Urbana Campus Research Calendar

Back to Listing

CREDC Seminar: IT and OT, Information Security Architectural and Operational Divides in the Energy Sector

Event Type
Seminar/Symposium
Sponsor
Cyber Resilient Energy Delivery Consortium (CREDC)
Location
NCSA Room 1030 and via Webcast
Date
Mar 13, 2018   3:00 pm   (Central Time)
Speaker
Mark Guth, Manager Corporate Security Critical Infrastructure Protection Compliance at Nicor Gas, a subsidiary of Southern Company Gas
Contact
Amy Clay-Moore
E-Mail
amyclay@illinois.edu
Views
30
Originating Calendar
CREDC Events

 

For webcast details, visit:
https://cred-.org/events/seminars/2018_03-13_Guth

 

Abstract: 
This talk will explore the Information Technology (IT) versus the Operational Technology (OT) approach to secure the endpoints and network in energy delivery systems (EDS). IT has more general vendor and corporate acceptance of cybersecurity tools like antivirus, intrusion prevention, and log management than do the OT vendors. OT vendors partner with a much more limited number of cybersecurity vendors to provide the same level of protection for supervisory control and data acquisition (SCADA), control systems, operator human machine interface (HMI), applications, data, network, and communication. Those partnerships don’t usually coincide with corporate IT strategy, which are difficult to implement or accepted by the managers and engineers using operational technologies. There are also significant differences between IT and OT testing methodologies, vulnerability management, and level of security controls implemented.  As energy sector companies look to reduce costs through IT and OT efficiencies, how do vendors and energy sector companies work together to mitigate the cybersecurity risks and at the same time lower costs to the company stakeholders?  

 

Bio: Mark has 30 years of IT Operations experience focused on telecommunications and networking. 20+ years of Disaster Recovery experience and more than 14 years of Information Security experience. Mark currently manages the PCI, HIPAA, PCI, MTSA, and Privacy compliance programs for Southern Company Gas, a public utility holding company with more than 5 million natural gas utility and retail customers and over 6000 employees. Mark also supports the Data Loss Prevention and E-Discovery platforms for the company. Mark is assisting the AGA Natural Gas Security Committee (NGSC) & Cybersecurity Strategy Task Force with improved Cybersecurity Procurement Language for Control Systems.

link for robots only