Going beyond regulatory guidelines to maximise cybersecurity for every link of the power grid supply chain

Webinar: 16:00-17:00 CET
Wednesday 29th September 2021
Crowdcast Webinar Platform
Free to attend for:
CISO CTO COO OT Security Lead IT Security Lead Head of SCADA Infrastructure Head of Substation Automation Head of Telecom Networks

Welcome to Supply Chain Attacks

Supply chain attacks are no longer confined to nation state actors. Organised cybercriminals are realising that they can maximise their ROI through a single attack with the power to gain access to the sensitive data of thousands of organisations across multiple sectors. And with 40% year on year rise in supply chain attacks globally, the implications for cost-conscious power grid operators focused on driving efficiency through their supplier ecosystems is significant.

In this 60-min webinar we uncover the latest trends in supply chain attacks and determine how these are likely to evolve in the next 2-3 years. We assess the current cybersecurity priorities of leading power grid operators and where supply chain cybersecurity must be positioned. We identify the regulatory, technological, policy, process and people issues that must be addressed to effectively enforce end-to-end supply chain security. And we address the incident response, recovery and reporting strategies that will ensure grid operators partner effectively with law enforcement to get ahead and stay ahead of the bad actors.

When power grid cybersecurity leaders go beyond the regulatory guidelines to secure their supply chains, leverage state-of-the-art Active Supplier Management programmes, and enforce tougher cybersecurity standards through their supplier ecosystem, the power grid goes from being the target of choice bad actor, to the impenetrable critical national infrastructure it was always designed to be.

Webinar Programme

16:00

Welcome address from the host

MW Headshot - cricle

Mandana White, CEO – Smart Grid Forums

16:05

Session 1: Developing a framework to effectively enforce end-to-end supply chain cybersecurity within the power grid environment

Leveraging the latest standards to ensure full supply chain cybersecurity compliance with regulatory demands
Re-organising and interworking internal departments and systems to ensure effective alignment with best practice in supply chain cybersecurity policies and procedures as the supply chain attack threat intensifies
Enforcing tougher cybersecurity standards compliance and 3rd party testing across your supplier ecosystem

Pedro is a Senior Manager in Accenture Security, leading Industry X and OT Security projects in the Renewables, Utilities, Energy and other sectors. With 15+ years of security, 10 of which in OT Security, Pedro has built OT Security Programs for Operators, System Integrators and Vendors in four continents. Pedro is also the co-author of Smart Grids Applications, Communications, and Security (Wiley book), National Cyber Risk Management Framework, and ICS Cybersecurity Standard for a GCC country. Pedro is an Expert Member of the IEC National Committee TC65 WG10, and Information Member of the ISA99 WG9 TG7.

Pedro

Pedro Fernandes, Senior Manager, Industry X & OT Security

Accenture

16:15

Session 2: Ensuring high levels of security and privacy for remote supplier access to your IT and OT infrastructure

Applying advanced threat modelling techniques to develop a supply chain security framework that effectively mitigates the risk of supply chain attacks in the most complex supplier ecosystems
Implementing state of the art network segmentation and intrusion monitoring approaches to prevent the lateral movement of attackers and contain their harmful effects once within defender networks
Compounding the power of intrusion monitoring through the application of AI&ML solutions
 
Julian is an experienced business development leader within the computer security & networking industry. Before joining Nozomi, he worked for industry leaders such as NetScout, VisibleThread and Radware. Julian is skilled in IT Security, Enterprise Software, Storage, Sales, Partner on-boarding and development. Julian has a Master of Business Administration (MBA) from Trinity College Dublin.
Julian McMenamin
Julian McMenamin, Regional Director, UK & Ireland
Nozomi Networks
16:25

Session 3: Working in partnership with law enforcement to establish a robust incident response, recovery and reporting framework, effectively contribute to the intelligence pool, and support the attribution process

Evaluating lessons learnt from incident response, recovery and reporting experiences relating to recent supply chain attacks in the energy sector
Establishing an incident response framework that enables you to speed up recovery without damaging forensic evidence required to support the attribution process
Working in partnership with law enforcement to get ahead and stay ahead of the bad actors
 
Special Agent (SA) Dave Eisenreich joined the FBI in 2001 and is currently assigned to the Mission Critical Engagement Unit, Cyber Division, FBI HQ. SA Eisenreich is the primary Cyber Division Liaison to the energy sector. SA Eisenreich has served in the San Francisco CA, Albuquerque NM, and Jackson MS FBI field offices. He has worked a variety of criminal and national security matters and joined the unit in May of 2020.
SA-Eisenreich
David Eisenreich, Supervisory Special Agent
FBI

Tactical Specialist (TS-SOS) Catherine Rivera joined the FBI in 2009 and is currently assigned to FBI Cyber Division’s Critical Infrastructure Intelligence Unit out of FBI Headquarters. TS Rivera primarily addresses threats to the energy, oil and natural gas, and nuclear sectors. Prior to joining Cyber Division, TS Rivera served at FBI HQ’s Counterterrorism Division, and the Detroit, Washington D.C., and Las Vegas field offices working violations ranging from counterterrorism to criminal investigations. 

 

Catherine Rivera, Tactical Specialist
FBI
16:35

Q&A & Panel Debate

16:55

Closing remarks from the host

MW Headshot - cricle

Mandana White, CEO – Smart Grid Forums

17:00

Close of webinar