|Threat Call Registration Link|
|Video Surveillance Today|
MRO’s Security Advisory Council (SAC) is pleased to announce it is hosting a webinar on Video Surveillance Today. Join Barrett Thompson and Erick Reynolds of Avigilon for an informative snapshot of the current state of the Video Surveillance Industry. Barrett and Erick have worked in the Security and Surveillance Industry for over twenty years and bring a unique perspective to the subject. In this webinar, they will touch on current challenges and trends, including Internet Protocol versus Analog cameras, other integrated technologies, and how the industry is migrating from CCTV to IP Video Surveillance.
|Real World Lessons on Why You Should Build and Continuously Improve an Active Shooter Program |
(Recorded, Not Posted) MRO’s Security Advisory Council (SAC) is pleased to announce it is hosted a webinar on real world lessons on why you should build and continuously improve an active shooter program. Building an active shooter program from the ground up. This webinar explains how an active shooter program is a living plan that needs to change with current threats. This webinar showed how our program has developed over the years and how our employee’s confidence of surviving an incident has dictated the rate of progression.
|Cyber Security: Where Should We Start?|
(Recorded, Posted) MRO’s Security Advisory Council (SAC) hosted a webinar on Cyber Security: Where Should We Start? This presentation discussed of some simple and effective techniques for organizations to start implementing cyber security controls to protect themselves and their systems from cyber threats. Topics included some simple controls and how to start implementing them as well as pointing attendees to some resources available to help organizations of all sizes get started with cyber security.
|NERC Supply Chain Risk Management Requirements and Resources|
(Recorded, Posted) MRO’s Security Advisory Council (SAC) and Compliance Monitoring and Enforcement Program Advisory Council (CMEPAC) is pleased to announce it hosted a webinar on NERC Supply Chain Risk Management Requirements and Resources. This presentation discussed Supply Chain Risk Management which is a hot topic in industry with new and updated NERC requirements becoming effective on July 1, 2020. Has your company developed a supply chain cyber security risk management plan and are you ready for the changes? This webinar covered the new requirements in CIP-013-1 and the changes to CIP-005-6 and CIP-010-3. Information will be provided on where to find additional resources.
|Industry Organizations' Aligned Approach for Supply Chain Cyber Security|
(Recorded, Posted) This Model and complementary products provide a streamlined, effective, and efficient industry-accepted approach for entities to evaluate supplier cyber security practices, which, if applied widely, will enable suppliers to be less burdened and more responsive, provide entities with more and better information, and improve cyber security. This evaluation will provide critical information for entities to consider when conducting risk assessments for potential suppliers of products and services.
The Model describes methods for purchasing entities to gain assurance a supplier is adhering to key supply chain cyber security practices as set forth in the NATF Cyber Security Supply Chain Criteria for Suppliers (the NATF Criteria). The purchasing entity can consider any identified risks in its risk assessment and determine whether the risk is addressed.
The overall objectives of this work and industry’s alignment were to 1) streamline common approaches to evaluating a supplier’s cyber security practices, 2) provide for flexibility within the common approaches, 3) ensure the common approaches are scalable to include all suppliers and purchasing entities, and 4) while the focus is on good cyber security practices, if executed properly, the approaches may support requirements in the NERC supply chain related standards.
|Defense Against Copper Theft and Vandalism with Open Architecture Technologies|
(Recorded, Posted) MRO’s Security Advisory Council (SAC) is pleased to announce it hosted a webinar on Defense against copper theft and vandalism with open architecture technologies. Copper theft is increasing so how do you strengthen your perimeter? Copper thieves don't know whether their target substation is a low, medium or high impact site. So how do you manage intruders at your most critical substations? We applied the systems approach methodology consisting of detect, deter, delay, assess, communicate and respond to effectively manage intruders while uncovering open architecture technologies that can be adopted to simplify your intrusion management plans. Also, we discussed how to make dramatic improvements to reduce nuisance alarms brought on by image noise in video analytics.
|Third Party Vendor Review Cyber Process (Risk Management Approach) Webinar|
(Recorded, Not Posted) MRO’s Security Advisory Council (SAC) is pleased to announce it hosted a webinar on Third Party Vendor Review Cyber Process (Risk Management Approach). Reviewing the cyber security posture of third party vendors and their applications is a major challenge for security departments. The Oklahoma Gas & Electric Enterprise Security team talked through our process for conducting those reviews, pitfalls we’ve observed and how we developed a strategy and business case for augmenting that process. They then discussed the ways that we addressed previous issues and how we believe we’ve increased the fidelity or our reviews while streamlining the process for both our company and the vendors.
|Extremist Groups: A Rising Threat|
MRO’s Security Advisory Council (SAC) is pleased to announce it hosted a webinar on Extremist Groups: A Rising Threat. Threats from extremist groups targeting critical infrastructure appear to be on the rise in recent years. Several plots to attack critical infrastructure have been disrupted already this year, thrusting various extremist ideologies into the public light. This presentation provided an overview of the different extremist groups advocating for critical infrastructure attacks and disruptions. It included insights, examples, and what sector partners should watch for.
|Security Risk Assessment Virtual Roundtable|
MRO’s Security Advisory Council (SAC) is pleased to announce it is hosting a virtual roundtable on physical, cyber, and operational technology security risk assessment. This online event will start with a brief introduction providing an overview of the practical application of security risk assessment tools. A summary of plans for this year’s MRO Regional Security Risk Assessment will also be provided. The remainder of the event will involve a question and answer session Q&A and participant’s discussing their risk assessment methods, challenges, and successes. MRO registered entities are invited to attend this meeting. Please come to this meeting with questions and discussion topics related to security risk assessment prepared.
|Information Risk Management Framework|
(Recorded and Posted) MRO’s Security Advisory Council Threat Forum (SACTF) is pleased to announce it hosted a webinar on Information Risk Management Framework. MISO discussed how they utilized the NIST standards to develop their Information risk management program that includes a security risk register, security controls, and Plan of Action and Milestone. These three components to the Information Risk Management program allows them to look at their security risks holistically and have visibility to their security program maturity.
|Cyber Asset Management|
MRO’s Security Advisory Council (SAC) is pleased to announce it hosted a webinar on Cyber Asset Management. This webinar explored tools and techniques that can assist in asset discovery, identification, and asset management. The goal is to provide individuals with knowledge and tools to start identifying, categorizing, and classifying assets on their network. This in turn is a key requirement for asset management, risk management, and vulnerability management.