Committee on Critical Infrastructure

Return to the Compiled Agenda

Sunday, February 14, 2016

1:00 p.m. - 5:00 p.m.
Committee on Critical Infrastructure
(JOINT Meeting with Critical Infrastructure Committee)
View Presentations 
Ballroom Central
1:00 p.m. - 1:15 p.m.
Welcome and Introductions

Moderator: Hon. Carolene Mays-Medley, Indiana Thomas Pearce, Ohio


1:15 p.m. - 1:30 p.m.
DOE update

Panelists: U.S. Dept. of Energy (invited)


1:30 p.m. - 1:35 p.m.
Update from DHS Office of Emergency Communications

John McClain, Office of Emergency Communications, Department of Homeland Security


1:35 p.m. - 2:00 p.m.
Discussion regarding the importance and relevance of cybersecurity, the role of the DHS, resources available from DHS to help Commissions and utilities, and the C3VP program.

Kelvin Coleman, Acting Deputy Director, Stakeholder Engagement and Cyber Infrastructure, Department of Homeland Security


2:00 p.m. - 2:30 p.m.
Update on the GridEx III Tabletop exercise hosted by the North American Electric Reliability Corporation in November 2015. The biennial simulation helps the electric industry prepare for events that could compromise the Bulk Power System.

Hon. Philip Jones, Washington
Marcus Sachs, North American Electric Reliability Corporation


2:30 p.m. - 2:45 p.m.
Supply Chain Management
Examining supply chain vulnerabilities. What is the impact of vendor (non)security? How do utilities protect their data and operating systems? Should there be standards and/or regulations regarding suppliers?

Hon. Philip Jones, Washington
Samara Moore, Senior Manager for CIP Security and Compliance, Exelon Corporate and Information Security Services


2:45 p.m. - 3:00 p.m.
National Institute of Standards and Technology RFI
Update on the National Institute of Standards and Technology cybersecurity framework RFI.

Hon. Pamela Witmer, Pennsylvania
Adam Sedgewick, Senior Information Technology Advisor, National Institute of Standards and Technology


3:00 p.m. - 3:15 p.m.


3:15 p.m. - 4:45 p.m.
What Role Do We Play in Cybersecurity?
Commissions are struggling with the role regulators play in cybersecurity and what is allowable for cost recovery on these fronts by utilities. Is the private sector acting quickly enough in light of these threats; and how much should State Commissions be doing? Where does cybersecurity responsibility lie? What should we be doing as State Commissioners? What is being done at the federal level and how do/should our roles overlap, bind/work together? Is it a federal problem? A State problem? Is it a utility problem? How much and how should information be shared?

Hon. Nick Wagner, Iowa
Hon. Carolene Mays-Medley, Indiana


3:15 p.m. - 4:00 p.m.
Panel 1

Jim Fama, Vice President, Energy Delivery Group, Edison Electric Institute
Pat Hoffman, Assistant Secretary, U.S. Department of Energy
Hon. Cheryl LeFleur, Commissioner, Federal Energy Regulatory Commission


4:00 p.m. - 4:45 p.m.
Panel 2: Commissioners

Moderator: Hon. Carolene Mays-Medley, Indiana
Hon. TaNola Brown-Bland, North Carolina
Hon. Art House, Connecticut
Hon. Ann McCabe, Illinois
Hon. Bob Scott, New Hampshire


4:45 p.m. - 5:00 p.m.
Business Meeting
NARUC updates.



Tuesday, February 16, 2016

1:00 p.m. - 2:30 p.m.
Safe and Secure: Maintaining the Security of our Water Utilities
(JOINT MEETING with Committee on Water)

Recent events have highlighted the importance of maintaining the security of utility services. Access to safe sources of water is critical for maintaining health and safety. Water utilities face both physical and technological threats. What are water utilities doing to address those threats? The panelists will give their perspectives on the security threats faced by water utilities, how those threats are being and will be addressed, and the role of utility commissions.

Moderator: Hon. Art Graham, Florida
Panelists: Nick Santillo, Director of Physical and Cyber Security, American Water
Kevin Tingley, P.E., U.S. Environmental Protection Agency, Water Security Division


4:00 p.m. - 5:15 p.m.
“In God We Trust, All Others Must Bring Data.” William Deming
(JOINT MEETING with the Committee on Gas)

We need data for almost everything we do as regulators. But how do we protect and take control of our data? It is not just retailers and banks who are at risk. How can gas utilities and operators maintain proper safeguards of customer data, SCADA access, and operational control?

Hon. Dianne Solomon, New Jersey
Hon. Nick Wagner, Iowa
Magnus Borg, Nisource
John Bryk, DNG-ISAC
Mark Dowd, InfoGPS Networks
Brad Merlie, Piedmont Natural Gas
Adam Sedgewick, NIST



Wednesday, February 17, 2016

12:40 p.m. - 2:40 p.m.
SC0dEB1ack Afternoon Workshop
Building from our morning session, this afternoon workshop will let participants dig deeper into the morning’s cyberattack scenario. You’ll be able to provide input and learn from one another about what can be done to mitigate the effects of a cyber attack, how to communicate across utility sectors, what issues related to cybersecurity cost recovery exist, and how we can develop a mutual assistance model to effectuate a positive outcome for cybersecurity problems. You will be faced with decisions for how to address a time-sensitive cyber threat, how to figure out if you have the right resources to address the problem, and whether or not cybersecurity mutual assistance could help.

Miles Keogh, NARUC, Director of Grants and Research
Sharon Thomas, NARUC, Senior Program Officer