Friday, December 20, 2019

Protect our Power 2020


In case you haven’t heard of Protect our Power yet, you should – and now I’m going to rectify that problem. PoP is an organization dedicated to securing the US grid. A key focus is best practices for cyber security, since they believe that the NERC CIP standards are inflexible and take far too long to change – and I won’t argue with that position!

Their annual Best Practices in Utility Cybersecurity conference is always held the day before Distributech begins, and in the same location. In 2020, the conference will be held January 27 in San Antonio, where Distributech opens the next day. I can think of four good reasons why you should attend:

  1. The conference has a great lineup of interesting speakers, which this year includes yours truly (whether I’m interesting is left as an exercise for the reader - my kids are divided on the issue). My topic will be “Supply Chain CIP-13 - Best Practices to pursue while accomplishing Compliance as a byproduct”. Of course, the dirty little secret of my presentation will be that, since CIP 13 leaves the content of the supply chain security risk management plan almost entirely up to the entity, there is no conflict at all between adopting best practices and compliance – indeed, they’re one and the same.
  2. Speaking right before me is the inimitable Monta Elkins, whose topic is “Vulnerability Disclosure”. Knowing Monta, and knowing how important this question is for supply chain security, I’m very much looking forward to hearing him speak.
  3. Distributech is an amazing show. Your $175 (!) fee for the Best Practices conference includes admission to the Distributech exhibition. And if you want to attend the Distributech conference, which runs at the same time in the same convention center, you will receive a 15% discount (I’ve attended the conference several times, and always found it to be very good, including a good cybersecurity track).
  4. But to be honest, my biggest reason for wanting to be at the show this year is…that it will be in San Antonio. It moves around among several cities, but San Antonio is really special. If you’ve never been there, I can promise you’ll be very impressed. The history is just great. The downtown has great architecture, very well preserved from about 100 years ago (although the city itself was founded in 1719, when the Mission San Antonio de Valero was established – now known as the Alamo –which is just about three blocks from the convention center), and the River Walk…well, I had always thought this must be some sort of hokey tourist attraction. When I finally saw it, I confirmed it’s definitely a tourist attraction, but it’s hardly hokey. It’s about 90 years old, and it’s simply beautiful (my favorite activity is running along it in the morning before heading to my day’s activities) – and wonderfully integrated with all of the hotels, restaurants, office buildings, etc. that open onto it.
Hope to see you there!


Any opinions expressed in this blog post are strictly mine and are not necessarily shared by any of the clients of Tom Alrich LLC.

If you would like to comment on what you have read here, I would love to hear from you. Please email me at tom@tomalrich.com. Please keep in mind that if you’re a NERC entity, Tom Alrich LLC can help you with NERC CIP issues or challenges like what is discussed in this post – especially on compliance with CIP-013. My offer of a free webinar on CIP-013, specifically for your organization, remains open to NERC entities and vendors of hardware or software components for BES Cyber Systems. To discuss this, you can email me at the same address.

No comments:

Post a Comment