The DCPSC is hosting a cybersecurity conference to discuss the important steps that local telecommunications, electric and natural gas utilities are taking to protect their infrastructure (including distribution and transmission assets) from cybersecurity threats.

Most utilities have plans and policies in place to minimize cyber incidents and attacks. We will hear from each of our regulated utilities on the following questions: Do you have a cyber risk management program/plan? If so, is the program/plan based on a recognized cybersecurity framework, such as NIST of NERC CIP? Do you have cyber incident response policies and plans in place for minimizing the effects of a cyber incident? What does the public need to know about how utilities are preparing for attacks on their information networks and control systems?

• Telecommunications: Wes Sobbott, Vice President of Network Security, Verizon Communications
• Electric: Joseph Quinn, Manager of Security Public Policy, Pepco
• Natural gas: Ed Rudy, Manager of Network and Infrastructure Services — Cybersecurity, Washington Gas Light Company

This will be a big-picture discussion on national security concerns. What are the top emerging cybersecurity risks in the energy industry? How does cybersecurity risk vary from electric to gas to telecom? How are national agencies/organizations helping the industries prepare for and recover from attacks on utility information systems and industrial control systems? What can we do better in the future?