perspectives on protecting your utility against physical ... · pdf fileperspectives on...

leidos.com/infrastructure

Perspectives on Protecting Your Utility against Physical and Cyber Attacks

Track A

Presented by:

Stephen F. Schneider, PE

July 26, 2016

2 © Leidos. All rights reserved. leidos.com/infrastructure

Environment

and Civil

Infrastructures

Security Health and

Wellness

Clean Air,

Water and

Food Safety

Power and

Electricity

Natural

Resource

Optimization

NATIONAL

SECURITY HEALTH INFRASTRUCTURE

Converging National Security Expertise and Utility Grid Engineering Experience

› Largest cyber provider for the National Security Agency – > 850 cyber-related security projects

› #7 Top Design Firms: Transmission and Distribution (Engineering News-Record)

› Top 20 Cybersecurity Companies (Visiongain)

Leidos: Tackling Enduring Challenges of Significance


Topics

> Security Background

> Physical Security

> Threats, Vulnerabilities, and Risks

> Developing the Security Plan

> Moving Beyond “Just Walls”

> Cybersecurity Threats and Their Impacts


Utility Security Background


U.S. Electric Grid: Current Condition

> 2,100 high voltage

transformers at 345 kV or

above

> Electric grid soft spot

> Critical impact

> Relatively easy impact

> Large number of targets

> Long lead time to replace

> Difficult to repair

> Hard to move

> Highly interconnected

> Limited spares/expensive Diagram courtesy of Congressional Research Service.

Sources: GIS data from Platts, HSIP Gold 2013 (Ventyx), and ESRI.


The Evolution of Critical Infrastructure Protection Requirements

External Threat

Profiles

Social Engineering

Physical Attack

Non-Compliance Fines

Cyber Attack

Utility Systems

People

Facilities

Processes

Technology

Internal Threat Profiles

Disgruntled Staff

Sabotage

Reputation

Data Manipulation

Responding requires planned and coordinated

efforts across the organization


Physical Security


Common Vulnerabilities


Evolution of Physical Security Standards


Spirit and Intent of NERC CIP 014

Protect, deter potential threats to utility facilities, substations, and

control centers that if rendered inoperable or severely damaged

could result in widespread instability, uncontrolled separation, or

cascading failures within an interconnection


NERC CIP Requirements

Requirement Goal

R1 Initial assessment

R2 Independent review of initial assessment

R3 Coordination between operator and owner

R4 Threat and vulnerability assessment

R5 Development and implementation of physical security plan

R6 Third party assessment


Threats and Vulnerability Assessment

Protecting the Grid with an Integrated Plan


High Level R4 Methodology

Impact Assessment

Threat ID and Rating

Vulnerability Assessment

Risk Assessment

Mitigation Options /

Risk Management


Simplifying the Components of a Threat and Vulnerability Assessment

> Who: Adversary Threat

> Why: Intent to harm Threat

> How: Capability Threat

> What: Attack Threat

> When/Where: Vulnerable points Vulnerability

Risk – The impact on the customer base AND stability of the grid


Common Utility Threats


Risk = Impact (Asset Valuation) x Threat x Vulnerability



18


Risk Assessment/Analysis

Risk Level Low Medium High

Risk Factors Total 1 to 60 61 to 175 > 176 Risk Assessment

Risk Rating

Asset/Component

Threat Vectors

Ballistic

Attack VBIED IED

Intrusion

by

Person(s

)

Intrusion

by

Vehicle

Insider

Threat

Substation

Transformer 567 432 315 432 288 432

Transformer Bank 567 432 315 432 288 432

Control House 504 384 280 384 256 384

Circuit Breakers 294 180 144 180 126 210

Substation Service

Unit

140 48 48 72 48 120

Substation

Infrastructure

48 48 48 24 24 24

Tie-Line 48 48 36 24 24 24

Transmission Lines

& Towers

36 36 27 18 18 18

Risk Level Low Medium High

Risk Factors Total 1 to 60 61 to 175 > 176

Risk Rating Legend

Risk Rating (r) = Asset Value (av) x Threat (t) x Vulnerability

(v)


Developing the Security Plan

Protecting the Grid with an Integrated Plan


R5 Physical Security Plan Elements

Provides…

> Measures for detection, delay, deterrence, and defense

> Procedures for assessment, communication, and response

> Guidance on:

> Process – plans, measures, and procedures

> People – operations

> Facilities – material and hardening measures

> Technology – security systems and applications

> Tool for operational and response personnel

> Living document to assess, update, and implement

> Most importantly, helps meet or exceed NERC CIP-014 requirements


Using R5 Fundamentals to Achieve NERC CIP Goals

People

Processes

Facilities

Technology

CIP 014 Key Elements Security Plan Cornerstones

> What are your resiliency and

security measures?

> Who are your law enforcement

contacts?

> What is your implementation

timeline?

> What is your evolving threat

analysis?


Four Cornerstones to Protect the Grid


> Response metrics

> Training

> Joint training

> Tabletop exercises

> Staff levels

> Coordination between

operations

> Law enforcement

relationship

> Regulators/PUC/FERC

PUC – Public Utility Commission; FERC – Federal Energy Regulatory Commission


> Response/event

management

> Change/configuration

management

> Metrics

> After-action

> Lifecycle evolution

> Future threat adaptation


> Deter, detect, deny, delay,

and defend

> Walls and barriers

> Surveillance/detection

> Response/guards/law

enforcement

> Countermeasures/resiliency

> Site reality


> Transformer shrouding

> ACS/VMS/Network

> PSIM/SIEM/Cyber

> Open source intel

> Data analytics

> IT/OT convergence

Utility Horizons: IT/OT Integration and the Effect on

Utility Security

http://www.nxtbook.com/nxtbooks/utilityhorizons/2014q3

/#/10

PSIM – Physical Security Information Management; SIEM – Security Information Event Management;

ACS = Access Control System; VMS – Video Monitoring System; IT/OT – information technology/operation technology

http://www.nxtbook.com/nxtbooks/utilityhorizons/2014q3/#/10




High-Level Overview of Physical Security Implementation Plan

> Metrics-based approach

> Continuous feedback loop


The Classic Problem: The Standoff Between Silos

Image from “The Office”

© NBC


Avoiding Operational Silos

Engineering

Standards

Contingencies

Resiliency

OT/Operations

SCADA

C2

Field Systems

O&M

IT/Cyber

Network

Cyber

Telecom

Enterprise

Security

Hardening

Access

Response

OT – Operations Technology IT – Information Technology; C2 – Command & Control; O&M – Operations & Maintenance


Ensuring Effectiveness

> Training

> Tabletop exercises

> Full-scale field exercises

> Scorecard metrics and feedback

> Lifecycle/tech refresh

> Awareness of evolving threats


Tying it All Together

Threats and

Vulnerability

First Responder

Coordination Resource

Constraints

Training

Policies,

Processes and

Procedures

Cyber/Physical

Convergence

Engineering

Security

Plan

http://www.google.com/url?url=http://www.eci.com/blog/categories/Security.html&rct=j&frm=1&q=&esrc=s&sa=U&ei=xkA9VMHPMsmQyAS5r4GICQ&ved=0CBgQ9QEwATgU&usg=AFQjCNEnUA9VjZYVEr0qv3kO7_RfAogBdg

https://www.google.com/url?url=https://www.eda.europa.eu/procurement-gateway/information/procurement-training-conferences&rct=j&frm=1&q=&esrc=s&sa=U&ei=BEE9VJHHM6KCsQTE4IHoDA&ved=0CBYQ9QEwAA&usg=AFQjCNEYtUq-5eq9dQwiv85cAsvWSgct9g

http://www.google.com/url?url=http://www.business2community.com/strategy/standard-operating-procedures-in-internal-communications-helpful-or-just-a-hassle-0242387&rct=j&frm=1&q=&esrc=s&sa=U&ei=L0E9VLPAPOmPsQSgpoK4Bg&ved=0CBgQ9QEwATgU&usg=AFQjCNEac6POZf4L2BDNDMhd98LIRiFfZA


Moving Beyond “Just Walls”

Utilizing Energy Security to Your Advantage


Reconfiguration Complements CIP 014

Reconfiguration via ties, bus realignment, and other up-front

engineering can reduce the criticality of individual substation sites or

other facilities.

Case Study #1 > Option 1: Cost to bring a substation into CIP 014 compliance

estimated at $3-4 million

> Option 2: Cost to install additional transmission line to reduce the

station criticality estimated at $2 million

> Result: $1-2 million saved, substation criticality reduced

Case Study #2 > Utility moves away from larger substation to smaller, geographically

distributed substations

> Result: Size and criticality of substation reduced


Substation Physical Security: Hardening Protection and Delay Measures

Protection – Walls, Fences,

and Screens

> Transformers, Circuit Breakers and

Control House

> Ballistic proof/blast resistant engineered

wall systems

> Ballistic resistant fences and panels

> Opaque screens

Delay – Walls and Fences

> Perimeter

> Anti-climb/anti-cut, ballistic resistant fences

> High-security fences or walls with razor wire

> Landscaping and vegetation


Improving Security and Resiliency with Synchrophasors

Causes Instability


Key Governmental Facility Protection

Appropriate Distributed Energy Resources (DERs) may reduce impacts

to critical governmental facilities

Image courtesy of Green Energy Corporation

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&ved=0ahUKEwj85vPc84TNAhVNQFIKHbc9AFcQjRwIBw&url=http://sworegonarchitect.blogspot.com/2014/10/the-future-of-power-transmission.html&psig=AFQjCNE0Ke4lSDFppUnl1OB-0w0fsLK_2g&ust=1464804215042675


Taking Advantage of Big Data

Problem

> Wealth of available information –

how do you digest it all and

leverage it for utility security?

Opportunity

> Tremendous amount of data

through AMI, PIDS, SCADA,

network monitoring, cybersecurity,

OMS, DMS, DMR, ACS, and

synchrophasors

Solution

> Use your existing data

infrastructure to enrich your

security posture

Real-Time

Big Data Public/Private Cloud

Data Models

Enrichments

Data Sinks Parsers

Transports

AMI – Advanced Meter Initiative; PIDS – Perimeter Intrusion Detection System; SCADA – Supervisory Control And Data Acquisition; OMS – Outage

Management System; DMS – Demand Management System; DMR – Demand Management Response; ACS – access control system


Identify Opportunities for Incremental Value-Add

Develop ‘If-And-Then’ Use Cases

Goal: Minimize operational impact

> If Operations detects a transformer

temp anomaly, and

> IT/Cyber detects a network outage,

then:

> PhySec deploys guard or police for

site protection, and:

> Operations deploys maintenance

crew


Open Source Intelligence (OSINT)

Image Courtesy of Intel Corporation ©2014


Why OSINT?

Hindsight Insight Foresight


Company Source Intelligence

Why?

> Firm up insider threat issues

> 70 percent of threats come

from inside an organization

> Employee information

> Records

> Performance improvement

plans

> Roles/responsibilities

> Keystrokes


Cybersecurity Threats and Their Impacts


Opening Thoughts on Cybersecurity

> While CIP 014 is focused on physical

security, a full-spectrum security plan must

consider cybersecurity

> Exclusion of cybersecurity exposes significant

security vulnerabilities

> A few observations from our industry

experience

> Attackers prefer working lower-tech attack methods

(easier)

> Attacks are tailored to defeat the countermeasure

(focus)

> As defenses improve, attacks will escalate to breach

them, then step back down (hacker’s “stress tests”)

> As defenses improve in one area, attackers move to

other areas that are weaker (effort to worth ratio…

it is more effective to attack weak areas)


Cybersecurity Threat Summary

> Who and Why

> Hackers Malicious intent, “Just because I can”

> Hacktivists Political or social motivation. Embarrassment/revenge

of the attacked entity

> Criminal Enterprise Goal to profit monetarily

> Advanced Persistent Threat (campaign) Degrade U.S. National

security or economics


Attack Vectors and Countermeasure Considerations


Comprehensive Cybersecurity Plan

> Establish a policy to govern cybersecurity (CIP 003-R1)

> Establish someone with responsibility for management of

cybersecurity activities (CIP 003-R2)

> Establish a set of best practice guidelines to follow

(CIP 007)

> Establish systems and network security (CIP 002-R3

and 003-R6) > Develop an asset management plan

> Develop an configuration management plan

> Establish a risk management practice (CIP 003-R3)

> Establish patch and vulnerability management

(CIP 007-R3 and R8)

> Establish an incident response capability (CIP 008)

> Establish a contingency plan capability (CIP 009)

CIP = Critical Infrastructure Protection


Quick Cyber History


Threat Briefing: Threats Constantly Evolving

> 1981: Kevin Mitnick cracks

PacBell and steals passwords

> 1986: Pakistani Brain virus

(first malicious virus)

> 1988: Morris Worm released

(first Internet worm)

> 1991: Michelangelo virus

> 1995: Web site defacements

> 1999: Melissa worm

> 2000: Distributed denial of service

(DDoS) attacks

> 2005: Microsoft Office® exploits

> 2006: SCADA exploit tool

> 2007: Estonia cyber riots

> 2007: Pentagon computer system

attacked

> 2008: Georgia cyber riots

> 2009: Downandup virus infected over

10 million systems

> 2010: First known cyber warhead

discovered – Stuxnet worm

> 2011: Duqu discovered (Stuxnet

variant)

> 2014: South Korean nuclear facility

design and workers targeted

SCADA = supervisory control and data acquisition

Microsoft Office is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.


Threat Briefing: Critical Infrastructure Targeted

> 1998: Telephone switch hack closes an

airport

> 2000: Gazprom central control is hacked

> 2000: Australian hacker causes

environmental harm by releasing sewage

> 2001: Hackers protesting U.S./China conflict

enter U.S. electric power systems

> 2003: Power outages in northeastern United

States occur

> 2003: Worm shuts systems down at Davis-

Besse nuclear plant

> 2006: Zotob virus shuts down Holden car

manufacturing plant (Australia)

> 2007: Aurora demonstration shows damage a

remote hacker can cause physical harm to a

generator

> 2008: Intruder installed malware causing

damage to Sacramento River diverter

> 2008: Turkish pipeline hack and explosion

> 2010: Stuxnet discovered

> 2012: Saudi Aramco targeted by Shamoon

virus wiping out 30,000 hard drives

> 2013: Hacker group “Anonymous” declares

war on U.S. Government

> 2013: Large amount of watering hole attacks

linked to Chinese Government

> 2013: More than 50 percent of reported

ICS-CERT attacks are in energy sector

> 2014: German steel mill furnace damaged

> 2014: Havex and BlackEnergy target control

systems

> 2015: Ukraine electric grid

ICS-CERT = Industrial Control Systems Cyber Emergency Response Team


Threat Briefing: Cascading Failure Modes

> Cascading failure modes

> We have limited information of the

failure modes of many new and

critical devices on the distribution

and transmission side

> Can sensor feeds, at a high enough

volume, overwhelm a system?

> Will automation and safety protocols

lead to unintended consequences

such as the Yuma, Arizona,

incident?

> Protection devices seek to prevent

further damage but cause more

> Automated controls often need

human sanity checks


Threat Briefing: Market Manipulation

> April 23, 2012; 1300 EDT

"Breaking: Two Explosions in the White

House and Barack Obama is injured.“

– Associated Press Twitter Feed

> Dow Jones dropped ~150 points in 5 minutes

> Market recovered when hack of feed

announced

> Phishing attack preceded false tweet

> Market manipulation

> With distributed energy resources come

exchanges to buy and sell energy

> Markets can be manipulated by obtaining

generation capabilities and demand data

before it is available to the general market

> Data can be manipulated to influence markets


Stuxnet – What Was It?

> Stuxnet is the first publicly known cyber weapon

> Discovered in June 2010

> Months of reverse engineering to understand it

> Best forensic cyber engineers involved

> Discovering new aspects years later

> Nothing ordinary about this cyber weapon

> 20 times larger than most malware

> FOUR zero-day vulnerabilities

> Worm designation

> Disguised itself through a “rootkit”

> Intercepts security queries and returns false negatives – all is good


Stuxnet – What Was It?

> Targeted Siemens industrial control systems

> Overrode SCADA protocols

> Bushehr nuclear plant

> Natanz nuclear fuel enrichment plant

> Near 60 percent of all infections were in Iran

> Initial infection vector

> USB drive

> Subsequent infections

> Local network print spoolers

> Passage of infected USB drives

SCADA = supervisory control and data acquisition


Ukraine Electric Grid Attack

> Phishing attack able to obtain user

credentials

> Used credentials to gain access to

corporate and control network

through VPN using single factor

authentication

> Obtained access to HMIs associated

with the Energy Management

System and began tripping breakers

causing an outage in three different

service areas affecting 225,000

people lasting about four hours

> Launched destructive malware that

deleted data and made systems

inoperable

> Launched denial of service attacks

on call center VPN = Virtual Private Network

HMI = Human Machine Interface


So, Where is the Electrical Grid Vulnerable?


Generation

> Typically isolated from most

communication networks

> Varies from nuclear, with extensive

physical security, to smaller coal and

diesel, with little to no physical

security

> Within the plants, conditions vary

widely, with cybersecurity generally

a low priority


Transmission

> Critical to balancing grid electricity flow

> Most regulated portion from

cybersecurity perspective

> Very time-sensitive communications

> Control centers play a key role


Substations and Distribution

> Substations serve as key junction points

> Physical security crucial (for example,

Metcalf substation attack)

> Growth of substation automation poses

risks

> Loss of control

> Loss of view

> Automation and control being pushed

further down distribution line


Distributed Generation: Cybersecurity Threats and Vulnerabilities

> Depends on a sophisticated

communications infrastructure to be

always available

> Needs instantaneous information on status of

generation resource, particularly wind and

solar

> Often widely dispersed from control centers

and vulnerable to cable cuts and radio

frequency interference

> May leverage public networks that are more

vulnerable to infiltration or bandwidth

limitations


Plug-in Vehicles: Vehicle to Grid

> Cybersecurity challenges

> Similar to “do-it-yourself generation,”

people can send false information to

manipulate how much a utility thinks

it is paying for

> Someone else’s vehicle identifier

could be stolen or hacker could

manipulate whose power is used

> Potential for privacy issues

> Potential for malfunctioning vehicles

to disrupt grid

> Need a mini balancing authority for

vehicles and a reliable system for

detecting abuse


Cyber Threats Vulnerability Assessment Philosophy

Risk Inability to Control Load Inability to Manage Energy Intruders on the Network

Impacts Blackout Loss of Control Network Compromise

Vulnerabilities Weak Encryption Physically Available Lack of Authentication

Threats Hacker Terrorist Industrial Espionage Insiders


Managing Risk to Distribution

1. Determine your threats and their

motivations

> What are the threats to your

organization?

> By knowing what the threats are, you

will be able to prioritize the remediation

of the most important vulnerabilities.

2. Understand where your gaps are in

security conformance > What are the weaknesses in your smart

grid architecture?

> By knowing which vulnerabilities exist,

you will know where your threats are likely

to strike, giving you the ability to apply

additional security controls to reduce the

probability of occurrence where

vulnerabilities cannot be mitigated.

3. Determine your organization’s

tolerance for impact

> What does your organization want you

to prevent from happening?

> Provide your senior management with

a list of things that could occur and

determine where their tolerances lie.

4. Document and manage the risks

> Manage risk by deploying controls to

mitigate the impacts and probabilities

of threat sources.


Building a Holistic Solution


Cybersecurity is Becoming a Board-level Issue

Reuters, October 13, 2011

National Association of Corporate Directors


Turning Cybersecurity Risk Into a Business Risk

> Nuisance example: isolated malware infections

> Typically occur at rate of 6 percent of computers per year

> One oil company estimated cost at $4,000 per machine (including productivity losses)

> Slightly less of a nuisance: customer data breach losses

> Ponemon Institute estimated at $194 per record (most of cost is future lost business)

> TJX® saw losses of more than $171 million for its 2006 data breach; Heartland Payments Systems

had 130 million credit card numbers breached in 2009

> For most customer data breaches, however, the relevant costs are minor as harms are hard to prove

and the reputational damage is short-lived

> For utilities, greatest threats through cybersecurity attack are on ability to operate

> Maintaining stability of transmission and distribution grids (preventing widespread outages)

> Keeping hard-to-replace equipment from being damaged or destroyed (Aurora)

> Protecting human lives (fires, electrocutions, explosions, radiation)

> Ability to maintain cash flow (integrity of financial records, ability to bill and receive payments, access

to bank accounts to pay suppliers)

> Ability to generate and coordinate (independent system operator functions, automated generation

control)

TJX is a registered trademark of The TJX Companies, Inc. in

the U.S. and/or other countries.


Governance Model

> Who does cybersecurity organization report to?

> In many cases, it is the chief information officer

> Can reporting reach executive- and board-level stakeholders?

> Do policies regularly get the backing of the chief executive officer?

> Budget

> Is the cybersecurity budget tied to major initiatives (transmission expansion,

safety initiatives, new substations)?

> Is there a relationship between cybersecurity risk and other major risks?

> As new meters, sensors, and relays are added, is cybersecurity risk adjusted along

with its budget?

> Are improvements in grid reliability correlated with improvement in cybersecurity?

> Are cybersecurity budget line items evaluated for how they help reduce

major business risks or even other operational risks?


Moving From a Tactical to Risk Management Mindset

> What gets reported?

> Malware infections vs. business disruptions

> Data breaches/lost laptops vs. value at risk

> Attacks blocked vs. threats averted

> How are resources allocated for cybersecurity?

Tactical

› Firewall management

› Log management

› Authentication

› Endpoint security

› Server security

Risk Management

› T&D grid stability

› Customer data protection

› Energy trading integrity

› Key asset protection

› Health and safety

T&D – Transmission & Distribution


Where to Start

How can you tell how good of a job you are doing? > Mapping to business risks helps to speak to the board, but day-to-day challenges still require a

comprehensive approach

> Frameworks can help if used in the context of business risk

> NERC CIP, NIST SP 800-53/800-82, ISO 27001, IEC 62443*

Need maturity models and means of comparison with peers

Electricity

Subsector

Cybersecurity

Capability

Maturity Model U.S. Department of

Energy

Maturity Indicator

Levels (MIL):

MIL1: Initiated

MIL2: Performed

MIL3: Managed

NERC CIP = North American Electric Reliability Corporation Critical Infrastructure Protection

NIST - National Institute of Standards and Technology; ISO - International Organization for Standardization

IEC - International Electrotechnical Commission


Inside the Circle: Money spent

on internal staff

Outside the Circle: Money spent

on product and services vendors

Governance

and Oversight

Strategy and Risk

Management • Assessing and reporting

• Mapping security controls

to acceptable risk posture

• Making sure cybersecurity

risks are associated with

business risks

Security Operations Monitoring systems and

networks for attacks

Continuously monitoring for

vulnerabilities and policy

violations

Aggressively seeking out

threat intelligence

Responding to incidents and

assisting with the recovery

Security Engineering Researching new protection

techniques

Designing, deploying, and

supporting new security tools

and technologies

Aligning security tools,

techniques, and technologies

with organization’s culture

and business drivers

Program

Development

Policy/Plan

Development

Security

Product

Professional

Services

Security

Integration

and Design

Services

Security

Products

Compliance /

Risk

Assessments

Security

Product

Testing

Pen

Testing

Managed

Security

Services

Incident

Response

Only 26 percent

said they have

sufficient

expertise on staff

PwC

Putting It All Together


Budgets: How Much Security Is Enough?

> The industry norms

> Cybersecurity budgets in all industries tend to range from three percent to 10 percent of

information technology budget

> For utilities, that number is closer to three percent to five percent

> IT budgets vary considerably by industry, given different ways revenue is generated

> For many, two percent to five percent of revenue is typical for an IT budget

> For energy companies, operations technology (such as control systems) may be

additional

> Criteria for additional expenditures

> Regulatory compliance (as much as 50 percent of security budget)

> Requirements to meet business continuity objectives

> Desire to meet industry best practices (such as encryption of all removable storage)

> Changing threat landscape

> Easily exploitable vulnerabilities

> Achieving acceptable risk posture (most subjective and hardest to substantiate)

IT – Information Technology


The “Security” Big Picture

Threats and

Vulnerability

First Responder

Coordination Resource

Constraints

Training

Policies,

Processes and

Procedures

Cyber/Physical

Convergence

Engineering

Security

Plan

http://www.google.com/url?url=http://www.eci.com/blog/categories/Security.html&rct=j&frm=1&q=&esrc=s&sa=U&ei=xkA9VMHPMsmQyAS5r4GICQ&ved=0CBgQ9QEwATgU&usg=AFQjCNEnUA9VjZYVEr0qv3kO7_RfAogBdg

https://www.google.com/url?url=https://www.eda.europa.eu/procurement-gateway/information/procurement-training-conferences&rct=j&frm=1&q=&esrc=s&sa=U&ei=BEE9VJHHM6KCsQTE4IHoDA&ved=0CBYQ9QEwAA&usg=AFQjCNEYtUq-5eq9dQwiv85cAsvWSgct9g

http://www.google.com/url?url=http://www.business2community.com/strategy/standard-operating-procedures-in-internal-communications-helpful-or-just-a-hassle-0242387&rct=j&frm=1&q=&esrc=s&sa=U&ei=L0E9VLPAPOmPsQSgpoK4Bg&ved=0CBgQ9QEwATgU&usg=AFQjCNEac6POZf4L2BDNDMhd98LIRiFfZA


Additional Information

Steve Schneider, P.E. CHIEF SOLUTIONS ARCHITECT, ENERGY SOLUTIONS

571-526-6700 – office

443-655-5971 – cell

[email protected]

Gib Sorebo CHIEF CYBERSECURITY STRATEGIST

703-676-0269 – office

703-400-2082 – cell

[email protected]

For a copy of today’s presentation send an e-mail to:

[email protected]

Visit us at leidos.com/utility-security

mailto:[email protected]



perspectives on protecting your utility against physical ... · pdf fileperspectives on...

Documents