Substation Integration and Automation: The Cybersecurity Landscape is Changing - Didier Giarratano of Schneider Electric discussed Role Based Access Control (RBAC) and how to do good job applying RBAC to the challenges of substations. Anthony Eshpeter of SUBNET Solutions discussed “Complexities of Substation Cyber Security”. He provided a very good, lucid discussion – pointing out the need for solutions like those SUBNET sells but without ever making a sales pitch. Bradley Tips of Cisco addressed “Real-world Deployment of Network Security for NERC CIP Compliance”. A good overview of what CIP requires for a substation these days.
Smart Grid Cybersecurity and Standards-based Integration - This session was very well attended. Leading off was Elizaveta "Liza" Malashenko of the California Public Utilities Commission. Both Andy and I have blogged about her (and her staff’s) excellent paper making the case for state regulation of Smart Grid cyber security, and for using a risk-based approach in doing so (in contrast with the NERC CIPs' more prescriptive approach, which also don’t apply to distribution). Elizaveta is a very poised and articulate spokeswoman for this position; judging from the crowd that came up to greet her afterwards, she seems on her way to rock-star status.
Following Elizaveta was Valentine Emesih of CenterPoint Energy, who discussed and showed screens from a product they have developed with Siemens called Utility Operations Center Cybersecurity Manager. It seems to be a very well-designed “dashboard” to let EMS operators – without specialized cyber security training – be notified of security events and be clearly told what needs to be done for each one (I’m simplifying a lot). The third speaker was Ed Hedges of Kansas City Power and Light, on “Innovative Methods and Solutions Drive KCP&L’s End-to-End Smart Grid Program”. This was an excellent overview of KCP&L’s Smart Grid rollout, including some very honest discussion of lessons learned.
You vs. Security: Can you Keep Up? - We got off to a very rousing start with Joseph Fisher of Affinity IT Security addressing what utilities should be doing to achieve real cyber security, not just CIP compliance. He provided a good schematic of all the important domains of cyber security, and discussed what each one means. I don’t think there was any particular idea I hadn’t heard before, but it was very valuable to have all the pieces tied together.\
He was followed by PwC consultant Jon Stanford (formerly with BPA and a longtime member of the CSO 706 Standards Drafting Team). Jon’s topic was “Today’s Advanced Malware Threat” and he provided a great in-depth discussion of the many types of malware attacks in recent years and the different tools available to address them – as well as the processes and procedures that need to drive any effective anti-malware program. The last speaker was Adam Bosnian of Cyber-Ark Software, discussing the need to secure administrator and shared accounts.
So there you go, and thanks to Tom for providing the next-best-thing to being there. BTW, Tom's a bit of a NERC CIP expert, and you can find his latest observations on his new blog right HERE. When you get there be sure to bookmark it for future reading.