​MRO Security Advisory Council-sponsored webinars are listed below. Click the webinar link to access detailed information about the event.  
  
  
Notes
12/18/2019Real World Lessons on Why You Should Build and Continuously Improve an Active Shooter Program
MRO’s Security Advisory Council (SAC) is pleased to announce it is hosting a webinar on real world lessons on why you should build and continuously improve an active shooter program. Building an active shooter program from the ground up. This webinar will explain how an active shooter program is a living plan that needs to change with current threats. This webinar will show how our program has developed over the years and how our employee’s confidence of surviving an incident has dictated the rate of progression.
11/21/2019Video Surveillance Today
MRO’s Security Advisory Council (SAC) is pleased to announce it is hosting a webinar on Video Surveillance Today. Join Barrett Thompson and Erick Reynolds of Avigilon for an informative snapshot of the current state of the Video Surveillance Industry. Barrett and Erick have worked in the Security and Surveillance Industry for over twenty years and bring a unique perspective to the subject. In this webinar, they will touch on current challenges and trends, including Internet Protocol versus Analog cameras, other integrated technologies, and how the industry is migrating from CCTV to IP Video Surveillance.
8/19/2019One Company's Path to Establishing Threat Intelligence and Hunting
(Recorded) MRO Security Advisory Council (SAC) is pleased to announce that it hosted a webinar on One Company's Path to Establishing a Threat Intelligence and Hunting program. Jamie Buening presented on how MISO’s Threat Intelligence and Hunting team was established and has matured over the past four years. Learn why MISO decided a team was needed, how the team was built, and how the team functions today. Attendees will come away with an understanding of options to begin hunting along with ideas of how to establish the routine regardless of whether a dedicated team exists or not.
7/25/2019Leveraging Relationships Among Electric Utilities and Law Enforcement
(Recorded) MRO Security Advisory Council (SAC) hosted a webinar on Leveraging the relationships between electric utilities and law enforcement. Leveraging the relationships between electric utilities and law enforcement, prosecutors, judges, and legislators can become a force multiplier in the physical security of critical infrastructure owned or operated by the utility, with little to no financial investment required by the entity. The benefits of educating, training, and fostering relationships with the public judicial servants, is often an underused, or even untapped resource. This webinar provided specific and actionable steps a utility can pursue to enhance those relationships, regardless of the size or structure of the utility, as well as the current status of the utility’s current relationship with the relevant judicial actors in any jurisdiction the utility is responsible for protecting.
7/11/2019A Tale of Two Phishing Programs
(Recorded) MRO Security Advisory Council (SAC) hosted a webinar on A Tale of Two Phishing Programs. This session covered how phishing programs come in all shapes and sizes. We looked at the similarities and differences in the phishing programs of two Companies – ATC and OGE. We explored how these programs operate, how they tackle training their end users, and how they make use of reported emails to reduce the risk around phishing threats
5/30/2019Suspicious Packages and Bomb Threat Considerations
(Recorded) MRO Security Advisory Council (SAC) is pleased to announce that it is hosting a webinar on suspicious packages and bomb threat considerations. This session will cover current related events, past events and provide some examples of procedures for how to identify and respond to the threat of suspicious packages and bomb threat issues. Don’t think it can’t happen!  This information may be especially helpful to smaller companies with no procedures in place, and certainly helpful to mailroom personnel or others who regularly handle mail and phone calls.
2/15/2019MRO SAC Webinar Neighborhood Keeper
(Recorded) MRO Security Advisory Council (SAC) is pleased to announce that it is hosting a webinar on Neighborhood Keeper. Neighborhood Keeper is a collaborative threat detection and intelligence program, led by Dragos in partnership with the DOE that makes ICS threat analytics and data accessible to the greater ICS community. Its initial participants include: Dragos, Ameren, First Energy, Department of Energy’s Idaho National Labs, North American Electric Reliability Corporation’s Electricity Information Sharing and Analysis Center, and Southern Company.
12/19/2018MRO Security Advisory Council to Host Upcoming Webinar Enhancing Resiliency via Federated Real-time Secure Messaging
MRO Security Advisory Council (SAC) is pleased to announce that it is hosting a webinar on encrypting messaging. After recommending utilities adopt encrypted messaging in 2014, the E-ISAC published their must-have capabilities to help members evaluate a secure messenger. Soon after the peer-based Cyber Threat Intelligence Group published their own set of requirements with a more technical focus.
 
In 2017, the E-ISAC selected ArmorText secure messaging for its ability to satisfy both the E-ISAC’s requirements and the CTIG’s security requirements while also providing an industry-first federation capability.
 
The E-ISAC is now offering federated Trust Relationships among its asset owner and operator members for truly secure real time information exchange and incident response coordination.
 
Join the CEO of ArmorText, Navroop Mitter as he discusses why this initiative is so timely and why real time federation with organizations like the E-ISAC is more important to energy security than ever before.
12/5/2018MRO Security Advisory Council to Host Upcoming Webinar Learning from Cyber Security Close Calls
(Recorded - Please email estee.kolles@mro.net for the webinar link) MRO Security Advisory Council (SAC) is pleased to announce that it is hosting a webinar on Learning from Cyber Security Close Calls. Our co-workers in safety have well-vetted processes to analyze close calls in order to improve safety. This presentation will discuss taking that concept in conjunction with the Cyber Kill Chain to learn from Cyber Security Close Calls. This presentation will show how we can use such cases to determine what improvements can be made to help detect the attacks earlier in the Cyber Kill Chain. This presentation will also show how a slight modification to a close call could bypass existing security, allowing us to determine what can be done to detect and prevent similar attacks that might come in the future. 
It can be unnerving to watch an attack get past security measures designed to protect an organization, but what can be learned from these exercises is invaluable. They can help the entire organization understand the importance of having multiple layers of security and tuning different layers to mitigate weaknesses in others to avoid close calls and successful attacks.
10/31/2018MRO SAC Webinar Physical Perimeter Hardening in the Electric Sector
(Recorded) MRO Security Advisory Council (SAC) is pleased to announce that it is hosting a webinar on Physical Perimeter Hardening in the Electric Sector. This presentation is a high level look at perimeter physical security planning and products. Discussed will be Site Planning, Layers of Security (Standoff Blast Mitigation) as well as four principles of security (Deny, Deter, Delay, Detect). Presenters will cover the old DOS Ratings (K-Ratings) as well as the origin of the new United States Army Corp of Engineers ASTM 2656-07 standards. A brief look at vehicle and personnel access control as well as a look at options pertaining to perimeter active and passive barriers.
During the webinar presenters will offer lessons learned surrounding implementation of physical hardening.  Beyond vulnerability risk assessments, accounting for design limitations and partnership with stakeholders such as local ordinances and operational requirements while looking for creative solutions.  Partners such as AMICO will review a robust set of solutions, because there is not a one size fits all nor should it, if your mitigation is to be successful. 
8/29/2018MRO SAC Webinar Secure SCADA Protocol for the 21st Century (SSP-21)
(Recorded) MRO Security Advisory Council (SAC) is pleased to announce that it will be hosting a webinar on Secure SCADA Protocol for the 21st Century (SSP-21). The Secure SCADA Protocol for the 21st century (SSP-21) offers network operators the promise of secure communications facilities, even in environments with varying reliability, latency and bandwidth limitations. In this webinar we will introduce SSP-21, and discuss the problem space addressed by this innovative protocol. We will cover the current state of SSP-21 and look ahead to proposed future developments. Finally, we will discuss a new effort funded by the Department of Energy Office of Electrical Delivery and Energy Reliability (DOE OE) that looks to leverage Lawrence Livermore Nationals Laboratories extensive experience with modelling and simulation to provide an independent verification and validation of SSP-21’s operational capabilities.
8/22/2018MRO SAC Webinar Lessons Learned from FERC-Led CIP Reliability Audits
(Not Recorded) MRO Security Advisory Council (SAC) is pleased to announce that it will be hosting a webinar on Lessons Learned from FERC-LED CIP Reliability Audits. David DeFalaise, will provide further insight of the Lessons Learned from FERC-Led CIP Reliability Audits and the 2017 Commission staff report on lessons learned from those audits. In addition, an update about the plan for future FERC-Led CIP reliability audits will be provided. There will be time allocated at the end of the webinar for detailed Q&A. To aid in the preparation of questions you can review the 2017 Commission staff report located here:  https://www.ferc.gov/legal/staff-reports/2017/10-06-17-CIP-audits-report.pdf
5/8/2018GridEx Lessons Learned
(Recorded) This webinar provides lessons learned from the North American Electric Reliability Corporation’s biennial grid security exercise GridEx. GridEx is designed to simulate a cyber/physical attack on electric and other critical infrastructures across North America. This hour-long webinar will be presented by representatives from a diverse group of entities, including a small vertically-integrated utility (Lincoln Electric System), a Regional Transmission Organization (Southwest Power Pool) and two government agencies (Department of Homeland Security and North Dakota Emergency Services).
10/30/2017Physical Security Assessment
(Recorded- please email estee.kolles@mro.net for link) This webinar provided an in depth look at the DHS IST tool and a brief overview of a similar tool used by Public Safety Canada.
9/6/2017Intelligence 101: Establishing and Maturing an Effective Threat Intelligence Program
(Recorded) This webinar provides a common understanding of security and risk intelligence, discusses the foundational aspects of an intelligence program, and explores use cases that can be implemented to establish or mature intelligence functions without requiring complex projects or expensive feeds.
8/29/2017GridEx IV: Benefits of Participation
(Recorded) This webinar offers guidance on utility company participation in NERC's biennial grid security exercise, GridEx IV. GridEx provides an opportunity for utilities to demonstrate their abilities to respond and recover from a simulated coordinated cyber and physical attack on the bulk electric system.
6/2/2017Exploring the Unknown ICS Landscape
(Not Recorded) This webinar will be a discussion regarding unique research on industrial control system soft-ware, malware, and the consequences of poor operations security. The premise for this project is the belief that there is a wealth of information surrounding Industrial Control Systems that is unrec-ognized by the traditional IT cybersecurity industry. Robert M. Lee will walk through proven methodology, and show real-world findings and conclusions of what this means in our space.