Distribution Security Forum
Join us in Washington, DC!
April 11-12, 2019
The Distribution Security Forum is a conference focused on security issues in power distribution systems. This event will focus on improving security for the electric distribution infrastructure. Join us in Washington, DC, April 11th and 12th, for discussion panels, distribution presentations, and networking with peers facing similar threats.
The Ukraine attacks and other recent developments have highlighted the need to improve security for electric distribution infrastructure that is not covered by the CIP standards. With advancing technology, cyber attacks against electric distribution systems, advanced metering infrastructures, microgrids, and distributed energy resources are presenting an increasing risk.
Who should attend?
- Utility security leadership and staff
- Utility distribution operations leadership and staff
- Utility operational technology support
- Product vendors that provide products for distribution, metering, micrograms, or distribution energy resources
- State regulatory and/or energy officials and staff
- Security solutions providers
- Engineering and consulting firms supporting electric distribution systems
- Interested individuals from trade organizations, research and policy organizations, national labs, and academia
The Distribution Security Forum will be held at the Crystal Gateway Marriott in Arlington, VA. The hotel address is:
The meeting room location for this event will be available closer to the event date.
8am - 9am | Registration
Room location to be announced
9:30a - 10:00a | Opening Keynote | Suedeen Kelly
Suedeen G. Kelly is a highly recognized energy practitioner and former commissioner with the Federal Energy Regulatory Commission (FERC). She represents a variety of clients in the electric and natural gas industries on business, regulatory, litigation, enforcement and policy matters such as electricity and gas markets, renewable energy, electricity transmission, natural gas and oil infrastructure, LNG, electricity reliability standards, hydro licensing, carbon emissions, smart grid, energy efficiency and distributed generation.
9:30a - 10:15a | A Systemic Approach to Cyber Security | Dr. Erfan Ibrahim
Today’s standards based cybersecurity controls for Supervisory Control & Data Acquisition (SCADA) Systems are very IT centric and do little to protect against the Advanced Persistent Threat (APT) from nation states and nefarious organizations that compromise trusted systems and use the security credentials to their advantage. In this talk Dr. Erfan Ibrahim will provide an outline of this systemic security architecture and explain how this architecture can be used to securely integrate Distributed Energy Resources (DER) such as solar panels, wind turbines, energy storage, electric vehicles and fuel cells to the grid without forcing the power systems to adhere to sophisticated cybersecurity controls. This approach will save the electric sector billions of dollars in avoided costs of unnecessary power systems upgrades for improving the cybersecurity posture. Purpose built cybersecurity technologies maintain the cybersecurity posture while leaving the power systems and DER to focus on job of delivering safe, reliable and affordable electricity to the customers.
10:15a - 10:45a | Networking Break
10:45a - 12:00p | Panel - Trade Organization Perspectives
Moderator: Sharla Artz, Vice President, Gov’t Affairs, Policy and Cybersecurity, UTC
In this panel, representatives from the major industry trade organizations will provide their perspectives on cybersecurity issues arising in distribution systems.
12:00p - 1:00p | Lunch
Join us for a catered lunch and spend some time networking with other industry professionals.
1:00p - 1:30p | Constance Douris, Vice-President, Lexington Institute
Ukraine had to shut down its grid twice in one year as a result of a cyberattack. The threat of such an incident no longer is hypothetical. One vulnerability of the U.S. grid is that cybersecurity standards do not exist for the distribution system. This is particularly dangerous because the bulk power and distribution systems are linked. A successful cyberattack on one or two utilities could create a ripple effect, destabilizing electricity in large areas. Operators of the grid need tools to detect and correct malicious threats in networks before they cause serious damage.
1:30p - 2:45p | Panel - Utility Perspectives
Moderator – Steven Parker, President, EnergySec
In this panel, representatives of electric utilities will discuss emerging security issues and solutions on the distribution side of the grid.
2:45p - 3:!5p | Networking Break
3:!5p - 3:45p | A Review of State-level Cybersecurity Initiatives
This presentation will discuss state cybersecurity initiatives that could affect electric utilities.
3:45p - 5:00p | Panel - State Perspectives
Moderator, Paul Feldman, Director, EnergySec
In this panel, representatives for state regulatory agencies and energy departments will discuss their views on the security of electric distribution systems.
5:00p - 6:30p | Networking Reception
Join us for some light fare and evening beverages and enjoy some time networking with other industry professionals.
8:00a - 9:00a | Breakfast, Registration, Networking
Join us for breakfast and networking at 8am prior to the start of Day 2.
9:00a - 9:30a | Morning Keynote | Arthur House, Connecticut Chief Cybersecurity Risk Officer
House became Chief Cybersecurity Risk Officer for the State of Connecticut in October 2016 after four years as Chairman of Connecticut’s Public Utilities Regulatory Authority. House has a background in national security, having served as Director of Communications in the Office of the Director of National Intelligence and as Chief of the Communications Group for the National Geospatial-Intelligence Agency, a combat support agency of the U.S. Department of Defense. As a White House Fellow he served as Special Projects Officer on the staff of the National Security Council.
9:45a - 10:15a | The Cloud, IOT and Critical Infrastructure: It’s Not Too Late for ‘The Cyber‘ | Mark Weatherford
The evolution from perimeter-centric, hardware-based IT environments to virtualized data centers and the cloud is underway and when 62.9% of IT professionals believe the public cloud is more secure than their own data center, it’s no longer just a trend. IOT spending is also predicted to be $1.29T USD by 2020 so it’s a catalytic opportunity for security to take a central role in the future of IT.
10:15a - 10:45a | Networking Break
10:45a - 11:30a | Utility Presentation | Speaker To Be announced
11:30a - 12:00p | Incorporating Cybersecurity Best Practices in an End-to-End DERMS Solution | Varun Mehra, Product Manager, EnergyHub
In the energy sector, there has been exponential growth in the volume and diversity of connected grid-edge energy management devices — with more than 15 million smart thermostats, 1.5 million residential solar installations, and more than 600,000 electric vehicles coming online in the last few years. In order to connect and coordinate within this growing ecosystem of grid-valuable devices, utilities will require a software solution that securely manages the enormous complexity of decision-making across distributed energy resources (DERs), such as electric vehicle charging equipment, smart thermostats, battery energy storage, smart inverters, etc. The combination of utility- and consumer-owned DERs also creates a new level of complexity for cybersecurity practices, policies, and management. As a result, cybersecurity needs to be front-and-center in Distributed Energy Resources Management Systems (DERMS), and this talk will highlight key preventative measures in place in order to protect advanced grids from a cyberattack. Building on the findings and recommendations in the recently published AEE Institute report, Cybersecurity in a Distributed Energy Future, the talk will outline a holistic approach to incorporating the highest standard of cybersecurity practices within a DERMS platform — from the device to the utility.
12:00p | Event Ends | See you next Spring in D.C.
Call for Speakers
2019 Distribution Security Forum April 11-12, 2019 | Arlington, VA Marriott Crystal Gateway
Are you someone who can passionately and effectively share your subject matter expertise, real life experiences, innovative ideas, and/or practical solution’s with attendees at our event? If so, we invite you to submit a speaking proposal today.
We are looking for speakers that can address current challenges and solutions related to cybersecurity in electric distribution systems, including related topics such as Distributed Energy Resources, Distribution Automation, Microgrids, Advanced Metering Infrastructure, Utility Communications, Demand Response, and similar topics. Presentation slots of up to one hour are available.
We are open to a wide range of topics relevant to the above mentioned areas, including the following:
- Expanding security programs to cover distribution assets
- Case Studies on security technology deployments
- Security research or demonstration projects
- Security architecture approaches
- Addressing the unique challenges of small, distribution-only utilities
- Leveraging government resources (i.e. National Guard, FBI, ICS-Cert, Fusion Centers, state and local law enforcement) in utility security efforts
- The use of Blockchain or other emerging technologies in distribution and/or end-user markets
- Supply chain or vendor relations topics relevant to security
- Legal, policy, and compliance initiatives, including state-level activity
- Approaches to evaluating the efficacy and/or cost-effectiveness of security solutions
- Security exercises relevant to distribution systems
- Security operations, threat hunting, and/or incident response for distribution systems
- Challenges and solutions related to the use of cloud or 3rd party operated technology, including operational systems, communication systems, and data collection and
- Information sharing and collaboration at the local, regional, national, and international
We are seeking both technical and policy-focused talks relevant to the conference themes. Technical talks should be detailed enough to provide actionable information, while remaining accessible to individuals that lack deep technical knowledge.
The audience for this event is expected to include a broad cross section of stakeholders including utility management and staff, government organizations, state-level regulatory staff, state energy officials, vendor personnel, security researchers, policy organizations, students, and academia. We expect up to 75 attendees.
Interested individuals should submit the following information via email to firstname.lastname@example.org.
Full Name, Email Address, Company/Organization, Job Title, Short Biography, Title and Abstract for presentation, Time allotment desired