ISC East Offers Utility Security Professionals a Wide-Range of Industry Specific Education & Resources

Utility and critical infrastructure protection will have a prominent role at ISC East in November.

With its location in New York City and a regional reach from Boston to Washington, D.C., ISC East—the smaller brother of the nation’s largest security trade show, ISC West—this year will be putting extra emphasis on critical infrastructure and the technology that is utilized to protect it. Multiple conference sessions will examine the topic, with analyses of the threats that cyberattacks, drones, domestic violent extremists (DVEs) and additional factors pose to the nation’s power, water, gas and other essential facilities.

On November 21, the second day of ISC East, the Security Industry Association (SIA), the show’s premier sponsor, will host a Critical Infrastructure Lunch & Learn, with Utility Security magazine supporting the event as its media sponsor. The event will lead off with the unveiling of a new “Guide to NERC CIP Compliance” developed exclusively for SIA by Archer Energy Solutions. This extensive reference document is intended to serve as a resource to help practitioners, as well as their integrator and consultant partners, develop security solutions and policies that meet the Critical Infrastructure Protection requirements of the North American Electric Reliability Corporation (NERC).

Attendees will then hear from two experts on critical infrastructure protection. First, Special Agent Paul Doherty of the Federal Bureau of Investigation will provide the federal government’s perspective on the multi-modal threats presented by criminals, DVEs, terrorists and nation-state actors.

Then, Walter Alvarado, vice president of system and transmission operations at Consolidated Edison, New York’s electricity and gas supplier, will discuss what is required to mitigate risk and keep the lights on in what is not only the nation’s largest city but also a leading target for bad actors.

“One of the most important contributions that the security industry makes to society is supporting the protection of critical infrastructure,” SIA CEO Don Erickson said. “With attacks on utilities increasing, the need for innovative solutions and robust information sharing has never been higher. We are honored to have Walter Alvarado and Special Agent Paul Doherty at ISC East to share their insights regarding this vital issue.”

Several high-profile attacks, both cyber and physical, have inflicted substantial damage in the utility sector in recent years. These have included the gunfire used against electricity substations in Moore County, N.C., in December 2022, which knocked out power to about 40,000 residents and businesses, the ransomware attack against Colonial Pipeline in May 2021, which disrupted fuel supplies in the eastern United States and led to panic buying, and China’s multi-year Volt Typhoon cyberattacks against multiple critical infrastructure organizations.

This year, cyberattacks on utilities totaled 1,162 through August, a 70 percent increase over the same period in 2023, according to Check Point Research. Part of the challenge, NERC noted in an April webcast reported on by Reuters, is that potentially vulnerable points in the power grid are increasing at the rate of about 60 per day, reaching around 24,000 by the end of last year.

“It’s very hard to keep pace with addressing all those vulnerabilities,” Reuters quoted NERC Senior Vice President Manny Cancel as saying. Cancel added that, given the diverse and far-reaching threats, including efforts by geopolitical rivals to sow discord and chaos in the United States, “We’re going to be very vigilant during this current election cycle.”

Physical attacks on utilities have also been spiking and totaled about 2,800 in 2023, according to NERC.

The Environmental Protection Agency, meanwhile, warned this spring that cyberattacks against community water systems “are increasing in frequency and severity across the country.”

The ISC East event and the NERC CIP Guide are products of SIA’s Utilities Advisory Board, a panel of SIA members who have particular expertise in the protection of utilities. The group has previously delivered, among other things, conference sessions, webinars, ISC West lunch and learns, and a other learning opportunities. SIA will soon be releasing another advisory board product, a Security Cornerstones module on critical infrastructure security. In addition, the SIA Cybersecurity Advisory Board is preparing to release a whitepaper on IT-OT convergence and its impact on utility security.

To register to attend ISC East, click on the QR code on this page. If you are already registered to attend ISC East and would like to register to attend the SIA Critical Infrastructure Lunch & Learn, go to bit.ly/ISClunchandlearn.

Ronald L. Hawkins is the Director of Industry Relations for SIA, a United States-based trade association providing representation of the leading domestic satellite operators, service providers, manufacturers, launch services providers, and ground equipment suppliers. SIA sponsors the nation’s largest security event, ISC West, and ISC East.