Cybersecurity Essentials for Utilities

Speaker

James Chacko - Cyber Security Manager, Acumen
With 18 years of experience, James is an expert in cybersecurity for critical infrastructure in the utility sector. He has implemented comprehensive cybersecurity programs, including patch management and security architecture development, adhering to NIST and NERC CIP standards. James also delivers specialized OT and IT cybersecurity training across North America. Currently pursuing a Master of Science degree in Cyber Security from Georgia Tech, he leverages his extensive knowledge to enhance cybersecurity resilience and mitigate threats effectively.

DAY 1

Cyber Threat Landscape
• Overview of the current cyber threat landscape and emerging trends
• High-profile cybersecurity incidents and their impact on affected organizations

Cyber Risk Management
• Identifying and assessing cyber risks
• Strategic approaches cybersecurity governance

Cybersecurity Governance
• Establishing a cybersecurity governance framework
• Roles and responsibilities of the Board, executives and other stakeholders in cybersecurity governance

DAY 1 – BREAK

Introduction to Cybersecurity in Utilities
• Importance of cybersecurity in utility sectors
• Overview of the current cybersecurity threat landscape
• Threat actors and their motivations
• Recent trends and implications for Operational Technology (OT)

Regulatory Compliance and Standards
• Introduction to key regulatory frameworks (e.g., NERC CIP, NIST CSF)
• Compliance as a basis for robust cybersecurity

Cybersecurity Incidents and Case Studies
• Recent cybersecurity incidents impacting utilities
• Case Study: Ukraine Power Grid Hack (2015)
• Case Study: Oldsmar Water Treatment Facility Hack (2021)

DAY 2

Technical Foundations of Cybersecurity
• IT vs OT: Understanding the differences and intersections
• Basic cybersecurity terminologies (e.g., malware, phishing, social engineering, etc.)
• Introduction to cybersecurity tools and resources

Cybersecurity for Utilities
• Attack surfaces and vectors specific to utilities
• Device and network security
• Use of strong passwords and Multi-factor Authentication (MFA)
• Regular updates, specifically security patches
• Encrypting confidential data
• OT-specific security measures
• Network segregation and monitoring
• Asset management and patching
• Physical security measures

Secure Online and Remote Access Hygiene
• Best practices for remote access to OT networks
• Use of VPNs and endpoint security
• Risks associated with public networks and how to mitigate them

DAY 2 – BREAK

Human Factor in Cybersecurity
• Awareness and training to mitigate human error
• Phishing/Spear-phishing and Social Engineering: Identification and prevention

Vendor and Supply Chain Security
• Risks and best practices in managing vendor and supply chain cybersecurity

Incident Response and Recovery
• Procedures for detecting, containing, and recovering from incidents
• Practical examples of incident response in utility settings

Exercises and Demonstrations
• Sandbox environment exercises (e.g., identifying common threats, responding to incidents)
• Demonstrations:
- Shodan search for the utility
- Phishing Demo (video)

Discussion and Q&A
• Open discussion on cybersecurity challenges and strategies
• Addressing queries and concerns from the attendees