Cybersecurity Fundamentals for Water and Wastewater Utilities
January 20-21, 2022 | Online :: Central Time
The new Cybersecurity Fundamentals course for water and wastewater utility professionals will provide a general overview of cybersecurity program development. This online course will give organizational leaders a practical knowledge of basic security measures that can be implemented to address major cyber risks associated with the most common cyber-attacks. Water and Wastewater industry leaders attending this course will learn about the most common cyber threats, specific counter measures that can be employed by any organization, and the role organizational culture plays in impacting risk mitigating activities against water and wastewater facilities’ critical infrastructure. Leaders will also develop an understanding of how people, processes and technology all work together improve cyber defense efforts.
The key take-away from this course is to provide organizational leadership with knowledge needed to be able to ask their team of cyber security professionals the right questions when conducting and internal assessment of their organization’s cybersecurity posture and ability to be resilient to cyber-attacks.
- Analyze leading trends in next-gen cyber challenges and innovative solutions
- Discuss social engineering tactics and business email compromise mitigation
- Review risk management methodology and assessments
- Communicate strategies for effective cybersecurity prioritization
- Distinguish important information on cyber contracting and litigation
Thursday, January 20, 2022 : Central Time
8:45 – 9:00 a.m.
Log In and Welcome
12:00 – 12:30 p.m.
9:00 a.m. – 4:00 p.m.
Introduction to Cyber Threat for Water and Wastewater Utilities
- The Most Common Cyber Threat Attack Vectors
- Who are the attackers and what do they want?
- The Basics about Advanced Persistent Threat (APT) Teams
- The Water ISAC Best Practices
- Cybersecurity Policy and IT Security Frameworks
- The Types of Assessments and Why You Would Use Them
- Phishing, Vishing, Smishing
- Other Social Engineering Methods
- Being Smart in the Digital World
Business Email and other Media Compromises
- Supply Chain
- Process Control
- Procurement Controls
- Email Security
- Social Media and related Security
Open Discussion on Ransomware and Other Common Malware Variants
General Overview of Technical Counter Measures
- Cybersecurity Hardware
- Cybersecurity Software
- The Cloud
- Basic Enterprise Architecture
General Overview of Defensive Architecture
- Defining Zero Trust
- Secure Access Service Edge (SASE)
- Defense in Depth
Friday, January 21, 2022 : Central Time
8:45 – 9:00 a.m.
9:00 a.m. – 12:00 p.m.
Basic Elements of Incident Response (Responding to Cyber Attacks)
- Cyber Incident Management Framework
- Communications Planning
- Cyber Incident Walk Through
- Emergency response plan
- The Triad of Emergency Response Planning – Business Continuity, Disaster Recovery and Cyber Incident Response
- Continuity of operations plan or disaster recovery plan
- Crisis management teams
- Manuel overrides and temporary manual operations
- System redundancy
Assessing Risk and Making Risk Based Decisions
- Cyber Risks are different from Financial, and Operational Risks
- Using Threat, Cybersecurity Assessments, Audits and Penetration Tests
- Developing meaningful compensating controls
- Creating the Realistic Risk Assessment
Establishing the Value Proposition for Cybersecurity
Wrap up and Adjourn
Dr. Christopher Cater, Chief Information Officer (CIO), WSSC Water
Dr Carter is an experienced IT and Cybersecurity leader with a Doctorate in Information Assurance and has cultivated process expertise across diverse mission disciplines. In his current role as the Chief Information Officer for the Washington Suburban Sanitary Commission, a Maryland Water Utility, he is the executive responsible for directing and managing WSSC Water’s Information Technology Department. He leads a client-focused and process-based unit of staff, consultants, and implementation support specialists, who work to ensure that IT programs and Service Delivery are securely designed and implemented while being fiscally responsible and in full alignment with senior leadership’s strategic goals and objectives. He was formerly the Technical Director for Cybersecurity at Diplomatic Security at the State Department, and has held several other Cybersecurity leadership roles in other civil agencies and the DOD.
Dr Carter was formally trained as an architect with a minor in Solar Technologies in Colorado in the early 80s, and maintains deep technical expertise across multiple domains, including Federal and State IT security and IT Service Management. He holds several industry certifications including a CISSP, CISM, ITIL Expert, and Project Management Professional. His specialties include architecture and cybersecurity planning, developing integrated security programs and solving IT service transformation challenges for large public organizations. Dr Carter has taught a variety of IT courses, including the full set of Cisco CCNP courses, ITIL courses, IT security, and database development courses in the Federal Government.
Christopher’s outside interests are as varied as his education. He is an avid craftsman, having developed expertise in ceramics and having built several acoustic guitars. His other leadership experience includes Toastmasters Club President, Boy Scouts Assistant Scout Master and wilderness expedition leader, SCUBA rescue diver and instructor, and Certified Professional Building designer of solar buildings and integrated green energy systems.
We will be using Microsoft Teams to facilitate your participation in the upcoming event. You do not need to have an existing Teams account in order to participate in the broadcast – the course will play in your browser and you will have the option of using a microphone to speak with the room and ask questions, or type any questions in via the chat window and our on-site representative will relay your question to the instructor.
- IMPORTANT NOTE: After November 30 you will not be able to join a Teams meeting using Internet Explorer 11. Microsoft recommends downloading and installing the Teams app if possible. You may also use the Edge browser or Chrome.
- You will receive a meeting invitation will include a link to join the meeting.
- Separate meeting invitations will be sent for the morning and afternoon sessions of the course.
- You will need to join the appropriate meeting at the appropriate time.
- If you are using a microphone, please ensure that it is muted until such time as you need to ask a question.
- The remote meeting connection will be open approximately 30 minutes before the start of the course. We encourage you to connect as early as possible in case you experience any unforeseen problems.
Please Note: This event is being conducted entirely online. All attendees will connect and attend from their computer, one connection per purchase. For details please see our FAQ
If you are unable to attend at the scheduled date and time, we make recordings available to all registrants for three business days after the event
|Single Connection - Cybersecurity Fundamentals for Water and Wastewater Utilities||US $ 1195.00|
|Pack of 5 connections||US $ 4,780.00|
|Pack of 10 Connections||US $ 8,365.00|
|Pack of 20 Connections||US $ 14,340.00|
|Call us at 303.770.8800 if you have any specific questions on the volume discounts|
|* all other discounts do not apply to license packs|
Your registration may be transferred to a member of your organization up to 24 hours in advance of the event. Cancellations must be received on or before December 17, 2021 in order to be refunded and will be subject to a US $195.00 processing fee per registrant. No refunds will be made after this date. Cancellations received after this date will create a credit of the tuition (less processing fee) good toward any other EUCI event. This credit will be good for six months from the cancellation date. In the event of non-attendance, all registration fees will be forfeited. In case of conference cancellation, EUCIs liability is limited to refund of the event registration fee only. For more information regarding administrative policies, such as complaints and refunds, please contact our offices at 303-770-8800