Agenda

Tuesday, April 5, 2022


Wednesday, April 6, 2022

8:00 - 9:00 am PDT
Welcome Coffee and Registration

9:00 - 10:15 am PDT
Preparing, Responding, and Recovering from a Cyber Security Incident - It is a Team Sport

This panel will discuss practices that today's electric company use to prepare for, or if needed recover from cyber security incidents. In addition to sharing about the industry Cyber Mutual Assistance program, panelists will also discuss tactics that owners and operators should consider today to prepare for a potential future 'bad day'.











10:15 - 10:45 am PDT
Networking Coffee Break

10:45 - 11:30 am PDT
Micro-Segmentation: What Is It and How to Implement It

The rise of sophisticated attacks against industrial control systems has shown that cyber threats can move laterally by exploiting weakness in network access control. This presentation will show how micro segmentation can be a robust layer of defense against modern attackers. As organizations embark on a journey towards cyber resiliency and zero trust architecture, we will define the core concepts and provide practical recommendations to implement micro segmentation the right way.




11:30 - 12:15 pm PDT
Challenges with Securing Remote Operations

Some of the key challenges with securing remote operations for Operational Technology (OT) networks since the pandemic began include:

• Providing vendor access remotely to equipment in a simple and secure manner
• Enabling OT multi-factor authentication
• Protecting and isolating data communication protocols to the OT network
• Implementing a zero-trust framework

This presentation will explore these key challenges for securing both IT/OT converged operations and OT-only remote operations. We will also discuss best practices for both enhancing existing secure access technology as well as implementing a new logical access layer for sites that currently do not have remote operations capability.




12:15 - 1:15 pm PDT
Lunch Break

1:15 - 2:15 pm PDT
Cyber Resilience of IOT/OT Networks and Platforms Used in Energy and Utilities Sectors

In various energy and utility companies the trend is to deploy IoT platforms and develop applications that run on these IoT platforms. This session will cover the methodologies of how these IoT platforms and applications can be made cyber resilient. The Mitre ATT&CK framework for Industrial Control Systems will be discussed in its use of making OT networks cyber resilient.






2:15 - 3:15 pm PDT
Cyber Resiliency of DLT/Blockchain-based OT Networks

This session covers the research being done by IEEE P2418.5 Blockchain for Energy Standard working group cyber security task force. The group developed a DLT cybersecurity stack and is working on developing cyber resilient counter measures to protect DLT based OT networks. Mitre ATT&CK framework is being considered to model the attack behavior.









3:15 - 3:45 pm PDT
Networking Coffee Break

3:45 - 5:00 pm PDT
Policy and Best Practices for Incident Prevention

• Implementing risk assessment and identifying top risks
• Creating a culture of risk management
• Risk management framework and OT regulation
• Moving beyond compliance to a wholistic OT cyber security stance
• Architecting a secure, NERC-CIP compliant remote access strategy