Oct
02
-
03

Join us for an essential seminar designed to enhance your cybersecurity knowledge and skills. This comprehensive training will cover critical aspects of IT and OT security, and effective incident response strategies.

Wednesday, Oct. 2 • 11 AM — 5 PM
Thursday, Oct. 3 • 8 AM — 3 PM

Recommended for:
• IT/OT managers and staff from public power utilities, responsible for system and cyber risk
• Policymakers and operations staff procuring IT and OT cyber assets
• Third-party vendors supporting critical infrastructure

Speaker

Speaker

James Chacko - Cyber Security Manager, Acumen
With 18 years of experience, James is an expert in cybersecurity for critical infrastructure in the utility sector. He has implemented comprehensive cybersecurity programs, including patch management and security architecture development, adhering to NIST and NERC CIP standards. James also delivers specialized OT and IT cybersecurity training across North America. Currently pursuing a Master of Science degree in Cyber Security from Georgia Tech, he leverages his extensive knowledge to enhance cybersecurity resilience and mitigate threats effectively.

Agenda

DAY 1

Cyber Threat Landscape
• Overview of the current cyber threat landscape and emerging trends
• High-profile cybersecurity incidents and their impact on affected organizations

Cyber Risk Management
• Identifying and assessing cyber risks
• Strategic approaches cybersecurity governance

Cybersecurity Governance
• Establishing a cybersecurity governance framework
• Roles and responsibilities of the Board, executives and other stakeholders in cybersecurity governance

DAY 1 – BREAK

Introduction to Cybersecurity in Utilities
• Importance of cybersecurity in utility sectors
• Overview of the current cybersecurity threat landscape
• Threat actors and their motivations
• Recent trends and implications for Operational Technology (OT)

Regulatory Compliance and Standards
• Introduction to key regulatory frameworks (e.g., NERC CIP, NIST CSF)
• Compliance as a basis for robust cybersecurity

Cybersecurity Incidents and Case Studies
• Recent cybersecurity incidents impacting utilities
• Case Study: Ukraine Power Grid Hack (2015)
• Case Study: Oldsmar Water Treatment Facility Hack (2021)

DAY 2

Technical Foundations of Cybersecurity
• IT vs OT: Understanding the differences and intersections
• Basic cybersecurity terminologies (e.g., malware, phishing, social engineering, etc.)
• Introduction to cybersecurity tools and resources

Cybersecurity for Utilities
• Attack surfaces and vectors specific to utilities
• Device and network security
• Use of strong passwords and Multi-factor Authentication (MFA)
• Regular updates, specifically security patches
• Encrypting confidential data
• OT-specific security measures
• Network segregation and monitoring
• Asset management and patching
• Physical security measures

Secure Online and Remote Access Hygiene
• Best practices for remote access to OT networks
• Use of VPNs and endpoint security
• Risks associated with public networks and how to mitigate them

DAY 2 – BREAK

Human Factor in Cybersecurity
• Awareness and training to mitigate human error
• Phishing/Spear-phishing and Social Engineering: Identification and prevention

Vendor and Supply Chain Security
• Risks and best practices in managing vendor and supply chain cybersecurity

Incident Response and Recovery
• Procedures for detecting, containing, and recovering from incidents
• Practical examples of incident response in utility settings

Exercises and Demonstrations
• Sandbox environment exercises (e.g., identifying common threats, responding to incidents)
• Demonstrations:
- Shodan search for the utility
- Phishing Demo (video)

Discussion and Q&A
• Open discussion on cybersecurity challenges and strategies
• Addressing queries and concerns from the attendees


Registration

Cost: $99 per person

The deadline to register is Sept 25. Register using the form below or by contacting Lisa Korthals at info@mrenergy.com or 605-338-4042. If you register online, you will receive an email confirming your registration.

Lodging

ClubHouse Hotel & Suites • 2320 S Louise Ave, Sioux Falls
A room block is reserved for $145 plus taxes. This rate is valid until Sept. 1 or until the room block is full. Please call the hotel directly to make your reservation at 605-361-8700.

Please specify you are with the MRES cybersecurity seminar.
Group rate and room block are not available online.



Cybersecurity Seminar Registration