Past Event

CANCELLED | Cybersecurity: Threats, Best Practices, and Improving the Regulatory Framework

WednesdayMarch 21, 2018 1:00 PM - 6:15 PM Kleinman | Paid Event Register Here
Kleinman Center for Energy Policy
220 S. 34th St. Fisher Fine Arts Library, 4th Floor
19104 Philadelphia , PA
United States
Pennsylvania US
Contact Information

For information about this event, please contact:
Susan Rivo

  • Lynn Costantini
    Manager of Cybersecurity Compliance & Oversight
    New Jersey Board of Public Utilities
  • Gerry Cotellesse
    Supervisory Special Agent
  • Willliam Hederman
    Senior Fellow
    Kleinman Center for Energy Policy
  • Dr. Erfan Ibrahim
    Director of Cyber Physical Security and Resilience Systems
  • Steve Kunsman
    Director of Product Development
    ABB Grid
  • Jonathon Monken
    Senior Director of System Resilience
  • Maggy Powell
    NERC Compliance Manager
  • Vinny Sakore
    Chief Technology Officer
  • Tobias Whitney
    Principal for Critical Infrastructure Protection
  • Greg Witte
    Senior Security Engineer for G2


Energy Policy Roundtable in the PJM Footprint #9

Presented by Raab Associates 

Three quarters of utility executives in North America believe that a major cyber attack is likely to occur within the next five years. A recent survey of utility professionals found cyber and physical security to be the most pressing issues facing the industry. 

Recall that a 2015 cyber attack on Ukraine's power grid blacked out over 100 cities and towns. Closer to home, in 2017, hackers targeted critical energy infrastructure, breaching computer networks of various U.S. power plants, including the Wolf Creek nuclear station. More frequently, ransomware attacks are targeting the utility industry. 

FERC's new resiliency NOPR is exploring how RTOs/ISOs identify and plan for low frequency, high impact events, including cyber attacks. FERC also has a NOPR pending which would require enhanced reporting of attempted cyber attacks. Meanwhile, state policy makers and utility regulators are establishing their own cyber-related policies and requirements, exploring critical questions about risks and costs. w

Please join us in exploring these timely and thorny issues as we examine current and future threats, as well as the emerging utility industry and regulatory best practices in confronting them.

Registration is required***.  Rates are $100 for general registration and $50 for employees of Sponsoring Organizations, government or non-profit employees, students, retirees, & low-income individuals. Registration for Web-Streaming Only: $50 for non-Sponsors and Free for Sponsors.

Register Here

***The Kleinman Center has a limited number of seats reserved for Penn colleagues and students. If you are a member of the Penn community and interested in attending, please contact Bill Cohen:

First Panel: Emerging Industry Best Practices on Cybersecurity in the Utility (Electric and Gas) Industry
  • Jonathon Monken, Senior Director of System Resilience at PJM, presenting a bulk power system perspective 
  • Dr. Erfan Ibrahim, Director of Cyber Physical Security and Resilience Systems at the National Renewable Energy Labs (NREL), providing a distributed energy resources perspective 
  • Steve Kunsman, Director of Product Development at ABB
  • Grid, sharing a vendor perspective 
  • Maggy Powell, NERC Compliance Manager at Exelon, offering a distribution and integrated utility perspective 

This panel will be guest moderated by Kleinman Center Senior Fellow William Hederman, who was a senior advisor to U.S. DOE Secretary of Energy Ernest Moniz, and is currently advising Edison Electric Institute (EEI) on cyber issues. 

Key Questions for this Panel: What threats do we see now in the utility industry and what can we reasonably expect in the future? How does the growth of the "smart grid" and of distributed energy resources impact the cybersecurity landscape? What are the current best practices in designing, implementing, and evolving our defenses and responses?


Second Panel (after the networking break): Improving the Regulatory Framework for Cybersecurity in the Utility Industry. 
  • Tobias Whitney, Principal for Critical Infrastructure Protection at NERC (North American Electric Reliability Corporation), will discuss NERC's Critical Infrastructure Protection (CIP) requirements for the utility industry. 
  • Greg Witte, Senior Security Engineer for G2 at NIST (National Institute of Standards & Technology), will lay out NIST's risk-based Cybersecurity Framework, which can supplement NERC requirements. 
  • Vinny Sakore, Chief Technology Officer at NetDiligence, will describe the firm's work in helping companies assess and manage risks.
  • Lynn Costantini, New Jersey Board of Public Utilities' Manager of Cybersecurity Compliance & Oversight, will discuss NJ's development of a cutting-edge state regulatory cyber strategy and framework for its utilities, as well as its leadership role on NARUC's Critical Infrastructure Committee.

Key Questions for this Panel: How should regulators, utilities, and other energy stakeholders prioritize cyber investments, and what are the relative roles of requirement vs. risk-based approaches? What are the likely costs, and how should those costs be recovered? What strategies and frameworks should FERC, NERC, and state PUCs put in place to facilitate cyber best practices, including continuous improvement?