Workshop Schedule
Day 1 – Wednesday October, 25
9:00 am – 9:15 am EST
Workshop Kickoff and Opening Statements
By Jeanne Beard, Office of Information Services and Chief Information Officer for the Department of Energy Office of Environmental Management
9:15 am – 9:30 am EST
EFCOG Cybersecurity Working Group Update and Brief Discussion on NIST SP 800-171
By Bridgitte Mase, Chief Executive Officer of DeMase Technical Services and EFCOG Cybersecurity Working Group Chair
9:30 AM – 10:15 AM EST
Fireside Chat with Ann Dunkin and Clare Martorana
By Ann Dunkin, Chief Information Officer, U.S. Department of Energy and Clare Martorana, Federal Chief Information Officer, Office of Management and Budget
10:15 AM – 10:30 AM EST
Break
10:30 AM – 11:20 AM EST
Inside the Cyber Assessment
By Chris McFearin, Director, Office of Enterprise Assessments, U.S. Department of Energy
This session will review the trends the DOE Enterprise Assessment team is seeing, where they are focusing in 2024, and answer audience questions.
11:20 AM – 11:50 AM EST
The Center for Cyber Security Research (C2ST) at UND
By Barry Jones, Principal Network Security Engineer at WAPA, Dr. Prakash Ranganathan, Director for the C2SR, and Jamison Jangula, Cybersecurity Analyst at the C2SR
This session will cover i) Cyber Security Challenges Associated with Growing Penetration of Distributed Energy Resources (DERs); ii) Physical and Cyber Security Issues in Substations; iii) UND’s New DoE’s CESER Project with ANL on Developing an Intrusion Diagnostic Unit (IDU) Cybersecurity Software Tool for DER Aggregators; and iv) Upcoming Training Workshops on Cyber-Informed Engineering; and Realizing Resilient Control Architectures and Power Systems.
11:50 AM – 1:00 PM EST
Lunch Break
1:00 PM – 1:50 PM EST
Challenges with Critical Infrastructure
By Tom Summers, Vice Chair, Defense Nuclear Facilities Safety Board
This session will review critical infrastructure concerns.
1:50 PM – 2:00 PM EST
Break
2:00 PM – 2:50 PM EST
Inside the FBI Threat Analytics Collaboration Unit
By Supervisory Special Agents of the Federal Bureau of Investigation
Discussion about the FBI’s TACU.
2:50 PM – 3:00 PM EST
Break
3:00 PM – 3:50 PM EST
Protecting Our Critical Infrastructure
By Mike Holcomb, Fellow, Director of Cyber Security, Control Systems Cyber Security Global Lead, Fluor
This talk covers a simplified, prioritized approach to building a new ICS/OT cyber security program and improving on it over time.
3:50 PM – 4:30 PM EST
Zero Trust and Internet of Things
By Amy S. Hamilton, PhD., Visiting Faculty Chair, Department of Energy, National Defense University, College of Information and Cyberspace
This talk reviews compliance of Zero Trust initiatives and Internet of Things.
Day 2 – Thursday October, 26
9:00 AM – 9:50 AM EST
Cracking the Code: The Role of Programming in Information Security
By Mark Baggett, Senior Cybersecurity Engineer, SANS Institute
In this presentation, we’ll explore an unpatched vulnerability within Windows, one that attackers can likely exploit to bypass your defenses. Through the lens of this attack, we’ll address a significant question: “Are programming skills a requisite for excelling in the field of information security?”
9:50 AM – 10:00 AM EST
Break
10:00am - 10:50am EST
Stop Assessing and Start Addressing: Visibility Inside Industrial Control Systems
By Chuck Weissenborn, Regional Manager for Defense and Intelligence, Dragos
This session will review mechanisms for obtaining visibility inside of Industrial Control Systems.
10:50 AM – 11:00 AM EST
Break
11:00 AM - 11:50 AM
Understanding the False Claims Act
By Gregory Pearson, Senior Trial Attorney, U.S. Department of Justice
Review of the False Claims Act.
11:50 AM – 1:00 PM EST
Lunch Break
1:00pm - 1:50 pm EST
Inside the Advanced Persistent Threat
By Brad Rhodes, Security Operations Domain Lead, Accenture Federal Services
A look inside Advanced Persistent Threats using the example of the Vanguard Panda (aka Volt Typhoon) attack against Industrial Control Systems. We will explore Vanguard Panda’s activities, associated risks, and strategies to defend against this Advanced Persistent Threat (APT) and others.
1:50 AM – 2:00 PM EST
Lunch Break
2:00pm - 2:50 pm EST
Mission-Driven, Cyberspace Defense
By Gary Stoneburner, Senior Professional Staff, John Hopkins, Applied Physics Laboratory
A common problem across sectors is executing ‘cybersecurity’ that looks more like policy compliance than an effective defense against highly capable adversaries seeking to harm organizations, missions, individuals, or the Nation through cyberspace. In addition to what appears to be largely comply with policy, a commonly expressed goal is to improve or reduce risk without a statement of what improvement/reduction is necessary for assurance of mission success. Instead we suggest that the need is a paradigm shift from cybersecurity requirements expressed as mandated means/methods to mission-driven, cyberspace defense capability requirements and the engineering to achieve them by whatever set of means/methods best does so within the constraints that exist. That is, system security engineering (SSE) as a capability-engineering discipline executed within systems engineering that applies SE thinking and practices toward achieving these defense capabilities. The presentation/panel membership focuses on SSE defined using INCOSE language for SE and the ramifications of such a definition toward the engineering discipline.
2:50 AM – 3:00 PM EST
Break
3:00pm - 3:50 pm EST
Common Threats Seen by the FBI
By the Federal Bureau of Investigation
This presentation will focus on cyber security threats to businesses and organizations, with a focus on Business Email Compromise, general fraud schemes, and ransomware. Current threat trends and best practices to protect yourself and your organization.
3:50pm - 4:20 pm EST
Part 2 of Protecting Our Critical Infrastructure
By Mike Holcomb, Fellow, Director of Cyber Security, Control Systems Cyber Security Global Lead, Fluor
4:20 pm - 4:30 pm EST
Wrap-up, Closeout, and Follow-on Activities
By Jeanne Beard, Director, Office of Information Services and Chief Information Officer for the Department of Energy Office of Environmental Management and Bridgitte Mase, Chief Executive Officer of DeMase Technical Services and EFCOG Cybersecurity Working Group Chair