Next Generation Cyber Security for Utilities€¦ · Net Generation Cyber Security for Utilities • November 16-18, 2016 • Washington, DC KEYNOTE: CYBERSECURITY SOLUTIONS FOR ELECTRIC

Next Generation Cyber Security for Utilities • November 16-18, 2016 • Washington, DC

Media Partners include:

Lead Sponsor:

• Understand the landscape of cyber security threats currently facing utilities

• Preparing for upcoming compliance requirements

• Analyzing and comparing the capabilities of various cybersecurity defenses

• Evaluating how to use information sharing to successfully protect the grid from potential cyber and security events

• Improve management and execution of enterprise-wide cyber security

• Identifying which liability protections should be in place for electric utilities to afford necessary protection

• Best practices that any utility organization can implement

• Identifying strategies to successfully monitor both physical and IR security

• Evaluating how to integrate the NERC CIP standards into an effective cybersecurity program

• Evaluating the existing and proposed cybersecurity frameworks, the best practices and what additional measures could be implemented

• Reviewing the Smart Grid Cybersecurity Job Performance Model (SGC JPM) and the implications of this model on the smart grid protection

• Discussing costs involved with cybersecurity and how to allocate them

• Examining new and emerging policy debates in the legislative and executive branches to provide companies insight into potential cybersecurity requirements and obligations

• Identifying key elements of the Cybersecurity Executive Order framework, development and content

• Utilizing business-oriented security metrics and measurements

…And more!

Key Topics to be covered include:

• NERC Cyber Security Compliance for Utility and Energy Firms

• Effective Incident Response • Disaster Recovery and Contingency Planning

Pre-Conference Workshops include:

Next GenerationCyber Security

for UtilitiesNovember 16-18, 2016 • Washington, DC

A Three-Day National Conference on Preventing, Protecting, Monitoring and Responding to Cyber Attacks Affecting the Electric Power Sector

“It’s tempting to believe that this increase in cyber attacks is horizontal across industries, but the data shows that energy organizations are experiencing a disproportionately large increase when compared to other industries. At the same time, energy organizations face unique challenges in protecting industrial control systems and SCADA assets.” Tim Erlin, Director of IT security and Risk Strategy, Tripwire

PHONE: 312 780 0700 FAX: 312 780 0600 WEB: www.acius.net @ACI_US

https://www.linkedin.com/company/active-communications-international?trk=top_nav_home

https://www.facebook.com/aciconferences

https://twitter.com/aci_us


• Cyber/Information Security

• Compliance and Regulatory Managers

• Physical/System Security

• Heads of Data Management Centers

• Planning, Governance & Risk Management

• IT, information and Network Security

• SCADA/Grid Security or Protection

• Physical System Security

• Information Systems

• Legal and Regulatory

Utility company CEOs, CIOs , CSOs, Vice Presidents, Directors and Managers responsible for:

Audience Profile:

Ben Miller Director Dragos Security

Sid Snitkin Vice President & GM, Enterprise Applications ARC Advisory Group

Walter Sikora ICS Subject Matter Expert Leidos

Karl Perman, OT Strategic Partnerships Lead Leidos

Michael Firstenberg Director of Industrial Security Waterfall Security Solutions

John Carroll Vice President, Business Development IPERC (Intelligent Power & Energy Research Corporation)

Brian Harrell CPP, Director of Security and Risk Management Navigant Consulting, Inc.

Jessica Matlock Snohomish County PUD

Marcus H. Sachs P.E., Senior Vice President and Chief Security Officer North American Electric Reliability Corporation - Electricity Information Sharing and Analysis Center

Cynthia Hsu Ph.D., Cyber Security Program Manager - Business and Technology Strategies National Rural Electric Cooperative Association (NRECA)

Brent Hambly Manager of Cybersecurity Assessments Leidos

Dave Halla Senior Advisor Johns Hopkins University Applied Physics Laboratory

Gary S. Miliefsky CISSP®, fmDHS, CEO SnoopWall, Inc.

Clint Bodungen Senior Critical Infrastructure Security Researcher Kaspersky Lab North America

Confirmed Speakers Include:

Critical Infrastructure Attacks in U.S. threats to the Energy SectorAs reliance on digital technology in the electric grid continues to increase, the security of network assets is more critical than ever. Energy companies and electric utilities have experiences a spike in cyberattacks in the past year.

Cyber security is one of the most important policy and technology topics an organization must address. Critical infrastructure for energy and utilities is vital to personal safety, economic growth and national defense. There are new, practical ways to greatly improve the management and execution of enterprise-wide cyber security.

Cyber security is a massive and ever- evolving challenge. To date the U.S. National Institute of Standards and Technology (NIST) has identified over 60,000 cyber vulnerabilities. And new threats are discovered every day.

Ensuring safe and reliable operation is the fundamental mission of a utility. If controls or communications for grid assets fail, the equipment must continue to operate in a safe, reliable manner, even in non-ideal situations. This is especially important for substations, which are increasingly monitored and managed via remote access.

Attend Next Generation Cyber Security for Utilities, November 16-18, 2016 in Washington, DC to learn new, key and critical issues for the industry and the steps that leading utilities are taking to mitigate the risk of cyber attacks.

Content and Theme






KEYNOTE: CYBERSECURITY SOLUTIONS FOR ELECTRIC UTILITIES

Walter Sikora, ICS Subject Matter Expert Leidos Walt has more than 29 years of experience with Security for SCADA, DCS and ICS systems. In his current role, Walt is responsible for Leidos security and compliance solutions and is a member of DHS-ICSJWG, NERC CIPC, and many other security groups. Walt previously spent 21 years with Invensys, Inc. as Director of Service Engineering and Development, where he was responsible for developing services and security solutions for the Foxboro IA platform. He holds an Associate Degree in Engineering and, a B.S. degree in Electrical Engineering from Northeastern University, and is currently an MBA candidate at the Gordon Institute of Tufts University.

Karl Perman, OT Strategic Partnerships Lead Leidos

9:15 AM

CHAIRPERSON’S WELCOME & OPENING ADDRESS

Michael Firstenberg, Director of Industrial Security Waterfall Security Solutions Michael Firstenberg is the Director of Industrial Security for Waterfall Security. Michael brings almost two decades of experience in Control System Security, specializing in Control System Cyber Security. With a proven track record as a hands-on engineer - researching, designing, and implementing strategic security solutions, Michael has an established background working with governmental institutions, regulatory authorities, and industrial utilities. The former chair of the American Water SCADA Council, Michael studied Computer Science, Chemical Engineering, and Mathematics at the University of Pennsylvania, and has served as a speaker and panelist at numerous conferences and events.

9:00 AM

REGISTRATION & CONTINENTAL BREAKFAST8:00 AM

Conference Day One • November 17, 2016

END OF PRE-CONFERENCE SESSIONS5:00 PM

USING MATURITY TO ENSURE SUCCESSFUL DEPLOYMENT OF CYBERSECURITY INVESTMENTS

Cybersecurity technology has advanced significantly over the past few years. New firewalls, access controls, and whitelisting technologies are enabling companies to tighten control over the actions that can occur within control systems. While industrial companies appreciate how this can help them reduce the risks of cyber intrusions, they are also concerned about their ability to maintain more granular rulesets, privileges, and task lists. In many cases, adoption of advanced solutions is being delayed awaiting the development of comprehensive tools and services to address these challenges.

ARC’s industrial cybersecurity maturity model provides a means for end users to understand the maturity requirements of different technologies and align their investments with their efforts to build maturity.

Key topics to be discussed include:• Assess the benefits of advances cybersecurity technologies & strategies• Develop a rational program for achieving desired and required levels of cybersecurity risk reduction• Evaluate their readiness for successful deployment of different levels of cybersecurity investments

Sid Snitkin, Vice President & GM, Enterprise Applications ARC Advisory Group Sid Snitkin is a senior member of ARC Advisory Group where he has primary responsibility for developing the strategic direction for ARC’s cyber security products and services. He has over 30 years of experience in automation, information systems, and manufacturing and has published numerous research reports on Industrial Cyber Security. Prior to ARC, his professional career included a broad range of engineering, managerial, and senior executive positions with global automation and equipment suppliers. Sid holds a B.S. and M.S. in Physics from Carnegie Mellon University, and an M.B.A. and Ph.D. in Operations Research and Artificial Intelligence from the University of Pittsburgh. He has also taught courses in Statistics, Operations Management, and Risk Management in various Graduate Schools of Business MBA programs.

4:00 PM

THE UKRAINE POWER GRID CYBER ATTACK AND LESSONS LEARNED

Ben Miller, Director Dragos Security

3:00 PM

REGISTRATION2:30 PM

Pre-Conference Sessions • November 16, 2016






PROTECTING UTILITY CONTROL SYSTEMS: EVEN WHEN THE ATTACKERS ARE ON THE INSIDE!

As we have seen in numerous compromises of industrial control systems and most recently, in the sophisticated hack of the Ukraine power grid, perimeter defenses of computer networks can be defeated and are important but insufficient elements in protecting networked electrical infrastructure. Enterprise IT systems have been used as pivot points into the control networks for critical electrical and industrial equipment. Successful cybersecurity measures must therefore focus on ensuring continued operation of control systems in all circumstances, even when attackers have found a way inside and are executing malicious activity. IPERC designs and has deployed state-of-the-art multi-layered cybersecurity architectures with that have been subjected to extensive military penetration testing. And they have passed every test to date.

In this presentation we will discuss how to engineer network resiliency to make utility systems as close to impervious as possible, with several specific real-world use cases from utility microgrid applications involving Ameren Company, Dominion Power and PSE&G. The audience will learn about defense-in-depth practices to reduce attack surfaces, mitigating vulnerabilities, and managing risk. Key takeaways are how to build a defensible control architecture and preserve control system functionality during attacks.

John Carroll, Vice President, Business Development IPERC (Intelligent Power & Energy Research Corporation)

1:30 PM

LUNCHEON FOR DELEGATES & SPEAKERS Sponsored by Leidos

12:15 PM

INTERACTIVE UTILITY CYBER SECURITY DEMO 1: INDUSTRIAL DEFENDER AUTOMATION SYSTEMS MANAGER

Industrial Defender Automation Systems Manager (ASM) is a management platform that aggregates event and state data from industrial endpoints across all vendor systems in one location for a single, unified view of operations.

From ultra-low bandwidth constraints to proprietary protocols, Leidos’ Industrial Defender solutions are designed and built from the ground up to ensure the safe and reliable operation of your control systems. The Industrial Defender ASM is the only platform to offer applications specifically engineered to address the overlapping requirements of cybersecurity, compliance, and change management in one dashboard.

Capabilities:• Centralized asset repository with automated notification of changes to assets• Automated data collection for compliance with internal requirements, industry standards, and external regulations• Consolidated change approvals, documentation and reports within defined project work packages• Customizable dashboards support different user profiles• Deployed with no disruption to operations

Greg Valentine, Manager: North American Sales Engineers Leidos

Scott Smith, Solution Architect – Strategic Accounts Leidos

11:30 AM

LESSONS FROM THE UKRAINE DISTRIBUTION SYSTEMS ATTACK

What happened in the Ukraine can happen in North America. Some point to NERC CIP and say “no, CIP will protect us” but this is not true. The Ukraine attack was on distribution assets, few of which are covered by NERC CIP. Some point to CIP-005 and say “two factor authentication would have saved us” but malware-based attacks, such as DarkEnergy, need no stolen passwords. Others say “we need more intrusion detection in substations” but detection while the lights are turning off is too late. Looking at cyber security the wrong way yields nonsense. We need to start asking better questions.

Key topics to be discussed include:• Best practices to secure your ICS perimeter• Why firewalls and software-based solutions are no longer effective• Case study examples where we have deployed unidirectional security gateways as a measure to mitigate modern day threats

Michael Firstenberg, Director of Industrial Security Waterfall Security Solutions

10:45 AM

MORNING REFRESHMENT BREAK & EXHIBITS10:15 AM






CHAIRPERSON’S CLOSING/END OF DAY ONE4:45 PM

INTERACTIVE UTILITY CYBER SECURITY DEMO 2: AUTOMATION SYSTEMS MANAGEMENT

Situational awareness and management of policies, baselines, configuration changes, and security events within a control systems environment is critical to ensuring safe and reliable operations.

Delivering a single, unified view of asset details, systems health, and security events within the industrial control systems environment.

• Deploys across multiple vendor systems • Deploys without rebooting or interrupting service• Manages geographically dispersed and hard-to-reach serial end points• Automates data collection and audit reporting for NERC CIP v5 and NRC

Monitoring with Industrial Defender ASM enables engineers to track and display critical information on utility software inventories, operating systems, and patch versions. This is all necessary to properly prioritize and process intelligence, respond to threats, and mitigate threats to operational security.



4:00 PM

A UNIQUE APPROACH TO CYBER SECURITY: NATIONAL GUARD OPERATION AND QUANTITATIVE CYBER RISK MODELING AND ASSESSMENTS

I will discuss our partnership with the Washington state National Guard cybersecurity unit and how they launched a “penetration test” on our network and how this operation allowed for us to examine our abilities to detect, respond, and recover from a cybersecurity attack. I will also discuss a new approach we are taking to understanding and regularly tracking what security performance improvements to make that will reduce our risk and reduce the specific threats of a cyber attack. This will include a summary of how SNOPUD partnered with a company to run virtual attacks on our security architecture and controls by simulating over 200 different types of cyberattacks. The end result is a plan for how SNOPUD should prioritize our investments and resources (people, tools, processes) to have the greatest and most measurable impact on our overall cyber risk – instead of needlessly wasting time and money on useless cyber products and processes.

Presentation will discuss how we answered the following question and how other companies can answer these questions:• How to determine the likelihood that you will suffer a range of cyber-related losses over specific periods of time• How threats to their corporate assets were contributing to their overall risk profile• How different security control options could reduce their expected losses, in what timeframe, and at what cost• How to prioritize cyber investments and resources (people, tools, processes) to have the greatest and most measurable

impact on their overall cyber risk• What known threats were impacting their networks

Jessica Matlock, Snohomish County PUD Jessica joined Snohomish County PUD in August 2006. Now Government Relations Director, Jessica previously worked as an energy and natural resources fellow for U.S. Senator Larry E. Craig (Idaho). Prior to that, she held a number of government relations positions with the Bonneville Power Administration, including that of power marketing specialist (in Washington, DC), constituent account executive for the State of Idaho, and fish and wildlife project manager. She also previously served as a city planner for the City of Portland, Oregon. Jessica serves in various leadership roles at the National Hydropower Association and Large Public Power Council and is an Advisory Board Member of the Bipartisan Policy Council’s Cyber Security Initiative. Jessica holds an MPA from Portland State University and a bachelor’s of science degree in chemical oceanography from the University of Washington. She also served in the United States Coast Guard.

3:30 PM

AFTERNOON REFRESHMENT BREAK & EXHIBITS3:00 PM

THE VALUE OF PHYSICAL AND CYBERSECURITY CONVERGENCE

Protecting our nation’s electricity infrastructure has evolved to a very visible and often political topic that gets almost daily attention by boards, CEOs, government regulators and even utility customers. The modern utility is constantly faced with both physical security and cybersecurity threats, often putting an organization at risk from a safety, compliance, and reputational perspective. In order to increase security awareness and mitigate corporate risk at the enterprise level, utilities should consider integrating IT and OT groups with their physical security department.

Topics to be covered include:• Threats facing utilities and how an integrated approach may increase security awareness• The benefits of IT, OT, and physical security convergence• Best practices from utilities across North America

Brian Harrell, CPP, Director of Security and Risk Management Navigant Consulting, Inc. Brian Harrell, CPP, is a physical and cybersecurity consultant for Navigant Consulting, Inc. (NCI) and specializes in NERC critical infrastructure protection, risk reduction for energy infrastructure, and emergency management. Harrell is a former Director at the North American Electric Reliability Corporation charged with helping protect the electric grid for North America.

2:00 PM






INTERACTIVE UTILITY CYBER SECURITY DEMO 3: DEFEND AGAINST INSIDER THREATS

Insider threats, inclusive of supply chain vendors, are a growing concern among critical infrastructure owners. Whether unintentional or with malicious intent, their impact can be devastating.

Identify threats to intellectual property, confidential information, or even the sabotage of control systems or the electric grid by an employee within an organization. This solution evaluates employee attributes, behaviors, and actions based on data fusion from large, disparate enterprise systems. Analysts can drill-down for further investigation as well as discover new information through automated link analysis.

Deploy a comprehensive program to identify risks that could compromise critical information, disrupt services and cause physical harm and damage.



11:15 AM

AFTER THE “WHEN”: REACTIVE CYBER SECURITY

We may agree that the question is not “if” but “when” a cyber-attack will occur, but there is still an inconsistent emphasis on preventing attacks as opposed to developing methods and tools to operate under attack and recover quickly. Unlike information technology (IT) systems, the data moving within an industrial control system (ICS) are less variable and more predictable. This provides an opportunity for developing cyber security solutions that leverage these differences.

• Thinking about Cyber Resilience• Why we need to invest in cyber security solutions beyond prevention• NRECA’s research approach to reactive cyber

Cynthia Hsu, Ph.D., Cyber Security Program Manager - Business and Technology Strategies National Rural Electric Cooperative Association (NRECA) Dr. Cynthia Hsu is the Cyber Security Program Manager for the National Rural Electric Cooperative Association (NRECA). Dr. Hsu is responsible for establishing and maintaining relationships with more than 900 member electric cooperatives, and developing and implementing cyber security research programs that address issues relevant to NRECA’s members. She currently manages a $20 million cyber security research budget that includes competitive federal grants and contracts, and member-funded research. Prior to her position at NRECA, Dr. Hsu worked for the U.S. House of Representatives’ Committee on Science, Space, and Technology, where she staffed Congressional hearings and drafted legislation authorizing a comprehensive research and development program for industrial control systems cyber security covering four federal agencies (Department of Energy, Department of Homeland Security, National Institute of Standards and Technology, and the National Science Foundation). Dr. Hsu was an American Association for the Advancement of Science (AAAS) Science and Technology Policy Fellow for the U.S. Department of Energy’s Office of Electricity Delivery and Energy Reliability before her position on the House Committee.

10:45 AM

MORNING REFRESHMENT BREAK & EXHIBITS10:15 AM

KEYNOTE: SPOTLIGHT ON UTILITY CYBERSECURTIY

Marcus H. Sachs, P.E., Senior Vice President and Chief Security Officer North American Electric Reliability Corporation - Electricity Information Sharing and Analysis Center Marcus Sachs is the Senior Vice President and Chief Security Officer of the North American Electric Reliability Corporation in Washington, D.C. where he is responsible for the oversight of the Electricity Information Sharing and Analysis Center (E-ISAC), and for directing security risk assessment and mitigation initiatives to protect critical electricity infrastructure across North America. He leads day-to-day coordination with governmental agencies and stakeholders for analysis, response and dissemination of critical information regarding security threats and events. Mr. Sachs’ professional experience includes a distinguished 20 year military career in the United States Army, two years of federal civilian service at the White House and the Department of Homeland Security, and over thirteen years as an executive in the private sector. He has appeared on several domestic and foreign television and radio networks as a computer security expert, has testified before the United States Congress, and is frequently quoted by the on-line and printed media. Mr. Sachs retired from the United States Army in 2002 after serving over 20 years as a Corps of Engineers and systems automation officer. He specialized during the latter half of his career in computer network operations, tactical communication systems, and the application of information technology to the defense environment. In 1998, he was selected by the Secretary of Defense to serve with the Defense Department’s Joint Task Force for Computer Network Defense, a small organization created to defend the DoD’s computer networks from foreign intrusions. In January 2002 Mr. Sachs was appointed by the President to serve concurrently on the staff of the National Security Council as the Director for Communication Infrastructure Protection in the White House Office of Cyberspace Security, and on the staff of the President’s Critical Infrastructure Protection Board. The Board was created in October 2001 to coordinate critical infrastructure protection issues across all US federal agencies in partnership with the industry sectors. In May 2003 Mr. Sachs joined the National Cyber Security Division of the US Department of Homeland Security, where he was responsible for developing the implementation plan for the National Strategy to Secure Cyberspace. Prior to joining NERC, Mr. Sachs was the Vice President for National Security Policy at Verizon in Washington, D.C. where he represented Verizon in national security and emergency preparedness (NS/EP) coordination with Obama administration officials, the United States Congress, and the security industry. He served on the Executive Committee of the US Communications Sector Coordinating Council, was the Vice Chair of the Communications Information Sharing and Analysis Center, and had leadership roles in several public/private advisory working groups and task forces. In November 2007 Mr. Sachs was named a member of the Commission on Cyber Security for the 44th Presidency. Mr. Sachs directed the all-volunteer SANS Internet Storm Center from 2003 - 2010 and remains actively involved in efforts to raise cyber security awareness and to professionalize the cyber career field. He hold degrees in Civil Engineering, Science and Technology Commercialization, Computer Science, and is “All But Dissertation” on a Ph.D. in Public Policy. He is a registered Professional Engineer in the Commonwealth of Virginia.

9:15 AM

CHAIRPERSON’S WELCOME & OPENING ADDRESS9:00 AM

REGISTRATION & CONTINENTAL BREAKFAST8:30 AM

Conference Day Two • November 18, 2016






7 SECRETS OF OFFENSIVE SECURITY FOR CRITICAL INFRASTRUCTURE

Gary S. Miliefsky, CISSP®, fmDHS, CEO SnoopWall, Inc. Gary is the CEO of SnoopWall, Inc. and a co-inventor of the company’s innovative breach prevention technologies. He is a cyber-security expert and a frequent invited guest on national and international media commenting on mobile privacy, cyber security, cyber crime and cyber terrorism, also covered in both Forbes and Fortune Magazines. He has been extremely active in the INFOSEC arena, most recently as the Editor of Cyber Defense Magazine. Miliefsky is a Founding Member of the US Department of Homeland Security (http://www.DHS.gov), the National Information Security Group (http://www.NAISG.org) and the OVAL advisory board of MITRE responsible for the CVE Program (http://CVE.mitre.org). He also assisted the National Infrastructure Advisory Council (NIAC), which operates within the U.S. Department of Homeland Security, in their development of The National Strategy to Secure Cyberspace as well as the Center for the Study of Counter-Terrorism and Cyber Crime at Norwich University. Previously, Gary has been founder and/or inventor for technologies and corporations sold and licensed to Hexis Cyber, Intel/McAfee, IBM, Computer Associates and BlackBox Corporation. Gary is a member of ISC2.org and is a CISSP®.

3:30 PM

AFTERNOON REFRESHMENT BREAK & EXHIBITS3:00 PM

INTERACTIVE UTILITY CYBER SECURITY DEMO 4: PROTECTING AGAINST BREACHES

Breaches on the IT side can endanger operations.

Advanced threat monitoring (ATM) services integrate advanced persistent threat sensors onto existing corporate internet points of presence to analyze a wide view of incoming and outgoing network traffic. ATM allows Leidos to analyze the network log and email data of clients, and compare that data against over a decade of threat indicators to identify attacks or intrusions. If an anomaly is detected, Leidos works with the client to mitigate the risk.

Expertly trained analysts with access to high-level intelligence streams stop threats early in the kill chain to protect critical IT and OT infrastructure networks.



2:15 PM

EMERGING AND EXISTING THREATS – THE “NETWORK USER”

Lessons from Ukraine and other cyber incidents/attacks demonstrate the importance of monitoring and base lining user activity to detect anomalous activity. This technique can also potentially identify malicious insiders.

Key issues to be covered include:• Review offensive methodology on how an adversary infiltrates a network with examples from Ukraine, Target,

Home Depot, and Sony• Understand how user behavior is different from the normalwhen a cyber adversary uses legitimate user credentials• Understand the “least privilege user” model to include limitations on system admin accounts• Review the “insider threat” and how normal activity changes when the individual turns malicious

David Halla, Senior Advisor Johns Hopkins University Applied Physics Laboratory David Halla is a Senior Advisor with Johns Hopkins University Applied Physics Laboratory’s Critical Infrastructure Protection Group. He recently served as the Chief of the Electricity– Information Sharing and Analysis Center’s (E-ISAC’s) security operations center, providing cyber and physical threat information to the 4500+ entities that generate, transmit, and distribute the bulk power system throughout North America. Prior to joining E-ISAC, he spent 3 years at US Cyber Command as the command’s exercise division chief, most notably developing the whole-of-nation Cyber Guard exercise that incorporates private, state, and federal cyber incident response to a large scale cyber-attack against critical infrastructure. Mr Halla is a retired fighter pilot with over 2700 hours in the F-16 and is a veteran of the Iraq War, Operation Iraqi Freedom and Operation Enduring Freedom.

1:30 PM

LUNCHEON FOR DELEGATES & SPEAKERS12:30 PM

BUILDING A WORLD CLASS NETWORK DEFENSE ORGANIZATION

Join this session for a practical guide on aligning people, process, and technology across IT and OT teams to build a world-class, integrated network defense organization. Leidos will share practical, real-world tips on tackling the challenges of converging IT and OT security practices through our experience in working with major electric utilities. We’ll discuss the three pitfalls that can affect any organization, expose the myths that lead to a false sense of cybersecurity; reveal the truth through case studies and provide practical guidance for cybersecurity leaders and practitioners. Attendees will leave with clear direction on how to apply lessons learned from anecdotes shared.

Brent Hambly, Manager of Cybersecurity Assessments Leidos Brent Hambly is the Manager of Cybersecurity Assessments for Leidos. Leveraging 10 years of experience in Cybersecurity and Systems Engineering, he leads a team of cybersecurity professionals who execute detailed assessments supporting Utilities, Oil & Gas, Financial Services, Healthcare and Telecommunications sector companies. Brent also contributes to large-scale IT/OT Security Operation Center (SOC) projects for several large investor-owned utilities, including design, build, and transformation activities. Brent holds his MS from Rensselaer Polytechnic Institute, a BS from Le Moyne College, and various industry certifications including GICSP, CISSP, and CEH.

12:00 PM






Active Communications International, Inc. (ACI) is a leader in conference planning and production. With offices in Chicago, London, Pune, Portland, Poznań and Milwaukee, we produce world-class events focusing on areas of most relevance to our served industry sectors. We are dedicated to deliver high-quality, informative and value added strategic business conferences where audience members, speakers, and sponsors can transform their business, develop key industry contacts and walk away with new resources.

Active Communicatons International:

CHAIRPERSON’S CLOSING/END OF CONFERENCE5:00 PM

HACKING PLCS IN UTILITY INDUSTRIAL CONTROL SYSTEMS: CATASTROPHIC OR HYPE?

There are real and growing security threats to industrial control systems and preventative security measures need to be put in place. However, owners and operators need to be able to determine what kind of attacks can cause actual catastrophic results to industrial environments and systems. In this session, Clint Bodungen (senior researcher, critical infrastructure threat analysis at Kaspersky Lab) will demonstrate how several technologies once intended for completely different industries, such as computer gaming engines and engineering software/hardware, can be combined to simulate realistic consequences of cyber-attack scenarios on industrial systems. Powerful gaming engine physics and 3D animation, scientific data and simulation capabilities (i.e. Matlab and engineering applications), and real-life physical devices (i.e. PLCs) are all connected in this presentation in order to provide a cutting-edge look at the impact analysis capabilities with stunning realistic 3D visuals.

Attendees will :• Gain an understanding of what cyber-attack simulation/impact analysis are, and why it they are important for ICS risk mitigation• Learn methods of performing realistic cyber-attack simulation/impact analysis using different technologies together• Walk away with a better understanding of how to deploy these methods and tools in their own ICS risk mitigation program

Clint Bodungen, Senior Critical Infrastructure Security Researcher Kaspersky Lab North America With more than 20 years of professional experience in cybersecurity, including 12 years focused exclusively on ICS security, Clint brought his expertise to Kaspersky Lab as a senior critical infrastructure security researcher in May 2016. Throughout his career, Clint has worked in several key cybersecurity roles where he focused on cyber threat/vulnerability research, risk analysis, penetration testing, and cybersecurity product R&D for the United States Air Force, cybersecurity vendors, such as Symantec and Industrial Defender, as well as major consulting firms including Booz Allen Hamilton. The majority of his clientele consists primarily of many of the world’s largest energy organizations. He is the lead author of the book, “Hacking Exposed, Industrial Control Systems,” he has developed and taught dozens of ICS cybersecurity training courses, and has presented sessions at ICS cybersecurity conferences (e.g. OilComm/ShaleComm, API, INTELEC, CyberShield, and more) regularly since 2004. Clint continues his ICS cybersecurity threat/vulnerability research at Kaspersky Lab, and is a volunteer cybersecurity mentor to high school and college students in his local community. Clint is based in Houston, Texas.

4:15 PM

Hyatt Place Washington DC/Georgetown/West End 2121 M Street NW Washington, District of Columbia 20037

Located in Washington’s beautiful West End and adjacent to historic Georgetown, Hyatt Place Washington DC/Georgetown/West End features 168 spacious guestrooms in a striking nine-story building with a rooftop terrace. With convenient access to Dupont Circle and Embassy Row, our newly opened hotel is perfect for business and leisure travelers alike. We’re just steps from Georgetown’s shopping, dining and nightlife, and easily accessible to nation’s capital and all its historic attractions via the Washington, DC Metro.

The Best Lodging in West End, DCOur brand-new hotel offers comfortable, spacious accommodations with modern conveniences, offering all the essentials for comfort while traveling. Each of our oversized guestrooms offers the perfect blend of home and office, so that you can relax in comfort and stay productive during your stay.

Connect all your electronic devices to the Hyatt Plug Panel™, rejuvenate with KenetMD™ bath essentials and sleep soundly on your Hyatt Grand Bed®. Free hotel-wide Wi-Fi, a free a.m. Kitchen Skillet™ breakfast, 24/7 gym and indoor pool make your stay feel more like home. Our dedicated Hyatt Hosts ensure your stay is an enjoyable one with availability to check you in or out, take your Gallery 24/7 Menu order or make your coffee anytime day or night. On-site parking is available for an additional fee.

Host a Meeting in Georgetown, DCIn addition to our cozy rooms and contemporary amenities, our Georgetown/West End hotel offers 2,220 square feet of special event space, including two boardrooms and three dynamic meeting rooms. These spaces are ideal for stylish meetings and gatherings, complete with flexible catering options and cutting-edge AV equipment.

Venue Information:





Documents

Next Generation Cyber Security for Utilities€¦ · Net Generation Cyber Security for Utilities • November 16-18, 2016 • Washington, DC KEYNOTE: CYBERSECURITY SOLUTIONS FOR ELECTRIC