CYBERSECURITY TRAINING EXERCISE KMU TRAINING CENTER NOVEMBER 7, 2017

Transcription

1 CYBERSECURITY TRAINING EXERCISE KMU TRAINING CENTER NOVEMBER 7, 2017 Sponsored by: Kansas Municipal Utilities Kansas Municipal Energy Agency Kansas Power Pool

2 CYBERSECURITY TRAINING EXERCISE DATE November 7, 2017 SPONSORS Kansas Municipal Utilities (KMU) Kansas Municipal Energy Agency (KMEA) Kansas Power Pool (KPP) LOCATION KMU Training Center 2090 East Avenue A, McPherson, KS, CONTACT Colin Hansen, Executive Director (office) AUDIENCE Participation is limited to 30 KMU member cities. Cities and utilities are encouraged to bring 2 representatives: 1 city or utility manager and 1 technical/it representative. The afternoon is split into tracks, 1 aimed for utility and city managers and 1 for technical IT staff. More than 2 city representatives may attend, but will only be able to observe. COST $125 for 2 people to attend HOW TO REGISTER MORNING EXERCISE Cyber and Physical Security Preparedness Exercise Cyber and physical security attacks are increasing threats for public power organizations. Through a cooperative agreement with the U.S. Department of Energy (DOE), the American Public Power Association (Association) has committed to assisting its members in developing a culture of cybersecurity awareness and preparedness at their respective organizations. As part of this commitment, the Association is supporting member organizations in conducting Cyber and Physical Security Preparedness Exercises. The exercise scheduled at KMU on November 7 will include a discussion of current cybersecurity threats to municipal utilities and recent case studies of cyber incidents affecting municipal utilities, information on the various resources the Association can provide in improving cyber security, and a scenario that will allow participants to identify problems and possible solutions to a cybersecurity issue through facilitated group discussions. The exercise will provide an opportunity for participants to evaluate their current capabilities in preventing and responding to cyberrelated issues, to raise perceived gaps in cybersecurity among the industry and at respective organizations, and to identify further resources that can assist to improve cybersecurity awareness and preparedness at respective organizations.

3 MORNING EXERCISE Cyber and Physical Security Preparedness Exercise GOALS Understand the roles of the American Public Power Association (APPA), and utility members during a cyber or physical attack Understand coordination and communication processes between APPA, and utility members Provide members with an opportunity to discuss lessons learned from the Ukraine cyber-attack Provide members with an opportunity to discuss the Burlington, VT media incident OBJECTIVES Identify specific opportunities to improve coordination and communication between, member utilities and the Association for cyber or physical threats or attacks Identify specific opportunities for the Association to provide value to members in preparing for and responding to cyber and physical threats or attacks Provide members with threat and vulnerability information to consider in regards to their current or future technology use TRAINERS Jon Sawicki, Lead Facilitator, Witt O Brien s Jon Sawicki is a Director at Witt O Brien s with a focus on physical and cybersecurity risk management. Jon has facilitated four cybersecurity exercises on behalf of the Association in Arizona, Florida, Virginia and Wisconsin. Mr. Sawicki has shared his expertise in a variety of theatres including serving the US State Department Anti-Terrorism Assistance Program in Bogota, Colombia, delivering formal testimony to the House Homeland Security Committee on the status of cybersecurity at U.S. ports and developing effective security programs throughout the Americas and West Africa to secure global maritime trade. Carla Poole, Facilitator/Evaluator, Witt O Brien s Ms. Poole brings her years of experience in providing presentations, training, and exercises for a variety of audiences. Ms. Poole has completed the Homeland Security Exercise and Evaluation Program (HSEEP), after which she has provided support and expertise in different exercises; including workshops, drills, tabletops, functional, and full-scale; conducted with our past and current clients. Ms. Poole has supported on several American Public Power Association Projects, including the Tabletop Exercise in a Box toolkit and Cybersecurity Engagement Plan, which are resources available to all Association members. Ms. Poole has also supported on several other exercises as part of the Association s Cyber and Physical Preparedness Facilitator-Led Exercises (CAPP-FLEX). Ms. Poole is an emergency management professional with ten years of hands-on experience in disaster planning and preparedness, emergency response, public sector, and public safety and security. She graduated with summa cum laude honors and a Bachelor of Science in Emergency Management from the University of Maryland University College. She has a Master in Public Administration from the University of Baltimore and is currently pursuing a Juris Doctorate at the University of Baltimore School of Law.

4 AFTERNOON TRAINING TRACK 1: Executive/Management Level Cyber Security Training Designed for Executives and Management-level Staff, this training is intended to support the development of a holistic cyber and physical security program and aims to help members get started in creating the necessary building blocks specific for your utility. Participants receive knowledge of the fundamental concepts of cyber security, threat vectors, and risks to their utility. Training provides an understanding of key elements integral to adoption and implementation of sound cyber security practices and any cyber security framework and/or standards that may become applicable. Intended to build awareness and knowledge, an important feature of the training is an active participant workshop review of a utility case study. An outline of the topics covered will include the following: Fundamental understanding of crucial cyber & physical security concepts and a holistic cyber security program Realize the specific cyber risks, trends and recent incidents in the utility industry An overview of the necessary philosophy, culture of security and involvement of teams, including roles and responsibilities Best practices for using a security blueprint for effective cyber risk management A high level roadmap for cyber security program and mitigation plan Guidance for developing a next steps plan with headcount and budgeting. TRAINER Doug Westlund, Senior Vice President, AESI Inc. An experienced executive with over 30 years experience in the utility and telecommunications markets with a passion for developing technologybased solutions that solve difficult problems. Business expertise in the areas of strategic planning, business development and team leadership. Technical expertise in the areas of utility automation, communications and cyber security. Has developed and maintains strong relationships with leading technology, industry, and government organizations. At AESI, Doug leads the strategic planning services for the firm including operational risk management with a focus on cyber security. Active in training and guiding Board members and executive teams on cyber security risk management and governance. Active in developing comprehensive cyber security and technology plans for clients. Efforts led to selection by Hometown Connections (subsidiary of the American Public Power Association) of AESI as their partner for cyber and physical security consulting services for US public power. TRACK 2: IT-OT Manager Cyber Security High-Level Technical Overview This training seminar has been developed specifically for IT/OT managers, and offers an overview of technical considerations and a recommended cyber and physical blueprint for implementing a cyber security program. In support of an interconnected IT/OT cyber security program, at a highlevel, the seminar will provide a synopsis of risk management concepts as it applies to cyber security policies and governance structures, regulatory requirements, also asset and information management practices. As well, a technical summary of a vital network architecture of the systems, appropriate controls, and host/endpoint security. Most notably, the seminar should enable IT/OT managers to appraise if any additional APPA endorsed training sessions will benefit their operations, and with gauging next steps to implementing cyber security measures.

5 AFTERNOON TRAINING TRACK 2: IT-OT Manager Cyber Security High-Level Technical Overview (continued) An outline of the topics covered will include the following: Risk Management Basics with an emphasis on Cyber Security risk Differences between IT and OT security risks & the impact of IT/OT integration Defining sound security policy and governance models based on risk assessment Integrating risk based policies with legal and regulatory requirements Driving on-going risk management through asset management strategies Strategies for deploying cyber security governance and policy TRAINER Kim Grosskurth, AESI Inc. Kim is a results-driven professional with extensive experience in Regulatory Compliance and Legislation Enforcement for cyber security addressing NERC CIP and NIST standards. Kim has a broad perspective that supports business operations from investigating and developing business and functional requirements, to the development and execution of program assessments/audits, developing business continuity plans and crisis management procedures. Her strong project management capabilities supports detailed execution involving risk identification and mitigation strategy development, while meeting strict timelines and budgets. Her extensive background supports informative training that not only instills good cyber security practices, but also relatable utility applications and case studies that come from her tenure at a large transmission and distribution power utility, as well as a consultant.