Critical Infrastructure

This agenda is subject to change.

 

Sunday, February 11

Staff Subcommittee on Critical Infrastructure

10:00 a.m. - 11:30 a.m. 
Location: Meeting Room 2
10:00 a.m. - 11:30 a.m.

Closed Meeting

Committee on Critical Infrastructure

1:30 p.m. - 5:00 p.m.
Location: Ballroom North
1:30 p.m. -  1:45 p.m.

Welcome and Committee Update

Hon. Richard Mroz, New Jersey

 

 

1:45 p.m. - 2:15 p.m.

Cyber Workforce Development:  Revisting the NICE Framework

The nation’s cybersecurity workforce is at the forefront of protecting critical infrastructure and computer networks from attack by a wide array of threat actors. Demand for trained personnel is growing in both the public and private sectors. This session will focus on application of the NICE framework to identify necessary skills and to recruit appropriate talent. 

Presenters: 

Dennis Gilbert, VP and CISO, Exelon

Bill Newhouse, Deputy Director, National Initiative for Cybersecurity Education, NIST

 

2:15 p.m. - 2:45 p.m.

GridEx IV:  Lessons Learned

NERC conducted its biennial grid security exercise —known as GridEx— in November 2017.  More than 6500 participants took part in the two-day exercise, which was designed to test the electricity sector’s ability to respond to grid security emergencies, improve communications among partners, identify lessons learned, and engage senior leadership.  E-ISAC Director Bill Lawrence will highlight some lessons learned from GridEx and describe future activities planned to enhance preparedness to current and evolving threats to the grid. 

Presenter:  Bill Lawrence, Director, E-ISAC
 

2:45 p.m. - 3:00 p.m. Break
3:00 p.m. - 4:00 p.m.

After Ukraine – Assessing Risk from C-Suites to Wall Street 

Cyber attacks that brought down parts of Ukraine's power grid have been well publicized.  Less well-known is the growing sophistication of cyber threats against industrial control systems and their potential effects on critical infrastructure sectors like electricity, natural gas, and water.  Three experts will address the increasing and dynamic threats to ICS, lessons learned from the Ukranian attacks, and how mitigation efforts in the power industry are viewed by the regulatory and financial communities.

Moderator:  Phil Jones, Phil Jones Consulting LLC

Panelists:

Jim Hempstead, Managing Director - Global Infrastructure Finance Group, Moody’s

Robert Lee, CEO, Dragos 

Tim Roxey, CSO, NERC

4:00 p.m. - 5:00 p.m.

EMP:  What Regulators Need to Know 

Joint with Staff Subcommittees on Electricity and Electric Reliability

EPRI initiated a three-year research project in April 2016 to assess the potential impacts of high-altitude electromagnetic pulse (HEMP) on the bulk power system and to develop cost-effective mitigation options.  As a part of this research effort, EPRI is collaborating with DOE, the national labs and DoD.  EPRI has released two reports that, together, provide a scientifically-based understanding of what the E3 component of a high-altitude EMP attack could do to the power grid. The first report focused on the potential risk of thermal damage to bulk power transformers.  The most recent report, released in December 2017, assessed the potential for voltage collapse.  Ongoing research is investigating the impacts of E1, E2 and E3 from a HEMP event as well as identifying appropriate, cost-effective mitigation options.  Panelists will discuss EPRI’s work to date, next research steps, and the implications for federal and state regulators.

Moderator: Paul Stockton, Managing Director, Sonecon

Panelists:

Hon. Cheryl LaFleur, Commissioner, FERC

Devon Streit, Deputy Assistant Secretary - ISER, DOE

Mike Howard, President and CEO, EPRI

Randy Horton, EMP Program Manager, EPRI