Critical Infrastructure Summit
Virtual Summit November 17 - 18, 2022
We are excited to announce the launch of the ISMG Critical Infrastructure Summit, which will be taking place November 17th and 18th, marking the start of Infrastructure Security Month in November. Critical Infrastructure is where security hits home- we are so dependent on our infrastructure for so many facets of our daily lives. Critical functions of our societal dependencies such as water, power, transportation and financial services all are a part of critical infrastructure, and last year we saw first-hand through the Colonial Pipeline incident the strength of this dependency. Originally, operational technology and informational technology were separate, however, progressively there has been a greater interconnection between the two as the internet has evolved over time. Bridging the gap is pertinent for the future of both industries alike, despite its history of being seemingly separate entities. Bringing people together to talk about best strategies for keeping sectors secure is paramount, and our expert group of speakers will take this one step further by providing true, tangible takeaways for optimal cyber resiliency. We’re honored that you have taken the time to join us for this pivotal event, so that you can configure, maintain and sustain your systems for both cyber and, ultimately, the nation’s security. Letter from the Chair Grant Schneider
ISMG's agendas provide actionable education and exclusive networking opportunities with your peers and our subject matter expert speakers.
David Pollino
Former CISO
PNC Bank
Jeremy Grant
Managing Director, Technology Business Strategy
Venable LLP
Troy Leach
Chief Strategy Officer
Cloud Security Alliance
Ari Redbord
Head of Legal and Government Affairs
TRM Labs
Lisa Sotto
Partner
Hunton Andrews Kurth LLP
Grant Schneider
Senior Director for Cybersecurity Services
Venable LLP
Tom Field
Senior Vice President of Editorial
ISMG
Grant Schneider
Senior Director for Cybersecurity Services
Venable LLP
Prior to Venable, Schneider served as the U.S. deputy federal CISO and the U.S. federal CISO and as senior director for cybersecurity policy on the White House National Security Council. Before that, he served for seven years as chief information...
Cody Hussey
Solutions Engineer
Yubico Inc.
Elvis Chan
Asst. Special Agent in Charge San Francisco Division, Cyber Branch
FBI
Chan manages a squad responsible for investigating national security cyber matters. He is a decorated agent who is recognized within the Intelligence Community as a cyberterrorism expert. SSA Chan was the lead agent on significant cyber investigations and managed joint...
Cherilyn Pascoe
Senior Technology Policy Advisor
National Institute of Standards and Technology (NIST)
Cherilyn Pascoe is Senior Technology Policy Advisor at the National Institute of Standards and Technology (NIST), U.S. Department of Commerce. She advises NIST leadership on technology policy and strategy, including cybersecurity, privacy, and artificial intelligence. She also leads the NIST...
Chris Carter
Information Security Analyst
Port of Vancouver USA
Chris Carter joined the Port of Vancouver USA in May 2015 and now serves in the role of Information Security Analyst. His responsibilities include establishing and maintaining secure information technology networks and supporting the port’s IT infrastructure. Chris also provides...
Armando Seay
Founder
Maryland Innovation & Security Institute
Armando Seay is a Co-founder and Director for the Maryland Innovation and Security Institute (MISI). Armando is also a Director and Technical Program Director for MISI’s DreamPort cyber solutions accelerator. Armando leads the critical infrastructure cybersecurity team, tech outreach and...
Paris Stringfellow
Director of Sustainability
Cybersecurity Manufacturing Innovation Institute (CyManII)
Dr. Paris Stringfellow is the Director of Sustainability for the Cybersecurity Manufacturing Innovation Institute (CyManII). She leads the TrustWorks-aaS division and is responsible for providing translative education and services to US manufacturers. She holds a PhD in Industrial Engineering and...
Anna Delaney
Director of Productions
ISMG
Manny Cancel
SVP and CEO
E-ISAC
Cancel became NERC senior vice president and chief executive officer of the Electricity Information Sharing and Analysis Center (E-ISAC) in January 2020. He is responsible for the management and oversight of the E-ISAC and leads security operations and information sharing,...
Mike Manrod
CISO
Grand Canyon Education, Inc.
Mike presently serves as the Chief Information Security Officer for Grand Canyon Education, responsible for leading the security team and formulating the vision and strategy for protecting students, staff, and information assets across the enterprise. Previous experiences include serving as...
Jerry Cochran
Deputy CIO – Cybersecurity & DigitalOps
Pacific Northwest National Laboratory
Cochran serves as Pacific Northwest National Laboratory’s deputy chief information officer and division director of the Cybersecurity and DigitalOps Division, Computing and IT Directorate. He oversees cybersecurity, the office of the CISO, enterprise IT engineering and operations. Cochran also leads...
Howard Grimes
CEO
Cybersecurity Manufacturing Innovation Institute (CyManII)
Dr. Howard Grimes is a noted research scientist and author with 25 years of success in directing complex university and National Laboratory research programs and entrepreneurial start-up initiatives. Currently, Dr. Grimes serves as the Chief Executive Officer for the Cybersecurity...
Steve King
Managing Director, Cybersecurity Marketing Advisory Services
CyberTheory
Steve King has served in senior leadership roles in technology development and deployment for the past 25 years. He is an author, lecturer and serial startup founder, including three successful exits in cybersecurity, and served for six years as the...
Bob Kolasky
Senior Fellow
Auburn’s McCrary Institute
Virginia Wright
Energy-Cyber Portfolio Manager
Idaho National Laboratory
Virginia “Ginger” Wright is the Energy Cybersecurity Portfolio Manager for Idaho National Laboratory’s Cybercore division within its National and Homeland Security directorate. She leads programs focused on cybersecurity and resilience of critical infrastructure for DOE, DARPA and other government agencies...
Mara Winn
Deputy Director for the Preparedness, Policy, and Risk Analysis (PPRA)
CESER, U.S.DOE
Mara Winn is the Deputy Director for the Preparedness, Policy, and Risk Analysis (PPRA) division of the Office of Cybersecurity, Energy Security, and Emergency Response (CESER). In this role, Winn leads the division in supporting energy sector security and resilience...
Roger Caslow
CISO
Hampton Roads Sanitation District
Roger Caslow has worked in the security field for over 20 years. He has insider threat/counterintelligence, ICS, physical, operational, and cybersecurity expertise. He is proficient at working with cross-functional teams in developing and building technical, governance, compliance, and risk assessment...
David Pollino
Former CISO
PNC Bank
Pollino is an experienced security and risk executive with over 25 years of experience in information security, fraud prevention and risk management. He has focused on financial services for 20 years and was the CISO of Bank of the West...
Erik Decker
Assistant Vice President
Intermountain Healthcare
Erik Decker is the Assistant Vice President – Chief Information Security Officer at Intermountain Healthcare. Previously Erik was the Chief Security and Privacy Officer for the University of Chicago Medicine, where he was responsible for its Cybersecurity, Identity and Access...
Craig Barrett
VP Cybersecurity
Kinder Morgan, Inc.
Nick Parham, JD
Marine Transportation System Cybersecurity Coordinator
United States Coast Guard Atlantic Area Command
Mr. Nick Parham currently serves as the Marine Transportation System (MTS) Cybersecurity Coordinator responsible for development and execution of Coast Guard cybersecurity regulations and policies impacting MTS stakeholders operating in the Atlantic Area. The area of responsibility encompasses all inland...
Errol Weiss
CSO
Health Information Sharing and Analysis Center
Weiss, who has over 20 years of experience in information security, is an executive vice president with Citigroup's IT risk and program management. Previously, he was a senior network security analyst for the National Security Agency, responsible for conducting vulnerability...
Charles T. Blackmore
Marine Transportation Specialist (Cyber)
USCG
Charles Blackmore currently serves as a Marine Transportation System Specialist – Cyber at the US Coast Guard’s Office of Port & Facility Compliance where he is responsible for the development of guidance, doctrine, and policy used throughout the Marine Transportation...
Puesh Kumar
Director, Office of Cybersecurity, Energy Security, and Emergency Response
U.S. DOE
Kumar leads DOE’s mission to address cyber, physical, and natural hazards and threats to the U.S. energy infrastructure. Kumar has over 15 years of experience in grid modernization, cybersecurity, and emergency response within the energy sector. Most recently, Kumar was...
View Agenda
Cybersecurity Framework 2.0: Current State and Potential Changes?
Cherilyn Pascoe, Senior Technology Policy Advisor, National Institute of Standards and Technology (NIST)

The National Institute of Standards and Technology is updating the Cybersecurity Framework to keep pace with the evolving cybersecurity risks, standards, and technology landscape.  The NIST Cybersecurity Framework, originally developed for critical infrastructure sectors, is now viewed as foundational to securing organizations of all sectors and sizes around the world.  Join this session to learn about the update process, including areas of focus, for the Cybersecurity Framework 2.0, as well as share your feedback about the use and potential improvements to the Framework. 

Cherilyn Pascoe
  • 09:00 AM
  • 09:29 AM
Benefits of Operationalizing a Cybersecurity Framework
Steve King, Managing Director, Cybersecurity Marketing Advisory Services, CyberTheory
Grant Schneider, Senior Director for Cybersecurity Services , Venable LLP
Roger Caslow, CISO, Hampton Roads Sanitation District

There are many options to choose from when selecting a framework for your cybersecurity program and typically your choice comes down to your industry vertical. We will have a discussion on the most commonly used enterprise level frameworks, what is needed to adopt them and how they provide benefit to your organization. Our expert panel will:

  • Evaluate some of the best practices for structural alignment with capabilities and solutions, and which security controls are needed for audit
  • Analyze how to align IT with OT, as well as the overarching organizational strategy needs and roadmaps
  • Discuss ways to not only support governance structure internally, but also ensure regulation and other external requirements are met
Steve King
Grant Schneider
Roger Caslow
  • 09:30 AM
  • 09:59 AM
Collaborative Cyber Defense: Just a Promise or a Practical Reality?
Howard Grimes, CEO, Cybersecurity Manufacturing Innovation Institute (CyManII)
Jerry Cochran, Deputy CIO – Cybersecurity & DigitalOps, Pacific Northwest National Laboratory
Paris Stringfellow, Director of Sustainability, Cybersecurity Manufacturing Innovation Institute (CyManII)

Cyber defense is increasingly becoming more important to the federal government’s overarching administrative agenda. There is an important need from the various organizations (CISA, DOE CESER, etc.), to incentivize the transition from collaboration, to cooperation within these distinct entities.
This panel will cover these strategies and will:

  • Discuss ways to collaborate across public/private as well as intra- and inter-sector entities to thwart and stay ahead of adversaries targeting critical infrastructures
  • Debate whether or not the 20-year evolution of cyber information/threat sharing is still working, and, if not, how can it be improved
  • Assess the opportunities for mutual aid and defense from the government to various sectors
Howard Grimes
Jerry Cochran
Paris Stringfellow
  • 10:00 AM
  • 10:29 AM
Networking Break
  • 10:30 AM
  • 10:44 AM
Regulating and Being Regulated: A Public-Private Partnership at the Ports
Nick Parham, JD, Marine Transportation System Cybersecurity Coordinator, United States Coast Guard Atlantic Area Command
Chris Carter, Information Security Analyst, Port of Vancouver USA
Charles T. Blackmore, Marine Transportation Specialist (Cyber), USCG

In the wake of the terrorist attacks from September 11, the Maritime Transportation Security Act (MTSA) was implemented across the commercial shipping industry in the United States. With the rise and evolving threat of cybersecurity attacks during the past decade, the Coast Guard has worked with public and private partnerships at America's ports to leverage the MTSA and enhance cybersecurity mitigation and resiliency at these ports. The industries operating in America's ports are critical components of multiple supply chains and often fall into multiple critical infrastructure categories. Key takeaways include actionable insights to:  

  • Leveraging existing partnerships within the port to address cybersecurity vulnerabilities
  • Taking action within an existing regulatory framework to address cybersecurity vulnerabilities
  • Information sharing and analysis to bridge to public/private communication gap
Nick Parham, JD
Chris Carter
Charles T. Blackmore
  • 10:45 AM
  • 11:14 AM
Election Security: What Did We Learn From the Mid-term Elections?
Elvis Chan, Asst. Special Agent in Charge San Francisco Division, Cyber Branch, FBI
Elvis Chan
  • 11:15 AM
  • 11:44 AM
Health Sector Progress: Collaborations and Public Partnerships
Erik Decker, Assistant Vice President, Intermountain Healthcare
Errol Weiss, CSO, Health Information Sharing and Analysis Center

Healthcare is among the most targeted critical infrastructure sectors. How are healthcare sector entities - and their CISOs and security teams - working with their peers, industry competitors, government agencies and information sharing organizations to help fend off the rising cyberthreats striking from so many different directions?  This session will:

  • Spotlight Information sharing and other collaborative healthcare sector cybersecurity efforts – where progress is being made
  • Identify cybersecurity resources for the private and public health sectors, and what else is still much needed
  • Explore ways healthcare organizations and their security leadership can become more proactive in addressing sector cyber threats and risks
Erik Decker
Errol Weiss
  • 11:45 AM
  • 12:14 PM
Networking Break
  • 12:15 PM
  • 12:29 PM
Lessons Relearned From the Russian Invasion of Ukraine, the Cybersecurity Threat Reality and Defense
Mike Manrod, CISO, Grand Canyon Education, Inc.
Armando Seay, Founder, Maryland Innovation & Security Institute
Roger Caslow, CISO, Hampton Roads Sanitation District

Since the late 90’s, our critical infrastructure has been under documented attack from various APTs, groups affiliated with nation states to include Russia. Russia’s directed cyber-attacks on the Ukraine are well documented, as is the intended blast radius to include the US and allies, which has been ramped up since the February 2022 invasion of the Ukraine. So how do we defend our critical infrastructure from this now and into the future? Our cybersecurity advice has not changed, merely has evolved to associate advice given for IT to also include OT and IoT basic hygienic solutions. Expect to learn key practices from our session, in which our panel of experts will:

  • Discuss incident response plans that can proactively defend your organization against a number of potential threats
  • Assess the best strategies to build a defensible architecture, and ensure network security is properly monitored in the process
  • Look at the most effective vulnerability and patch management testing methods
Mike Manrod
Armando Seay
Roger Caslow
  • 12:30 PM
  • 12:59 PM
How Can Threat Intelligence Be Applied?
Craig Barrett, VP Cybersecurity, Kinder Morgan, Inc.
Bob Kolasky, Senior Fellow, Auburn’s McCrary Institute
David Pollino, Former CISO, PNC Bank
Craig Barrett
Bob Kolasky
David Pollino
  • 01:00 PM
  • 01:29 PM
The State of Critical Infrastructure Resilience
Grant Schneider, Senior Director for Cybersecurity Services , Venable LLP
Jerry Cochran, Deputy CIO – Cybersecurity & DigitalOps, Pacific Northwest National Laboratory
Virginia Wright, Energy-Cyber Portfolio Manager, Idaho National Laboratory
Puesh Kumar, Director, Office of Cybersecurity, Energy Security, and Emergency Response, U.S. DOE

If you talk to the energy sector, they will weave resilience into their cybersecurity discussions. For example, the electric, oil and gas, transportation, water and telecommunications sectors will look at cyber differently than health or financial sectors. Generally, the water, electric, and oil and gas sectors have more similarities and interdependencies than any other Critical Infrastructure sector combined. Our panel will shed light on some of the most effective cross-sector resilience strategies and will:

  • Discuss the best ways to adopt a framework and best communications and operational methods to achieve this
  • Analyze the performance of scenario-based risk assessments to inform business continuity and emergency response plans that enable effective resourcing
  • Assess the broader regulatory and operational requirements that guide these critical business decisions
Grant Schneider
Jerry Cochran
Virginia Wright
Puesh Kumar
  • 01:30 PM
  • 01:59 PM
Energy Sector: Drill Down Insights for Preemption and Resilience
Manny Cancel, SVP and CEO, E-ISAC
Manny Cancel
  • 02:00 PM
  • 02:29 PM
Day 2 Agenda

All content from Day 1 will be available on demand from 9 AM - 5 PM ET on Day 2, Friday November, 18th. Don’t miss the chance to log-in and consume any content you may not have had the chance to see at your own convenience.

  • 09:00 AM
  • 04:59 PM

We are excited to announce the launch of the ISMG Critical Infrastructure Summit, which will be taking place November 17th and 18th, marking the start of Infrastructure Security Month in November. Critical Infrastructure is where security hits home- we are so dependent on our infrastructure for so many facets of our daily lives. Critical functions of our societal dependencies such as water, power, transportation and financial services all are a part of critical infrastructure, and last year we saw first-hand through the Colonial Pipeline incident the strength of this dependency. Originally, operational technology and informational technology were separate, however, progressively there has been a greater interconnection between the two as the internet has evolved over time. Bridging the gap is pertinent for the future of both industries alike, despite its history of being seemingly separate entities. Bringing people together to talk about best strategies for keeping sectors secure is paramount, and our expert group of speakers will take this one step further by providing true, tangible takeaways for optimal cyber resiliency. We’re honored that you have taken the time to join us for this pivotal event, so that you can configure, maintain and sustain your systems for both cyber and, ultimately, the nation’s security. Letter from the Chair Grant Schneider
ISMG's agendas provide actionable education and exclusive networking opportunities with your peers and our subject matter expert speakers.

David Pollino
Former CISO
PNC Bank
Jeremy Grant
Managing Director, Technology Business Strategy
Venable LLP
Troy Leach
Chief Strategy Officer
Cloud Security Alliance
Ari Redbord
Head of Legal and Government Affairs
TRM Labs
Lisa Sotto
Partner
Hunton Andrews Kurth LLP
Grant Schneider
Senior Director for Cybersecurity Services
Venable LLP

Tom Field
Senior Vice President of Editorial
ISMG
Grant Schneider
Senior Director for Cybersecurity Services
Venable LLP
Prior to Venable, Schneider served as the U.S. deputy federal CISO and the U.S. federal CISO and as senior director for cybersecurity policy on the White House National Security Council. Before that, he served for seven years as chief information...
Cody Hussey
Solutions Engineer
Yubico Inc.
Elvis Chan
Asst. Special Agent in Charge San Francisco Division, Cyber Branch
FBI
Chan manages a squad responsible for investigating national security cyber matters. He is a decorated agent who is recognized within the Intelligence Community as a cyberterrorism expert. SSA Chan was the lead agent on significant cyber investigations and managed joint...
Cherilyn Pascoe
Senior Technology Policy Advisor
National Institute of Standards and Technology (NIST)
Cherilyn Pascoe is Senior Technology Policy Advisor at the National Institute of Standards and Technology (NIST), U.S. Department of Commerce. She advises NIST leadership on technology policy and strategy, including cybersecurity, privacy, and artificial intelligence. She also leads the NIST...
Chris Carter
Information Security Analyst
Port of Vancouver USA
Chris Carter joined the Port of Vancouver USA in May 2015 and now serves in the role of Information Security Analyst. His responsibilities include establishing and maintaining secure information technology networks and supporting the port’s IT infrastructure. Chris also provides...
Armando Seay
Founder
Maryland Innovation & Security Institute
Armando Seay is a Co-founder and Director for the Maryland Innovation and Security Institute (MISI). Armando is also a Director and Technical Program Director for MISI’s DreamPort cyber solutions accelerator. Armando leads the critical infrastructure cybersecurity team, tech outreach and...
Paris Stringfellow
Director of Sustainability
Cybersecurity Manufacturing Innovation Institute (CyManII)
Dr. Paris Stringfellow is the Director of Sustainability for the Cybersecurity Manufacturing Innovation Institute (CyManII). She leads the TrustWorks-aaS division and is responsible for providing translative education and services to US manufacturers. She holds a PhD in Industrial Engineering and...
Anna Delaney
Director of Productions
ISMG
Manny Cancel
SVP and CEO
E-ISAC
Cancel became NERC senior vice president and chief executive officer of the Electricity Information Sharing and Analysis Center (E-ISAC) in January 2020. He is responsible for the management and oversight of the E-ISAC and leads security operations and information sharing,...
Mike Manrod
CISO
Grand Canyon Education, Inc.
Mike presently serves as the Chief Information Security Officer for Grand Canyon Education, responsible for leading the security team and formulating the vision and strategy for protecting students, staff, and information assets across the enterprise. Previous experiences include serving as...
Jerry Cochran
Deputy CIO – Cybersecurity & DigitalOps
Pacific Northwest National Laboratory
Cochran serves as Pacific Northwest National Laboratory’s deputy chief information officer and division director of the Cybersecurity and DigitalOps Division, Computing and IT Directorate. He oversees cybersecurity, the office of the CISO, enterprise IT engineering and operations. Cochran also leads...
Howard Grimes
CEO
Cybersecurity Manufacturing Innovation Institute (CyManII)
Dr. Howard Grimes is a noted research scientist and author with 25 years of success in directing complex university and National Laboratory research programs and entrepreneurial start-up initiatives. Currently, Dr. Grimes serves as the Chief Executive Officer for the Cybersecurity...
Steve King
Managing Director, Cybersecurity Marketing Advisory Services
CyberTheory
Steve King has served in senior leadership roles in technology development and deployment for the past 25 years. He is an author, lecturer and serial startup founder, including three successful exits in cybersecurity, and served for six years as the...
Bob Kolasky
Senior Fellow
Auburn’s McCrary Institute
Virginia Wright
Energy-Cyber Portfolio Manager
Idaho National Laboratory
Virginia “Ginger” Wright is the Energy Cybersecurity Portfolio Manager for Idaho National Laboratory’s Cybercore division within its National and Homeland Security directorate. She leads programs focused on cybersecurity and resilience of critical infrastructure for DOE, DARPA and other government agencies...
Mara Winn
Deputy Director for the Preparedness, Policy, and Risk Analysis (PPRA)
CESER, U.S.DOE
Mara Winn is the Deputy Director for the Preparedness, Policy, and Risk Analysis (PPRA) division of the Office of Cybersecurity, Energy Security, and Emergency Response (CESER). In this role, Winn leads the division in supporting energy sector security and resilience...
Roger Caslow
CISO
Hampton Roads Sanitation District
Roger Caslow has worked in the security field for over 20 years. He has insider threat/counterintelligence, ICS, physical, operational, and cybersecurity expertise. He is proficient at working with cross-functional teams in developing and building technical, governance, compliance, and risk assessment...
David Pollino
Former CISO
PNC Bank
Pollino is an experienced security and risk executive with over 25 years of experience in information security, fraud prevention and risk management. He has focused on financial services for 20 years and was the CISO of Bank of the West...
Erik Decker
Assistant Vice President
Intermountain Healthcare
Erik Decker is the Assistant Vice President – Chief Information Security Officer at Intermountain Healthcare. Previously Erik was the Chief Security and Privacy Officer for the University of Chicago Medicine, where he was responsible for its Cybersecurity, Identity and Access...
Craig Barrett
VP Cybersecurity
Kinder Morgan, Inc.
Nick Parham, JD
Marine Transportation System Cybersecurity Coordinator
United States Coast Guard Atlantic Area Command
Mr. Nick Parham currently serves as the Marine Transportation System (MTS) Cybersecurity Coordinator responsible for development and execution of Coast Guard cybersecurity regulations and policies impacting MTS stakeholders operating in the Atlantic Area. The area of responsibility encompasses all inland...
Errol Weiss
CSO
Health Information Sharing and Analysis Center
Weiss, who has over 20 years of experience in information security, is an executive vice president with Citigroup's IT risk and program management. Previously, he was a senior network security analyst for the National Security Agency, responsible for conducting vulnerability...
Charles T. Blackmore
Marine Transportation Specialist (Cyber)
USCG
Charles Blackmore currently serves as a Marine Transportation System Specialist – Cyber at the US Coast Guard’s Office of Port & Facility Compliance where he is responsible for the development of guidance, doctrine, and policy used throughout the Marine Transportation...
Puesh Kumar
Director, Office of Cybersecurity, Energy Security, and Emergency Response
U.S. DOE
Kumar leads DOE’s mission to address cyber, physical, and natural hazards and threats to the U.S. energy infrastructure. Kumar has over 15 years of experience in grid modernization, cybersecurity, and emergency response within the energy sector. Most recently, Kumar was...

View Agenda
Cybersecurity Framework 2.0: Current State and Potential Changes?
Cherilyn Pascoe, Senior Technology Policy Advisor, National Institute of Standards and Technology (NIST)

The National Institute of Standards and Technology is updating the Cybersecurity Framework to keep pace with the evolving cybersecurity risks, standards, and technology landscape.  The NIST Cybersecurity Framework, originally developed for critical infrastructure sectors, is now viewed as foundational to securing organizations of all sectors and sizes around the world.  Join this session to learn about the update process, including areas of focus, for the Cybersecurity Framework 2.0, as well as share your feedback about the use and potential improvements to the Framework. 

Cherilyn Pascoe
  • 09:00 AM
  • 09:29 AM
Benefits of Operationalizing a Cybersecurity Framework
Steve King, Managing Director, Cybersecurity Marketing Advisory Services, CyberTheory
Grant Schneider, Senior Director for Cybersecurity Services , Venable LLP
Roger Caslow, CISO, Hampton Roads Sanitation District

There are many options to choose from when selecting a framework for your cybersecurity program and typically your choice comes down to your industry vertical. We will have a discussion on the most commonly used enterprise level frameworks, what is needed to adopt them and how they provide benefit to your organization. Our expert panel will:

  • Evaluate some of the best practices for structural alignment with capabilities and solutions, and which security controls are needed for audit
  • Analyze how to align IT with OT, as well as the overarching organizational strategy needs and roadmaps
  • Discuss ways to not only support governance structure internally, but also ensure regulation and other external requirements are met
Steve King
Grant Schneider
Roger Caslow
  • 09:30 AM
  • 09:59 AM
Collaborative Cyber Defense: Just a Promise or a Practical Reality?
Howard Grimes, CEO, Cybersecurity Manufacturing Innovation Institute (CyManII)
Jerry Cochran, Deputy CIO – Cybersecurity & DigitalOps, Pacific Northwest National Laboratory
Paris Stringfellow, Director of Sustainability, Cybersecurity Manufacturing Innovation Institute (CyManII)

Cyber defense is increasingly becoming more important to the federal government’s overarching administrative agenda. There is an important need from the various organizations (CISA, DOE CESER, etc.), to incentivize the transition from collaboration, to cooperation within these distinct entities.
This panel will cover these strategies and will:

  • Discuss ways to collaborate across public/private as well as intra- and inter-sector entities to thwart and stay ahead of adversaries targeting critical infrastructures
  • Debate whether or not the 20-year evolution of cyber information/threat sharing is still working, and, if not, how can it be improved
  • Assess the opportunities for mutual aid and defense from the government to various sectors
Howard Grimes
Jerry Cochran
Paris Stringfellow
  • 10:00 AM
  • 10:29 AM
Networking Break
  • 10:30 AM
  • 10:44 AM
Regulating and Being Regulated: A Public-Private Partnership at the Ports
Nick Parham, JD, Marine Transportation System Cybersecurity Coordinator, United States Coast Guard Atlantic Area Command
Chris Carter, Information Security Analyst, Port of Vancouver USA
Charles T. Blackmore, Marine Transportation Specialist (Cyber), USCG

In the wake of the terrorist attacks from September 11, the Maritime Transportation Security Act (MTSA) was implemented across the commercial shipping industry in the United States. With the rise and evolving threat of cybersecurity attacks during the past decade, the Coast Guard has worked with public and private partnerships at America's ports to leverage the MTSA and enhance cybersecurity mitigation and resiliency at these ports. The industries operating in America's ports are critical components of multiple supply chains and often fall into multiple critical infrastructure categories. Key takeaways include actionable insights to:  

  • Leveraging existing partnerships within the port to address cybersecurity vulnerabilities
  • Taking action within an existing regulatory framework to address cybersecurity vulnerabilities
  • Information sharing and analysis to bridge to public/private communication gap
Nick Parham, JD
Chris Carter
Charles T. Blackmore
  • 10:45 AM
  • 11:14 AM
Election Security: What Did We Learn From the Mid-term Elections?
Elvis Chan, Asst. Special Agent in Charge San Francisco Division, Cyber Branch, FBI
Elvis Chan
  • 11:15 AM
  • 11:44 AM
Health Sector Progress: Collaborations and Public Partnerships
Erik Decker, Assistant Vice President, Intermountain Healthcare
Errol Weiss, CSO, Health Information Sharing and Analysis Center

Healthcare is among the most targeted critical infrastructure sectors. How are healthcare sector entities - and their CISOs and security teams - working with their peers, industry competitors, government agencies and information sharing organizations to help fend off the rising cyberthreats striking from so many different directions?  This session will:

  • Spotlight Information sharing and other collaborative healthcare sector cybersecurity efforts – where progress is being made
  • Identify cybersecurity resources for the private and public health sectors, and what else is still much needed
  • Explore ways healthcare organizations and their security leadership can become more proactive in addressing sector cyber threats and risks
Erik Decker
Errol Weiss
  • 11:45 AM
  • 12:14 PM
Networking Break
  • 12:15 PM
  • 12:29 PM
Lessons Relearned From the Russian Invasion of Ukraine, the Cybersecurity Threat Reality and Defense
Mike Manrod, CISO, Grand Canyon Education, Inc.
Armando Seay, Founder, Maryland Innovation & Security Institute
Roger Caslow, CISO, Hampton Roads Sanitation District

Since the late 90’s, our critical infrastructure has been under documented attack from various APTs, groups affiliated with nation states to include Russia. Russia’s directed cyber-attacks on the Ukraine are well documented, as is the intended blast radius to include the US and allies, which has been ramped up since the February 2022 invasion of the Ukraine. So how do we defend our critical infrastructure from this now and into the future? Our cybersecurity advice has not changed, merely has evolved to associate advice given for IT to also include OT and IoT basic hygienic solutions. Expect to learn key practices from our session, in which our panel of experts will:

  • Discuss incident response plans that can proactively defend your organization against a number of potential threats
  • Assess the best strategies to build a defensible architecture, and ensure network security is properly monitored in the process
  • Look at the most effective vulnerability and patch management testing methods
Mike Manrod
Armando Seay
Roger Caslow
  • 12:30 PM
  • 12:59 PM
How Can Threat Intelligence Be Applied?
Craig Barrett, VP Cybersecurity, Kinder Morgan, Inc.
Bob Kolasky, Senior Fellow, Auburn’s McCrary Institute
David Pollino, Former CISO, PNC Bank
Craig Barrett
Bob Kolasky
David Pollino
  • 01:00 PM
  • 01:29 PM
The State of Critical Infrastructure Resilience
Grant Schneider, Senior Director for Cybersecurity Services , Venable LLP
Jerry Cochran, Deputy CIO – Cybersecurity & DigitalOps, Pacific Northwest National Laboratory
Virginia Wright, Energy-Cyber Portfolio Manager, Idaho National Laboratory
Puesh Kumar, Director, Office of Cybersecurity, Energy Security, and Emergency Response, U.S. DOE

If you talk to the energy sector, they will weave resilience into their cybersecurity discussions. For example, the electric, oil and gas, transportation, water and telecommunications sectors will look at cyber differently than health or financial sectors. Generally, the water, electric, and oil and gas sectors have more similarities and interdependencies than any other Critical Infrastructure sector combined. Our panel will shed light on some of the most effective cross-sector resilience strategies and will:

  • Discuss the best ways to adopt a framework and best communications and operational methods to achieve this
  • Analyze the performance of scenario-based risk assessments to inform business continuity and emergency response plans that enable effective resourcing
  • Assess the broader regulatory and operational requirements that guide these critical business decisions
Grant Schneider
Jerry Cochran
Virginia Wright
Puesh Kumar
  • 01:30 PM
  • 01:59 PM
Energy Sector: Drill Down Insights for Preemption and Resilience
Manny Cancel, SVP and CEO, E-ISAC
Manny Cancel
  • 02:00 PM
  • 02:29 PM
Day 2 Agenda

All content from Day 1 will be available on demand from 9 AM - 5 PM ET on Day 2, Friday November, 18th. Don’t miss the chance to log-in and consume any content you may not have had the chance to see at your own convenience.

  • 09:00 AM
  • 04:59 PM

Speaker Interviews

November 17 - 18, 2022

Critical Infrastructure Summit