Delivering next-level cybersecurity and cyber-resilience to the power grid to enable the acceleration of the energy transition

Date: 15th-19th May 2023

Format: In-Person

Venue: Park Plaza Amsterdam Airport

Group Booking Discount – 10% discount for 3+ delegates, 30% discount for 5+ delegates and 50% discount for 10+ delegates booked from the same organisation at the same time!

Cybersecurity Governance Briefing

08:30 - 17:30, Monday 15th May 2023

The week begins with this insightful briefing on the Risk Management priorities of utility CISOs, with presentations shared on the current regulatory landscape, the implications of new standards, securing on-going cybersecurity budget, driving workforce development, and spearheading collaboration. Participants will come away with a clear understanding of what’s keeping the CISO awake at night, and how the entire cybersecurity team and ecosystem must align, to get the power grid ahead of the threat.

SGTech Europe 2019-Briefing Image-1

 Briefing Programme

08:00

Registration and Refreshments

08:20

Welcome from the Chair - Bas Kruimer, DNV

08:30

European Cybersecurity Regulation - Developing a strategic view of the latest European regulations for power grid cybersecurity to implement an integrated governance, risk, and compliance strategy

  • Understanding how European CNI, and Energy Sector cybersecurity regulations interact with one another and with domestic regulation to develop an effective approach to compliance
  • Integrating NIS 2 and the NCCS into existing GRC frameworks to fully benefit from their intended effect
  • Reducing time and cost of compliance activities, minimizing risk and providing the foundation for an effective holistic approach to cybersecurity governance

Anjos Nijk

Managing Director

ENCS

09:15

Strenghtening cybersecurity for a DSO - Adapting to an evolving landscape of threats, technologies & regulations

• Managing the high volume of new regulatory requirements with a reasoned compliance approach in line with the need to ensure security and certification of critical OT systems and IT components
• Formalising governance to secure core business and cope with new threats, new technologies and new regulations on cybersecurity
• Develop adaptive procedures for threat detection, response, and recovery to be reactive to emerging threats against critical assets
• Understanding how evolving collaboration between stakeholders in the energy ecosystem and regulators may help to protect against more offensive opponents and aggressive threats

Jeff Montagne

CISO

Enedis

10:00

Morning Refreshments and Networking

10:30

Spearheading Collaboration - Improving information sharing with grid companies nationally and regionally to establish a culture of responsible disclosure across your security organisation and drive collective security

  • Understanding the necessity for the energy utilities to exchange information on cybersecurity in a trusted circle like the EE-ISAC to become more resilient to threats to grid security
  • Establishing the governance needed to overcome the complexities and challenges that come with increased volume of information exchange and regulatory compliance requirements
  • Reaping the benefits of information sharing and being part of the EE-ISAC

Bas Kruimer

Director of Digital Grid Operations

DNV

11:15

Gaining Board Commitment - Communicating continuously evolving security requirements to the board to drive awareness and budget alignment

  • This is a drill - Holding the board to ransom to simulate direct attacks on senior leadership
  • Creating awareness of attack vectors, likelihood, and impact to obtain support for risk acceptance
  • Preparing the board to lead an effective response to serious cyberattacks and mitigate organisational damage

Annilisa Arge Klevang

CISO

SEV

12:00

Lunch and Networking

13:00

Skillsets for a Converged Security Team - defining roles and responsibilities of the next generation of security experts to foster the development of an aligned technology organisation

  • Developing a full understanding of the skills that will be required to manage the security requirements of converged environments in the increasingly distributed grid ecosystem
  • Pre-empting organisational risks to help define workforce development opportunities
  • Developing training, skills development, and recruitment policies to fully support the changing requirements for security

Barry Coatesworth

Director and Cybersecurity Leader

Guidehouse

Hanne Hansen

CISO

Energinet

13:45

Influencing Down - Taking leadership to instil a cohesive security culture across IT and OT teams

  • Gaining a comprehensive oversight of your systems and applications to develop a strategy for optimising technology teams and managing external stakeholders
  • Overcoming resource scarcity to manage challenges around legacy infrastructure and increasingly converged IT and OT environments
  • Inspiring confidence from the top-down to support a unified, resilient, and sustainable security organisation

Annilisa Arge Klevang

CISO

SEV

Erki Guhse

CISO

Enefit

Shawn McBurnie

Director IT/OT Cybersecurity and Compliance

Northland Power

14:30

NIS 2 Supply Chain Cybersecurity - Understanding the applications of the NIS 2 directive towards addressing supply chain risk

  • Using guidance from cybersecurity frameworks such as CAF and NIST to implement the changes to governance needed to harden supply chain resilience
  • Managing increased enforcement risk, and a reduction of reporting time to improve incident detection, response, and recovery, and drive support for security projects that align and enable the business
  • Harnessing NIS 2 to improve demonstrable resilience through increased organisational security focus, executive accountability, and better preparedness

Ivo Maritz

Senior Adviser Cybersecurity

Monti Stampa Furrer & Partners Ltd

Suzanne Rijnbergen MBA

Managing Director Cyber Resilience Gallia

Accenture

15:15

Afternoon Refreshments and Networking

15:45

Risk Mitigation - Developing strategies to ensure the cybersecurity of the Control Room of the Future

  • Using the Control Room of the Future (CRoF) Technology Centre to manage disruption and support the development of an intelligent, resilient and cyber secure power grid needed to support the transition to clean energy
  • Understanding how utilities can use the CRoF Technology Centre to research, develop and demonstrate intelligent technologies for cyber security of the future power grids
  • Safely test cyber-attack / defence scenarios and jointly train system operators and CSIRT in real-time using an IT-OT cyber range and digital twin of the power grid to become resilient to threats to power system stability and mitigate the risk of cascading failures and a blackout

Alex Stefanov

Director

Control Room of the Future

16:30

Cybersecurity Standards to Support IT/OT Convergence - Consolidating cybersecurity standards to develop frameworks that will support your organisation’s transformation requirements

  • Gaining a comprehensive understanding of the role standards such as IEC 62443, ISO 27000 and IEC 62351 play in the development of a cybersecurity management system that meets your organisational requirements
  • Overcoming resistance to change to gain acceptance of the framework of standards most appropriate to the security needs of your organisation
  • Establishing a common language with external providers, integrators and your entire organisation to facilitate security by design in grid transformation

Siv Houmb

Senior Adviser

Statnett

17:30

Close of Briefing