Tuesday, April 5, 2022
6:00 - 8:00 pm PDT
Drink Reception and Dinner
For all registered attendees at Portside Pier
hosted by Network Perception
Wednesday, April 6, 2022
8:00 - 9:00 am PDT
Welcome Coffee and Registration
9:00 - 10:15 am PDT
Preparing, Responding, and Recovering from a Cyber Security Incident - It is a Team Sport
This panel will discuss practices that today's electric company use to prepare for, or if needed recover from cyber security incidents. In addition to sharing about the industry Cyber Mutual Assistance program, panelists will also discuss tactics that owners and operators should consider today to prepare for a potential future 'bad day'.
David Batz
Managing Director, Cyber & Infrastructure Security
Edison Electric Institute
profile
Eileen Figone
Chief Information Security Officer and Director of Security, Risk and Compliance
Puget Sound Energy
profile
Brian Barrios
CISO / VP, Cybersecurity & IT Compliance
Southern California Edison
profile
Lance Mueller, CISSP, CISM
Director, Cybersecurity, Risk & Compliance
Sempra / SDGE / SoCalGas
profile
10:15 - 10:45 am PDT
Networking Coffee Break
10:45 - 11:30 am PDT
Micro-Segmentation: What Is It and How to Implement It
The rise of sophisticated attacks against industrial control systems has shown that cyber threats can move laterally by exploiting weakness in network access control. This presentation will show how micro segmentation can be a robust layer of defense against modern attackers. As organizations embark on a journey towards cyber resiliency and zero trust architecture, we will define the core concepts and provide practical recommendations to implement micro segmentation the right way.
Robin Berthier
CEO
Network Perception
profile
Todd Chwialkowski
NERC Senior Compliance Specialist
EDF Renewables
profile
11:30 - 12:15 pm PDT
Challenges with Securing Remote Operations
Some of the key challenges with securing remote operations for Operational Technology (OT) networks since the pandemic began include:
- Providing vendor access remotely to equipment in a simple and secure manner
- Enabling OT multi-factor authentication
- Protecting and isolating data communication protocols to the OT network
- Implementing a zero-trust framework
This presentation will explore these key challenges for securing both IT/OT converged operations and OT-only remote operations. We will also discuss best practices for both enhancing existing secure access technology as well as implementing a new logical access layer for sites that currently do not have remote operations capability.
Bill Moore
CEO and Founder
XONA
12:15 - 1:15 pm PDT
Lunch Break
1:15 - 2:15 pm PDT
Cyber Resilience of IOT/OT Networks and Platforms Used in Energy and Utilities Sectors
In various energy and utility companies the trend is to deploy IoT platforms and develop applications that run on these IoT platforms. This session will cover the methodologies of how these IoT platforms and applications can be made cyber resilient. The Mitre ATT&CK framework for Industrial Control Systems will be discussed in its use of making OT networks cyber resilient.
Moderator
Ramesh Reddi
CTO
CybSecBCML, Inc.
profile
Liz Escobar, CISSP
IT Manager
Duke Energy
profile
Mischa Steiner
CEO
Awesense, Inc.
profile
2:15 - 3:15 pm PDT
Cyber Resiliency of DLT/Blockchain-based OT Networks
This session covers the research being done by IEEE P2418.5 Blockchain for Energy Standard working group cyber security task force. The group developed a DLT cybersecurity stack and is working on developing cyber resilient counter measures to protect DLT based OT networks. Mitre ATT&CK framework is being considered to model the attack behavior.
Moderator
Ramesh Reddi
CTO
CybSecBCML, Inc.
profile
Dr. Claudio Lima
Chair, IEEE P2418.5 Blockchain in Energy
Blockchain Engineering Council (BEC)
profile
Annabelle Lee
Chief Cyber Security Specialist
Nevermore Security
profile
Dr. Ümit Cali
Associate Professor of Energy Informatics ( AI & Blockchain)
Norwegian University of Science and Technology (NTNU)
profile
Sri Nikhil Gupta Gourisetti, Ph.D.
Principal Security Engineer
Resilience
profile
Michael Mylrea
Senior Distinguished Engineer, Cybersecurity(ICS) & Digital Innovation
Resilience
profile
3:15 - 3:45 pm PDT
Networking Coffee Break
3:45 - 5:00 pm PDT
Policy and Best Practices for Incident Prevention
- Implementing risk assessment and identifying top risks
- Creating a culture of risk management
- Risk management framework and OT regulation
- Moving beyond compliance to a wholistic OT cyber security stance
- Architecting a secure, NERC-CIP compliant remote access strategy
Bruce Payne
Principal Architect, Citrix
DynTek
profile
Anita Bhat
Principal Member of Technical Staff
Sandia National Laboratory
profile
David Rogers, P.Eng.
Senior Engineer
BC Hydro
profile
Ben Sooter
Principal Project Manager, Cyber Security, Power Delivery & Utilization
EPRI
profile