Distribution

Substation Physical Security Best Practices

Jon Brown
March 1, 2023

Substation Physical Security Best Practices

June 27-28, 2023 | Online :: Central Time

Protecting the nation’s electric substations and ensuring a reliable supply of energy are top priorities for the electric power industry. The shear vastness of the grid’s infrastructure requires utilities to prioritize critical substations that would have the most severe impacts on reliability if impacted by a security event, but what about the rest of the substations?

EUCI’s comprehensive conference will discuss threats, preparation, prevention, and resiliency plans while examining the effectiveness of security measures at stations. Register today to hear firsthand from other utilities and industry experts on what best practices they use to protect their substations.

Learning Outcomes

  • Listen to NERC’s review of CIP-014-03 and where the standard fits in today
  • Review E-ISAC’s physical security update of the threat landscape and mitigation sources
  • Assess the Department of Homeland Security’s comprehensive threats to substations and mitigation strategies
  • Hear from Exelon on what should be assessed to provide value for lowering physical risk
  • Engage in an interactive panel discussion on security challenges and solutions
  • Review how social media monitoring is helping CPS Energy identify threats
  • Discuss AECI’s position on CIP standards and their impact on the industry and reliability
  • Assess the steps in a cost-benefit analysis for allocation of resources to manage risks

Agenda

Tuesday, June 27, 2023 : Central Time

9:00 – 9:15 a.m.
Log In

12:10 – 1:10 p.m.
Lunch Break

9:00 a.m. – 4:45 p.m.
Course Timing

 

9:15 – 9:20 a.m. :: Welcome Announcements

9:20 – 10:10 a.m. :: CIP-014-3 Physical Security Review

This presentation will discuss the protection of transmission stations and transmission substations. NERC’s CIP-014-03 was created to identify and protect transmission stations and transmission substations, and their associated primary control centers, that if rendered inoperable or damaged as a result of a physical attack could result in instability, uncontrolled separation, or cascading within an interconnection. This presentation will review the history, components, and possible updates to the rule.

Sushil Subedi, CPA, CISA, CISSP, CEH, Security+, Network+, Senior CIP Assurance Advisor – Compliance Assurance, North American Electric Reliability Corporation

10:10 – 11:00 a.m. :: Physical Security Threat Landscape to the North American Grid

We will discuss a physical security update on the threat landscape to the North American grid, including information related to mitigation sources and potential suspicious indicators.

Lauren Alexander-Binns, PMP, Physical Security Analyst, Electricity Information Sharing and Analysis Center – North American Electric Reliability Corporation

11:00 – 11:20 a.m. :: Morning Break

11:20 a.m. – 12:10 p.m. :: Substation Threats – More Than Just Physical

Substations today face a wide array of threats from a variety of adversaries – from geopolitical to geomagnetic. Our nation’s substations are under constant threat. Because every critical infrastructure sector depends on the nation’s substations and because that dependency will only grow as we continue the transition to an even higher level of technology in a future driven by energy and information, we must become more aware of the threats, the vulnerabilities and the adversaries which watch every day for new ways to interrupt the energy we need. In this presentation, we’ll learn the nature of these threats and some of the strategies and mitigations we can employ to protect both the substation and our ability to provide energy to the nation.

Ronald Keen, Senior Advisor, Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security

12:10 – 1:10 p.m. :: Lunch Break

1:10 – 2:10 p.m. :: Assessing All Security Considerations to Lower Your Physical Security Risk

This presentation starts with the assumption that utilities are never going to be able to reduce their physical security risks to 0%. What considerations should be assessed to provide the best value for lowering risk? We will discuss and review full security considerations that utilities should be reviewing and implementing mitigation resolutions for.

Mike Melvin, Director – Corporate Security, Exelon

2:10 – 2:30 p.m. :: Afternoon Break

2:30 – 4:00 p.m. :: Best Practices for Improved Physical Security Panel Discussion

This interactive panel discussion will discuss a broad range of physical security topics from the vantage points of utilities, consultants, and a federal agency. While this is an opportunity for attendees to ask questions of the panelists, some of the pre-decided topics that will be discussed are key control for stations, challenges with drones, CIP, gunshot/drone detection and other technology developments, as well as lessons learned from events. 

Landon Jones, CPP, PSP, PCI, Senior Security Consultant, Burns & McDonnell

Donnie Thorson, PCI, Corporate Physical Security Manager, Nebraska Public Power District

Ronald Keen, Senior Advisor, Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security

Mike Melvin, Director – Corporate Security, Exelon

Jason Briseno, Integrated Security Analyst & Southwest Texas Fusion FLO, CPS Energy

 

Wednesday, June 28, 2023 : Central Time

9:00 – 9:15 a.m.
Log In

9:00 a.m. – 12:00 p.m.
Course Timing

 

9:15 – 10:05 a.m. :: Open Source: Social Media Monitoring For Threats and Partnerships with Law Enforcement

  • Social media monitoring for threats will cover tools, trends, events, and groups.
  • Partnerships with Law Enforcement will cover networking through Field Liaison Officer (FLO) programs, trainings, and joint investigative efforts.

Jason Briseno, Integrated Security Analyst & Southwest Texas Fusion FLO, CPS Energy

10:05 – 10:50 a.m. :: Meeting and Exceeding the CIP Standards

When NERC’s CIP standards were released and accepted, utilities upgraded critically deemed substations to meet those standards helping to increase overall reliability of the system to minimize the aftermath of an attack, theft, or vandalism. What did this mean for a utility? What is next and how did AECI meet and exceed the standards? This presentation will discuss the CIP standards and their impact on the industry, reliability, and what may come.

Todd Bennett, Managing Director Reliability Compliance & Audit Services, Associated Electric Cooperative Inc.

10:50 – 11:10 a.m. :: Morning Break

11:10 a.m.– 12:00 p.m. :: Substation Physical Security through Risk and Resilience Planning

How can organizations and utilities best manage physical security risks and vulnerabilities to substations?   Join our presenters to hear real-life examples about developing a security program centered around improving physical security through risk and resilience planning.  Successful security programs integrate people, processes, and technology to form a holistic protection system. Regulatory compliance often directs how these three pillars come together, but an enterprise understanding of risks and the organization’s capacity to withstand them through resilience should be considered as physical security is planned, assessed, improved, and implemented. During this session, attendees will learn about Risk Analysis and Management for Critical Asset Protection (RAMCAP) and how a RAMCAP approach can facilitate completion of not only a risk assessment, but a deeper understanding of organizational resilience to drive cost-benefit analysis of physical security measures and appropriate allocation of resources to manage physical security risks. 

Kandace Jennings, PMP, RIMS-CRMP, Security Risk Analyst, Gannett Fleming, Inc.

Alicia Baehr, PSP, CPD, Manager – Security Compliance, Gannett Fleming, Inc.

12:00 p.m. :: Conference Adjourns

Speakers

  • Lauren Alexander-Binns, PMP, Physical Security Analyst, Electricity Information Sharing and Analysis Center – North American Electric Reliability Corporation

  • Alicia Baehr, PSP, CPD, Manager – Security Compliance, Gannett Fleming, Inc.

  • Todd Bennett, Managing Director Reliability Compliance & Audit Services, Associated Electric Cooperative Inc.

  • Jason Briseno, Integrated Security Analyst & Southwest Texas Fusion FLO, CPS Energy

  • Kandace Jennings, PMP, RIMS-CRMP, Security Risk Analyst, Gannett Fleming, Inc.

  • Landon Jones, CPP, PSP, PCI, Senior Security Consultant, Burns & McDonnell

  • Ronald Keen, Senior Advisor, Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security

  • Mike Melvin, Director – Corporate Security, Exelon

  • Sushil Subedi, CPA, CISA, CISSP, CEH, Security+, Network+, Senior CIP Assurance Advisor – Compliance Assurance, North American Electric Reliability Corporation

  • Donnie Thorson, PCI, Corporate Physical Security Manager, Nebraska Public Power District

Online Delivery

We will be using Microsoft Teams to facilitate your participation in the upcoming event. You do not need to have an existing Teams account in order to participate in the broadcast – the course will play in your browser and you will have the option of using a microphone to speak with the room and ask questions, or type any questions in via the chat window and our on-site representative will relay your question to the instructor.

  • IMPORTANT NOTE: After November 30 you will not be able to join a Teams meeting using Internet Explorer 11. Microsoft recommends downloading and installing the Teams app if possible. You may also use the Edge browser or Chrome.
  • You will receive a meeting invitation will include a link to join the meeting.
  • Separate meeting invitations will be sent for the morning and afternoon sessions of the course.
    • You will need to join the appropriate meeting at the appropriate time.
  • If you are using a microphone, please ensure that it is muted until such time as you need to ask a question.
  • The remote meeting connection will be open approximately 30 minutes before the start of the course. We encourage you to connect as early as possible in case you experience any unforeseen problems.

Register

Please Note: This event is being conducted entirely online. All attendees will connect and attend from their computer, one connection per purchase. For details please see our FAQ

If you are unable to attend at the scheduled date and time, we make recordings available to all attendees for 7 days after the event

REGISTER NOW FOR THIS EVENT:

Substation Physical Security Best Practices

June 27-28, 2023 | Online
Individual attendee(s) - $ 1195.00 each

Volume pricing also available

Individual attendee tickets can be mixed with ticket packs for complete flexibility
Pack of 5 attendees - $ 4,780.00 (20% discount)
Pack of 10 attendees - $ 8,365.00 (30% discount)
Pack of 20 attendees - $ 14,340.00 (40% discount)

Your registration may be transferred to a member of your organization up to 24 hours in advance of the event. Cancellations must be received on or before May 26, 2023 in order to be refunded and will be subject to a US $195.00 processing fee per registrant. No refunds will be made after this date. Cancellations received after this date will create a credit of the tuition (less processing fee) good toward any other EUCI event. This credit will be good for six months from the cancellation date. In the event of non-attendance, all registration fees will be forfeited. In case of conference cancellation, EUCIs liability is limited to refund of the event registration fee only. For more information regarding administrative policies, such as complaints and refunds, please contact our offices at 303-770-8800

CEUs

Credits

AP_Logo

EUCI is accredited by the International Accreditors for Continuing Education and Training (IACET) and offers IACET CEUs for its learning events that comply with the ANSI/IACET Continuing Education and Training Standard. IACET is recognized internationally as a standard development organization and accrediting body that promotes quality of continuing education and training.

EUCI is authorized by IACET to offer 0.8 CEUs for this event

Requirements for Successful Completion of Program

Participants must log in each day and be in attendance for the entirety of the conference to be eligible for continuing education credit.

Instructional Methods

Case Studies and PowerPoint presentations will be used in this event

Upon successful completion of this event, program participants interested in receiving CPE credits will receive a certificate of completion.

Course CPE Credits: 9.0
There is no prerequisite for this Course.
Program field of study: Specialized Knowledge
Program Level: Basic
Delivery Method: Group Internet Based
Advanced Preparation: None

CpeEUCI is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its web site: www.nasbaregistry.org

 

Who Should Attend

  • Transmission Engineer
  • Distribution Engineer
  • Substation Engineer
  • Safety Officer
  • Line Engineer
  • Regulatory Analyst
  • Operations and Planning Manager
  • Utilities Engineer
  • Security Specialist
  • Asset Manager
  • Utility Attorneys
  • Project Managers

By clicking Accept or closing this message, you consent to our cookies on this device in accordance with our cookie policy unless you have disabled them. more information

By clicking Accept or closing this message, you consent to our cookies on this device in accordance with our cookie policy unless you have disabled them. You can change your cookie settings at any time but parts of our site will not function correctly without them. We use cookies during the registration process and to remember member settings.

Close