Event Agenda

As cyber threats to critical infrastructure grow, resilience is key. This panel explores how organizations can map attack surfaces, implement practical security controls, and ensure operational recovery – turning strategy into measurable resilience.

• How can we identify and continuously map attack surfaces across complex, connected IT-OT environments, and what adversary tactics, techniques, and procedures are we actually seeing exploited in the wild?
• How can we effectively integrate network segmentation, OT-aware anomaly detection, and incident response playbooks to detect, contain, and mitigate attacks without disrupting critical operations?
• What does security by design look like in critical infrastructure, and how can we build redundancy and recovery into OT systems to minimize downtime and safety impacts, even after a successful compromise?
• What lessons have you learned when moving from strategy to execution – across people, process, and technology – and how can organizations measure whether their resilience investments are actually reducing risk?

– Moderator: John Ballentine, ICS Cybersecurity Program Lead, Port Authority of New York and New Jersey
– Christopher Nourrie, Sr. Advisor Threat Hunt and Intelligence, Southern California Edison (SCE)
– Eric Casteel, OT Cybersecurity Engineering Manager, Westinghouse Electric Company
– Abhishek Pathak, Sr. OT Infrastructure & Security Analyst, Chevron
– Fernando Barcelo, Senior Solutions Engineer, Ping Identity
– David Heiner, Head of Commercial and Enterprise Sales, Copia Automation
.

In an era where cyber risk directly impacts operational outcomes, resilience is mission-critical. This session explores important lessons learned from embedding cybersecurity into the design and operation of our most critical systems, with a focus on operational technology and distributed environments. We will share key takeaways on how zero trust and cyber analytics can be applied to ensure continuity, survivability, and trust across complex ecosystems.
.
– Rachel Bondi, CTO – PAE Mission Systems, Tactical Networks, US Navy
.

OT cybersecurity has moved beyond risk mitigation to become a measurable driver of business value. As cyber compromise is now expected across critical infrastructure, organizations must protect uptime, safety, and revenue while operating in highly constrained environments. This session shows how a framework-driven OT security strategy—anchored in IEC 62443, operational visibility, and platform consolidation—reduces response times, simplifies operations, and delivers real financial and operational outcomes..
– Matt Britter, Senior OT SME, Fortinet
.

AMDT research shows a persistent “reality gap” inside industrial organizations: executives are highly confident in their OT security and stability, while the teams closest to the equipment see frequent disruptions, human error, and growing cyber exposure. This session helps industrial companies close that gap by combining data from US plants with a practical playbook for unifying leadership, engineering, and OT around a single source of truth for configurations, changes, and incidents.
..
– Greg Tracey, VP Solutions, AMDT

Creating an effective OT security program starts with a clear foundation. Guided by an established framework such as the NIST Cybersecurity Framework, this session outlines a practical approach to influence and secure sponsorship from the C-Suite and Board. We’ll focus on setting realistic expectations at each stage and right-sizing OT security initiatives based on organizational risk, maturity, and operational priorities, ensuring meaningful protection without unnecessary complexity.
.
– Prashanth Naidu, VP IT & CISO, Cepheid

Factories are central to manufacturing, but they are more fragile than many leaders realize. Built for continuity, not change, OT environments rely on long-lived assets, mixed generations of technology, and tightly connected processes, so even minor disruptions can cause major operational and financial impact.
This session looks beyond vulnerabilities to the real business consequences of security incidents, including production loss, response costs, IT and OT recovery, and supply-chain effects. It then uses data to show where OT risk consistently concentrates and highlights modern architectural approaches that reduce lateral movement and improve resilience without disrupting operations.
.
– Umang Barman, Director OT, Zscaler
.

In this session, attendees will learn how to leverage local AI to detect anomalies OT systems without relying on the cloud. We’ll cover step-by-step techniques for integrating AI with existing SCADA, PLC, and historian datasets, as well as strategies for designing models that adapt to new sensors and evolving OT networks. Participants will explore real-world examples from utility deployments, gaining practical insights into real-time detection. By the end, you’ll have actionable guidance to implement anomaly detection that strengthens reliability, efficiency, and operational safety.
.
– Corbin Jarms, Lead OT Cybersecurity Engineer, Avista
.
.

This session presents a series of real-world takeaways from securing an electric utility’s critical assets. Attendees will learn how a single security strategy was operationalized across enterprise IT, industrial control systems, cloud platforms, and identity architectures, while maintaining resilience, visibility, and rapid response. The discussion focuses on aligning cybersecurity engineering and operations with organizational risk priorities, integrating IT and OT security monitoring, and applying attack-and-defend principles to understand adversary pathing across hybrid and industrial environments. Practical lessons will be shared on governance, architecture decisions, cross-team collaboration, and measuring outcomes that matter to both executives and engineers in a NERC CIP compliant entity.
.
– Michael Cole, Manager, Cybersecurity Engineering and Operations, SMUD
.

In this interactive session, participants will step into the decision-making process that defines effective operational response. Blending concise theory with a guided exercise, this session walks through a practical Scenario Development Lifecycle—from leveraging threat intelligence to designing realistic, facility-specific simulations and driving continuous improvement. Attendees will explore how to create exercises that reflect real OT environments, including the Purdue model, safety systems, and OT DMZ, while engaging in structured, multi-phase scenarios that challenge operations, engineering, IT, and leadership to work together under pressure. Along the way, we will highlight how to measure what matters, such as time to detect, isolate, and stabilize, as well as coordination effectiveness.By the end, participants will have a repeatable framework to design and run impactful OT training programs, enabling their teams to move beyond reactive response toward proactive readiness, stronger collaboration, and greater operational resilience. This session is designed for practitioners who want to go beyond compliance and build real operational capability in their environments.
.
– Durgesh Kalya, Site Cybersecurity Officer, Covestro

In this session, we share insights into our real-world journey to achieving comprehensive asset visibility across a complex OT environment. The talk will cover the initial challenges of fragmented inventories and legacy systems, the strategies used to safely discover and classify assets without disrupting operations, and the practical steps taken to integrate visibility into ongoing security and operational workflows. Attendees will learn key lessons from the implementation process, including what worked, what didn’t, and how to avoid common pitfalls, along with actionable strategies they can apply when building or improving asset visibility in their own OT environments.
.
– Korey Wallace, IT/OT Security Program Manager, Dupont
.

Establishing a strong OT security program is rarely straightforward. From technical limitations to organizational hurdles, teams often face obstacles that can slow progress or stall initiatives altogether. This panel focuses on real-world experiences and pragmatic approaches to moving forward and scale programs despite those challenges.
.

• • What are the friction points you have encountered when developing OT security capabilities, and how can they be tackled in practice?
  • How can security teams make meaningful progress when budgets, staffing, or technical maturity are constrained?
  • Which approaches have proven effective in scaling OT security initiatives?
  • How can leaders build internal alignment and advocacy to ensure long-term support and sustainability for OT security initiatives?

.
– Moderator: Robert Clark, ISO and Interim Segment CISO, Daimler Truck North America
– Ailbhe (Alva) Clardy, Assistant Deputy Director, Innovation & Technology, The City of San Diego
– Bryan Supak, Cybersecurity Manager for Architecture, Engineering and Operations, Energy Sector
– Fred Chang, VP of Product & Operations, Dispel
– Michael Leonard, Senior OT SME, Galvanick
.