Conference

Cybersecurity Virtual Summit

Get up to speed on the latest in cybersecurity and learn from the experiences of other utilities
November 16 - 17, 2020
Sponsors

AE-ISAC logoPPA is pleased to co-host the Cybersecurity Virtual Summit with the Electricity Information Sharing and Analysis Center (E-ISAC). The E-ISAC protects the North American bulk power system by offering its electricity industry member and partner organizations real-time situational awareness on physical and cyber risks, expert analysis on industry trends, and cross-sector information sharing. Membership is free and includes access to the E-ISAC’s secure online Portal, where members can voluntarily exchange information and receive customized access to the latest products and services such as incident bulletins, in-depth white papers, webinars, workshops, conferences and events. To learn more about the E-ISAC and become a member, visit the E-ISAC website.

Cybersecurity Virtual Summit

Cybersecurity is among the top 7 concerns that keep public power leaders up at night. Whether you’re just starting the cybersecurity journey at your organization or have a plan you need to refresh in the face of evolving threats, you can’t miss the Cybersecurity Virtual Summit. Learn from the nation’s leading experts and from your colleagues that have traveled this road already.

Who Should Participate

Everyone in a utility plays a role in cybersecurity. The program is geared for:

  • Security officers
  • IT, OT managers
  • Policy, operations, communications executives
  • General managers/CEOs
  • Mayors, board/city council members, elected officials
  • Industry partners, subject matter experts

**This event is closed to the press.**

More Information

Registration
Phone: 202-467-2978; Email: [email protected]

Program/Content
Phone: 202-467-2980; Email: [email protected]

Sponsorship
Phone: 202-467-2903; Email: [email protected]

Billing
Phone: 202-467-2967; Fax: 202-495-7467; Email: [email protected]

 

E-ISAC logoAPPA is pleased to co-host this summit with the Electricity Information Sharing and Analysis Center (E-ISAC). The E-ISAC protects the North American bulk power system by offering its electricity industry member and partner organizations real-time situational awareness on physical and cyber risks, expert analysis on industry trends, and cross-sector information sharing. Membership is free and includes access to the E-ISAC’s secure online Portal, where members can voluntarily exchange information and receive customized access to the latest products and services such as incident bulletins, in-depth white papers, webinars, workshops, conferences and events. To learn more about the E-ISAC and become a member, visit the E-ISAC website.

Agenda

The Cybersecurity Virtual Summit (Nov. 16-17) will be a virtual/online meeting.

**This event is closed to the press.**

Register now!

Registrants will receive information on joining remotely as we get nearer to the event. If you have any questions, please reach out to [email protected].

Wednesday, November, 18 – Post-Summit Seminar
  • CyberStrike Workshop FREE! (Hosted by the U.S. Department of Energy's Office of Infrastructure Security & Energy Restoration)
     

Monday, November 16

Welcome and Opening Keynote
11 – 11:30 a.m. ET / 10 – 10:30 a.m. CT / 9 – 9:30 a.m. MT / 8 – 8:30 a.m. PT

  • Joy Ditto, President & CEO, American Public Power Association
  • Jim Robb, President & CEO, North American Electric Reliability Corporation

Threat and Attack Briefing
11:30 a.m. – 12:30 p.m.  ET  / 10:30 – 11:30 a.m. CT / 9:30 – 10:30 a.m. MT / 8:30 – 9:30 a.m. PT

Get the unclassified overview – directly from the Federal Bureau of Investigation - on what cyber and physical threats and attacks are happening; what situations, hardware and infrastructure they are monitoring for potential attacks, and lessons learned from recent attacks. Hear how utilities have been responding to different threats and what actions you can take if you’re attacked.

David Eisenreich, Supervisory Special Agent (SSA), Mission Critical Engagement Unit, Cyber Division, and Joel Max, Intelligence Analyst, Federal Bureau of Investigation, Washington, D.C.

Break
12:30 – 1 p.m. ET / 11:30 a.m. – 12 p.m. CT / 10:30 – 11 a.m. MT / 9:30 – 10 a.m. PT

Afternoon Keynote
1– 2:30 p.m. ET / 12 – 1:30 p.m. CT / 11 a.m. – 12:30 p.m. MT / 10 – 11:30 a.m. PT 

The Attack Hiding Behind the Crisis

From hurricanes to the pandemic, natural disasters and other crises are a distraction for you and an opportunity for attackers. Learn how to increase awareness of and resilience from cyber threats across your employees – even when teleworking and especially when your capacity is weakest.

Kenneth (KC) Carnes, Director TVA Cybersecurity, Tennessee Valley Authority, Chattanooga, Tennessee, and Bradford Willke, Acting Assisting Director, Stakeholder Engagement, Cybersecurity and Infrastructure Security Agency, Arlington, Virginia

Break
2:30 – 3 p.m. ET / 1:30 – 2 p.m. CT / 12:30 – 1 p.m. MT / 11:30 a.m. – Noon PT

Evaluating Supply Chain Risk of Foreign Adversary Compromises of Both New and Installed Systems
3 – 4 p.m. ET / 2 – 3 p.m. CT / 1 – 2 p.m. MT / Noon – 1 p.m. PT   

Supply chain is a complex topic ranging from an entire ecosystem of providers and while focus is often on the hardware, there are many interconnections to our systems and components that are worthy of thought. Delve into ICS/OT and the cyber threats that target them to talk through real-world examples and insights. Learn what others are doing to monitor and respond to the risks.

Robert M. Lee, Chief Executive Officer, Dragos Inc., Hanover, Maryland

Securing Your Supply Chain
4 – 5 p.m. ET / 3 – 4 p.m. CT / 2 – 3 p.m. MT / 1 – 2 p.m. PT

The Executive Order made it clear: the supply chain for utility equipment can be a risk to the bulk power system. Learn what you can do to manage security throughout the supply chain, from the vetting process to contracting and ongoing vigilance and monitoring once products arrive onsite. 

Cheri Caddy, Senior Advisor, Cyber Policy and Strategy; Cyber Team Lead, Infrastructure Security and Energy Restoration, Office of Cybersecurity, Energy Security, and Emergency Response, U.S. Department of Energy, Washington, D.C.; Tony Eddleman, P.E., NERC Compliance Manager, Nebraska Public Power District, Columbus, Nebraska; and Shari Gribbin, Managing Partner, CNK Solutions, Washington, D.C.

Online Networking Hour: An Irishman's Guide to Irish Whiskey
5 – 6 p.m. ET / 4 – 5 p.m. CT / 3 – 4 p.m. MT / 2 – 3 p.m. PT

In the Irish language the name for whiskey is 'uisce beatha', or 'the water of life'. Let’s breathe some life into your evening – join us for An Introduction to Irish Whiskey. Discover the history and the evolution of this beautiful spirit, how it is interwoven into the fabric of Irish heritage, and its importance to Irish culture. You won’t want to miss this interactive experience where you’ll get to sip and sample three different styles of Irish whiskey, while learning and discussing what makes them so unique. So grab a glass, pour some of your favorite Irish Whiskey and join us for an hour of Irish culture, history, craic, and of course, whiskey! Sláinte!


Tuesday, November 17

Keynote Presentation
11 – 11:30 a.m. ET / 10 – 10:30 a.m. CT / 9 – 9:30 a.m. MT / 8 – 8:30 a.m. PT

Manny Cancel, Senior Vice President, North American Electric Reliability Corporation, and CEO of the Electricity Information Sharing and Analysis Center

If You Don't Want to Pay, Don't Click
11:30 a.m. – 1 p.m. ET / 10:30 – Noon CT / 9:30 – 11 a.m. MT / 8:30 – 10 a.m. PT

Ransomware continues to be a prevalent method of cyber-attack, because just one click on a malicious link pays off for the attacker. Hear how utilities have effectively developed a culture of cybersecurity within their organizations and strategies for ongoing success.

MAJ Ryan Carlson, DCO-E Team Chief, Nebraska Army National Guard, Lincoln, Nebraska and Dustin Thorne, Cyber Security Manager, Lincoln Electric System, Nebraska

Break
1 – 1:30 p.m. ET / Noon – 12:30 p.m. CT / 11 – 11:30 a.m. MT / 10 – 10:30 a.m. PT

Cybersecurity Lightning Round Vendor Demos
1:30 – 3 p.m. ET / 12:30 – 2 p.m. CT / 11:30 a.m. – 1 p.m. MT / 10:30 a.m. – Noon PT

Learn about new technologies and tools that can help your utility better address cybersecurity in this series of brief demos from the summit sponsors.

Closing Keynote
3 – 3:30 p.m. ET / 2 – 2:30 p.m. CT / 1 – 1:30 p.m. MT / Noon – 12:30 p.m. PT

Sean Plankey, Principal DA/S, CESER, U.S. Department of Energy, Washington, D.C.

GridEx and E-ISAC Update
3:30 – 4 p.m. ET / 2:30 – 3 p.m. CT / 1:30 – 2 p.m. MT / 12:30 – 1 p.m. PT

NERC's Grid Security Exercise (GridEx) is an opportunity for utilities to demonstrate how they would respond to and recover from simulated coordinated cyber and physical security threats and incidents, strengthen their crisis communications relationships, and provide input for lessons learned. Hear about Electricity Information Sharing and Analysis Center (E-ISAC) and plans for GridEx VI, November 16–18, 2021.

Summit Adjourns
4 p.m. ET / 3 p.m. CT / 2 p.m. MT / 1 p.m. PT


Wednesday, November 18

CyberStrike WorkshopFREE! (Hosted by the U.S. Department of Energy's Office of Infrastructure Security & Energy Restoration)
PLEASE NOTE: Registration for this workshop has reached its maximum capacity. Please email [email protected] to be added to the wait list and we will be in touch if a spot opens up.


8 a.m. - 4 p.m.

Get a hands-on, simulated demonstration of a cyberattack, drawing from elements of the 2015 and 2016 cyber incidents in Ukraine, and defend against a mock cyberattack on the industrial control equipment you routinely encounter. The U.S. Department of Energy’s Office of Infrastructure Security & Energy Restoration, in collaboration with the Electricity Information Sharing and Analysis Center and Idaho National Laboratory, developed this workshop to prepare energy sector owners and operators in the U.S. for a cyber incident impacting industrial control systems. Build your skills and learn from industry experiences that give you insight into the multifaceted interdependencies between the country’s critical infrastructure and how you can detect threats and respond within compressed timelines to prevent highly impactful consequences.

Tim Conway, CyberStrike Instructor, Idaho National Laboratory

This event is open only to direct employees of electric utilities, joint action agencies, or state/regional associations; no outside counsel, consultants, or vendors may attend. Pre-registration required; limited to 35 people.

E-ISAC logoAPPA is pleased to co-host this summit with the Electricity Information Sharing and Analysis Center (E-ISAC)

The Cybersecurity Virtual Summit (Nov. 16-17) will be a virtual/online meeting.

**This event is closed to the press.**

Register now!

Registrants will receive information on joining remotely as we get nearer to the event. If you have any questions, please reach out to [email protected].

Registration Fees

Association Member

  • Cybersecurity Virtual Summit
    • $525 before Oct. 19
    • $575 after Oct. 19
       
  • DOE’s CyberStrike Workshop (November 18) FREE!

Nonmember

  • Cybersecurity Virtual Summit
    • $1,050 before Oct. 19
    • $1,100 after Oct. 19
       
  • DOE’s CyberStrike Workshop FREE!

Not yet a member? Join today and save $525 on your conference registration. Call 202-467-2903 or email [email protected].

Group Discounts

Save an additional $50 on each registration for the Cybersecurity Virtual Summit when your organization registers 5 or more people. The larger your group, the more you save!  

Number of registrants Discount
(per person)

Member
Registration Fee
(per person)
Before Oct. 19

Member
Registration Fee
(per person)
After Oct. 19
1-4 n/a $525 $575
5-10 $50 $475 $525
11-15 $100 $425 $475
16+ $150 $375 $425

Contact [email protected] for more information and to request the group registration form to receive this special discount. 

Cancellation Policy

Registrants who cancel in writing on or before November 12, 2020, are entitled to a refund of their registration fee, minus a $50 cancellation fee. Registrants who cancel after November 12 will not receive a refund, but attendee substitutions will be allowed for the 2020 Cybersecurity Virtual Summit. Registrants and no-shows who do not cancel before or on November 12 are responsible for the full registration fee and are not entitled to a refund of their registration fee. Cancellations must be made in writing and e-mailed to [email protected].

More Information

If you have questions about the meeting, please contact any of the staff listed below:

Registration Information
Phone: 202-467-2978; Email: [email protected]

Program/Content Information
Phone: 202-467-2980; Email: [email protected]

Sponsorship
Phone: 202-467-2903; Email: [email protected]

Billing Information
Phone: 202-467-2967; Fax: 202-495-7467; Email: [email protected]

E-ISAC logoAPPA is pleased to co-host this summit with the Electricity Information Sharing and Analysis Center (E-ISAC). The E-ISAC protects the North American bulk power system by offering its electricity industry member and partner organizations real-time situational awareness on physical and cyber risks, expert analysis on industry trends, and cross-sector information sharing. Membership is free and includes access to the E-ISAC’s secure online Portal, where members can voluntarily exchange information and receive customized access to the latest products and services such as incident bulletins, in-depth white papers, webinars, workshops, conferences and events. To learn more about the E-ISAC and become a member, visit the E-ISAC website.

Frequently Asked Questions

What educational credits are available?

Academy events include the following opportunities for educational credits:

  • Continuing Education Units (CEUs) from the International Association for Continuing Education and Training (IACET)
  • Professional Development Hours (PDHs) as established by the National Council of Examiners for Engineering and Surveying (NCEES)
  • Continuing Professional Education (CPE) Ccedits from the National Association of State Boards of Accountancy (NASBA)

Is there international registration?

Online meeting registration is for U.S. and Canadian residents only. International registrants must provide a signed registration form — signed by the authorized cardholder — if paying with a credit card. Fax the completed registration form to 202-495-7484 or email it to [email protected]

Alternatively, you could send a check from a U.S. bank payable to American Public Power Association. Please mail completed form with full payment to our bank lock box:

American Public Power Association
P.O. Box 418617
Boston, MA  02241-8617

How can I present at the conference?

We welcome your topic and speaker ideas for future conferences and events. To submit your idea for consideration, complete this form. Conference topics are generally determined 6-8 months before the event is held. Ideas will be kept on file for a full year, so if the agenda for the conference has already been determined, your ideas will be considered for the next year’s event, or in case any space opens up in the current year’s program. You will be contacted only if your idea is selected for an upcoming conference.