15 - 3:15 pm PDT
IoT Cyber Resilience Within the Energy Sector
In various energy and utility companies the trend is to deploy IoT platforms and develop applications that run on these IoT platforms. The session will cover the methodologies how these IoT platforms and applications can be made Cyber resilient within the context of energy grids. We will also examine the cyber resiliency of DLT/blockchain based OT networks, covering the research being done by IEEE P2418.5 Blockchain for Energy Standard working group. The group is working on developing cyber resilient counter measures to protect DLT-based OT networks. The Mitre ATT&CK framework is considered to model the attack behavior.
- Moderator: Ramesh Reddi, CTO, CybSecBCML, Inc. profile
- Liz Escobar, CISSP, IT Manager, Duke Energy, profile
- Mischa Steiner, CEO, Awesense, Inc. profile
- Michael Mylrea, Senior Distinguished Engineer, Cybersecurity(ICS) & Digital Innovation, Resilience profile
- Sri Nikhil Gupta Gourisetti, Ph.D., Principal Security Engineer, Resilience profile
- Annabelle Lee, Chief Cyber Security Specialist, Nevermore Security profile
3:15 - 3:45 pm PDT
Networking Coffee Break
3:45 - 5:00 pm PDT
Policy and Best Practices for Incident Prevention
- Implementing risk assessment and identifying top risks
- Creating a culture of risk management
- Risk management framework and OT regulation
- Moving beyond compliance to a wholistic OT cyber security stance
- Anita Bhat, Principal Member of Technical Staff, Sandia National Laboratory profile
- David Rogers, P.Eng., Senior Engineer, BC Hydro profile
- Ben Sooter, Principal Project Manager, Cyber Security, Power Delivery & Utilization, EPRI profile
