A Live Virtual Event

July 21, 2021 ❙ 1:00 PM – 2:00 PM ET

Mitigating Cyber Risk In Critical Infrastructure

The need for governments to adopt a risk-based approach to cybersecurity has never been more important. The SolarWinds hack of the software supply chain, as well as the recent ransomware attack against Colonial Pipeline, showed just how vulnerable our nation’s critical industrial control environments can be to cyberattacks.

Join ThreatConnect for an in-depth discussion on critical infrastructure cybersecurity with one of the nation’s foremost experts on control system security, and a one-on-one interview and live audience Q&A with Bob Kolasky, Director for the National Risk Management Center, Cybersecurity and Infrastructure Security Agency.

We’ll explore:

  • The state of cybersecurity in critical infrastructure
  • What the National Risk Management Center is doing to work with the private sector owners and operators of our critical infrastructures to improve their cybersecurity posture in the face of advanced threats, like ransomware
  • CISA’s role in reducing systemic cyber risk
  • What the National Risk Management Center is doing to better understand the relationships among the threats, vulnerabilities, and consequences when it comes to critical functions
  • How the private sector can better work with CISA to improve the cybersecurity posture of our nation’s most critical systems and infrastructures

Speaker Lineup

  • Bob Kolasky

    Director, National Risk Management Center, CISA/DHS

  • Joe Weiss

    Managing Partner, Applied Control Solutions, LLC

    Joe Weiss, critical infrastructure cybersecurity, control systems
  • Tim Grieveson

    Chief Information Security Officer, AVEVA PLC

Agenda

  • 1:00 PM – 1:10 PM     Introduction by Dan Verton, ThreatConnect
  • 1:10 PM – 1:30 PM     Interview with Tim Grieveson, Chief Information Security Officer at global industrial software giant AVEVA PLC, and Joe Weiss, Managing Partner, Applied Control Solutions, LLC
  • 1:30 PM – 2:00 PM    Interview & Q&A with Bob Kolasky, Director, Cybersecurity and Infrastructure Security Agency’s (CISA) National Risk Management Center (NRMC) at the Department of Homeland Security (DHS)

Presented In Collaboration With

Speakers

ThreatConnect, Dan Verton

Dan Verton (Moderator)
Director of Content Marketing, ThreatConnect

Dan Verton is ThreatConnect’s Director of Content Marketing. Dan is an award-winning journalist and a former intelligence officer in the U.S. Marine Corps. He has authored several books on cybersecurity, including the 2003 groundbreaking work, Black Ice: The Invisible Threat of Cyber-Terrorism (McGraw-Hill) and The Hacker Diaries: Confessions of Teenage Hackers (McGraw-Hill).

Dan has a Master of Arts in Journalism from American University in Washington, D.C. He’s written for the oldest and most influential technology trade magazines in the industry and is the 2003 first place recipient of the Jesse H. Neal National Business Journalism Award for Best News Reporting – the nation’s highest award for tech trade journalism.

Bob Kolasky, CISA, National Risk Management Center

Special Guest: Bob Kolasky
Director, National Risk Management Center

Bob Kolasky was selected to lead the Cybersecurity and Infrastructure Security Agency’s (CISA) National Risk Management Center (NRMC) in 2018, at the Department of Homeland Security (DHS). As one of CISA’s Assistant Directors, he oversees the Center’s efforts to facilitate a strategic, cross-sector risk management approach to cyber and physical threats to critical infrastructure. The Center provides a central venue for government and industry to combine their knowledge and capabilities in a uniquely collaborative and forward-looking environment. Center activities support both operational and strategic unified risk management efforts.

As head of the National Risk Management Center, Kolasky has the responsibility to develop integrated analytic capability to analyze risk to critical infrastructure and work across the national community to reduce risk. As part of that, he co-chairs the Information and Communications Technology Supply Chain Risk Management Task Force and leads CISA’s efforts to support development of a secure 5G network. He also serves on the Executive Committee for the Election Infrastructure Government Coordinating Council and is the Chair of the High-Level Risk Forum for the Organisation for Economic Co-operation and Development (OECD).

Joe Weiss, critical infrastructure cybersecurity, control systems

Joe Weiss
Managing Partner, Applied Control Solutions, LLC

Joe Weiss provides thought leadership to industry and government in the area of control system cyber security and optimized control system performance. He has provided support to domestic and international utilities and other industrial companies, and has prepared white papers on actual control system cyber incidents supporting NIST SP 800-53.

Joe is supporting the NRC on the Regulatory Guide for nuclear plant cyber security. Mr. Weiss started the annual ICS Cyber Security Workshop and is an invited speaker to numerous cyber security and critical infrastructure events. He has co-authored a chapter on cyber security for Electric Power Substations Engineering as well as numerous articles. Mr. Weiss provided expert testimony to the October 17, 2007 House Homeland Security Subcommittee and provided control system cyber security recommendations to the Obama Administration.

Tim Grieveson
Chief Information Security Officer, AVEVA PLC

Tim is responsible for Global Security from both a business as usual and transformation perspective for AVEVA, which is a global software development company focusing on the industrial controls market.

Previously working with a global data science organisation supporting the CISO with their information security transformation programme. Previously supported a high-profile client in Saudi Arabia on an Interim basis and before that was Bupa Group’s Chief of Staff / Global Security Collaboration & Innovation Director within Global Information Security Office, where he supported the Global CISO with strategy, defining the future central Security organisation and fostering collaboration and best practice across the group.