Infrastructure Protection and Security

Infrastructure Protection and Security

Description

The Infrastructure Protection and Security Interest Group (IPS) is a technical forum for utility personnel tasked with the physical and cyber security of generation, transmission, and distribution assets. The program includes both a strategic component – with a focus on security program design, implementation, operation, evaluation, and improvement – and a tactical component, which enables rapid exchange of information and intelligence on an ad hoc basis.

Focus Areas

  • Cyber & Physical Response and Recovery to Incidents and Emergencies
  • Cyber & Physical Security Assets and Threats
  • Cyber & Physical Training for Employees and Contractors
  • Cyber Detection
  • Cyber & Physical New Technologies and Operational Practices
  • Cyber & Physical Security Assessment of Risks
Webinar

Securing Operational Visibility & Digital Twins in Existing Hydropower Facilities to Optimize Asset Management & Cyber Physical Security

Mar 18, 2025 • Webex
We are pleased to announce that we have scheduled a webinar regarding “Securing Operational Visibility & Digital Twins in Existing Hydropower Facilities to Optimize Asset Management & Cyber Physical Security” on Tuesday, March 18th at 1pmET, presented by Christian Hager of Fend Tech. This webinar is part of our HOP-DS-IPS Cyber Security Workshop and will set the stage for our breakout groups discussions during the HOP Spring 2025 General Meeting & DS Spring 2025 General Meeting.About the Presentation:Of the 90,000+ of dams in the US, of which approximately 2,300 produce power, the average age is 60+ years.Reliance on hydropower & dams grows, however we are faced with a dam infrastructure that is rapidly aging. This calls for a modernization of Industrial Control Systems(ICS) that increasingly relies on remote connectivity to optimize operational visibility, efficiency, and reliability. Operators are turning to real-time digital twins/ historian solutions to utilize ICS data for predictive maintenance, advanced modeling, alert monitoring, etc. However, this modernization and digital convergence of the hydropower infrastructure can open up new threat vectors for cyberattacks and malware.Issues: In the face of such challenges, several traditional approaches will be discussed, but each has serious drawbacks: deploying and relying on porous, software-based defenses or intrusion-detection systems that only alert you AFTER the system has been breached.However, key operational mantras remain:Connect nothing directly to the internetSecure & harden the critical operational networkDo not trust a software-only solution or any files coming into the facilityUse secure side-channel communications instead of insecure two-way commsMaintain continuity of operationsSolutions: next-generation small-form factor data diodes, peripheral media kiosks, asset mapping and file scanning tools all offer a secure and lower cost-of-ownership alternative to technology currently in use by many hydroelectric and power operators.NREL’s Hydropower Cybersecurity Value-at-Risk Framework Feb 2023 assists with control identification and the CISA Dams Sector Cybersecurity Capability Maturity Model v2 already calls out patching, upgrading, network segmentation, asset management and asset hardening as mitigation practices.Drawing from a recently conducted study by the presenter for the DOE’s EERE Water Power Technology Office (WPTO), attendees will learn from multiple case studies how power generation operations have increased real-time operational monitoring visibility and reduced cost-of-ownership without exposing the mission critical infrastructure to threat actors and internal vulnerabilities.The session will also impart the power of secure digital twins with real-time operational visibility from areas that were previously “air gapped” or too-remote-to-connect.Several case studies will highlight the ability of safely pulling operational data from secure facilities or networks with standard communication systems (e.g. with cellular or satellite/ Starlink networks).Presenter Contact Information:Christian Hager – chager@fend.tech
Webinar

Best Practices for Implementing NERC CIP Standards in Utility Environments: A Comprehensive Approach

Apr 8, 2025 • Virtual - Webex
Compliance with regulatory standards such as the North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) standards are mandatory for electric utilities. This webinar will present a comprehensive examination of best practices for implementing key NERC CIP standards, including CIP-002-5.1a Cyber Security – BES Cyber System Categorization, CIP-003-8 Cyber Security – Security Management Controls, CIP-007-6 Cyber Security – System Security Management, CIP-010-4 Cyber Security – Configuration Change Management and Vulnerability Assessments, and CIP-011-3 Cyber Security – Information Protection within utility environments. Drawing on Powertech’s extensive experience supporting a major local electricity utility, this presentation will offer insights into effective methodologies and approaches for achieving NERC CIP compliance. Through practical application examples, key strategies for identifying critical cyber assets, managing system security, conducting configuration change management, and vulnerability assessments in alignment with NERC CIP standards are highlighted. By synthesizing real-world experience and best practices, this paper aims to provide utility stakeholders with actionable insights to enhance their NERC CIP compliance efforts and strengthen the cybersecurity posture of their critical infrastructure.