Agenda

Note: Subject to change.
 
Tuesday, October 5, 2021

6:00 - 8:00 pm
Pre-Conference Happy Hour Networking Reception
Venue to be announced
 
Wednesday, October 6, 2021

9:00 - 9:30 am
Opening Address

Southern Company
Curley Henry, Southern Company
Curley Henry
Director, Cybersecurity Strategy and Architecture
Southern Company   bio

9:30 - 10:00 am
Ransomware and the Importance of ZeroTrust in Today's Public and Private Sectors

We have went from Denial of Services attacks to Phishing attacks to now Ransomware. This presentation will discuss what ransomeware is, how it works, and recent high-profile data breaches and prevention best practices. The buzz word Security Zero Trust seems to be heard now in the cybersecurity field wherever we turn. How is this framework being implemented and what does it mean to infrastructure and utility businesses? Where are we headed in keeping our global infrastructure secure in today's ever-changing environment?

West Wing Advisory Services
Barry West
Dr. Barry West
Founder and CEO
West Wing Advisory Services, LLC   bio
10:00 - 10:30 am
Networking Coffee Break

10:30 - 12:00 pm
Utility Roundtable: Cybersecurity Challenges and Directions Forward

Guidehouse Research, cyber security
Danielle Jablanski, cyber security
Danielle Jablanski
Senior Research Analyst | Digital Innovations
Guidehouse Insights   bio

Exelcon
Charles Salas, Exelon
Charles Salas
Manager, Real-Time Systems Security Engineering
Exelon Corporation   bio

PSEG
Ahmed Mousa, PSEG
Ahmed Mousa
Utility of the Future (UOF) Manager
Electric & Gas Asset Strategy, Asset Management & Centralized Services
Public Service Electric & Gas Company (PSE&G)   bio

MISO
April Morelock, MISO
April Morelock, CISSP, CISA, CRISC
Manager, Cyber Security Operations
Midcontinent Independent System Operator (MISO)   bio

PG&E
Abraham Jose, PG&E
Abraham Jose, GICSP, CISA, TOGAF
Cybersecurity Architect - Industrial Control Systems & IoT
Pacific Gas and Electric Company   bio

12:00 - 1:00 pm
Lunch Break

1:00 - 2:30 pm
Cyber Security Components of Blockchain Applications in Energy and Utilities

This session covers the cyber security components of blockchain applications in energy and utilities. This effort is sponsored by IEEE Blockchain Work Group and being performed by its TF1 Cybersecurity Task Force. The presenters are active participants of this Cybersecurity Task Force. The session will cover the following topics:
  • Role of Blockchain in energy and utilities
  • Blockchain use cases in utilities
  • Cybersecurity components of these blockchain applications
  • Distributed Ledger Technology specification and cybersecurity requirements
  • Cryptographic key management
  • Performance impact
  • Timestamp and its association with transactions
  • Consensus, proofs and voting
  • Permissioned Vs non-permissioned
  • Smart Contract security
  • Attack surface analysis
  • Storage, scalability and architecture
The discussion will conclude with the need for cybersecurity standards in blockchain applications in energy and utilities and talk about the work being done by IEEE Blockchain TF1 Cybersecurity Task Force in this direction.


Protect Our Power, cyber security

Nevermore Security, cyber security

Duke Energy, cyber security

Duke Energy, cyber security
Ramesh Reddi, cyber security expert
Ramesh Reddi
Senior Cyber Security Advisor
Protect Our Power   bio
Annabelle Lee
Annabelle Lee
Chief Cybersecurity Specialist
Nevermore Security   bio
Liz Escobar, Duke Energy
Elizabeth Escobar-Fernandes
IT Manager, Employee Experience & Emerging Tech
Duke Energy   bio
Sri Nikhil Gourisetti, ICC
Sri Nikhil Gourisetti, Ph.D., CISSP
Energy Cybersecurity Research Engineer, and Team Lead - Cyber Systems
Pacific Northwest National Laboratory - PNNL   bio
2:30 - 3:00 pm
Networking Coffee Break

3:00 - 3:30 pm
Network Compliance Automation: How to Streamline the Firewall Audit Process

Verifying that an organization-wide network access policy is correctly implemented by hundreds of firewalls and thousands of access rules is such a complex endeavor that misconfigurations remain the number one cause of electronic security perimeter breaches. This presentation will introduce a workflow to automate your firewall audit process, from the organization of device configurations to tracking ruleset changes and staying ahead of compliance requirement deadlines. We will also present technology solutions to help simplify your NERC CIP program.

Network Perception, cyber security
Robin Berthier
Robin Berthier
Co-Founder and CEO
Network Perception   bio
3:30 - 4:30 pm
White Hack Hacking: Key Strategies and Lessons Learned for Utilities

Synack, cyber security
Christopher Thompson
Christopher Thompson
Solutions Architect
Synack, Inc.   bio
4:30 - 5:00 pm
Securing the Digital Grid

With an unforeseen number of attacks working their way into industrial environments, the ability to protect against, detect and respond to cyber threats is more important than ever. As government policy, environmental commitments and new technologies combine to drive greater efficiency, power and utility organizations need to design-in a cybersecurity policy to protect their digital transformation. During this session, we will discuss:
  • Cybersecurity needs for the operational systems, including Operational Control Systems, SCADA Systems, Smart Meters, and Substations
  • Practical steps for protecting your critical infrastructure - securing both modern and legacy equipment - without impacting the safety and uptime goals of the business
  • Automated tracking and reporting to support compliance with regulatory cybersecurity guidelines

Fortinet, cyber security
Christopher Blauvelt, cyber security
Christopher Blauvelt
Global Enablement Engineer - Operational Technology
Fortinet   bio
5:00 - 6:00 pm
Networking Drink Reception
 
Thursday, October 7, 2021

8:30 - 10:30 am
Security of ML and AI Applications in Energy and Utilities

This session will cover the state of the art of AI/ML applications in the energy and utility industry, and general approaches in securing those applications. We will discuss Duke Energy's DevSecOps software development life cycle of AI/ML cloud native applications and Application Security (App Sec) tools and best practices. During the session, Duke Energy's data privacy best practices will be presented to analyze AI/ML training data sets.

Key Takeaways:
  • State of the art of AI/ML application in utilities and approaches to secure them
  • App Sec Software Development Life Cycle
  • App Sec tools, best practices and lessons learned
  • AI/ML use cases in Cybersecurity

    Duke Energy, cyber security

    Protect Our Power, cyber security
    Ramesh Reddi, cyber security expert
    Ramesh Reddi
    Senior Cyber Security Advisor
    Protect Our Power   bio
    Liz Escobar, Duke Energy
    Elizabeth Escobar-Fernandes
    IT Manager, Employee Experience & Emerging Tech
    Duke Energy   bio
    Babak Shoja
    Babak Shoja
    AI/ML Data Scientist
    Duke Energy   bio
    Rauly Garcia
    Rauly Garcia
    Technical Team Lead
    AI Chatbot Developer
    Duke Energy   bio
    Mischa Steiner
    Mischa Steiner
    CEO
    Awesense, Inc.   bio
    10:30 - 11:00 am
    Networking Coffee Break

    11:00 - 11:30 am
    Cybersecure Substation Networks - How to protect modern substations against cyber-attacks?

    This presentation will begin with an evaluation of electrical utility substation cyber-attack vectors that arise throughout the substation's lifecycle. The process of the application of the NIST Cybersecurity framework to address these attack vectors will then be reviewed to set the stage for a case study of a new cyber-secure substation network architecture deployed by a European utility. The case study will focus on the security measurements deployed such as secure remote and local maintenance access, firewall zones, role-based access control and the challenges of applying intrusion detection (IDS) at the substation and how to solve these challenges.

    Takeaway points:
    • Analyzing the most important attack vectors throughout the substation lifecycle
    • Applying the NIST Cybersecurity Framework in substations
    • Challenges when applying IDS at the substation level and how to solve them

    Omicron, cyber security
    Steel McCreery, cyber security
    Steel McCreery
    Application Engineer, Power Utility Communications NA
    Omicron Electronics Canada Corp.   bio

    11:30 - 12:00 pm
    Risk Is Business Risk: Why Device and Supply Chain Integrity Are Key to Utility Cyber Security

    With IoT devices connected directly to operational environments, attack surfaces are ballooning while potential impacts of cyberattacks could put critical infrastructure in jeopardy. While utilities work to deploy IoT and secure network and cloud infrastructure, there's a glaring hole in their security strategy: the IoT devices themselves.

    These devices are component-built, using 80-95% third-party code -- often with known vulnerabilities. With IoT devices more accessible to malicious users than traditional network infrastructure, they represent an attractive vector to attackers seeking the weakest link in your network. This will explore what makes IoT firmware so exploitable, and how the risks posed by these devices could compromise not only your IoT deployments but your entire network.

    Finite State, cyber security
    Jeanette Sherman, cyber security
    Jeanette Sherman
    Sr. Director, Product Development
    Finite State   bio
    12:00 - 1:00 pm
    Lunch Break

    1:00 - 1:30 pm
    Protect, Detect and Respond: Securing the Smart Grid

    Are we ready for cyber-attack on the low voltage grid? We might have protection in place, but can we detect and respond to attack? As the smart grid becomes more intelligent, new opportunities emerge for threat actors to exploit it to extort money, gather and sell customer information and disrupt access to energy. In the low-voltage grid, this is particularly true; deployments of smart meters and other smart infrastructure dramatically increase the attack surface exposed to threat actors and provide the sophistication necessary for them to exploit weaknesses they find in cyber security. This presentation will focus on how threat detection and response can be used to augment standard protection and regulation-based low voltage smart grid security implementations, thereby allowing DSOs to identify threat levels, brace themselves for attack, identify breaches faster, block the attack before it develops and start to offer meaningful deterrents to cyber-criminals.
    • The attacker's perspective: What do they see as the opportunity? What motivates them?
    • The defender's perspective: Do they have the right tools to detect and respond to attacks in time to blunt the attack?
    • What detection and response looks like in practice: Helping SecOps teams see the important incidents and respond fast

    OSGP Alliance, cyber security
    Emil Gurevitch, cyber security
    Emil Gurevitch
    Senior Security Architect
    NES   bio

    1:30 - 2:00 pm
    Not your Grandma's SOCs - Purpose Built IT/OT Security

    With more than 70% of ICS adversary groups specifically targeting the electric sector, a growing attack surface spurred by increased connectivity and integration, and increased awareness of cyber threats to the energy industry, it's time to talk about purpose built teams and tools for integrating OT into your security operations. With economics and efficiency driving business decisions, security has long suffered from the inability to distinguish and convey the financial impacts of cyber events. This session will cover issues that prevent organizations from optimizing security teams, and suggestions to overcome them.

    We will discuss:
    • Investing in people and talent
    • How to get the most out of ICS tools
    • Compliance priorities when weighing requirements and audits
    • Threat Intelligence norms and best practices

    Guidehouse Research, cyber security
    Danielle Jablanski, cyber security
    Danielle Jablanski
    Senior Research Analyst | Digital Innovations
    Guidehouse Insights   bio

    2:15 - 4:00 pm
    Workshop: Preventing Physical Equipment Damage from Cyber Attacks

    The attacks on September 11th, 2001, revealed four kinds of failures: in imagination, policy, capabilities and management. The power system and cyber security scenarios shown during this workshop will support your defense cyber budgets with executives and will enlist the support of non-cyber managers. The level of long-term physical damage that an attacker with a combination of deep power systems knowledge and cyber knowledge has barely been imagined.
    • Conduct Blue Team/Red Team exercises for grid drills using a real-time simulated, hypothetical network
    • Anticipate attacks and learn to place your system in the most secure state during an intrusion
    • Learn techniques to react to an infiltration of the BES cyber systems
    • Think like an adversary, probe for weaknesses, and take that critical knowledge back to your organization
    IT professionals will come away with a deeper knowledge of the tools and procedures a power system operator can use to mitigate a cyber attack

    IncSys, cyber security
    Robin Podmore, cyber security
    Dr. Robin Podmore
    IEEE Fellow, Member NAE
    NERC Certified System Operator
    President, IncSys   bio

  •