Energy infrastructure and operations are vital to public health, safety, economic stability, and security across all levels of government. This half day summit is focused on legal, policy, and strategic considerations related to cybersecurity in the energy industry. Expert speakers and panels will explore the range of cybersecurity risks to critical energy assets and systems, existing practices and standards to guard against and respond to those risks, the statutory and regulatory landscape that practitioners navigate, and the potential for emerging legislative and regulatory action in this area. Attendees are expected to include attorneys, corporate executives, non-attorney professionals, federal and state officials, academics, and students active in energy law, administrative law, electric utility regulation, and business law and corporations. This program is approved for MCLE credit.
1:00 PM – 1:05 PM: Welcome to Summit
- Jason Marshall, Energy Bar Association, Northeast Chapter President; General Counsel, New England States Committee on Electricity (NESCOE)
- Lisa Levine, CEO, Energy Bar Association
1:05 PM – 1:15 PM: Overview of Key and Emerging Issues
- Kevin Powers, J.D., Founder and Director, M.S. in Cybersecurity Policy and Governance Program, Boston College
1:15 PM – 1:45 PM: Keynote
Hon. Congressman James R. Langevin (D-RI)
- Co-Founder & Co-Chair, Congressional Cybersecurity Caucus
- Subcommittee on Cybersecurity and Infrastructure Protection (House Committee on Homeland Security)
1:45 PM – 3:15 PM: Inside the Lifecycle of Cybersecurity Risk: How Organizations Undertake Threat Preparedness, Response, and Review – And Stay Within Legal Bounds
High profile cyberattacks on the energy sector underscore the evolving nature of threats, the vulnerability of data and operational controls, the role of cryptocurrency, and the intersection of law enforcement and the industry. This panel will provide insights on preparing for cybersecurity threats (both internally and in connection with third parties), detecting and analyzing threats, what measures are taken to respond to and recover from attacks, and how performance is reviewed. The discussion will include existing legal and industry standards and legal considerations in developing and implementing a response.
3:15 PM - 3:30 PM: Special Commentary
Paul Roberts, Publisher/Editor-in-Chief, The Security Ledger
Host, The Security Ledger Podcast
Why We Can't Have Nice Things in Cyber: Impediments to Securing Critical Energy Assets
The existence of cyber threats to industrial control systems and critical infrastructure is not new. In fact, experts have been warning about the risk of cyberattacks on these systems for more than a decade. Still, cybersecurity practices and awareness in the energy and other critical infrastructure sectors have lagged those in other industries. What’s holding some energy firms back from addressing cyber risk in an effective and comprehensive way? This presentation will briefly review the history of attacks on energy sector firms and discuss some contributing factors that have stymied progress on cybersecurity and cyber resilience in energy and other critical infrastructure sectors.
3:30 PM – 5:00 PM: Are we at a Tipping Point for Legislative and Regulatory Reform?
Earlier this year, President Biden issued a “National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems” that included initiatives aimed at enhancing collaboration between private sector industries and government and developing cybersecurity performance goals for critical infrastructure. The electric power grid is subject to mandatory reliability standards, including for cybersecurity, through the North American Electric Reliability Corporation (NERC), with those standards authorized under federal law and subject to approval from the Federal Energy Regulatory Commission (FERC). Are similar cybersecurity mandates likely for other energy sector infrastructure, such as fuel pipelines? Or will legislators and regulators prefer a more voluntary, goal-oriented approach to cybersecurity? This panel will offer perspectives on the likely legislative and regulatory path ahead.
Moderator: Megan Stifel, Global Policy Officer, Capacity & Resilience Program Director, Global Cyber Alliance
Bob Stroh, Associate General Counsel, Reliability and Security, Edison Electric Institute (EEI)
Lynn Costantini, Deputy Director, Center for Partnerships & Innovation, National Association of Regulatory Utility Commissioners (NARUC)
Suzanne Lemieux, Manager for Operations Security & Emergency Response Policy, American Petroleum Institute (API)
5:00 PM: Summit Close
CONTINUING LEGAL EDUCATION (CLE):
EBA will seek CLE in in various states. Additionally, some states allow attorneys to earn credit through reciprocity or self-submission. View accreditation information for your state at https://www.americanbar.org/events-cle/mcle/.
The following states have been approved or are pending:
- Pending: PA, VA, NY
If you require CLE in another state not listed here, please contact Lisa Levine at LLEVINE@EBA-NET.ORG.
To apply to a State not listed above, it is the individual's responsibility to collect any handouts or other information required by that States' accreditation board for individual submission and self-certification. Individual online credit applications are not accepted by all States.
To assure accreditation, the necessary CLE information must appear on your registration form. You should also add your bar numbers to your profile with EBA. If your bar number or state are missing, we cannot guarantee receipt of credit. Only registered attendees are eligible for CLE. Students are not eligible for CLE.
REGISTRATION INFORMATION AND FEES:
Not YET AN EBA member?
Join today and save $20
on registration for this event. New members also receive a welcome packet in the mail that includes a discount code for a free Energizer, so the next one is on us! You must purchase your membership first to receive the member rate. For membership information and to join: https://www.eba-net.org/joinEBA
or call the EBA office at (202) 223-5625 for assistance.
You must pre-register for on-site attendance. No registration fee refunds will be granted for cancellations received after October 20, 2021. In order to receive a refund (less $10 administrative fee), the EBA must receive your written notice of cancellation two days before the proposed panel date. Registrants who are unable to attend may send a substitute for the entire program. EBA regrets that refunds will not be given for no-shows. Send a cancellation request by email to Mary Margaret Frank at firstname.lastname@example.org or by fax to (202) 833-5596.
By registering for this program, you authorize EBA to use any photographs taken of you during the event. Photographs may be used in promotional materials or stories that appear in professional publications and websites.
For more information on this event, please contact the Energy Bar Association at (202) 223-5625 or by email at email@example.com