Mark your calendar for August 19-21, 2019 as the EnergySec Security & Compliance Summit returns to the Disneyland Hotel

Join us at the Disneyland Hotel in Anaheim, CA!

August 19-21, 2019

Our Annual Security and Compliance Summit returns for our 15th Anniversary! We are still the premier security conference for critical infrastructure and one of the longest running events of its kind in the nation.

The unique qualities of our Summit reside in the vast array of industry leaders and experts we invite to participate in the event.  Attendees benefit from a diverse collection of perspectives, knowledge, and experience as our presenters and panelists journey from destinations all around nation and globe! With such a concentration of thought leadership and talent, the stage is set for passionate discussion and debate on a variety of topics that highlight the burning issues and evolving needs of our industry.

Navigate our Summit page to learn more about this year’s exciting topics and speakers. Registrations and rooms go fast so start planning your educational experience and relaxing fun in the sun today!

Who should attend?

  • Chief technology officers (CTO)
  • Chief security officers (CSO)
  • Chief information officers (CIO)
  • Department of Homeland Security personnel
  • Department of Energy personnel
  • General Managers (municipal, coops, power plants, etc)
  • Compliance managers
  • Regulatory specialist
  • Operations managers
  • IT & security architects
  • Cyber risk managers
  • Auditors
  • Security analysts
  • Program and Project managers

Gold Sponsors

Silver Sponsors

Bronze Sponsors


Download Program Guide Here

Day 1 - Aug. 19, 2019

11:00a – 4:00p
Registration Open

1:00p – 4:30p
Breakout Sessions: Concurrent break-out sessions in four areas of interest

Leadership Track

Collective Cyber Defense in the Energy Sector: Towards An Organizational Maturity Model
Shawn Wallace & Greg Conti | Iron Net Security
Participation in an ISAC is a necessary milestone. Building on the ISAC foundation, this talk presents a maturity model for knowing where your organization stands on its journey toward true collective defense, where it should go next, and how it can get to the next level. We’ll provide a well‑ researched model for assessing the maturity of any organization’s collective defense programs.

Lessons Learned in Information Sharing
Bell Nelson | Global Resilience Federation (GRF)
Mr. Nelson will describe a real life response to a cyber attack that resulted in no damage to the victim organization or loss of reputation among its customers. He will reveal how important honesty and speed are to demonstrate from a public relations perspective that a victim organization takes the incident seriously and is taking steps to correct it.  He will then compare this type of transparent response to other types of responses that were vague, ambiguous or even a stonewall response.  These often result in the loss of jobs for those companies’ CISOs, CIOs and even CEOs. Handling the potential public outrage from a successful cyber attack can often times be more important and difficult to address than the actual remediation of the problem.  This session will provide the attendees with key tips from Mr. Nelson who has first-hand experience.

Securing Digital Utility Transformation: Opportunities and the Way Forward
Souheil Sabbagh | SNC-Lavalin
The digitalization of utilities promises to optimize the supply and demand of electricity, manage the increasing number of renewable sources of energy and microgrids while offering efficiency improvements for consumers. The large volumes of data generated, combined with predictive analytics, allows utilities to transition to a proactive mode of asset management. Such a far-reaching digital transformation comes with many challenges for critical infrastructures, with cybersecurity near the top of the list. The widespread connection of distributed energy resources will drastically increase the attack surfaces, which will expose utilities to new threats. Mr. Souheil Sabbagh, Director Strategy & Consulting Services for SNC-Lavalin’s Intelligent Networks & Cybersecurity, will touch upon the digital utility transformation, point out some of the opportunities that it can bring, and highlight some of the industry’s best-practices for transitioning to a secure, digitally integrated electrical grid amidst increasingly sophisticated threats.

Security Operations Track

Creative Destruction and Agnostic Detection using a Structured Threat Observable Tool Set
Bryce McClurg | Idaho National Laboratory
As part of the California Energy Systems for the 21st Century (CES-21) project, Idaho National Laboratory (INL) has developed a Structured Threat Observable Tool Set (STOTS), using Structured Threat Information Expression (STIX), as a method for detection and monitoring that can be used by the most advanced and the most basic cyber personnel to find IOCs for configuration specific systems. The tools developed in STOTS focus on surgical detection and response for a specific threat, enabling cyber defenders to be more agile in defense against cyber adversaries.

STIX and Big Data
Christian O. Hunt | New Context Services
Discovering and defending cyber attacks against utilities requires machine automation for rapid observed data ingestion and pattern matching to detect threats. The use of STIX and ELK to quickly discover potentially malicious activity is a vendor agnostic means to achieve these goals in addition to providing a means to share these findings with trusted industry peers. Leveraging off­the­shelf big data tools
such as Elasticsearch to facilitate rapid querying of complex STIX observable datasets is not limited to IP addresses and malware signatures.

Seeing into the Black Box of Embedded Systems
Rita Foster | Idaho National Laboratory
Reverse engineering and binary analysis tools have been around for a long time and are evolving. Visualization and applying machine learning concepts to traditional RE and binary analysis are producing interesting results. The Firmware Indicator Translation (FIT) project funded by the Department of Energy, Office of Cybersecurity, Energy Security and Emergency Response, Cybersecurity of Energy Delivery Systems (DOE-OE-CESER), focuses on firmware in embedded system to produce multiple tool-sets that provide insight into previously black box type systems.

Using Security Orchestration in Utility Networks to create an Agile Threat Response and Enhance Resiliency
Andrew Storms | New Context
New emerging tools for security automation and response have the capability to create a more enhanced agile threat response to support grid resiliency. The proposed session is a panel discussion among asset owners, vendors and researchers. Security orchestration is a hot topic for many organizations and the technology has high potential. Like many security tools, they come with some potentially lofty goals. Furthermore, as we have seen many times in the past, IT-centric tools are not always directly translatable to the area of OT.

Leveraging Cybersecurity to Improve Operations & Situational Awareness
Bill Johnson | TDi Technologies
Cybersecurity solutions are becoming more prevalent, and there are significant benefits that can be realized in operations. This session will discuss the value of technologies not only for Compliance and Cybersecurity but will emphasize how technologies can be leveraged to improve Operations and Situational Awareness from an OT perspective.

Security Technology Track

ICS Security or Security at the Edge
Kip Gering | Xage
Distributed energy resources and microgrids are increasingly owned and operated by a third party. These DERs connect to the distribution grid and can not only create power flow challenges, but may also pose security risks that can disrupt other grid operations. In this session, Xage will share recent customer projects which have demonstrated how DER systems and machine-to-machine and machine-to-control interactions can be secured.

Practical Usage of Security Features in ICS devices
Mariam Coladonato | Phoenix Contact
This workshop is a practical approach that explains and demonstrates how to properly use the security features in ICS devices and software. It will aid asset owners in reducing risks from cyber incidents, increase resilience of your process network, and achieve overall security standards and compliances. Learn how to create a cyber security strategy that fits your organization.

Cyber Resiliency of Mission Critical Systems
John Collins | FoxGuard
Mission critical control systems have become vulnerable over time as the Internet of Things (IoT) has become more integrated. As IoT converged networks have become more integrated their Cyber Security vulnerabilities have had consequences effecting operations and uptime availability. FoxGuard would highlight these vulnerabilities to educate what these networks are, why they are vulnerable and ideas on how to enable resilience through cyber security best practices. The best practices would focus on organizational leadership recommendations, technology enablers to create scale, and processes that shift risk of down time operations for critical assets. FoxGuard Solutions has 14 years of experience in the ICS/IoT cyber security and 39 years building critical systems hardware. Our presentation will focus on the relevance of improving cyber security of integrated networked automation systems

Cybersecurity – No longer the “IT” issues of the 20th Century
Carter Schoenberg | IPKeys
On January 29th, 2019, the U.S. Director of National Intelligence produced a Worldwide Threat Assessment highlighting China’s enhanced activity targeting American critical infrastructures. The ability for critical infrastructure to defend, detect, respond, and recover is becoming increasingly problematic for a variety of issues that include: A focus on compliance initiatives versus assessing organizational risk, lack of resources (technology and staff), increasing dependence of IoT devices and supply chain partners, and costs of ownership. Learn about how your organization can address these complex challenges in a way that lends itself to having buy-in at the C-Suite and Boards of Directors.

Compliance Track

Growing Your Compliance Program: A Maturity Model for NERC Compliance
Kathryn Wagner | AssurX
Energy and Utility companies have a challenging set of regulations, not just NERC CIP but a variety of others – many of which have overlapping scope. Cyber security program maturity is an evolutionary path from defensive, event-driven tactics to offensive, predictive strategies. Explore a proven maturity model for compliance that contributes to continual program improvement through internal controls and risk management techniques across a wide scope.

Audit Lessons Learned
Matt Caves | Western Farmers Electric Coop
Western Farmers Electric Coop (WFEC) was the first former SPP RE entity audited by MRO in late 2018. Matt will discuss the unique approach that the auditors took from two different regional entities to address and review compliance with the same NERC Standards and Requirements. Much like a comparison of the requirements and measures to meet the compliance requirements of specific Standards and then how the different RE’s/auditors looked at our processes, procedures and evidence. One quote from a MRO auditor that stood out to me, is “we’ve never looked at addressing EOP-008-2 that way, but it makes sense.” They had to go back and review that specific issue with their staff, since the approach was new to MRO, but not to SPP RE entities.

CIP Project 2016-02 Update
Scott Klauminzer | Tacoma Power
The CIP presentation will provide industry with a status update on the current CIP project (Project 2016-02). Main points covered during this presentation will be the virtualization and future technology update being made to the CIP standards. We will discuss the current direction and new defined terms that will aid in applying CIP Standards Requirements to virtualized systems.

5:00p – 7:00p
Welcome Reception
Bring your family and join us for light refreshments, networking, and a special visit from some of our favorite Disney friends. Photo opportunities will be available with Disney characters.

Day 2 - Aug. 20, 2019

Registration Open

A Continental Breakfast will be served in the Expo area.

8:00a – 8:15a
Opening Remarks

08:15 – 09:00
Next-Generation Visibility for Industrial Cyber Risks: Beyond Active vs. Passive Monitoring
Robert Landavazo | Tripwire
This session introduces a next-generation approach to collecting critical raw data from industrial networks using active monitoring, passive monitoring and hybrid monitoring. It’ll also explore the next frontier: deeper visibility through integration. Attendees will learn about practical, non-obtrusive techniques to help identify, mitigate and remediate cyber events from vulnerabilities and system misconfigurations to unauthorized changes and equipment failure. For an even deeper level of visibility, industrial organizations need a strategy around integrating cybersecurity solutions with other operational technology platforms. Towards that end, we’ll explore how industrial organizations can leverage integration as a strategy for deeper visibility and intelligence.

9:00a – 9:30a
Harry Perper | The MITRE Corporation
NIST National Cybersecurity Center of Excellence will offer recommendations in three areas of cybersecurity that offer ideas to enhance security, reduce reporting overhead, and support compliance. The areas include access management, asset monitoring and situational awareness.

9:30a – 9:45a
Student Introductions and EnergySec Workforce Programs

9:45a – 10:15a
Networking Break

10:15a – 11:00a
You’ve been hacked! Now what?
Bill Nelson | Global Resilience Federation (GRF)
Mr. Nelson will describe a real life response to a cyber attack that resulted in no damage to the victim organization or loss of reputation among its customers. He will reveal how important honesty and speed are to demonstrate from a public relations perspective that a victim organization takes the incident seriously and is taking steps to correct it. He will then compare this type of transparent response to other types of responses that were vague, ambiguous or even a stonewall response. These often result in the loss of jobs for those companies’ CISOs, CIOs and even CEOs.

11:00a – 11:30a
Solving ICS Cybersecurity Challenges in the Electric Industry
Matt Cowell | Dragos Inc.
Electric utilities are an integral component of critical infrastructure, and as such, are unique targets for adversaries who aim to disrupt their operations and the day-to-day lives of people who depend on them. This presentation outlines the experiences of a medium sized US electric utility and how Dragos helped various teams overcome some of their specific OT cyber security challenges.

11:30a – 12:00p
Unleash the Data Around Your Supply Chain Program
Tony Turner & Steve Earley | Fortress Information Security
Supply chain attacks are everywhere. The board is taking notice, but your supply chain program just doesn’t feel actionable or useful. This session will demonstrate why these investments are failing to hit the mark and companies continue to be compromised by their trusted suppliers. We will discuss some actionable steps you can take to create contextual awareness around your supply chain risk program and focus on achieving outcomes. Not scores.

12:00p – 1:15p
Catered Lunch

1:15p – 2:15p
George Masters | SEL
Panel – Addressing Supply Chain Risks

2:15p – 3:15p
Jeff Cornelius | Darktrace
Assaf Kalderon | CyberX
Keith Brennan | Firemon
The Elevator: Rapidfire Presentations

3:15p – 5:30p
Expo Hall Open | Refreshments, Networking, Prize Giveaways, and more

Day 3 - Aug. 21, 2019

Registration Open

A Continental Breakfast will be served in the Expo area.

8:00a – 8:15a
Opening Remarks

8:15a – 8:45a
ICS Security Around the World
Patrick Miller | Archer Security Group

8:45a – 9:15a
EnergySec Programs and News
Steve Parker | EnergySec

9:15a – 10:00a
Evolving Compliance towards a Culture of Resiliency
Scott Klauminzer | Tacoma Power; Joe Tellez | Tacoma Public Utilities
Building upon a strong foundation of a culture of compliance, Tacoma Power is maturing its cyber security capabilities to extend beyond protective and detective measures to meet regulatory obligations by leveraging cyber security technology, process engineering, and workforce to be better positioned to handle cyber events from a resiliency standpoint. We will share our journey towards creating a culture of resilience and how cyber security capabilities are being extended to all ICS systems which involves asking hard questions and taking consistent incremental positive steps.

10:00a – 10:30a
Networking Break

10:30a – 11:00a
Migrating to the Cloud – Balancing Risk: Collaborative Tools and Data Protection
Michael Colao & Rachel Swanson | Arizona Public Service
The cloud is the future. The utility industry is continuously faces new challenges with technology integration within the workplace and the workforce. Arizona Public Service is taking steps to modernize work practices, while accounting for risk tolerance. We will discuss how our approach to data management embraces cybersecurity best practices, focusing on the benefits to our local and remote workforce, while building in identity controls and DLP (Data Loss Prevention).

11:00a – 12:00a
Panel – Obstacles and Opportunities in Cloud Computing
David Rosenthal | MISO; Rachel Swanson & Michael Colao | APS; Steve Parker | EnergySec

12:00p – 1:30p
Catered Lunch and Awards

1:30p – 2:00p
The 2035 Crypto Conundrum 
Colin Gordon | SEL Secure Solutions
We manufacturers are seeing an increase in market pressure for cryptographic technologies in our embedded products, with the end-goal of integrating authenticity and integrity controls on SCADA, protection, and engineering access data-in-motion. While it may be trivial to implement open-source crypto libraries and protocols to achieve these goals in the short-term, there are a number of downsides to crypto implementations in the long term that have forced us to reconsider our available options. These downsides include susceptibility to standards changes, expanded protocol attack surface, key management and implementation complexity, expanded computational resource needs, and a lack of good entropy – which all lead to the conclusion that a poor crypto implementation can actually reduce safety and availability of a critical system. This presentation will further elucidate those concerns, and contrast standard encryption technologies such as MACsec, IPsec, and TLS against the goals of safety, reliability, and availability of critical embedded devices.

2:00p – 3:00p
Panel – Emerging Risks for the Modern Grid
Harry Perper | NIST, Chris Shepherd | Gannett Fleming

End of Summit

Our 15th Annual Security & Compliance Summit brings another great lineup of industry experts and presenters! Visit our speakers page for biographies and additional information.

Disneyland Hotel

1150 West Magic Way | Anaheim, CA | 92802 | Phone: (714) 778-6600

EnergySec has secured a special room rate of $242/night at the famous Disneyland Hotel.

Once you have successfully registered for the event, you will receive a confirmation email with the link for making room reservations. The cut-off date for making reservations is July 27, 2019.

Not interested in waiting in lines? Downtown Disney is always a great time with the foot-tapping live music and carefree atmosphere. When you need a break from the hustle and bustle the resort itself offers a number of swimming pools and waterslides that are sure to tempt those families looking to recharge the batteries, enjoy the weather, and stay cool.

The Disneyland Hotel is the perfect spot to have a summit! The meeting rooms are spacious, the exhibitor space is outstanding, the food amazing and the atmosphere is unmatched. Look for the conference rooms near the pool area next to Goofy’s kitchen. Most activities are held up stairs – just follow the signs and you will find our smiling faces at the registration desk.

Bring the Whole Family

Special Rate of $242/night. We have also worked out a deal for magical prices on Disneyland park tickets. Click the button for more details.

Security and Compliance Summit Sponsorship

Interested in sponsoring our Summit? Check out the prospectus for available opportunities.

Student Scholarships at the EnergySec Summit

The need to attract new talent from the next generation of security professionals is more important than ever! We can all agree thousands of security professionals will be needed in the coming years to help secure entities in every industry. EnergySec has established a Workforce Development program to grow the cybersecurity workforce within the electric sector. One aspect of this program involves outreach to current college students to attract them to jobs in our industry. The Summit scholarship furthers this effort.

Our goal is to invite at least 35 students to the summit who have been identified as exemplary students and potential stars in the security industry. We want to directly connect students getting ready to graduate with employers who are in need of new talent for their workforce. We are asking both students and employers to participate in this effort.

Are you an Employer?

We are asking for $2,000 contributions which will support eight students attending our summit. Your contribution provides:

• Eight student scholarships which include
meals, conference admission, and the Monday evening student/industry dinner
• Meet the security professionals of tomorrow with
two tickets for your organization to attend the
student dinner.
• A copy of the student resume book.

Are you a Student?

If you are a information technology student with a focus on security, and would like to attend our summit to learn more about what it takes to secure our nation’s grid from industry experts please fill out our application below.

Join Our Fast Growing Membership Base Today!

Memberships Start At


Contact Us

Send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt