NESCO Town Hall Workforce Development Presentation
Upcoming SlideShare
Loading in...5

NESCO Town Hall Workforce Development Presentation



Moderated and Presented by Andy Bochman ...

Moderated and Presented by Andy Bochman

Discussion Topic: Workforce Development in the ICS WorkPlace

Discussion Abstract: Ask anyone working in the field at an electric utility about cybersecurity and the conversation will inevitably turn to the shortage of a qualified security staff with knowledge of our industry. The need to comply with NERC CIP standards, secure the rapidly proliferating smart grid technologies, and defend against the threat of cyber attacks targeting control systems, makes the short supply of cybersecurity talent is a critical issue.



Total Views
Views on SlideShare
Embed Views



1 Embed 1 1



Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

NESCO Town Hall Workforce Development Presentation NESCO Town Hall Workforce Development Presentation Presentation Transcript

  • Electric Sector Security Workforce Development NESCO Town Hall Denver, 2013 @andybochman 1
  • Scribe please 2
  • The Whole Workforce 3
  • The Quest Sr. Mgt Sec Policy & Ops Not to be confused with: 4
  • Aim High • Many of the most critical security challenges are actively created by business initiatives and leaders who do not consider security • So: business leaders should stop making decisions that make security harder • Organizational acceptance of security values are greatly enhanced when senior management champions those values and shows willingness to support the appropriate actions, even when painful. See: UHCL - Cybersecurity for Decision Makers 5
  • Perception and a Prize for Utilities • Utilities (could) control their cybersecurity destiny • By demonstrating more proactive approach to security, in ways regulators can understand, that positive shift in perception would give Congress, the Administration, and other oversight agencies the assurance they need to slow down on new rules • Our workforce work can help 6
  • Agenda 3. Candidate Next Steps • a • b • c 1. Current State & Trajectory 2. Desired Future State • d • e • f • g • h • i 7
  • Obligatory Grim Beginning: Losses looming Bad news ... or not. Let’s discuss. 8
  • There’s more bad news The people that really understand policy generally do not understand control systems. The IT community, who develop cybersecurity solutions, generally don’t understand the unique issues association with control systems. And the people that operate the control systems, don’t understand security. Other than that, we’re fine! 9
  • Slade Responds The number of talented individuals is not what is lacking, rather the ability to discern, hire, and retain the available talent is what the workforce is missing. 10
  • Solution has arrived: New Bedtime Reading 11
  • NBISE Sees New World 12
  • Orgs promoting OT cyber WF Development • NBISE • SANS • DoE • ISC-ISAC • Universities (let’s name some) • Center of Energy Workforce Development • More please 13
  • University Example 14
  • WPI’s Industry Education Initiative •To reduce risk, ISO-NE and PJM asked WPI to deliver an industry-specific cybersecurity program in 2013 •Goal: Improve capabilities to prevent, detect, analyze and effectively respond to cyber 15
  • WPI Program Courses • Computer Network Security (including NERC CIPs) • Software Security • Operational Risk Management • Intrusion Detection (for OT) • Forensics (for OT) • Power Industry Case Studies POC: Mike Ahern 16
  • DOE C2M2 and WF The Workforce Management (WORKFORCE) domain comprises five objectives: 1.Assign Cybersecurity Responsibilities 2. Control the Workforce Lifecycle 3. Develop Cybersecurity Workforce 4. Increase Cybersecurity Awareness 5. Manage WORKFORCE Activities 17
  • C2M2 - What do you think? We can feed: ES and O&G C2M2 2.0 18
  • Free for All: Questions round • What are the skills and new skills required to secure the Smart Grid? 19
  • Question • Thinking about control room environments, what training programs are needed for • Utility security pro’s? • Engineers? • IT staff ? 20
  • Question • “Programs” that would “encourage” young people to pursue careers in electric sector cybersec? • PSAs? • Can we start with things that already exist? 21
  • Question • How about security internships? • How formal? A national program? 22
  • Question • How about security awareness/behaviors in non security people? • What, at a minimum, do you want them to: • Know, do, not do? 23
  • Role of Execs & BoDs CEO CRO CIO CISO others ... 24
  • The CEO What’s the optimal mix of CEO skills & experience? 5% 5% 68% 23% CyberSec Tech Business Electric 25
  • The CRO What’s the optimal mix of CRO skills & experience? 10% 10% 40% 40% CyberSec Tech Business Electric 26
  • The CIO What’s the optimal mix of CIO skills & experience? 25% 25% 25% 25% CyberSec Tech Business Electric 27
  • The CSO What’s the optimal mix of CSO skills & experience? 25% 25% 25% 25% IT Sec OT Sec Business Electric 28
  • Others? What’s the optimal mix of CXO/VPX skills & experience? 25% 25% 25% 25% Skill A Skill B Skill C Skill D 29
  • Question • SUPPLIER FOCUSED: What knowledge and cybersec skills do engineers need for planning and designing industrial systems and the operational technologies necessary to support them? NBISE/PNNL 30
  • Question • INTERPLAY BETWEEN SPECIALISTS: How do engineering job roles and cybersecurity roles engage to maximize constructive overlap and differences to address security for these systems? NBISE/PNNL 31
  • Question • ASSESSMENT: How should we design and conduct tests to differentiate between simple understanding of concepts and skilled performance of actions that effectively resolve problems quickly and despite distractions or the stress surrounding an attack? NBISE/PNNL 32
  • Question • CERTIFICATIONS:What is the best framework for general cybersecurity certifications that integrate both knowledge and experience? • And do we need OT-or industry specific certifications? NBISE/PNNL 33
  • Question • COMMUNITY SUPPORT: How do we best support the certified cybersecurity professional and cyber-informed operations and engineering professionals? • Advanced problem-solving tools • Communities of practice • Canonical knowledge bases • Other performance support tools? • Prayer and positive thoughts? NBISE/PNNL 34
  • Other Questions (or have you had enough?) 35
  • ThankYou @andybochman 36