Industry Regulations and Standards – Now and Emerging

October 25, 2018 (10:00am EST)

Abstract:

This session will introduce key aspects of both regulations and standards across multiple industries and regions of the world.    We will cover historical evolution, current status and projected evolution. Additionally, we will dive into the standards set forth by the industry itself, which have been created to ensure there is a baseline set of protocols available to protect the cyber environment of member users or organizations.

This session will answer questions like:

  • How successful have attempts to self-govern or regulate been by some industry participants?
  • Where are the regulatory directives coming from and going to?

Discussion Leader: Chris Humphreys - Cybersecurity, Technology, and Regulatory Synergist CEO/Founder at The Anfield Group Inc

Chris Humphreys started his career at the Department of Homeland Security's National Infrastructure Coordination Center (NICC) and was the development lead at the United States Computer Emergency Response Team (USCERT). Chris went on to serve as Critical Infrastructure Protection Program Manager for the Dept. of Defense's Counterintelligence Field Activity (CIFA) in 2006.

While at CIFA, Chris authored DoD Instruction (DoDI) 5240.10 "Counterintelligence Support to Critical Infrastructure" which is national-level policy still in place today.

In 2008 he took a position as CIP Manager of Compliance and Investigations at Texas Regional Entity in Austin TX. While at Texas RE, Chris founded the CIP Compliance Working Group (CCWG) which is made up of the CIP Managers and Auditors from all NERC regions. The CCWG developed the CIP Audit Process that is currently being implemented across all NERC Registered entities.

Since 2010, Chris has served as the Founder and CEO of The Anfield Group Inc. which provides cybersecurity, regulatory, and technological strategic advisement to all Critical Infrastructure sectors.

In 2017, Chris was appointed by the Texas Dept of Information Resources and Texas Gov Greg Abbott's office as one of three voting members to the Texas State Cybersecurity Council tasked with implementing House Bill 8 (HB8) "The Texas Cybersecurity Act".


Discussion Leader: Bradford Hegrat - Internet of Things, ICS, Embedded Cybersecurity Executive Principal Director at Accenture

Brad is a Critical Infrastructure-oriented security professional with extensive success in security and technology leadership, crisis/incident management, strategic program development and infrastructure solutions. Enterprise, IoT and ICS/SCADA security experience spans full spectrum of both technical and non-technical security functional areas

As a US Marine, he was trained thrive on chaos, to seek it out. As an executive leader in the business of cyber security, he aims to foster, leverage and create business advantages through the chaos of disruptive and innovative tech.

Bradford has 20+yr track record of increasing leadership and responsibility in: executive management guidance and advisory services; information security program development including SDL, IR and Business Continuity; systems analysis/development; security consulting services. Corporate liaison for law enforcement, government agencies and the US intelligence community. He has demonstrated exceptional ability in developing security standards as an operational framework to identify, react, address and learn from difficult and arduous security situations. Experience ranges from id/response to APT style actors to common insider events.


Discussion Leader: Ernie Hayden - Independent Consultant and VP - Training & Education @ International Operational Technology Security Assn. (IOTSA)

Widely recognized in cybersecurity circles, Ernie is an author, speaker and consultant with extensive experience in the power utility industry, critical infrastructure protection/information security domain, industrial controls security, cybercrime and cyberwarfare areas. His primary focus is on supporting projects regarding industrial controls security, smart grid security, energy supply security, and oil/gas/electric grid security with special expertise on industrial controls.