May 3, 2023
Dale Peterson interview CESER Director Puesh Kumar on the S4x23 Main Stage. We discuss a number of CESER programs how they are measuring success, what has not worked, why they are doing some things industry is already doing and more.
5:30 Where is the CESER CRISP program (detection and information sharing) today? Has it stopped or reduced the impact (outages and others) of cyber attacks on the electric sector? How will they measure the success of this program?
10:40 What has CESER tried, thought it would work, and ended up failing?
14:05 CESER's CyTRICS program is testing vendor equipment? Why, does GE and Hitachi need help? And the results have been trivial vulnerabilities that could be found in hours. Why is CESER spending millions on this?
19:25 Cyber Informed Engineering (CIE) is it the same as Secure By Design? This is a long process, what will the early wins look like? Two years from now how will we know if we are succeeding? Maintaining a manual capability dominated the examples in the document, why hasn't this been highlighted in the program? How can we accelerate this?
25:20 Clean Energy Cyber Accelerator is looking at solutions (OT detection and MFA remote access to OT) that are well established with vendor offerings and asset owner deployments. Why is CECA doing this and trying to accomplish?