This conference is designed to engage stakeholders, provide education and bridge the divide and create a culture of “one” between the IT & OT entities. Our intentions are to share best practices, security training, map a strategy and structure towards the development of a more cohesive and collaborative convergence of people, processes and tools within the IT & OT ecosystem. Enhanced communication and collaboration will improve our security, reliability, operational resilience and risk postures.

Work towards a collaborative culture supported by senior industry and government executives. The workshop will provide education, training and thought leadership development to smaller, mid and large size utility and energy companies through threat briefings, share best practices and lessons learned through presentations from the Section 9 companies’ most experienced CEO, CISO, CIOs, CTOs.

Steering Committee
Sean Plankey, Former Principle Deputy Assistant, Cybersecurity, Energy, Security & Emergency Response, Dept. of Energy
Rob Pate, Senior Cybersecurity Strategist, Department of Energy
Tom Wilson, VP & CISO, Southern
Dennis Gilbert, VP & CISO, Duke
Keith Herndon, VP & CISO, Baker Hughes
Kurt John, CSO, Siemens Energy
Ed Goetz, CSO, Chemours
Simon Hodgkinson, CISO, BP
Robert Rodriguez, Chairman, SINET

Agenda Themes
DOE’s objectives in leading and building a Collaborative OT & IT culture through a series of Public Private Partnership models.

Invited Audience
Government and Private Industry IT & OT Security Executives from the ecosystem of Suppliers, Operators, Contractors, Renewable Energy, Utilities, Nuclear, Transmission & Distribution.

Current Situation
For many years the IT & OT have been working in isolation with numerous attempts to integrate people, processes and tools within their respective environments. This lack of collaboration affects the national and economic security of our nation as well as our critical infrastructures and also applies to other industries that use and manage OT.

Opportunity
Work towards a collaborative culture supported by senior industry and Government executives. The workshop will provide education, training and thought leadership development to smaller, mid and large size utility and energy companies through threat briefings, opportunities to apply for security clearances, share best practices and lessons learned through presentations from the Section 9 companies most experienced CEO, CISO, CIOs, CTOs.

Objectives
This workshop is designed to engage stakeholders, provide education and bridge the divide and create a culture of “one” between the IT & OT entities. Our intentions are to share best practices, security training, map a strategy and structure towards the development of a more cohesive and collaborative convergence of people, processes and tools within the IT & OT ecosystem. Enhanced communication and collaboration will improve our security, reliability, operational resilience and risk postures.

1:00pm – 1:05pm
General Session – Welcome Remarks
Introduction by Emcee Rick Geritz, Chief Executive Officer, LifeJourney
Opening Remarks by Robert Rodriguez, Chairman & Founder, SINET

1:05pm – 1:25pm
Opening Remarks by Sean Plankey, Former Principal Deputy Assistant Secretary for Cybersecurity, Energy Security, and Emergency Response, U.S. Department of Energy (DOE) and Nicholas Andersen, Principal Deputy Assistant Secretary for Cybersecurity, Energy Security, and Emergency Response at U.S. Department of Energy (DOE)

1:25pm – 1:40pm
ICS Threat-driven Cyber Defense using ATT&CK
Adam Hahn, Lead Critical Infrastructure Security Engineer, The MITRE Corporation

Breakout A
1:40pm – 2:25pm
OT Attack Case Studies

Moderator
Ed Goetz, Chief Security Officer, Chemours

Panelist
Tim Roxey, President, Eclectic Technology & Former Chief Security Officer and Senior Director ES-ISAC, NERC

Breakout B
1:40pm – 2:25pm
Applying Robust Measurements and Metrics to Appropriately Evaluate Your Risk Posture
Abstract The purpose of this panel is to have an open discussion on the challenges and achievements in protecting OT environments:
-How are you measuring risk in your Operational Technology/ICS environments
-How is risk communicated to Senior Management and the Board
-Building a robust cyber security response organization
-Preparing for a cyber security attack-efforts on Table-Top Exercises or Simulations

Moderator
Keith Herndon, Chief Information Security Officer, Baker Hughes

Panelists
Tony Souza, Director, Cyber Architecture, IT/OT Integration, TVM at Duke Energy Corporation
David Boynton, Director, Information Security and Compliance, Arizona Public Service
Kenneth Carnes, Director TVA Cybersecurity, Tennessee Valley Authority

Breakout A
2:25pm – 3:10pm
How Do We Know If It Is A Cyber Attack or Common Event?
Abstract What do the Business and IT/OT Security leaders use as a checklist in order to evaluate whether an event/alert is an unanticipated technical glitch or an actual attack? When and how do they respond? When and what do they say to their state commissioners and federal regulators? This panel will explore the complexities and ambiguities of a potential OT cyber event, as compared to an incident in the IT environment.

Moderator
Dennis Gilbert, Vice President & Chief Information Security Officer, Duke Energy

Panelists
Jonathan Pollet, Founder & Executive Director, Red Tiger Security
Zachary Tudor, Associate Laboratory Director, Idaho National Laboratory

Breakout B
2:25pm – 3:10pm
Building Robust Intelligence, Security Operations Centers, and Response Capabilities to Prepare for the Unexpected
Abstract Obtaining indicators and threat intelligence as early as possible with regards to security threats, anomalies, and internal/external incidents is key to being able to identify, detect, prevent, and if needed, respond and recover from security threats. Integrating the operations and intelligence gathering across not only cyber and physical security but across both information and operational technology environments is paramount in helping to understand the overall strategic and tactical threat landscape facing the sector as well as helping to drive effective response.

Moderator
Jonathan Bransky, Director Threat Intelligence, Dominion Energy

Panelists
Rob Gurzeev, Chief Executive Officer & Co-Founder, CyCognito
Brian Barrios, Executive Director, Threat Management and Intelligence Southern Company
Chris Leigh, Chief Information Security Officer, Eversource Energy
Mikhail Falkovich, Director of IT, Con Edison
Matt Anglin, Chief Information Security Officer, NYISO

Breakout A
3:10pm – 3:55pm
Managing Unintentional and Malicious Risk: Building an Insider Threat Program

Speaker
Tom Wilson, Vice President & Chief Information Security Officer, Southern Company Services, Inc.

Breakout B
3:10pm – 3:55pm
IT/OT Challenges, Convergence and Harmonization
Abstract Change management towards increasing awareness, education and buy in towards greater collaboration and communication.

Moderator
Kurt John, Chief Cybersecurity Officer, Siemens USA

Panelists
Tabice Ward, Director/Chief Information Security Officer, DTE Energy
Val Mukherjee, Managing Director, Americas Critical Infrastructure – Oil & Gas Security Leader, EY
Juan Torres, Associate Laboratory Director, Energy Systems Integration, National Renewable Energy Laboratory

3:55pm – 4:40pm
Cyber Grand Game
Abstract The linkage of cybersecurity risk to operational technology (OT) and the rising geopolitical risk from energy networks dependence on this poorly secured OT poses significant public-private coordination challenges. The cybersecurity of equipment used to extract, refine, process, ship, and consume fossil fuels impacts the ability for these systems to operate and communicate on a daily basis. Small or accidental disruptions may be amplified if the security of these systems remains inadequate. Large attacks or purposeful manipulation in the bulk power supply chain could start at an innocuous edge, a single vessel in the Persian Gulf, but quickly impact domestic production and energy consumption. One example of Cyber Grand Game would be to investigate and discuss how maritime actions items like port facilities and trans-shipment hubs, critical navigation and traffic management networks, and the global supply chain for maritime logistics, control, and operations systems – is a critical source of geopolitical and technical risk. The panel will help elevate the awareness and cyber effects that are possible when our adversaries are playing the “Cyber Grand Game”.

Panelists
Sean Plankey, Former Principal Deputy Assistant Secretary for Cybersecurity, Energy Security, and Emergency Response, U.S. Department of Energy
Rob Mauck, Chief Technology Officer, GRIMM
Paul Kolbe, Director of the Intelligence Project at the Belfer Center, Harvard
Rob Strayer, Executive Vice President, Policy at Information Technology Industry Council (ITI)
Rob Knake, Senior Fellow, Council on Foreign Relations
Marty Edwards, VP of Operational Technology, Tenable

4:40pm
Closing Remarks
Robert Rodriguez, Chairman & Founder, SINET

Speakers