|
NERC
Perspective:
|
Panel
Discussion -
Perspectives on 1200 Compliance:
|
|
"Cyber-Security
Standards for the Future -
Update on NERC's '1200 Standard'"
Lynn P. Costantini,
Chief Information Officer,
North American Electric Reliability Council
|
|
"Manage
'Gap Analysis' to Comply with Cyber-Security Guidelines"
Charles E. Noble, NPCC,
ISO New England
Larry
Bugh, ECAR
James
W. Sample, CISSP, CISM,
WECC, California ISO
Barry
Lawson,
National Rural Electric Cooperative Association
|
|
Cyber-Solutions
and Cost Recovery:
|
Process
Controls Security Update: |
|
"The
Future of Cyber-Security Tools for Utility Applications"
Thomas Kropp and Scott Mix, EPRI
"State
and Federal Allowances and Guidelines for Security
Cost-Recovery"
Alison Silverstein,
Federal
Energy Regulatory Commission
Jeffrey R. Pillon,
Michigan Public Service Commission
|
"Cyber-Security
of Utility
Process Control Systems -
Current Status, Recent Incidents
and Industry/Government Initiatives"
Joe Weiss,
CISM,
KEMA Consulting
|
|
Benchmark
the State of Your Security Program against Utility and
ISO Case Examples:
|
-
Aquila
Energy Corporation
Addresses the business risk of security investment,
quantifying returns amid vague and elusive
guidelines, standards and mandates
-
Southern
Company
Creates a cyber-security risk assessment program for
multiple plant assets, forging relations between IT
security and onsite plant personnel to address
technical and process related vulnerabilities
-
California
ISO
Successfully integrates a public key infrastructure
(PKI) into systems of participating companies and
assesses related NERC 1200 PKI implications
-
Electric
Reliability Council of Texas, Inc. (ERCOT)
Conducts a "white hat" attack on its cyber
infrastructure to clarify and prioritize risks
without endangering production environments or
uptime
|
-
Dynegy,
Inc.
Eliminates areas of weakness and vulnerability in
its wireless network, adopting a new set of
assumptions to include cyber-terrorism, inter-
dependencies and corporate and individual liability
exposure
-
Nebraska
Public Power District
Reviews its cyber security program in six dimensions
- executive oversight, assets and perimeter,
policies and procedures, access control and
monitoring, incident response, business continuity
and system management
Plus!
Patch Management Solutions for Large and Small
Utilities:
-
Constellation
Energy Group (Baltimore Gas & Electric) and
Hoosier Energy Rural Electric Cooperative, Inc. update
their patch management programs, identify
vulnerabilities, test patches in a real-time
environment and still avoid exploitation
|
|
|
|