Cybersecurity experts and electric cooperative staff will gather at NRECA’s 2023 Co-op Cyber Tech Conference May 16-18 in Kansas City, Missouri, to strategize on building a strong cyber defense during more than two dozen sessions and opportunities, including an innovative tabletop exercise.

As a pre-conference activity, teams of co-op attendees will play Black Hills Infosec's incident response game “Backdoors and Breaches” to identify cyberthreats to “Happy Valley REA,” a fictitious electric co-op. Three rounds of the exercise depicting cyberattack scenarios and recovery procedures will take place May 16.

“The greatest takeaways from this experience will be the relationships built by being in the trenches with your co-op peers and the knowledge gained from the peer-to-peer lessons-learned discussion following the exercises,” said Carter Manucy, NRECA senior manager for cybersecurity.

A second pre-conference activity will focus on cyber-informed engineering with Sarah Freeman from MITRE, Tony Turner from Opswright and Virginia Wright from the Idaho National Laboratory. They’ll discuss how to predict cyberattacks through information, integrating cybersecurity in system designs and guidance on CIE. The half-day workshop takes place May 16.

The 2023 Co-op Cyber Tech Conference is just the second iteration of the event; about 300 co-op and industry representatives and vendors attended the inaugural event last fall in Washington, D.C.

This year’s gathering will feature 25 breakout sessions for a range of cyber skill sets and experience and offer timely networking breaks. Breakouts include:

  • Delta-Montrose Electric Association Chief Information Officer Bob Farmer will share his firsthand experience of a cybersecurity incident at the Montrose, Colorado-based co-op and the 2021 event’s lasting impacts.

  • Thaddius Intravaia, director of information technology at Southwestern Electric Cooperative in Greenville, Illinois, will discuss methods and techniques to encourage end users to adopt cybersecurity policies.

  • Staff from the North American Electric Reliability Corp., which sets standards for the bulk power system, will talk about security integration and resources specifically for small utilities.

  • Bill Glynn of Kansas Electric Cooperatives in Topeka will lead a discussion on how co-ops can benefit from their statewide association hiring a cybersecurity director and developing key partnerships in the intelligence sphere.

  • Jerry Beckley, IT vice president at West Kentucky Rural Electric Cooperative in Mayfield, will share a checklist for communicating with members about a cybersecurity breach while the event is under investigation.

  • Federated Rural Electric Insurance Exchange staff will help explain how to secure cost-effective coverage and what to do when a claim occurs.

  • Shira Dankner of NineStar Connect, based in Greenfield, Indiana, will focus on building a cyber defense on limited resources.

  • Drew Timmerman, vice president of information technology at La Plata Electric Association, will talk about how his Durango, Colorado-based co-op is building a cybersecurity strategy that involves collaboration with technical, legal and executive staff.

Patrick Miller, CEO of global consulting firm Ampere Industrial Security, is the keynote speaker for the opening general session May 17 and will discuss how co-ops can prepare for cyber strategies that withstand utilities’ current digital transformation, acquisition of new energy resources, workforce challenges and regulatory uncertainty.

Dr. Cynthia Hsu, formerly of NRECA and now the Department of Energy’s cybersecurity program manager for rural and municipal utilities, will deliver the morning keynote address May 18. Slade Griffin, the director of security assessments at Contextual Security, closes out the event on May 18 with a keynote address on challenges to maintain system security.

The Co-op Cyber Tech Conference will take place at the Kansas City Marriott Downtown. To attend the entire May 16-18 conference in person, registration is open through May 16. To attend only the 10 sessions that will be available online May 17-18, registration ends May 17. Hotel reservations must be made by April 24 to guarantee the conference rate.