Register
Register

Agenda

Note: Subject to change

Day 1 - Tuesday, June 16, 2026


Theme: Foundations & Threat Landscape

9:00 – 9:30 am
Opening Keynote Address
Contextualizing OT security in an era of decentralized infrastructure (growth in number of endpoints, need to connect via IoT, and the impracticality of air gapping)

Julian Durand, General Manager, Intertrust Secure Systems and CSO, Intertrust


9:30 – 10:30 am
Session 1: ICS/SCADA Security Basics – What Makes OT Different?
A primer on industrial control systems, their architecture, and why traditional IT security models don’t directly apply.

  • Key ICS/SCADA components (PLCs, RTUs, HMIs, historians)

  • OT vs. IT priorities and constraints

  • Terminology clarity

  • Common ICS protocols and legacy design assumptions

  • Real-world safety and reliability impacts

  • Convergence of OT/IoT Technologies: Security of the Airgap – becoming non-existent


James Harmening, Cybersecurity & Risk Management Director, Illinois Commerce Commission

Blake Gilson, Industrial IT Cybersecurity Operations Manager, ExxonMobil
Beth Windisch, Deputy Director of Homeland Security, State of Illinois
Wei Chen Lin, Cybersecurity Advisor, U.S. Cybersecurity and Infrastructure Security Agency

10:30 – 11:00 am
Networking Coffee Break

11:00 am – 12:30 pm
Session 2: Threat Landscape & Notable ICS Incidents -- The Impact of AI
An exploration of past and present attacks on industrial systems and the adversaries behind them.

  • Recent OT case studies (ransomware attacks, DOS, etc.)

  • New levels of instability in networks of OT systems leading to system-wide collapse

  • Nation-state, criminal, and insider threats

  • Impact of AI / ML in transforming the threat landscape: A threat tool as well as a robust part of the toolkit in addressing breaches

  • Common attack vectors bridging IT and OT

  • Use of physics attacks that are not addressed by traditional OT security systems

  • Emerging risks in cloud-connected and remote-access-heavy environments


Patrick Miller, CEO, Ampyx
Sai Molige, Sr. Manager of Threat Hunting, Forescout Technologies
Chris Sistrunk, Technical Leader, OT, Google Cloud Security

12:30 – 1:30 pm
Lunch

1:30 – 2:45 pm
Session 3: ICS Risk Assessment & Threat Modeling
How to identify, quantify, and prioritize risks in complex industrial control environments.

  • Mapping critical assets and “crown jewels”

  • OT threat modeling (attack trees, kill chains)

  • Leveraging AI and machine learning

  • Agentic AI

  • MITRE attack framework for ICS and ATLAS

  • Integrating safety and cyber risk

  • Communicating OT risk to executives and operations leaders


Ramesh Reddi, Chief Technology Officer, CybersecBCML
M. K. Palmore, CEO & Founder, Apogee Global RMS
Liliane Scarpari, Senior Solution Engineer, Microsoft

2:45 – 3:15 pm
Networking Coffee Break

3:15 – 4:15 pm
Roundtable discussions
Three main challenges, small group discussions of solutions, and reporting back to larger group

4:15 – 5:15 pm
Session 4: Network Architectures & Segmentation for ICS
Design patterns to limit lateral movement and contain incidents across IT/OT boundaries.

  • Zero-trust security for OT (how to administer, enforce, etc.)

  • Encryption – resilience in a post-quantum future

  • Purdue model relevance and alternatives

  • Network zoning and conduits: DMZs, data diodes, jump hosts

  • Secure remote access for vendors and maintenance teams: making sure updates are secure via mutually attestable communications

  • Balancing segmentation with uptime and reliability

  • Continuing forward some discussion from Session 2 and opening keynote


Bruce Tulloch, Director, Mayman Aerospace and Senior Advisor, JERA
Jason Bowen, Chief Information Security Officer, State of Illinois
David Emmerich, Principal Cyber-Physical Range Architect, Information Trust Institute, University of Illinois Urbana-Champaign

5:15 - 6:30 pm
Reception

Day 2 - Wednesday, June 17, 2026

Theme: Detection, Response & Resilience

9:00 – 9:15 am
Day 2 Kickoff & Recap

  • Review of Day 1’s key takeaways

  • Overview of Day 2’s themes


9:15 – 10:30 am
Session 5: ICS Monitoring, Anomaly Detection & Logging
Techniques to detect malicious or anomalous activity without disrupting sensitive systems.

  • CIP 14

  • Passive monitoring and traffic capture approaches

  • ICS-aware IDS/IPS and protocol-deep inspection

  • Logging strategies for constrained OT networks

  • Behavioral baselining and anomaly detection


Sai Molige, Sr. Manager of Threat Hunting, Forescout Technologies
Vivek Ponnada, Senior Vice President - Growth & Strategy, Frenos
Additional panelist TBA

10:30 – 11:00 am
Networking Coffee Break

11:00 am – 12:30 pm
Session 6: Incident Response in ICS Environments
Adapting IR to preserve safety and uptime in industrial operations.

  • Unique IR challenges in OT

  • OT-specific containment strategies

  • Coordination with plant operations and engineering

  • Evidence collection and post-incident reviews

  • Operating in a compromised environment – redundancy and defense-in-depth

Chris Sistrunk, Technical Leader, OT, Google Cloud Security
Mary Gannon, Senior OT Incident Response Engineer, GuidePoint Security
Representative from Southern Company TBA

12:30 – 1:30 pm
Lunch

1:30 – 3:00 pm
Session 7: Secure Engineering, Patch Management & Lifecycle Security
Embedding security into design, procurement, and asset lifecycle management.

  • Security-by-design for new and legacy systems

  • Cyber-informed engineering (applicable across a number of sessions in this Symposium)

  • What is the fail-safe / fail over scenario

  • Patch/vulnerability management with limited downtime

  • Secure configurations for controllers, HMIs, and historian systems

  • Working with vendors: SLAs, procurement language, SBOMs


3:00 – 3:30 pm
Networking Coffee Break

3:30 – 5:00 pm
Session 8: Building a Long-Term OT Security Program
Strategic frameworks and governance models for sustained ICS security maturity.

  • NIST 800-82, ISA/IEC 62443, NERC CIP

  • Governance roles and ownership in OT security

  • Training and cultural alignment between IT and OT

  • Roadmap planning and maturity measurement


Carter Mauncy, Senior Director - Cybersecurity, National Rural Electric Cooperative Association (NRECA)
Tim Gale, Director - Industrial Cybersecurity - Security and Risk Consulting, 1898 & Co.
Jacob Kitchel, Security Leader - Senior Manager, Operations Technology for Transmission Operations, Invenergy
Additional panelist TBA

Day 3 - Thursday, June 18, 2026

Masterclass / Workshop: The Influence of AI and ML Agents on ICS Cybersecurity in the Electric Sector
Speakers:
Matt Luallen, Lead Research Scientist for Education Translation, Information Trust Institute, University of Illinois
Ramesh Reddi, Chief Technology Officer, CybersecBCML
Liliane Scarpari, Senior Solution Engineer, Microsoft
Bruce Tulloch, Director, Mayman Aerospace and Senior Advisor, JERA

9:00 - 10:15 am
- The use of agentic actors in complex energy systems
- Integrity of data used to train models

10:15 - 10:45 am
Networking Coffee Break

10:45 - 12:00 pm
- Compromise of agentic actors: Reliably identifying and authenticating actors
- Building independent skills regardless of the data the model is trained on

12:00 - 1:00 pm
Lunch

1:00 - 2:15 pm
- Developing acceptable guiderails for what an agent is allowed to see: Output guiderails for checking what is produced before it is put live
- Best practices as infrastructure becomes more decentralized and millions of end points interoperate with the grid

2:15 - 2:45 pm
Networking Coffee Break

2:45 - 4:00 pm
- Identifying particular work flows for specific use cases
- Guard rails for agents that operate without human interaction

Get in touch

Copyright 2026 Smart Grid Observer. All rights reserved

Use this form to reach out to us concerning the Symposium. We will get back to you promptly!