14th Annual Security
& Compliance Summit
& Compliance Summit
Automating NERC CIP Compliance for Asset Owners
Historically, NERC CIP compliance has been a manually intensive, complex process. This talk will share ideas on how to ease the process of patch and vulnerability management and outline how asset owners can automate asset inventory (identification of device part number, firmware version, vendor, model, serial number) in a passive way for all their substation assets, thus eliminating site visits and manual processes, while ensuring a more accurate inventory without the risk of data entry errors.
Brian has spent most of his career (13+ years) as a ICS/SCADA cybersecurity engineer and cybersecurity team lead working for two progressive California Investor Owned Utilities (IOUs). He holds a variety of technical certifications, including the Global Industrial Control System Professional (GICSP), Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), and is certified in project management from University of California at Irvine. In 2013, Brian was presented with the Critical Infrastructure Private Sector award from Securing our eCity, a San Diego based cybersecurity non-profit organization. In 2016, Brian was a co-inventor of a R&D magazine top 100 award winner for one of the top inventions of the year relating to a GPS anti-spoofing mitigation technology.
Brandon Workentin joined SecurityMatters as an ICS Security Engineer in 2017. Prior to that, Brandon worked for EnergySec, where he started as an intern in 2014 and finished as a Cybersecurity Analyst II. At EnergySec, Brandon focused on security regulations, including the NERC CIP cybersecurity standards, as well as threats, research, and news affecting the electric industry. He was also involved in the creation of the EnergySec Information Sharing and Analysis Organization (ISAO), as well as a member of multiple ISAO Standards Organization Working Groups. Prior to joining the cybersecurity field, Brandon spent several years teaching math and English in Idaho and Oregon.
Brandon also enjoys public speaking, having presented at BSides Tampa 2017, regularly providing briefings to electric industry groups, and working with !NTERRUPT, a non-profit focused on introducing cybersecurity to high school students. He has a Bachelors of Arts in Mathematics and English Education from Northwest Nazarene University and an Associates of Science in Cybersecurity and Networking from Mt. Hood Community College.