Cybersecurity is among the top 7 concerns that keep public power leaders up at night. Whether you’re just starting the cybersecurity journey at your organization or have a plan you need to refresh in the face of evolving threats, you can’t miss the 2nd annual Cybersecurity Summit. Learn from the nation’s leading experts and from your colleagues that have traveled this road already.
Who Should Participate
- Policy, operations, communications executives
- Cybersecurity officers
- IT/OT managers
- Industry partners, subject matter experts
Monday, November 18
8 a.m. – 4 p.m.
DOE’s CyberStrike Workshop
Recommended CEUs .7/PDHs 6.5/CPEs 7.5
Get a hands-on, simulated demonstration of a cyberattack, drawing from elements of the 2015 and 2016 cyber incidents in Ukraine, and defend against a mock cyberattack on the industrial control equipment you routinely encounter. The U.S. Department of Energy’s Office of Infrastructure Security & Energy Restoration, in collaboration with the Electricity Information Sharing and Analysis Center and Idaho National Laboratory, developed this workshop to prepare energy sector owners and operators in the U.S. for a cyber incident impacting industrial control systems. Build your skills and learn from industry experiences that give you insight into the multifaceted interdependencies between the country’s critical infrastructure and how you can detect threats and respond within compressed timelines to prevent highly impactful consequences.
Speaker: Tim Conway, CyberStrike Instructor, Idaho National Laboratory
8:30 a.m. – 4:30 p.m.
Cybersecurity for Industrial Control Systems: Architecture, Asset Inventory, Network Security Monitoring & Event Detection
Recommended CEUs .7/PDHs 6.5/CPEs 7.5
Building off of the Association’s introductory cybersecurity courses, take a technical focus to outlining a cybersecurity program in the industrial control system environment. Review the principles of a defensible architecture, learn how to conduct a thorough cyber asset inventory, and discover the necessary event detection techniques and network security monitoring tools to identify an attack in the ICS. Explore how network security monitoring provides visibility into the operational technology network, including determining a baseline for normal operations and alerting you to unexpected events. The course is ideally suited for utility IT or ICS technical personnel who are responsible for, or interested in, applying cybersecurity standards and best practices to the industrial environment.
Speaker: Gus Serino, PE, Principal ICS Security Analyst, Dragos, Inc., Boston, Massachusetts
Tuesday, Nov. 19
7:30 – 8:30 a.m.
Registration & Coffee
8:30 – 9:15 a.m.
Welcome and Introductions
- Mike Hyland, Senior Vice President, Engineering Services, American Public Power Association
- Decosta Jenkins, President & CEO, Nashville Electric Service, Tennessee; and Chair, American Public Power Association
9:15 – 10 a.m.
Keynote Presentation: Threat Briefing: Utilities, Be Aware
Threat actors continue to focus on how to break into the U.S. power system, with attempts becoming more frequent and sophisticated. The threats do not stop coming after you make improvements to your systems. Hear what you need to know about this evolving threat landscape and what you need to watch for now and in the future to keep your utility protected.
Speaker: Speaker TBA
10 – 10:15 a.m.
10:15 – 11:45 a.m.
I Was Hacked: True Stories from Utilities
The warnings aren’t dire if they are true: municipalities and organizations have had critical files encrypted in ransomware attacks. Hear true stories of utilities that were hacked and learn how they recovered and revamped their cybersecurity measures to come out stronger on the other side.
Speakers: Victor Lay, City Administrator, City of Spring Hill, Tennessee; Speaker TBA
11:45 a.m. – 1 p.m.
Lunch Keynote: DOE’s Cyber Update
Get an update from the Department of Energy on its cybersecurity initiatives and hear about new developments of interest to public power.
Speaker: Speaker TBA, Department of Energy, Washington, DC
1 – 1:15
1:15 - 2:45 p.m.
GridEx V: What Did We Learn?
The North American Electric Reliability Council’s Grid Security Exercise (GridEx) is an opportunity for utilities to demonstrate how they would respond to and recover from simulated coordinated cyber and physical security threats and incidents. Discuss some of the early lessons learned from the public power utilities who participated in GridEx V, including ways to strengthen essential crisis communications relationships.
Speakers: Warren Brooks, PE, Manager-Electric Line Engineering, City Utilities of Springfield, Missouri; Ken Lewis, Principal Planning Analyst, Business Continuity & Emergency Management, Salt River Project, Phoenix, Arizona; and Shanna Ramirez, Vice President of Integrated Security, CPS Energy, San Antonio, Texas
2:45 – 3 p.m.
3 - 4:15 p.m.
E-ISAC Industry Engagement Program
Learn about the E-ISAC’s Industry Engagement Program, an innovative effort started by public power utilities to foster collaboration and information sharing between the E-ISAC and utilities. Learn how to be a part of the feedback loop, discuss ways to take action on information that is shared, and hear examples of changes that have been made because of feedback from public power organizations.
Speakers: Randy Crissman, Sr. Reliability and Resilience Specialist – Utility Operations, New York Power Authority, White Plains, New York; and Bluma Sussman, Associate Director, Member Engagement, Electricity Information Sharing and Analysis Center, North American Electric Reliability Corporation, Bethesda, Maryland
4:30 – 5:30 p.m.
Join your fellow attendees for in-depth discussions on topics covered throughout the day.
5:30 – 6:30 p.m.
Wednesday, Nov. 20
8 – 8:30 a.m.
Networking & Coffee
8:30 – 9:45 a.m.
Don’t Go It Alone: Making the Most of Strategic Partnerships
It is okay to ask for help with cybersecurity. Learn how public power utilities use strategic and innovative partnerships to manage cybersecurity activities, including using cyber mutual aid and teaming up with universities.
Speakers: Carter Manucy, Cyber Security Manager, Florida Municipal Power Agency, Orlando, Florida; Speaker TBA
9:45 - 10 a.m.
10 – 11:15 a.m.
Recruiting, Retaining and Training Your Cybersecurity Workforce
Cybersecurity personnel are in demand, and we aren’t just competing with other utilities for talent. Hear how public power utilities are reaching this workforce, what their staffing plans are for the future, and how they are training employees to develop critical cybersecurity skills.
Speakers: Sharon Chand, Principal, Cyber Risk Services, Deloitte & Touche LLP, Chicago, Illinois; Speaker TBA
11:15 - Noon
Synthesize what you learned in a roundtable discussion with your peers on the issues addressed throughout the summit, including ongoing challenges and new questions. Plan your next steps and talk about how public power can work together to secure the grid against cyber attacks.
- Pre-Summit Seminar: DOE’s CyberStrike Workshop FREE!
- Pre-Summit Seminar: Cybersecurity for Industrial Control Systems: Architecture, Asset Inventory, Network Security Monitoring & Event Detection
- $650 before Oct. 21
- $700 after Oct. 21
- Cybersecurity Summit
- $745 before Oct. 21
- $795 after Oct. 21
- $1,390 before Oct. 21
- $1,440 after Oct. 21
- DOE’s CyberStrike Workshop FREE!
- Cybersecurity for Industrial Control Systems: Architecture, Asset Inventory, Network Security Monitoring & Event Detection
- $1,300 before Oct. 21
- $1.350 after Oct. 21
- Cybersecurity Summit
- $1,490 before Oct. 21
- $1,540 after Oct. 21
- Cybersecurity and Public Power Forward Summit - Register for both now
- $2,880 before Oct. 21
- $2,930 after Oct. 21
Register for both summits and save!
Save $100 on your total registration price when you register for both the Public Power Forward Summit and the Cybersecurity Summit. Discount will be applied automatically. Click here to register now for both summits.
Not a member? Join today and save $745 on your conference registration. Call Member Services at 202-467-2926 to learn more.
The following food functions/meals are included in the registration fee (all other meals are on your own):
- Reception (Tuesday)
- Lunch (Wednesday)
- Beverage breaks (Tuesday morning & afternoon/Wednesday morning)
The attire for the 2019 Cybersecurity Summit is business casual. Since meeting room temperatures vary, please prepare to dress for cool conditions. Temperatures in Nashville, Tennessee for the summit dates range from an average high of 60 degrees to an average low of 40 degrees.
The Nashville Marriott at Vanderbilt University is located approximately 10 miles from the Nashville International Airport (BNA).
Travel Cost Policy
Travel arrangements and costs are the responsibility of the meeting participants. The Association will not reimburse for changes in travel expenditures regardless of the cause, including the cancellation of a course, meeting or workshop.
Registrants who cancel in writing on or before November 12, 2019, are entitled to a refund of their registration fee, minus a $50 cancellation fee. Registrants who cancel after November 12 will not receive a refund, but attendee substitutions will be allowed for the 2019 Cybersecurity Summit. Registrants and no-shows who do not cancel before or on November 12 are responsible for the full registration fee and are not entitled to a refund of their registration fee. Cancellations must be made in writing and mailed or e-mailed to [email protected].
If you have questions about the meeting, please contact any of the staff listed below:
Phone: 202-467-2941; Fax: 202-495-7505; Email: [email protected]
Phone: 202-467-2941; Fax: 202-495-7505; Email: [email protected]
Phone: 202-467-2921; Email: [email protected]
Phone: 202-467-2967; Fax: 202-495-7467; Email: [email protected]
The Cybersecurity Summit will take place at the:
Nashville Marriott at Vanderbilt University
2555 West End Ave.
Nashville, TN 37203
- Main Telephone: (615) 321-1300
- Group Rates: Single/Double $249 per night, (plus tax 12.5%, plus city tax of $2.50 per night)
- Reservation Cut-off Date: October 28, 2019
- Reservation Telephone: 1-800-533-0127
- Group Code: 2019 Public Power Forward & Cybersecurity Summit
- Online Reservation Link: https://book.passkey.com/event/49921635/owner/6143/home
- Check-in: 4 p.m. Check-out: 11 a.m.
- Parking Fee: Valet parking: $20/daily or $37/overnight; Self-parking: $14/daily or $32/overnight
- In-Room Wireless: Complimentary
About the Hotel
Enliven your days at Nashville Marriott at Vanderbilt University. With the free 2-mile shuttle and Midtown location next to Vanderbilt Stadium, the Parthenon and Centennial Park, you can soak up the vibrant culture nearby. While in the Music City, explore Music Row, Bridgestone Arena and the historic Ryman Auditorium, home to exceptional acoustics and famously known as the birthplace of bluegrass. Downtown, you can indulge in the honky tonks and live country music spots on Broadway, which is also home to shopping, dining and more. At Nashville Marriott at Vanderbilt University, enrich your Tennessee experience.
Hotel Reservations & Cancellation Policy
The cut-off date to receive the group rate (plus tax) is Monday, October 28, 2019. If rooms remain in the Association block after the cut-off date, the Association group rate will be honored. If not, you may be charged a higher rate. The room block may sell out before October 28, so early reservations are strongly encouraged. For individual reservations call 1-800-533-0127 and reference "2019 Public Power Forward & Cybersecurity Summit" or make your reservation online at https://book.passkey.com/event/49921635/owner/6143/home. The Nashville Marriott at Vanderbilt University should receive all reservations no later than October 28.
Cancelled reservations that are not resold may become a financial liability for the Association, so please make your reservations thoughtfully. If you require additional assistance with housing please contact Meeting Services at 202-467-2941 or [email protected].
Do NOT make hotel reservations through any third party that may contact you by phone or email. Use only the online reservation links, phone numbers, and discount codes available directly from the Association—in conference brochures and the website at www.PublicPower.org.
For assistance making your hotel arrangements, please contact Meeting Services at 202-467-2941 or [email protected].
Frequently Asked Questions
What educational credits are available?
Academy events include the following opportunities for educational credits:
- Continuing Education Units (CEUs) from the International Association for Continuing Education and Training (IACET)
- Professional Development Hours (PDHs) as established by the National Council of Examiners for Engineering and Surveying (NCEES)
- Continuing Professional Education (CPE) Ccedits from the National Association of State Boards of Accountancy (NASBA)
Is there international registration?
Online meeting registration is for U.S. and Canadian residents only. International registrants must provide a signed registration form — signed by the authorized cardholder — if paying with a credit card. Fax the completed registration form to 202-495-7484 or email it to [email protected].
Alternatively, you could send a check from a U.S. bank payable to American Public Power Association. Please mail completed form with full payment to our bank lock box:
American Public Power Association
P.O. Box 418617
Boston, MA 02241-8617
Are meals included?
The following food functions/meals are included in the registration fee:
- Tuesday - Coffee; Lunch; Reception
- Wednesday - Coffee
What is the conference dress code?
The attire for the conference is business casual. Meeting room temperatures vary, so prepare to dress for cool conditions.
How can I present at the conference?
We welcome your topic and speaker ideas for future conferences and events. To submit your idea for consideration, complete this form. Conference topics are generally determined 6-8 months before the event is held. Ideas will be kept on file for a full year, so if the agenda for the conference has already been determined, your ideas will be considered for the next year’s event, or in case any space opens up in the current year’s program. You will be contacted only if your idea is selected for an upcoming conference.