THE WEBINAR WILL BEGIN SOON CyberSecure: A Virtual Cybersecurity - PowerPoint PPT Presentation

THE WEBINAR WILL BEGIN SOON CyberSecure: A Virtual Cybersecurity Workshop for Electric Utilities

CyberSecure: A Virtual Cybersecurity Workshop for Electric Utilities September 1, 2020

AGENDA 9:00 – 9:45 AM Cybersecurity Awareness Presentation and Video – Exploring the Connection to Utilities and Renewables 9:45 – 10:05 AM Intro of APPA and NRECA Cybersecurity Assessment Tools 10:05 – 10:30 AM Live Demonstration of Assessment Tools: APPA Scorecard and NRECA RC3 10:30 – 11:00 AM Break 11:00 – 12:30 PM Assessment Tool Deep Dive and Q&A

PRESENTER INTRODUCTIONS BETSEY KIRK CHUCK NATHAN CYNTHIA DAVE MCCALL SPEAKS MITCHELL HSU WHITE EVP, MARKET STRATEGY SENIOR SENIOR DIRECTOR OF CYBERSECURITY FOUNDER & CORPORATE PROGRAM CYBER AND PHYSICAL PROGRAM AND OPERATIONS ADVISOR SECURITY SERVCIES MANAGER PRESIDENT Seven States Axio American National Rural Intuitive Research Power Public Power Electric and Technology Corporation Association Cooperative Corporation Association

WORKSHOP TIPS & TRICKS  We encourage you to ask questions during the webinar by clicking the ‘Q&A’ icon in the Zoom interface.  Participants are muted to minimize sound interference.  Panelists will post some information in Chat; attendees will not be able to post messages in Chat – please use Q&A to ask questions or post comments.  This webinar will be recorded. A copy of the audio and video recording will be available on NRECA’s RC3 website.  In the event of technical difficulty, please rejoin using the same connection information. We will resume the webinar as soon as possible.

P RESENTED TO Seven States Cybersecurity Workshop P RESENTED BY Chuck Speaks Cybersecurity in the Public Utilities and 1 S EPTEMBER 2020 Renewables Domain Company Private

A Little About Us… 21 Years – Technical, Engineering, Aerospace Services Senior Program Advisor, INTUITIVE Based in Huntsville, AL with Locations Throughout the US 20 Years IT and Cybersecurity Ops and Leadership Commercial, Government, and Regulated Industries Commercial, Industrial, and Government Expertise Provides Cybersecurity Services From Enterprise to Edge Vice President, Board of Directors – Cyber Huntsville Tightly Integrated in the Communities We Serve Partner, FBI’s National Defense Cyber Alliance Company Private

Public Utilities – Growing Number of Stakeholders Company Private

Public Utilities – Growing Critical Infrastructure Company Private

Public Utilities – Cyber Risk Through Expanded Threat Surface Company Private

Public Utilities – Profiles of a Threat Cyber Criminals Hacktivists Nation-State Actors • • • Typically focused on financial crime Very public cyber activities Quiet, stealth approach • • • Fraudulent invoices or gift card Website defacement / Denial of Advanced persistent threats • scams Service Attacks / Nuisance Hacking Goal is to seek a way to disrupt, • • Seek sensitive data to sell Leak private data for destroy, or deny utility services embarrassment Company Private

Public Utilities – Targets of Opportunity and Design Company Private

Public Utilities – Threat Tactics Phishing Stolen Credentials Reconnaissance Vulnerabilities Company Private

Public Utilities – Identifying Points of Attack • Websites such as Shodan allow searching for IT and OT assets exposed to the Internet • It is easy to find and access assets that are misconfigured – including industrial control / SCADA systems Company Private

Public Utilities – Threat Surface of Renewables • Energy grid was not designed for bi-directional / uneven generation Advanced Distributed Energy • Multiple protocols with Metering Systems Systems integration needs • High degrees of automation • Insecure connectivity • Bridging operational networks with enterprise networks Smart Consumer EV Chargers Devices Company Private

Public Utilities – Relevant Incidents • Dozen+ Utilities Targeted Near Critical • Local Municipality Ransomware Infrastructure Incidents – Throughout 2019 FBI tracked hackers – Several incidents in the Seven States targeting local utilities and co-ops footprint – Most were near critical infrastructure – Hackers dwell for weeks or months junctures, dams, locks, etc – Ransom can be in $100,000s – Phishing was main technique – Public data exfiltrated as collateral – Phishing email emulated a trusted source • Russia Targeted Utility Contractors “The next Pearl Harbor – Goal was to gain access via trusted connections will be cyber.” – Sophisticated attack using multiple methods - Sen. Angus King (I-ME) – Phishing campaign to gain access /credentials – “Waterhole” attack on industry websites Company Private

Public Utilities – Challenges • Lack of Sufficient Budget • Difficulty Staffing Skilled Cyber Professionals • Lack of Visibility into Operational Technology Company Private

Public Utilities – Securing a Growing Landscape Next-Generation Cybersecurity + Cyber Test and Evaluation Engineering Company Private

Components of a Professional Cyber Operation Company Private

Shared Grid Cybersecurity Platform • Protect against malware, • Discover and document information and operational ransomware, and phishing technology assets • Perform incident response • Assess current vulnerabilities • Support current and future • Actively hunt for threats compliance requirements Company Private

What Does a Shared Approach to Cyber Look Like? Incident Forensics Response Threat Monitoring Hunting 133 Members in 7 States Threat Anti- Intelligence Phishing One Shared Platform. One Shared Staff Company Private

Benefits of a Shared Approach to Cyber COSTS Resiliency STAFFING Risk Compliance Capabilities Fraction of the cost without any of the staffing issues Higher capabilities and compliance and cyber resiliency Company Private

Public Utilities – Increased Cybersecurity is Achievable • Local power companies and co-ops have unique challenges • Utilities impact the daily lives of everyone in their service footprint • As a provider of critical infrastructure and processor of customer data, utilities present a strategic target for different types of cyber criminals By leveraging a model similar to the concept of “mutual aid” utilities can band together to provide robust cybersecurity to their operations • This shared approach significantly reduces the cost and staffing challenges of building your own solution • Protect the information technology and operational systems while ensuring compliance in an evolving technical and regulatory environment Company Private

Seven States and Its Partners Can Help – Contact Us Company Private

American Public Power Association’s Cybersecurity Services Program Department of Energy Award Number DE-OE0000811 Seven States Cybersecurity Webinar September 1, 2020 #PublicPower www.PublicPower.org 26

DOE Cooperative Agreement Overview • In 2016 APPA partnered with the Department of Energy • 3-year, $7.5M Cooperative Agreement; • 1 year no-cost time extension Sept. 30, 2020 • 2016-17 – Analysis and Data Collection • 2017-18 – Deployment and Resource Development • 2018-20 – Sustainability Acknowledgment: These activities are based upon work supported by the Department of Energy under Award Number DE-OE0000811 . #PublicPower www.PublicPower.org 27

DOE Cooperative Agreement Overview Goal: Develop a culture of cyber security within public power utilities. Objective: Engage with public power distribution utilities to understand their cyber security awareness, capabilities and risks. Year 1 Tasks: 1. Cyber security risk assessments 2. Onsite cyber vulnerability assessments 3. Pilot existing and emerging security technologies 4. Improve how we communicate cyber threats Acknowledgment: These activities are based upon work supported by the Department of Energy under Award Number DE-OE0000811 . #PublicPower www.PublicPower.org 28

About APPA  APPA Members and Staff:  Public power median size: 1,977 meters, 14.4% of sales to electric consumers  APPA has 1,433 utility members; 230 corporate members, 60+ full-time staff includes lobbyists, engineers, statisticians, lawyers, and other subject matter experts  Educating Policy Makers:  Congress, the White House, federal agencies, and the media on public power’s importance and policy priorities  Supporting Operations Excellence:  Mutual Aid, APPA Safety Manual, RP3, eReliability Tracker, eSafety Tracker, Cybersecurity Scorecard, Funding R&D and providing technical assistance via DEED  Conferences & Summits:  Business & Financial Virtual Conference – Sept. 14-15  Legal & Regulatory Virtual Conference – Oct. 12-13  Customer Connections Virtual Conference– Oct. 26-27  Cybersecurity Virtual Summit – Nov. 16-18 #PublicPower www.PublicPower.org 29

Public Power Demographics Utility Cluster Number of Public Power Utilities Customer Count NERC-Registered Entities 0 to 3,995 14 Small 1255 Average = 1,314 4,015 to 408,411 88 Medium 461 Average = 15,156 0 to 1,458,330 157 Large 290 Average = 49,575 Targeting the 750 utilities with ICS on distribution systems #PublicPower www.PublicPower.org 30