Webinar

Power Plant Cyber Security & NERC CIP Compliance

How to Prepare, Plan & Respond

This webinar event originally broadcast live on November 13, 2018.

Summary 

As critical infrastructure assets, power plants and utilities are under constant threat by sophisticated attackers looking to gain access to internal systems for sabotage and control. The Department of Homeland Security (DHS) recently disclosed that foreign hackers had secured access to critical controls to U.S. power plants with the ability to shut off power. A recent survey of utility executives indicated 76 percent of those in North America believe the region faces at least a moderate risk of electricity supply interruption from a cyberattack.

Yet many power plants and OEM suppliers are ill-equipped to navigate this new landscape and mitigate cybersecurity risks. The unique technology, staffing, and operating procedures for power plants, EPCs and OEMs amidst a complex web of rapidly evolving technologies and threats means implementing cybersecurity solutions is more challenging than for the average organization. Not only does every energy facility and power plant face uniquely different circumstances related to the security of cyber assets but integrating cybersecurity protections into a utility’s supply chain is more complex than ever. This is a vital vulnerability as the alert issued by DHS last month indicated the hackers were targeting businesses working within a utility’s supply chain and that the hackers’ initial victims were “peripheral organizations such as trusted third-party suppliers with less secure networks.”

Many power plants and energy facilities lack the specialized know-how to effectively mitigate, identify, and repel a cyberattack which means there is a need for a comprehensive solution that fills the security gaps for each plant.

In this informative webinar, Tony Turner and Eric Belardo from Fortress Information Security will discuss the new and changing profile of threats to this industry, and steps power plants and utilities can take to secure their IT and OT operations to monitor and safeguard their attack surface.

 Specific topics covered will include:

  • The growing cyber security risks and specific points of vulnerability for the power industry
  • Considerations in implementing a comprehensive cybersecurity solution
  • How to identify threats and risks and gaps in control from internal and third parties and the proposed CIP 013-1 Reliability Standard
  • Best practices in cyber security incident handling and response management
  • Case study on how Fortress implementation at a major power producer is helping monitor threats and vulnerabilities in their supply chain and adhere to regulation.

Who should attend:

  • CIOs, Plant Managers, IT, Operations & Supply Chain managers from:
  • Utility and Independent Power Producers
  • Project Developers
  • Original Equipment Manufacturers (OEM)
  • Refineries & Petrochemical Plants
  • A&E & EPC Firms
Webinar: Power Plant Cyber Security & NERC CIP Compliance — How to Prepare, Plan & Respond 1

    Presenters

    Tony Turner, Sr Director Advisory Services – Security Architecture

    • Tony has helped hundreds of companies with strategic and tactical approaches to solving information security challenges. He has extensive experience in helping customers across Information Technology, Operational Technology and Business Process boundaries. As the global head of Application Security for a Fortune 150 and senior security executive in Air Travel, Manufacturing, Energy, Government, Retail and Insurance, as well as over 25 years of consulting and operations experience, he brings a diverse skill set that includes Security Program Development, Business Continuity, Compliance, Incident Response, Penetration Testing, Vulnerability Management, Security Architecture and Network and Application Security. Tony is a frequent speaker at industry conferences such as SANS, B-Sides, DerbyCon, ISSA, ISACA and others, and is a mainstay of the FL information security community, having founded several security groups and conferences. He holds a B.S. from Hodges University and over 20 security certifications such as CISSP, CISA, GCIH, GCIA, OPSE and many others.

    Eric Belardo, Vice President, Security Operations

    • Eric J. Belardo is Vice President of Security Operations of Fortress Information Security. Eric Brings over 28 years of Cyber Security & Risk Experience across many industry domains including Government, DoD, International, Financial, and Civilian markets. Eric has served in Information Assurance positions in Governmental Organizations such as the Department of Energy and many Critical infrastructure sectors such as Pharmaceutical, Healthcare, Power and Energy, and Defense. Eric’s experience in the cyber security field encompasses the areas of Digital Forensics, Incident Response, Disaster Recovery, Certification and Accreditation, Enterprise Security Architecture, and Security M&A. Eric has supported countless organizations in the US and in over 25 countries. With his Military Intelligence and Information Security background, Eric specializes in developing solutions to our client’s biggest challenges in Emerging Risk and Vulnerability Management to identify, mitigate, and remediate threats from supply chain, IT, and OT environments.

    Connect with us

     

    Talk with Fortress today about how to manage risk and get better performance and compliance across your enterprise! Set up an appointment to speak with a representative.

     

    189 S Orange Ave #1950, Orlando, FL 32801
    855.367.8737
    sales@fortressinfosec.com


    View More Resources Here

    Webinar: Power Plant Cyber Security & NERC CIP Compliance — How to Prepare, Plan & Respond 2
    Utilities
    Webinar: Power Plant Cyber Security & NERC CIP Compliance — How to Prepare, Plan & Respond 3
    Transportation
    Webinar: Power Plant Cyber Security & NERC CIP Compliance — How to Prepare, Plan & Respond 4
    Healthcare
    Webinar: Power Plant Cyber Security & NERC CIP Compliance — How to Prepare, Plan & Respond 5
    Finance
    Webinar: Power Plant Cyber Security & NERC CIP Compliance — How to Prepare, Plan & Respond 6
    Energy
    Webinar: Power Plant Cyber Security & NERC CIP Compliance — How to Prepare, Plan & Respond 7
    Additional Industries
    Webinar: Power Plant Cyber Security & NERC CIP Compliance — How to Prepare, Plan & Respond 8

    Webinar: Power Plant Cyber Security & NERC CIP Compliance — How to Prepare, Plan & Respond 9 Webinar: Power Plant Cyber Security & NERC CIP Compliance — How to Prepare, Plan & Respond 10 Webinar: Power Plant Cyber Security & NERC CIP Compliance — How to Prepare, Plan & Respond 11

    189 S Orange Ave #1950, Orlando, FL 32801
    (855) 367.8737
    sales@fortressinfosec.com

    COPYRIGHT © 2019. FORTRESS INFORMATION SECURITY. ALL RIGHTS RESERVED. PRIVACY POLICY

    Emerging Risk Brief

    ASSET RISK MANAGEMENT - FOR PORT AUTHORITIES

    Advisory

    5 STEPS FOR AN EFFECTIVE THIRD PARTY VENDOR RISK PROGRAM

    White Paper

    CIP COMPLIANCE – UPDATES, ENFORCEMENT AND PRACTICAL IMPLEMENTATION

    Advisory

    5 STEPS TO A STRONG VULNERABILITY MANAGEMENT PROGRAM

    WHITE PAPER

    NERC CIP COMPLIANCE

    Subscribe to Fortress Newsletter

    For breach reports, threat intelligence, regulatory
    updates, cyber security news alerts and more,
    sign up to receive the Fortress Newsletter.

    No, thanks!

    Threat Advisory

    Outdated Security Appliance Facilitates Denial-of-Service Attack on U.S. Grid

    WEBINAR DOCUMENT

    NERC CIP SUPPLY CHAIN SECURITY STANDARDS