EnergySec's 20th Security & Compliance Summit

As the energy sector faces increasing cybersecurity demands, developing a strong, skilled workforce has never been more critical. This session explores how internships can play a pivotal role in preparing the next generation of cybersecurity professionals. Led by David Reinecke, Managing Director of Industry Programs at EnergySec and architect of EnergySec’s Cyber Internship Program, this talk will highlight the program’s development, lessons learned, and key strategies for successful implementation. Attendees will gain insights into how internships can bridge workforce gaps, support talent pipelines, and strengthen cybersecurity resilience across the sector.

Add to Calendar

NERC CIP standards are primarily aimed at ensuring the cybersecurity and reliability of the BES. As Inverter-Based Resources like solar, wind, and battery energy storage systems become more widespread and critical to grid operations, they increasingly fall under the scope of NERC regulations — including CIP. We will discuss the unique challenges and special considerations related to IBR when developing a NERC CIP Program.

Add to Calendar

EnergySec staff will provide and overview and lead a discussion of recent changes to the CIP standards and current work in progress on new and modified standards. This will incllude CIP-014, virtualization, cloud, incident reporting, suply chain, and low impact requirements.

Add to Calendar

This session demonstrates how energy sector organizations can leverage autonomous security assessments to transform their compliance approach while enhancing their security posture. Through a detailed case study  we'll explore how digital twin technology enables continuous vulnerability testing without touching production systems – directly addressing CIP-010 R3.2.1 and 3.2.2 requirements for paper and active vulnerability assessments.Learn how AI-driven attack chain analysis can automatically identify exploitation paths specific to your environment  providing deeper insights than traditional vulnerability scans. We'll share practical implementation strategies that help you:Automate the documentation of assessment methodologies and results for compliance evidenceTransform manual penetration testing processes into automated  repeatable assessmentsGenerate detailed reports for compliance and managementPerfect for compliance managers  security architects  and OT security teams looking to modernize their vulnerability assessment programs while maintaining strict compliance. Join us to discover how autonomous assessment platforms are revolutionizing NERC CIP compliance processes across the energy sector.

Add to Calendar

Utilities continue to seek new and innovative ways to introduce AI into their environment. But, are the returns on investment being realized as expected? In this session, we will share key findings from multiple workshops and surveys collected from utilities across the country. We’ll highlight the best practices identified for deploying AI securely and effectively, enterprise-wide governance frameworks, strategies for securing leadership buy-in and funding, and methods for tracking ROI. Attendees will gain a deeper understanding of how to align AI initiatives with industry-recognized frameworks, address regulatory and compliance impacts, and ensure cybersecurity remains a priority throughout the AI lifecycle.

Add to Calendar

As the industrial cybersecurity landscape grows more complex, so too must our strategies for preparing the next generation of defenders. In this session, educator and cybersecurity expert Dennis Skarr explores how students can harness the power of ChatGPT to create their own AI-driven cybersecurity training tools. This workshop will showcase how generative AI can support student-led learning, improve workforce readiness, and accelerate cybersecurity awareness across IT and OT environments. Attendees will explore ChatGPT to begin integrating AI-based projects into their own workflow, training programs or curricula.

Add to Calendar

USB Human Interface Device (HID) attacks remain a persistent threat due to their ability to bypass standard security controls by impersonating trusted peripherals. While commercial tools like the USB Rubber Ducky have made these attacks widely known  the barrier to entry has dropped dramatically with the availability of $4 microcontrollers. This talk covers how these devices work  and their attack mechanisms.  Attendees will learn how to construct these devices for security testing while understanding the defensive challenges they present.

***This is an interactive workshop! Be sure to bring a laptop to get hardware to program and keep in this workshop.

Add to Calendar

Small and mid-sized utilities face the same threats as utility giants, but with far fewer resources. EnergySec's new S3CUR3 program aims to level the playing field by providing effective and affordable shared services that augment utilities' internal resources to enhance and expand their cyber defense capabilities and strengthen their cyber programs.

Add to Calendar

This interactive session will explore effective methodologies and tools for conducting comprehensive security assessments in the energy sector. Participants will gain practical knowledge on document management, evidence collection, and interview preparation techniques that enhance assessment quality and efficiency.

Add to Calendar

• Welcome Message – Steve Parker, EnergySec President 
• EnergySec History – A brief look back at 20 years of EnergySec 

Add to Calendar

In the past six months, there has been considerable rethinking of the role of government. Public private security-focused partnerships, emergency preparedness and response and who has the leading role, and regulation are all being examined and potentially reimagined. At the same time, the threat from hacktivists and nation state adversaries is only increasing. Subject matter expertise and solid technical knowledge, not magic, are more important than ever to achieving good cybersecurity policy outcomes. Attendees will hear about the latest implications of various Executive Orders, current industry efforts aimed at risk reduction, potential regulatory changes on the horizon, and legislation Congress is considering. Importantly, the presentation will provide ways those that possess the cybersecurity magic can best contribute to reducing the risk.

Add to Calendar

In an industry where cyber risk is amplified by interconnected supply chains, third-party risk management is no longer optional—it’s operationally essential. But what actually makes a TPRM program comprehensive? 

Join us for a fast-paced, insight-packed session that breaks down the core pillars of an effective third-party risk management strategy — specifically tailored for the energy sector. Whether you’re launching a new program or optimizing one that’s already in motion, this session will help you focus on what matters most: scalable frameworks, risk-based prioritization, and actionable oversight that aligns with regulatory expectations such as NERC CIP-013 and EO 14028. 

Backed by over 20 years of hard-earned experience, this session offers field-tested insights, practical takeaways, and a roadmap for building a TPRM program that’s not only comprehensive —but conclusive.

Add to Calendar

• 

  Ryan Subers

  Director of Customer Success

  Fortress

Sponsors

Cloud computing is becoming increasingly relevant to the support of operational technology (OT) systems, such as SCADA, EMS, protective relays, etc. Even if these OT systems are not themselves migrating to cloud environments yet, many systems that support the secure and reliable operation of OT systems are moving to the cloud. This presents a dilemma for those entities that need to comply with the NERC Critical Infrastructure Protection (CIP) standards. Essential services are migrating to the cloud, but these services are not accessible to entities that must comply with CIP. This forces a choice between compliance and using the most effective technologies available.

Add to Calendar

• The most common methods exploited by APT groups
• Where traditional best practices fall short
• The most effective detection points and countermeasures to implement now

Add to Calendar

• 

  Andrew Fife

  Co-Founder

  Keystrike, Inc.

Sponsors

• Operational Technology (OT) has become a mainstream target for cyber threats. Dragos Field CTO Phil Tonkin will guide attendees through key findings of the Dragos 2025 OT/ICS Cybersecurity Report as they relate 

to energy organizations. Important trends in this year's report include the fact that skilled adversaries from state-sponsored groups are hiding in critical infrastructure; and hacktivists and criminal groups are increasingly using ransomware and exploiting known vulnerabilities, weak remote access configurations,and exposed OT assets to penetrate industrial environments. 

The energy sector was significantly impacted in 2024 with the discovery of two new threat groups targeting oil, natural gas and electric utilities around the world – Bauxite and Graphite – coupled with the continued activity of known threat groups targeting the energy sector: Voltzite, Kamacite and Electrum. The report also noted ransomware activity surging at an increase of more than 87% over the previous year, and the emergence of new malware families designed specifically for OT environments. 

In this session, Phil will discuss the prevalence of cyber threats targeted to the energy industry. The session will conclude with guidance for asset owners and operators on how to operationalize the report’s defensive recommendations and mitigation strategies to reduce risk to their OT/ICS environments. 

Add to Calendar

• Exclusive Networking Dinner (limited to 60 individuals) 
  Join us for an intimate, networking dinner designed to connect key industry leaders, speakers, and sponsors in a relaxed and engaging setting. This exclusive event offers a unique opportunity to build meaningful relationships, exchange ideas, and foster collaborations. 

• Networking Bowling & Dinner at Downtown Disney’s Splitsville Lanes (limited to 40 individuals) 
  Get ready for a lively evening of strikes, smiles, and great food at Splitsville Lanes in Downtown Disney! This fun-filled networking event brings Summit attendees together for a night of bowling, delicious dinner, and relaxed conversation. It’s the perfect way to connect with peers, unwind after a full day, and enjoy a uniquely entertaining experience. 

Add to Calendar

Interactive discussions with audience participation on technology that is changing the security landscape, including AI, cloud, and more. 

Add to Calendar

U.S. electric, gas, and water utilities are under mounting regulatory and cyber-physical pressure to protect both traditional IT networks and field-side OT environments. Yet siloed tooling, incomplete asset inventories, and manual vulnerability triage still consume scarce human capital and leave critical infrastructure exposed. In this fast-paced 30-minute session, we will demonstrate how a converged ServiceNow architecture can break those bottlenecks by - (FedRamp High Gov-Cloud is available for US Utilities) :

· Unified Asset Visibility & Inventory – Ingesting real-time telemetry from SCADA, PLCs, IoT sensors, and IT endpoints to build a single, reconciled asset graph that finally answers, “What do we own, where is it, and how critical is it?”

· Automated Vulnerability Response – Applying contextual risk scoring that fuses CVE severity, exploit intelligence, business impact, and safety consequence to generate a control-based priority queue—no spreadsheets, no swivel-chair.

· Security-Posture Control & Continuous Control Monitoring (CCM) – Orchestrating policy checks, patch workflows, and compensating controls across IT and OT through ServiceNow’s workflow engine, slashing mean-time-to-remediation and audit fatigue.

Attendees will leave with a prescriptive roadmap that shows how utilities can cut manual effort by up to 60%, comply with NERC CIP & TSA SD 02-22, and strengthen resilience—without multiplying headcount.

Add to Calendar

• 

  Nicholas Friedman

  President & Managing Partner

  Templar Shield

Sponsors

What have we accomplished over the past 20 years? Is it meeting the challenge of resiliency and reliability? What must still be done to leave a legacy of secure and reliable power infrastructure for the future. 

Add to Calendar