Banner
Event Banner

The 21st EnergySec Security AND Compliance Summit

Monday, Aug 17, 2026 at 8:00 AM to Wednesday, Aug 19, 2026 at 1:15 PM PDT

Disneyland Hotel, 1150 Magic Way, Anaheim, California, 92802, United States

1. Select Seats

2. Review and Proceed

Event Information

Monday, Aug 17, 2026 at 8:00 AM to Wednesday, Aug 19, 2026 at 1:15 PM PDT

Disneyland Hotel, 1150 Magic Way, Anaheim, California, 92802, United States.

We're putting the AND back in Security AND Compliance!

Join us for the 21st EnergySec Security AND Compliance Summit, where the energy industry’s leading minds come together to collaborate, connect, and celebrate the Power of AND. For more than two decades, this Summit has been recognized for its insightful discussions, practical takeaways, and unmatched networking opportunities across the security and compliance community.


What’s New for 2026

This year’s Summit brings exciting new elements designed to give attendees more content, more choices, and more connection than ever before:

Monday Mini Summits

Kick off your Summit experience with immersive, three-hour sessions focused on key topics and emerging challenges. These deep-dive sessions offer targeted learning and hands-on engagement with industry experts.

Dual Track Agenda

On Tuesday and Wednesday, choose your path with two  learning tracks, as well as a vendor track in the Expo Hall. Mix and match sessions that matter to you the most!


Who Should Attend

Anyone with a stake in security or compliance in the energy sector, including:
CTOs, CSOs, CIOs • Cybersecurity & NERC Compliance staff • OT & IT professionals • Risk managers • Auditors • Analysts • Program & Project managers • State regulators • National Lab personnel • Utility leaders and more.

Attendees can earn up to 20 Continuing Professional Education (CPE) credits while engaging in one of the industry’s most valuable learning and networking events.

Why Attend

Expect a dynamic lineup of industry leaders, practitioners, and innovators sharing lessons learned, forward-thinking solutions, and real-world insights that shape the future of energy sector security AND compliance.

With so much experience, expertise, and energy in one place, every session sparks new connections — and every conversation adds value.


Plan Your Experience

Attendees enjoy discounted room rates at the Disneyland Hotel and access to special theme park ticket pricing. Details are provided after registration.

Registrations and rooms go quickly — start planning your educational adventure (and a little fun in the sun) today!


More Tracks. More Learning. More Connection. More AND.
Experience the Power of AND — August 17–19, 2026 at the Disneyland Resort.

Event Location

About Organizer

EnergySec Organizer name

energysec.org

The Energy Sector Security Consortium, Inc. (EnergySec) is a United States 501(c)(3) non-profit corporation formed to support energy sector organizations with the security of their critical technology infrastructures. Through our membership program, we support collaborative initiatives and projects that help enhance the cybersecurity resiliency of these organizations Today, our community includes individuals from a broad range of utilities, industry product and service vendors, academic institutions, national labs, regulatory organizations, and government entities, with formal membership representing 160 electric utilities having headquarters in 25 states and operations in several others. In addition to our formal membership, numerous other utilities participate in our community events and educational programs. Our membership and participation ranges from the largest utilities in North America to small local utilities with less than 250 employees. Visit www.energysec.org to learn more.

Contact the Organizer

Speakers

Dr. Paul Wagner is a Professor of Practice in the Cyber Operations program at the University of Arizona (U of A). Paul is the director of U of A’s Arizona Cybersecurity Academy which focuses on K-20 education initiatives, workforce development, and community outreach and awareness. He is also the director of the Arizona Cybersecurity Clinic which provides student experiential learning and cybersecurity support to government and community partners. Prior to working with the University of Arizona, Paul spent 20 years in the Army where he developed his knowledge in computer networking and designing robust network architectures to support global operations in support of national and joint operations. In addition to his Ph.D. in Cyber Defense from Dakota State University, Paul holds over twenty technical certifications. His primary research interests focus on cybersecurity education, training, and workforce develop

About Paul Wagner
Professor of Practice
University of Arizona
Aug 18, 2026
01:30 PM

Training the Next Generation of Energy Cyber Defenders

01:30 PM - 03:00 AM

About Anirban “Sunny” Ghosh
NERC CIP Lead, Industrial Cybersecurity Consultant
Black & Veatch
Aug 19, 2026
09:30 AM

Cyber Risk Quantification for Power Utilities: Aligning Security Investment with Grid Reliability and Resilience

09:30 AM - 10:00 AM

About Chris Weule
Director, Operational Technology, Cyber Fusion & Strategy
PhishCloud, Inc.
Aug 19, 2026
11:15 AM

From Alerts to Decisions: Building OT Board Reports Your Directors Can Actually Act On

11:15 AM - 12:00 PM

 

About Samara Moore
Executive Director
InnoSec Solutions
Aug 19, 2026
10:30 AM

So Your Vendors Use AI: Rethinking Third‑Party Risk in the Power Sector

10:30 AM - 11:15 AM

www.BV.com
About Hector R. Perez
Head of Strategy, Global Industrial Cybersecurity
Black & Veatch
Aug 18, 2026
03:30 PM

Agentic AI in Power Utilities: Managing Autonomous Risk Across the Modern Grid

03:30 PM - 04:00 PM

About Lynn Costantini
Deputy Director – Center for Partnerships and Innovation
National Association of Regulatory Utility Commissioners
Aug 18, 2026
08:30 AM

Keynote: Fireside Chat

08:30 AM - 09:45 AM

Lisa has spent 25 years in the electric sector and has been around NERC Compliance since the beginning, which qualifies her as either an OG or an artifact, depending on who is doing the audit.

 

Her career has crossed public power, IOUs, regulatory compliance, cybersecurity, IT governance, supply chain, procurement, and digital change. In other words, she has collected utility functions the way some people collect Disney pins.

 

Lisa helped build EnergySec in its early days, focused on cybersecurity regulation, education, and collaboration across the electric sector. She has spent much of her career translating technical realities and compliance regulations into operational and business decisions, speaking fluent engineer, executive, auditor, and several ancient dialects of CIP that only appear in archived RSAWs.

 

Today, her work focuses on helping people build the confidence, curiosity, and judgment needed to adapt as technology, risk, and regulations keep changing.

 

She is also a mixologist and historian, which means she knows that great outcomes depend on good ingredients, careful balance, and occasionally, a very strong pour.

About Lisa Carrington
Senior Advisor, Digital Readiness & Change Enablement
APS
Aug 17, 2026
08:30 AM

The Future of CIP Mini Summit

08:30 AM - 04:30 PM
08:30 AM

The New Foundation: Standards approved & subject to future enforcement. Virtualization, CIP-002-8, CIP-003-11

08:30 AM - 10:00 AM
10:15 AM

The Next Wave: Standards in development: CIP-1xx (Cloud Security), Incident Reporting, Supply Chain, CIP-014, CIP-002

10:15 AM - 11:45 AM
01:00 PM

Emerging Topics: IBRs, Large Loads, 3rd Party Telecom, NERC's CIP Roadmap, Other Cybersecurity Topics

01:00 PM - 02:30 PM
About Kimberly Fellner
Director, Security Architecture, Engineering and Vulnerability Management
American Electric Power
Aug 17, 2026
03:30 PM

Two Years Out: A Candid Conversation on CIP-015 INSM

03:30 PM - 04:15 PM

About Kristine Martz
Principal Product Advisor – Electric Sector
Dragos
Aug 17, 2026
03:30 PM

Two Years Out: A Candid Conversation on CIP-015 INSM

03:30 PM - 04:15 PM

Justin is an electrical engineer with deep expertise in electric reliability compliance, built over more than fifteen years in the industry. He began his career at the Federal Energy Regulatory Commission (FERC), where he spent a decade specializing in Geomagnetic Disturbances, Electromagnetic Pulses, CIP Reliability Standard development, CIP sanctions, and both regional and FERC-led CIP audits. Since joining SERC in 2019, Justin has served as a CIP auditor and CIP risk assessment specialist and has established himself as the organization's go-to expert on Internal Control Programs.

About Justin Kelly
Principal CIP Engineer
SERC Reliability Corporation
Aug 17, 2026
08:30 AM

The New Foundation: Standards approved & subject to future enforcement. Virtualization, CIP-002-8, CIP-003-11

08:30 AM - 10:00 AM
10:15 AM

The Next Wave: Standards in development: CIP-1xx (Cloud Security), Incident Reporting, Supply Chain, CIP-014, CIP-002

10:15 AM - 11:45 AM
01:00 PM

Emerging Topics: IBRs, Large Loads, 3rd Party Telecom, NERC's CIP Roadmap, Other Cybersecurity Topics

01:00 PM - 02:30 PM
02:45 PM

ERO Approaches to Internal Controls

02:45 PM - 03:30 PM
Aug 19, 2026
09:15 AM

Implementing Internal Controls

09:15 AM - 10:00 AM

About Kat Santana
Founder and Principal Consultant
The Katalyst Tapestry Consulting Firm
Aug 18, 2026
10:30 AM

From Pilot to Pipeline: AI Workforce Development Lessons from Utility, Union, and Community Partnerships

10:30 AM - 12:00 PM

Jonathan Robbins is a Senior Consultant with Archer Energy Solutions specializing in cybersecurity governance, NERC CIP compliance, and risk management for electric utilities and critical infrastructure organizations.

His background includes information security and compliance leadership roles supporting a generation and transmission cooperative, a renewable energy owner/operator, and a manufacturer of electric grid technologies. Through these experiences, he has helped organizations develop sustainable compliance programs, navigate audits, strengthen security controls, and improve operational resilience.

Jonathan holds an MBA and is a Certified CIP Compliance Professional (C3P). His experience includes supporting NERC CIP and ISO 27001 implementation, auditing, and security governance initiatives across the energy sector. He is passionate about helping organizations translate complex regulatory requirements into practical processes that improve both compliance and security outcomes.

About Jonathan Robbins
Senior Consultant
Archer Energy Solutions
Aug 18, 2026
04:30 PM

The Future of Compliance: From Burden to Strategic Advantage

04:30 PM - 05:00 PM
Aug 19, 2026
08:30 AM

Beyond Compliance: What CIP Programs Can Learn from ISO 27001

08:30 AM - 09:15 AM

Sam Encinas is a graduate student at the University of Arizona pursuing a Master's in Cyber and Information Operations. She graduated summa cum laude with a Bachelor of Applied Science in Cyber Operations, emphasizing in Defense & Forensics. She is currently on her second internship with Salt River Project and has worked in different IT and compliance projects. Sam is passionate about cybersecurity and technology and interested in leveraging her skills to make a positive impact and help others in the industry.

About Sam Encinas
Graduate Student
University of Arizona
Aug 18, 2026
01:30 PM

Training the Next Generation of Energy Cyber Defenders

01:30 PM - 03:00 AM

Veronika Kyles is a graduate student at the University of Arizona pursuing a Master’s in Cyber and Information Operations. She graduated Magna Cum Laude with a Bachelor’s in Cyber Operations, concentrating in Cyber Engineering and minoring in Computer Science and Music. She was selected for the Department of Defense Cyber Service Academy and recently completed a summer internship with the Naval Information Warfare Center Pacific in San Diego. She previously worked at the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, where she spent two years researching policy-driven risk analysis for critical infrastructure. Her current research focuses on industrial control system cybersecurity within Arizona’s water and wastewater sector, with an emphasis on identifying sector‑specific vulnerabilities and key threat vectors. The goal of these findings is to develop a tailored cybersecurity strategy designed specifically to help under‑resourced utilities strengthen their security posture across the state. Veronika is integrating this research into the Cybersecurity Clinic‑in‑a‑Box Toolkit by creating sector‑specific guidance, assessment materials, and OT‑focused recommendations that address the needs of Arizona’s under‑resourced water utilities. Her goal is to strengthen the toolkit’s ability to deliver practical, locally relevant cybersecurity support in low‑capacity operational environments.

About Veronika Kyles
Graduate Student
University of Arizona
Aug 18, 2026
01:30 PM

Training the Next Generation of Energy Cyber Defenders

01:30 PM - 03:00 AM

Dr. Robert Honomichl is an Assistant Professor of Cyber Operations at the University of Arizona. Dr. Honomichl is an advocate for computer science and cybersecurity education. He has hosted a variety of teacher professional development opportunities including serving as director of six GenCyber teacher camps, CTE CyberNet and Middle Grade Accelerator program site lead, and the Cybersecurity High School Innovation project. Dr. Honomichl’s research interests include cybersecurity education, human factors of cybersecurity, and social engineering.

About Rob Honomichl
Assistant Professor of Cyber Operations
University of Arizona
Aug 18, 2026
01:30 PM

Training the Next Generation of Energy Cyber Defenders

01:30 PM - 03:00 AM

As the CEO and Founder of SecureCyber, Shawn leads a dedicated team committed to safeguarding organizations across the entire spectrum of cybersecurity needs. He brings over two decades of experience in cybersecurity and information systems from perimeter defense and secure network design, to vulnerability discovery and intrusion detection systems. Shawn specializes in leading security teams when bridging the gap between technology and business objectives. He has an exceptional track record in empowering informed decision-making that protects assets from both internal and external threats. Prior to joining SecureCyber, Shawn occupied a senior role in the FBI’s Criminal Justice Information System compliance framework. He developed a compliance training curriculum for agencies and vendors. His efforts in speaking, training, and writing on cyber issues are widely recognized and showcase his mission to make cybersecurity knowledge and best practice accessible to diverse audiences across multiple sectors. A highly experienced leader in this category, Shawn is committed to breaking new ground in the evolving – and often challenging – space of cybersecurity.

About Shawn Waldman
CEO
SecureCyber
Aug 17, 2026
10:15 AM

When Russia Touched the HMI: Lessons From a Real-World OT Intrusion Response

10:15 AM - 11:00 AM
11:00 AM

Rethinking Cybersecurity for Water: Training, Global Insight, and Workforce Innovation

11:00 AM - 11:45 AM

About Robert Zardeneta
Vice President of Programs
Los Angeles Urban League
Aug 18, 2026
10:30 AM

From Pilot to Pipeline: AI Workforce Development Lessons from Utility, Union, and Community Partnerships

10:30 AM - 12:00 PM

Christine Reid serves as the Political Director for IBEW Local Union 77, which represents more than 8,800 utility workers throughout Washington state, Northern Idaho, and a small part of Montana. A 20-year rank-and-file IBEW member, Christine brings firsthand experience and a strong labor perspective to her advocacy work. In her role, she works at the intersection of labor, policy, and politics to advance the interests of union members and ensure working people have a voice in public decision-making. She brings insight on utility work, infrastructure, energy, workforce development, and policies that support safe, family-wage jobs.

About Christine Reid
Political Director
IBEW Local 77
No Sessions Available

Steven Parker, CISA, CISSP, is a founding director of EnergySec. He has been engaged in critical infrastructure protection within the electric sector for more than 22 years, including eight years as a senior security staff member at a large west coast utility. He was also one of the original NERC CIP auditors for the WECC region. He has been with EnergySec full-time since 2010.

About Steve Parker
President
EnergySec
Aug 17, 2026
08:30 AM

The New Foundation: Standards approved & subject to future enforcement. Virtualization, CIP-002-8, CIP-003-11

08:30 AM - 10:00 AM
10:15 AM

The Next Wave: Standards in development: CIP-1xx (Cloud Security), Incident Reporting, Supply Chain, CIP-014, CIP-002

10:15 AM - 11:45 AM
01:00 PM

Emerging Topics: IBRs, Large Loads, 3rd Party Telecom, NERC's CIP Roadmap, Other Cybersecurity Topics

01:00 PM - 02:30 PM
Aug 18, 2026
08:30 AM

Keynote: Fireside Chat

08:30 AM - 09:45 AM
10:30 AM

From Pilot to Pipeline: AI Workforce Development Lessons from Utility, Union, and Community Partnerships

10:30 AM - 12:00 PM

Dennis Skarr is an educator, workforce training leader, and founder of SkarrNet Training Systems. He has led cybersecurity missions for the U.S. Air Force, developed training for cyber operators performing critical infrastructure assessments, and created technology programs for college and workforce learners. His work focuses on human-centered digital literacy, AI readiness, and cyber-aware judgment, helping non-technical learners build confidence with modern workplace technology without turning training into yet another joyless software hostage situation.

About Dennis Skarr
Founder & CEO
SkarrNet Training Systems
Aug 18, 2026
10:30 AM

From Pilot to Pipeline: AI Workforce Development Lessons from Utility, Union, and Community Partnerships

10:30 AM - 12:00 PM

Timothy Starr is an IT Risk and Compliance Analyst for Arizona Public Service.  He has been involved in CIP for Infrastructure and Operations since 2016.  Starting his career in IT Operations he started to learn CIP standards by being handed the CIP NERC guidebook by his boss at the time.  In 2018, Tim became responsible for ensuring compliance and support for CIP Real Time System Windows servers, including EMS, Substation HMIs, and other CIP windows assets. Additionally, Tim supported the Industrial Defender application to ensure CIP-010 requirements were met for all I&O teams.  On top of the server administration and compliance work, Tim also became a CIP Standard Owner for CIP-010 R1.1 to R1.6 and R2.1 and all CIP-009 requirements.  Tim also was the SME for these Standards during WECC Audits.  In July 2022, Tim joined his current role as an IT Risk and Compliance Analyst and has been a cornerstone in the compliance program for I&O since.  His current role includes ensuring compliance with CIP standards, supporting I&O teams with all things CIP, supporting self-certifications, supporting I&O during WECC Audits, new CIP standard implementations, CIP-010 change management, CIP related documentation updates, and being a CIP Consultation for I&O CIP related projects.

About Timothy Starr
IT Risk and Compliance Analyst
APS
Aug 18, 2026
04:30 PM

Take the Pain out of CIP-004: Discover How One Utility Automated CIP-004 Compliance

04:30 PM - 05:00 PM

Matt Griffin is the Principal Advisor of Cloud Technical Services at Midcontinent Independent System Operator (MISO), where Matt leads enterprise-scale cloud innovation with a focus on security, reliability, and regulatory compliance in the North American energy sector. Matt specializes in architecting and operationalizing secure cloud platforms, developing reusable Terraform modules for Azure and AI ecosystems, and enabling cloudnative scaling strategies in collaboration with MISO’s Data Architecture, Cyber Security, and Information Risk teams.

About Matt Griffin
Principal Advidor
MISO Energy
Aug 18, 2026
03:30 PM

Build Safe by Default: Supercharging Your Cloud Controls through IaC

03:30 PM - 04:30 PM

David Bernstein has over 15 years of experience in emergency response, emergency management, and business continuity and resilience planning. He has supported clients in developing and overseeing enterprise resilience strategies with local and global footprints. In addition to strategic program development, David has also developed facility recovery plans and acted as a Subject Matter Expert (SME) to support COVID-19 safety and recovery efforts. Prior to being a consultant, he was an Emergency Manager in healthcare, leading initiatives spanning individual hospitals to multi-facility health networks. David has also acted as a strategic advisor on multi-agency initiatives at the local and regional level, including coalitions and consortiums ranging in size and scope.

David holds internationally recognized credentials in Emergency Management and Business Continuity and brings significant experience in leading teams to develop corporate emergency response and business continuity programs, often from a ground zero start point.

About David Bernstein
Client Account Manager
Weston Solutions
Aug 18, 2026
02:00 PM

Choose Your Own Incident Response

02:00 PM - 03:00 PM

Duke Randall is an IT leader with over 20 years of experience specializing in infrastructure

and regulatory compliance within the electrical cooperative sector. He currently

spearheads proactive cybersecurity initiatives for critical infrastructure, managing the

security and integration of telecommunications, IT, and OT networks to ensure the delivery

of safe, reliable power. Known for his strategic foresight and vision planning, Duke serves as

a trusted advisor to senior management, developing actionable plans that prioritize a

proactive security posture. His technical expertise spans systems administration,

networking infrastructure, and complex regulatory landscapes. Duke has built a

professional reputation as a dependable voice who consistently delivers resilient solutions

for the modern utility environment.

About Duke Randall
IT Director
Dixie Power
Aug 18, 2026
01:30 PM

From Assessment to Action: Cyber Incident Response for Electric Utilities

01:30 PM - 02:00 PM

David Reinecke has more than 25 years of experience in cyber security, technology, and regulatory compliance within the energy industry, including large investor-owned, municipally owned, and co-operative utilities. His experience encompasses systems administration and networking infrastructure, cyber security, incident management, and regulatory compliance.

https://www.energysec.org/services/
About David Reinecke
Managing Director, Industry Programs
EnergySec
Aug 17, 2026
08:30 AM

The New Foundation: Standards approved & subject to future enforcement. Virtualization, CIP-002-8, CIP-003-11

08:30 AM - 10:00 AM
10:15 AM

The Next Wave: Standards in development: CIP-1xx (Cloud Security), Incident Reporting, Supply Chain, CIP-014, CIP-002

10:15 AM - 11:45 AM
01:00 PM

Emerging Topics: IBRs, Large Loads, 3rd Party Telecom, NERC's CIP Roadmap, Other Cybersecurity Topics

01:00 PM - 02:30 PM
Aug 18, 2026
01:30 PM

From Assessment to Action: Cyber Incident Response for Electric Utilities

01:30 PM - 02:00 PM

Terry is a serial entrepreneur with over 20 years of experience safeguarding public, corporate, and government sectors from cyber threats. A certified ethical hacker and former government red team leader, he is also a renowned expert in ICS/OT incident response and preparedness training, driving innovation in cybersecurity defense strategies.

Credited with over 600 vulnerabilities impacting ICS and Medical systems (ICS-CERT), underscoring his profound understanding of the field, including Siemens, ABB, Rockwell, Honeywell, and more reported vulnerabilities. Recognized as a pioneer in IoT and ICS analytics, Terry has collaborated globally to build ICS SIEMs currently utilized by Fortune 100 companies.

https://phishcloud.com
About Terry McCorkle
CEO and Founder
PhishCloud, Inc.
Aug 17, 2026
03:30 PM

From Fire Drills to Fusion: Transforming Security Operations Through Cyber Fusion Centers

03:30 PM - 04:15 PM

Andrew Ginter is the VP Industrial Security at Waterfall Security Solutions, where he leads a team of experts that work with the world's most secure industrial sites. Before Waterfall, he led the development of high-end industrial control system products at Hewlett-Packard, IT/OT middleware products at Agilent Technologies, and the world's first industrial SIEM at Industrial Defender. Andrew is the author of two textbooks on industrial security, and a co-author of the IIoT Security Framework and the UITP guide to rail system cybersecurity procurement. He co-hosts the Industrial Security Podcast, is a lecturer at the Industrial Security Institute, and contributes regularly to industrial security standards and best-practice guidance.

About Andrew Ginter
VP Industrial Security
Waterfall Security Solutions
Aug 17, 2026
02:45 PM

Espionage vs. Sabotage, Credibility vs. Likelihood, and Other Latest Thinking

02:45 PM - 03:30 PM

EnergySec Cyber Security Professional of the Year 2018

SAN ICS Cyber Security Principal Instructor

Hardware Hacking Essentials Training Course Author

Supply chipping attack feature at wired.com

60+ Security presentations at conferences including, DEFCON, RSA, EnergySec, S4 CS3STLM, Bsides LV, GridSecCon, Hack the Capitol and many others

About Monta Elkins
Principal Istructor
SANS
Aug 17, 2026
01:00 PM

Hidden Wireless Hardware? Could Your Devices Be Talking? Birds of a Feather: Detecting Unexpected Wireless Hardware

01:00 PM - 02:00 PM
Aug 18, 2026
10:30 AM

TRUST NO USB: Build and Program Your Own HID Attack Tool

10:30 AM - 12:00 PM

With a 15-year IT background, Kyle Jones transitioned to education, holding various roles, including Sr. Security Infrastructure Administrator. He possesses multiple CompTIA certifications and degrees in Network Engineering, Business and a Master in Information Assurance and Security. At Sinclair College, he's a Principal Investigator and a noted cybersecurity speaker in Ohio. His recognitions include IT Leader of the Year and Dayton's top 40 under 40, and he actively participates in the Ohio Cyber Reserves.

About Kyle Jones
Chair & Professor
Sinclaire College
Aug 17, 2026
11:00 AM

Rethinking Cybersecurity for Water: Training, Global Insight, and Workforce Innovation

11:00 AM - 11:45 AM

Event Schedule

Session Date
Clear all ×

Sessions on Aug 17, 2026

08:30 AM
The Future of CIP Mini-Summit

The Future of CIP Mini Summit

08:30 AM - 04:30 PM
    speaker

    Lisa Carrington

    Senior Advisor, Digital Readiness & Change EnablementAPS

    Lisa has spent 25 years in the electric sector and has been around NERC Compliance since the beginning, which qualifies her as either an OG or an artifact, depending on who is doing the audit.

     

    Her career has crossed public power, IOUs, regulatory compliance, cybersecurity, IT governance, supply chain, procurement, and digital change. In other words, she has collected utility functions the way some people collect Disney pins.

     

    Lisa helped build EnergySec in its early days, focused on cybersecurity regulation, education, and collaboration across the electric sector. She has spent much of her career translating technical realities and compliance regulations into operational and business decisions, speaking fluent engineer, executive, auditor, and several ancient dialects of CIP that only appear in archived RSAWs.

     

    Today, her work focuses on helping people build the confidence, curiosity, and judgment needed to adapt as technology, risk, and regulations keep changing.

     

    She is also a mixologist and historian, which means she knows that great outcomes depend on good ingredients, careful balance, and occasionally, a very strong pour.

    SocialLink
    08:30 AM
      speaker

      David Reinecke

      Managing Director, Industry ProgramsEnergySec

      David Reinecke has more than 25 years of experience in cyber security, technology, and regulatory compliance within the energy industry, including large investor-owned, municipally owned, and co-operative utilities. His experience encompasses systems administration and networking infrastructure, cyber security, incident management, and regulatory compliance.

      SocialLink
      speaker

      Steve Parker

      PresidentEnergySec

      Steven Parker, CISA, CISSP, is a founding director of EnergySec. He has been engaged in critical infrastructure protection within the electric sector for more than 22 years, including eight years as a senior security staff member at a large west coast utility. He was also one of the original NERC CIP auditors for the WECC region. He has been with EnergySec full-time since 2010.

      SocialLink
      speaker

      Justin Kelly

      Principal CIP EngineerSERC Reliability Corporation

      Justin is an electrical engineer with deep expertise in electric reliability compliance, built over more than fifteen years in the industry. He began his career at the Federal Energy Regulatory Commission (FERC), where he spent a decade specializing in Geomagnetic Disturbances, Electromagnetic Pulses, CIP Reliability Standard development, CIP sanctions, and both regional and FERC-led CIP audits. Since joining SERC in 2019, Justin has served as a CIP auditor and CIP risk assessment specialist and has established himself as the organization's go-to expert on Internal Control Programs.

      SocialLink
      speaker

      Lisa Carrington

      Senior Advisor, Digital Readiness & Change EnablementAPS

      Lisa has spent 25 years in the electric sector and has been around NERC Compliance since the beginning, which qualifies her as either an OG or an artifact, depending on who is doing the audit.

       

      Her career has crossed public power, IOUs, regulatory compliance, cybersecurity, IT governance, supply chain, procurement, and digital change. In other words, she has collected utility functions the way some people collect Disney pins.

       

      Lisa helped build EnergySec in its early days, focused on cybersecurity regulation, education, and collaboration across the electric sector. She has spent much of her career translating technical realities and compliance regulations into operational and business decisions, speaking fluent engineer, executive, auditor, and several ancient dialects of CIP that only appear in archived RSAWs.

       

      Today, her work focuses on helping people build the confidence, curiosity, and judgment needed to adapt as technology, risk, and regulations keep changing.

       

      She is also a mixologist and historian, which means she knows that great outcomes depend on good ingredients, careful balance, and occasionally, a very strong pour.

      SocialLink
      OT Security

      Los Angeles office of the FBI & Partners

      08:30 AM - 10:00 AM
      10:15 AM
        speaker

        Shawn Waldman

        CEOSecureCyber

        As the CEO and Founder of SecureCyber, Shawn leads a dedicated team committed to safeguarding organizations across the entire spectrum of cybersecurity needs. He brings over two decades of experience in cybersecurity and information systems from perimeter defense and secure network design, to vulnerability discovery and intrusion detection systems. Shawn specializes in leading security teams when bridging the gap between technology and business objectives. He has an exceptional track record in empowering informed decision-making that protects assets from both internal and external threats. Prior to joining SecureCyber, Shawn occupied a senior role in the FBI’s Criminal Justice Information System compliance framework. He developed a compliance training curriculum for agencies and vendors. His efforts in speaking, training, and writing on cyber issues are widely recognized and showcase his mission to make cybersecurity knowledge and best practice accessible to diverse audiences across multiple sectors. A highly experienced leader in this category, Shawn is committed to breaking new ground in the evolving – and often challenging – space of cybersecurity.

        SocialLink
        10:15 AM
          speaker

          David Reinecke

          Managing Director, Industry ProgramsEnergySec

          David Reinecke has more than 25 years of experience in cyber security, technology, and regulatory compliance within the energy industry, including large investor-owned, municipally owned, and co-operative utilities. His experience encompasses systems administration and networking infrastructure, cyber security, incident management, and regulatory compliance.

          SocialLink
          speaker

          Steve Parker

          PresidentEnergySec

          Steven Parker, CISA, CISSP, is a founding director of EnergySec. He has been engaged in critical infrastructure protection within the electric sector for more than 22 years, including eight years as a senior security staff member at a large west coast utility. He was also one of the original NERC CIP auditors for the WECC region. He has been with EnergySec full-time since 2010.

          SocialLink
          speaker

          Justin Kelly

          Principal CIP EngineerSERC Reliability Corporation

          Justin is an electrical engineer with deep expertise in electric reliability compliance, built over more than fifteen years in the industry. He began his career at the Federal Energy Regulatory Commission (FERC), where he spent a decade specializing in Geomagnetic Disturbances, Electromagnetic Pulses, CIP Reliability Standard development, CIP sanctions, and both regional and FERC-led CIP audits. Since joining SERC in 2019, Justin has served as a CIP auditor and CIP risk assessment specialist and has established himself as the organization's go-to expert on Internal Control Programs.

          SocialLink
          speaker

          Lisa Carrington

          Senior Advisor, Digital Readiness & Change EnablementAPS

          Lisa has spent 25 years in the electric sector and has been around NERC Compliance since the beginning, which qualifies her as either an OG or an artifact, depending on who is doing the audit.

           

          Her career has crossed public power, IOUs, regulatory compliance, cybersecurity, IT governance, supply chain, procurement, and digital change. In other words, she has collected utility functions the way some people collect Disney pins.

           

          Lisa helped build EnergySec in its early days, focused on cybersecurity regulation, education, and collaboration across the electric sector. She has spent much of her career translating technical realities and compliance regulations into operational and business decisions, speaking fluent engineer, executive, auditor, and several ancient dialects of CIP that only appear in archived RSAWs.

           

          Today, her work focuses on helping people build the confidence, curiosity, and judgment needed to adapt as technology, risk, and regulations keep changing.

           

          She is also a mixologist and historian, which means she knows that great outcomes depend on good ingredients, careful balance, and occasionally, a very strong pour.

          SocialLink
          11:00 AM
            speaker

            Shawn Waldman

            CEOSecureCyber

            As the CEO and Founder of SecureCyber, Shawn leads a dedicated team committed to safeguarding organizations across the entire spectrum of cybersecurity needs. He brings over two decades of experience in cybersecurity and information systems from perimeter defense and secure network design, to vulnerability discovery and intrusion detection systems. Shawn specializes in leading security teams when bridging the gap between technology and business objectives. He has an exceptional track record in empowering informed decision-making that protects assets from both internal and external threats. Prior to joining SecureCyber, Shawn occupied a senior role in the FBI’s Criminal Justice Information System compliance framework. He developed a compliance training curriculum for agencies and vendors. His efforts in speaking, training, and writing on cyber issues are widely recognized and showcase his mission to make cybersecurity knowledge and best practice accessible to diverse audiences across multiple sectors. A highly experienced leader in this category, Shawn is committed to breaking new ground in the evolving – and often challenging – space of cybersecurity.

            SocialLink
            speaker

            Kyle Jones

            Chair & ProfessorSinclaire College

            With a 15-year IT background, Kyle Jones transitioned to education, holding various roles, including Sr. Security Infrastructure Administrator. He possesses multiple CompTIA certifications and degrees in Network Engineering, Business and a Master in Information Assurance and Security. At Sinclair College, he's a Principal Investigator and a noted cybersecurity speaker in Ohio. His recognitions include IT Leader of the Year and Dayton's top 40 under 40, and he actively participates in the Ohio Cyber Reserves.

            SocialLink
            11:45 AM

            Lunch and Sunshine

            11:45 AM - 01:00 PM
            01:00 PM
              speaker

              Monta Elkins

              Principal IstructorSANS

              EnergySec Cyber Security Professional of the Year 2018

              SAN ICS Cyber Security Principal Instructor

              Hardware Hacking Essentials Training Course Author

              Supply chipping attack feature at wired.com

              60+ Security presentations at conferences including, DEFCON, RSA, EnergySec, S4 CS3STLM, Bsides LV, GridSecCon, Hack the Capitol and many others

              SocialLink
              01:00 PM
                speaker

                David Reinecke

                Managing Director, Industry ProgramsEnergySec

                David Reinecke has more than 25 years of experience in cyber security, technology, and regulatory compliance within the energy industry, including large investor-owned, municipally owned, and co-operative utilities. His experience encompasses systems administration and networking infrastructure, cyber security, incident management, and regulatory compliance.

                SocialLink
                speaker

                Steve Parker

                PresidentEnergySec

                Steven Parker, CISA, CISSP, is a founding director of EnergySec. He has been engaged in critical infrastructure protection within the electric sector for more than 22 years, including eight years as a senior security staff member at a large west coast utility. He was also one of the original NERC CIP auditors for the WECC region. He has been with EnergySec full-time since 2010.

                SocialLink
                speaker

                Justin Kelly

                Principal CIP EngineerSERC Reliability Corporation

                Justin is an electrical engineer with deep expertise in electric reliability compliance, built over more than fifteen years in the industry. He began his career at the Federal Energy Regulatory Commission (FERC), where he spent a decade specializing in Geomagnetic Disturbances, Electromagnetic Pulses, CIP Reliability Standard development, CIP sanctions, and both regional and FERC-led CIP audits. Since joining SERC in 2019, Justin has served as a CIP auditor and CIP risk assessment specialist and has established himself as the organization's go-to expert on Internal Control Programs.

                SocialLink
                speaker

                Lisa Carrington

                Senior Advisor, Digital Readiness & Change EnablementAPS

                Lisa has spent 25 years in the electric sector and has been around NERC Compliance since the beginning, which qualifies her as either an OG or an artifact, depending on who is doing the audit.

                 

                Her career has crossed public power, IOUs, regulatory compliance, cybersecurity, IT governance, supply chain, procurement, and digital change. In other words, she has collected utility functions the way some people collect Disney pins.

                 

                Lisa helped build EnergySec in its early days, focused on cybersecurity regulation, education, and collaboration across the electric sector. She has spent much of her career translating technical realities and compliance regulations into operational and business decisions, speaking fluent engineer, executive, auditor, and several ancient dialects of CIP that only appear in archived RSAWs.

                 

                Today, her work focuses on helping people build the confidence, curiosity, and judgment needed to adapt as technology, risk, and regulations keep changing.

                 

                She is also a mixologist and historian, which means she knows that great outcomes depend on good ingredients, careful balance, and occasionally, a very strong pour.

                SocialLink
                02:45 PM
                The Future of CIP Mini-Summit

                ERO Approaches to Internal Controls

                02:45 PM - 03:30 PM
                  speaker

                  Justin Kelly

                  Principal CIP EngineerSERC Reliability Corporation

                  Justin is an electrical engineer with deep expertise in electric reliability compliance, built over more than fifteen years in the industry. He began his career at the Federal Energy Regulatory Commission (FERC), where he spent a decade specializing in Geomagnetic Disturbances, Electromagnetic Pulses, CIP Reliability Standard development, CIP sanctions, and both regional and FERC-led CIP audits. Since joining SERC in 2019, Justin has served as a CIP auditor and CIP risk assessment specialist and has established himself as the organization's go-to expert on Internal Control Programs.

                  SocialLink
                    speaker

                    Andrew Ginter

                    VP Industrial SecurityWaterfall Security Solutions

                    Andrew Ginter is the VP Industrial Security at Waterfall Security Solutions, where he leads a team of experts that work with the world's most secure industrial sites. Before Waterfall, he led the development of high-end industrial control system products at Hewlett-Packard, IT/OT middleware products at Agilent Technologies, and the world's first industrial SIEM at Industrial Defender. Andrew is the author of two textbooks on industrial security, and a co-author of the IIoT Security Framework and the UITP guide to rail system cybersecurity procurement. He co-hosts the Industrial Security Podcast, is a lecturer at the Industrial Security Institute, and contributes regularly to industrial security standards and best-practice guidance.

                    SocialLink
                    03:30 PM
                    The Future of CIP Mini-Summit

                    Two Years Out: A Candid Conversation on CIP-015 INSM

                    03:30 PM - 04:15 PM
                      speaker

                      Kristine Martz

                      Principal Product Advisor – Electric SectorDragos

                      SocialLink
                      speaker

                      Kimberly Fellner

                      Director, Security Architecture, Engineering and Vulnerability ManagementAmerican Electric Power
                      SocialLink
                        speaker

                        Terry McCorkle

                        CEO and FounderPhishCloud, Inc.

                        Terry is a serial entrepreneur with over 20 years of experience safeguarding public, corporate, and government sectors from cyber threats. A certified ethical hacker and former government red team leader, he is also a renowned expert in ICS/OT incident response and preparedness training, driving innovation in cybersecurity defense strategies.

                        Credited with over 600 vulnerabilities impacting ICS and Medical systems (ICS-CERT), underscoring his profound understanding of the field, including Siemens, ABB, Rockwell, Honeywell, and more reported vulnerabilities. Recognized as a pioneer in IoT and ICS analytics, Terry has collaborated globally to build ICS SIEMs currently utilized by Fortune 100 companies.

                        SocialLink
                        05:00 PM

                        Sessions on Aug 18, 2026

                        07:45 AM

                        Breakfast in the Expo Hall

                        07:45 AM - 08:30 AM
                        08:30 AM

                        Keynote: Fireside Chat

                        08:30 AM - 09:45 AM
                          speaker

                          Steve Parker

                          PresidentEnergySec

                          Steven Parker, CISA, CISSP, is a founding director of EnergySec. He has been engaged in critical infrastructure protection within the electric sector for more than 22 years, including eight years as a senior security staff member at a large west coast utility. He was also one of the original NERC CIP auditors for the WECC region. He has been with EnergySec full-time since 2010.

                          SocialLink
                          speaker

                          Lynn Costantini

                          Deputy Director – Center for Partnerships and InnovationNational Association of Regulatory Utility Commissioners

                          SocialLink
                          10:30 AM
                            speaker

                            Monta Elkins

                            Principal IstructorSANS

                            EnergySec Cyber Security Professional of the Year 2018

                            SAN ICS Cyber Security Principal Instructor

                            Hardware Hacking Essentials Training Course Author

                            Supply chipping attack feature at wired.com

                            60+ Security presentations at conferences including, DEFCON, RSA, EnergySec, S4 CS3STLM, Bsides LV, GridSecCon, Hack the Capitol and many others

                            SocialLink
                              speaker

                              Dennis Skarr

                              Founder & CEOSkarrNet Training Systems

                              Dennis Skarr is an educator, workforce training leader, and founder of SkarrNet Training Systems. He has led cybersecurity missions for the U.S. Air Force, developed training for cyber operators performing critical infrastructure assessments, and created technology programs for college and workforce learners. His work focuses on human-centered digital literacy, AI readiness, and cyber-aware judgment, helping non-technical learners build confidence with modern workplace technology without turning training into yet another joyless software hostage situation.

                              SocialLink
                              speaker

                              Steve Parker

                              PresidentEnergySec

                              Steven Parker, CISA, CISSP, is a founding director of EnergySec. He has been engaged in critical infrastructure protection within the electric sector for more than 22 years, including eight years as a senior security staff member at a large west coast utility. He was also one of the original NERC CIP auditors for the WECC region. He has been with EnergySec full-time since 2010.

                              SocialLink
                              speaker

                              Robert Zardeneta

                              Vice President of ProgramsLos Angeles Urban League

                              SocialLink
                              speaker

                              Kat Santana

                              Founder and Principal ConsultantThe Katalyst Tapestry Consulting Firm

                              SocialLink
                              12:00 PM

                              Lunch in the Expo Hall

                              12:00 PM - 01:15 PM
                              01:30 PM
                                speaker

                                David Reinecke

                                Managing Director, Industry ProgramsEnergySec

                                David Reinecke has more than 25 years of experience in cyber security, technology, and regulatory compliance within the energy industry, including large investor-owned, municipally owned, and co-operative utilities. His experience encompasses systems administration and networking infrastructure, cyber security, incident management, and regulatory compliance.

                                SocialLink
                                speaker

                                Duke Randall

                                IT DirectorDixie Power

                                Duke Randall is an IT leader with over 20 years of experience specializing in infrastructure

                                and regulatory compliance within the electrical cooperative sector. He currently

                                spearheads proactive cybersecurity initiatives for critical infrastructure, managing the

                                security and integration of telecommunications, IT, and OT networks to ensure the delivery

                                of safe, reliable power. Known for his strategic foresight and vision planning, Duke serves as

                                a trusted advisor to senior management, developing actionable plans that prioritize a

                                proactive security posture. His technical expertise spans systems administration,

                                networking infrastructure, and complex regulatory landscapes. Duke has built a

                                professional reputation as a dependable voice who consistently delivers resilient solutions

                                for the modern utility environment.

                                SocialLink
                                01:30 PM
                                  speaker

                                  Paul Wagner

                                  Professor of PracticeUniversity of Arizona

                                  Dr. Paul Wagner is a Professor of Practice in the Cyber Operations program at the University of Arizona (U of A). Paul is the director of U of A’s Arizona Cybersecurity Academy which focuses on K-20 education initiatives, workforce development, and community outreach and awareness. He is also the director of the Arizona Cybersecurity Clinic which provides student experiential learning and cybersecurity support to government and community partners. Prior to working with the University of Arizona, Paul spent 20 years in the Army where he developed his knowledge in computer networking and designing robust network architectures to support global operations in support of national and joint operations. In addition to his Ph.D. in Cyber Defense from Dakota State University, Paul holds over twenty technical certifications. His primary research interests focus on cybersecurity education, training, and workforce develop

                                  SocialLink
                                  speaker

                                  Rob Honomichl

                                  Assistant Professor of Cyber OperationsUniversity of Arizona

                                  Dr. Robert Honomichl is an Assistant Professor of Cyber Operations at the University of Arizona. Dr. Honomichl is an advocate for computer science and cybersecurity education. He has hosted a variety of teacher professional development opportunities including serving as director of six GenCyber teacher camps, CTE CyberNet and Middle Grade Accelerator program site lead, and the Cybersecurity High School Innovation project. Dr. Honomichl’s research interests include cybersecurity education, human factors of cybersecurity, and social engineering.

                                  SocialLink
                                  speaker

                                  Veronika Kyles

                                  Graduate StudentUniversity of Arizona

                                  Veronika Kyles is a graduate student at the University of Arizona pursuing a Master’s in Cyber and Information Operations. She graduated Magna Cum Laude with a Bachelor’s in Cyber Operations, concentrating in Cyber Engineering and minoring in Computer Science and Music. She was selected for the Department of Defense Cyber Service Academy and recently completed a summer internship with the Naval Information Warfare Center Pacific in San Diego. She previously worked at the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, where she spent two years researching policy-driven risk analysis for critical infrastructure. Her current research focuses on industrial control system cybersecurity within Arizona’s water and wastewater sector, with an emphasis on identifying sector‑specific vulnerabilities and key threat vectors. The goal of these findings is to develop a tailored cybersecurity strategy designed specifically to help under‑resourced utilities strengthen their security posture across the state. Veronika is integrating this research into the Cybersecurity Clinic‑in‑a‑Box Toolkit by creating sector‑specific guidance, assessment materials, and OT‑focused recommendations that address the needs of Arizona’s under‑resourced water utilities. Her goal is to strengthen the toolkit’s ability to deliver practical, locally relevant cybersecurity support in low‑capacity operational environments.

                                  SocialLink
                                  speaker

                                  Sam Encinas

                                  Graduate StudentUniversity of Arizona

                                  Sam Encinas is a graduate student at the University of Arizona pursuing a Master's in Cyber and Information Operations. She graduated summa cum laude with a Bachelor of Applied Science in Cyber Operations, emphasizing in Defense & Forensics. She is currently on her second internship with Salt River Project and has worked in different IT and compliance projects. Sam is passionate about cybersecurity and technology and interested in leveraging her skills to make a positive impact and help others in the industry.

                                  SocialLink
                                  02:00 PM
                                  Track 1

                                  Choose Your Own Incident Response

                                  02:00 PM - 03:00 PM
                                    speaker

                                    David Bernstein

                                    Client Account ManagerWeston Solutions

                                    David Bernstein has over 15 years of experience in emergency response, emergency management, and business continuity and resilience planning. He has supported clients in developing and overseeing enterprise resilience strategies with local and global footprints. In addition to strategic program development, David has also developed facility recovery plans and acted as a Subject Matter Expert (SME) to support COVID-19 safety and recovery efforts. Prior to being a consultant, he was an Emergency Manager in healthcare, leading initiatives spanning individual hospitals to multi-facility health networks. David has also acted as a strategic advisor on multi-agency initiatives at the local and regional level, including coalitions and consortiums ranging in size and scope.

                                    David holds internationally recognized credentials in Emergency Management and Business Continuity and brings significant experience in leading teams to develop corporate emergency response and business continuity programs, often from a ground zero start point.

                                    SocialLink
                                    03:30 PM
                                      speaker

                                      Matt Griffin

                                      Principal AdvidorMISO Energy

                                      Matt Griffin is the Principal Advisor of Cloud Technical Services at Midcontinent Independent System Operator (MISO), where Matt leads enterprise-scale cloud innovation with a focus on security, reliability, and regulatory compliance in the North American energy sector. Matt specializes in architecting and operationalizing secure cloud platforms, developing reusable Terraform modules for Azure and AI ecosystems, and enabling cloudnative scaling strategies in collaboration with MISO’s Data Architecture, Cyber Security, and Information Risk teams.

                                      SocialLink
                                      03:30 PM
                                        speaker

                                        Hector R. Perez

                                        Head of Strategy, Global Industrial CybersecurityBlack & Veatch

                                        SocialLink
                                        Sponsors
                                        04:30 PM
                                          speaker

                                          Timothy Starr

                                          IT Risk and Compliance AnalystAPS

                                          Timothy Starr is an IT Risk and Compliance Analyst for Arizona Public Service.  He has been involved in CIP for Infrastructure and Operations since 2016.  Starting his career in IT Operations he started to learn CIP standards by being handed the CIP NERC guidebook by his boss at the time.  In 2018, Tim became responsible for ensuring compliance and support for CIP Real Time System Windows servers, including EMS, Substation HMIs, and other CIP windows assets. Additionally, Tim supported the Industrial Defender application to ensure CIP-010 requirements were met for all I&O teams.  On top of the server administration and compliance work, Tim also became a CIP Standard Owner for CIP-010 R1.1 to R1.6 and R2.1 and all CIP-009 requirements.  Tim also was the SME for these Standards during WECC Audits.  In July 2022, Tim joined his current role as an IT Risk and Compliance Analyst and has been a cornerstone in the compliance program for I&O since.  His current role includes ensuring compliance with CIP standards, supporting I&O teams with all things CIP, supporting self-certifications, supporting I&O during WECC Audits, new CIP standard implementations, CIP-010 change management, CIP related documentation updates, and being a CIP Consultation for I&O CIP related projects.

                                          SocialLink
                                            speaker

                                            Jonathan Robbins

                                            Senior ConsultantArcher Energy Solutions

                                            Jonathan Robbins is a Senior Consultant with Archer Energy Solutions specializing in cybersecurity governance, NERC CIP compliance, and risk management for electric utilities and critical infrastructure organizations.

                                            His background includes information security and compliance leadership roles supporting a generation and transmission cooperative, a renewable energy owner/operator, and a manufacturer of electric grid technologies. Through these experiences, he has helped organizations develop sustainable compliance programs, navigate audits, strengthen security controls, and improve operational resilience.

                                            Jonathan holds an MBA and is a Certified CIP Compliance Professional (C3P). His experience includes supporting NERC CIP and ISO 27001 implementation, auditing, and security governance initiatives across the energy sector. He is passionate about helping organizations translate complex regulatory requirements into practical processes that improve both compliance and security outcomes.

                                            SocialLink

                                            Sessions on Aug 19, 2026

                                            07:30 AM

                                            Breakfast in the Expo Hall

                                            07:30 AM - 08:30 AM
                                            08:30 AM
                                              speaker

                                              Jonathan Robbins

                                              Senior ConsultantArcher Energy Solutions

                                              Jonathan Robbins is a Senior Consultant with Archer Energy Solutions specializing in cybersecurity governance, NERC CIP compliance, and risk management for electric utilities and critical infrastructure organizations.

                                              His background includes information security and compliance leadership roles supporting a generation and transmission cooperative, a renewable energy owner/operator, and a manufacturer of electric grid technologies. Through these experiences, he has helped organizations develop sustainable compliance programs, navigate audits, strengthen security controls, and improve operational resilience.

                                              Jonathan holds an MBA and is a Certified CIP Compliance Professional (C3P). His experience includes supporting NERC CIP and ISO 27001 implementation, auditing, and security governance initiatives across the energy sector. He is passionate about helping organizations translate complex regulatory requirements into practical processes that improve both compliance and security outcomes.

                                              SocialLink
                                              08:30 AM
                                              Sponsors
                                              09:15 AM
                                              Track 1

                                              Implementing Internal Controls

                                              09:15 AM - 10:00 AM
                                                speaker

                                                Justin Kelly

                                                Principal CIP EngineerSERC Reliability Corporation

                                                Justin is an electrical engineer with deep expertise in electric reliability compliance, built over more than fifteen years in the industry. He began his career at the Federal Energy Regulatory Commission (FERC), where he spent a decade specializing in Geomagnetic Disturbances, Electromagnetic Pulses, CIP Reliability Standard development, CIP sanctions, and both regional and FERC-led CIP audits. Since joining SERC in 2019, Justin has served as a CIP auditor and CIP risk assessment specialist and has established himself as the organization's go-to expert on Internal Control Programs.

                                                SocialLink
                                                09:30 AM
                                                  speaker

                                                  Anirban “Sunny” Ghosh

                                                  NERC CIP Lead, Industrial Cybersecurity ConsultantBlack & Veatch

                                                  SocialLink
                                                  Sponsors
                                                  10:30 AM
                                                    speaker

                                                    Samara Moore

                                                    Executive DirectorInnoSec Solutions

                                                     

                                                    SocialLink
                                                    10:30 AM
                                                    Sponsors
                                                    11:15 AM
                                                      speaker

                                                      Chris Weule

                                                      Director, Operational Technology, Cyber Fusion & StrategyPhishCloud, Inc.

                                                      SocialLink
                                                      12:00 PM