Join us for an essential seminar designed to enhance your cybersecurity knowledge and skills. This comprehensive training will cover critical aspects of IT and OT security, and effective incident response strategies.
Wednesday, Oct. 2 • 11 AM — 5 PM
Thursday, Oct. 3 • 8 AM — 3 PM
Recommended for:
• IT/OT managers and staff from public power utilities, responsible for system and cyber risk
• Policymakers and operations staff procuring IT and OT cyber assets
• Third-party vendors supporting critical infrastructure
Speaker
Speaker
James Chacko - Cyber Security Manager, Acumen
With 18 years of experience, James is an expert in cybersecurity for critical infrastructure in the utility sector. He has implemented comprehensive cybersecurity programs, including patch management and security architecture development, adhering to NIST and NERC CIP standards. James also delivers specialized OT and IT cybersecurity training across North America. Currently pursuing a Master of Science degree in Cyber Security from Georgia Tech, he leverages his extensive knowledge to enhance cybersecurity resilience and mitigate threats effectively.
Agenda
DAY 1
Cyber Threat Landscape
• Overview of the current cyber threat landscape and emerging trends
• High-profile cybersecurity incidents and their impact on affected organizations
Cyber Risk Management
• Identifying and assessing cyber risks
• Strategic approaches cybersecurity governance
Cybersecurity Governance
• Establishing a cybersecurity governance framework
• Roles and responsibilities of the Board, executives and other stakeholders in cybersecurity governance
DAY 1 – BREAK
Introduction to Cybersecurity in Utilities
• Importance of cybersecurity in utility sectors
• Overview of the current cybersecurity threat landscape
• Threat actors and their motivations
• Recent trends and implications for Operational Technology (OT)
Regulatory Compliance and Standards
• Introduction to key regulatory frameworks (e.g., NERC CIP, NIST CSF)
• Compliance as a basis for robust cybersecurity
Cybersecurity Incidents and Case Studies
• Recent cybersecurity incidents impacting utilities
• Case Study: Ukraine Power Grid Hack (2015)
• Case Study: Oldsmar Water Treatment Facility Hack (2021)
DAY 2
Technical Foundations of Cybersecurity
• IT vs OT: Understanding the differences and intersections
• Basic cybersecurity terminologies (e.g., malware, phishing, social engineering, etc.)
• Introduction to cybersecurity tools and resources
Cybersecurity for Utilities
• Attack surfaces and vectors specific to utilities
• Device and network security
• Use of strong passwords and Multi-factor Authentication (MFA)
• Regular updates, specifically security patches
• Encrypting confidential data
• OT-specific security measures
• Network segregation and monitoring
• Asset management and patching
• Physical security measures
Secure Online and Remote Access Hygiene
• Best practices for remote access to OT networks
• Use of VPNs and endpoint security
• Risks associated with public networks and how to mitigate them
DAY 2 – BREAK
Human Factor in Cybersecurity
• Awareness and training to mitigate human error
• Phishing/Spear-phishing and Social Engineering: Identification and prevention
Vendor and Supply Chain Security
• Risks and best practices in managing vendor and supply chain cybersecurity
Incident Response and Recovery
• Procedures for detecting, containing, and recovering from incidents
• Practical examples of incident response in utility settings
Exercises and Demonstrations
• Sandbox environment exercises (e.g., identifying common threats, responding to incidents)
• Demonstrations:
- Shodan search for the utility
- Phishing Demo (video)
Discussion and Q&A
• Open discussion on cybersecurity challenges and strategies
• Addressing queries and concerns from the attendees
Registration
Cost: $99 per person
The deadline to register is Sept 25. Register using the form below or by contacting Lisa Korthals at info@mrenergy.com or 605-338-4042. If you register online, you will receive an email confirming your registration.
Lodging
ClubHouse Hotel & Suites • 2320 S Louise Ave, Sioux Falls
A room block is reserved for $145 plus taxes. This rate is valid until Sept. 1 or until the room block is full. Please call the hotel directly to make your reservation at 605-361-8700.
Please specify you are with the MRES cybersecurity seminar.
Group rate and room block are not available online.