a steven briggs story - sans institute · a steven briggs story. power operations cyber security...

A Steven Briggs Story

Power Operations Cyber Security Risk Profile• Nation States Highly Skilled Hackers

• Insider Threats Trusted VendorsAttackers

• Establishing external connectivity Compromised machine

• Removable Media Combined physical and cyber Means

• Destroy capabilities Degrade capabilities

• Publicity Customer impactMotive

• Insider Threat Outside Connections Process Failures

• Unstaffed sites VisitorsOpportunity

• Cause loss of life Damage our assets Security protections gap Impacts reputation Difficult to regain control Regulatory failureBusiness Impact

MitigationsLimited External Connections Security Conscious Staff Engaged System Owners

Regulatory Controls Security Monitoring Service Security Assessments

Physical Security Protections Diversity in hardware/software Customized configurationDocumented repeatable processes Built in security checks and balances Fear

Define

Identify / Locate

Classify

Document

Protect

Review

Power Operations Data Protection Process

Automating your reoccurring items

Plants will work with out computers

Computer Remote Analysis Programs

Learn the system geography and site importance

http://emilygrubert.org/wp-content/uploads/2019/01/eia_860_2017_map_upload.html

Learn the network configuration

Develop a long term plan

Bring your knowledge of helpful IT appsRules!

• The current process works.

• Technology doesn’t always work given the conditions in the field.

• Understand the business function that is going on before you suggest tech.

• Approach in a supportive manner.

Go back and tell your friends

Information Technology

Respond politely when IT wants to come in to OT and provide additional services

that you didn’t ask for.

Gathering Support From other business units Throwing their systems and services out of your environment

https://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&ved=2ahUKEwiZr7Hq5JPgAhVwh-AKHbX3D1QQjRx6BAgBEAU&url=https://memebase.cheezburger.com/tag/monty-python-and-the-holy-grail&psig=AOvVaw24dBphBOvYyk9S-8BcPfT9&ust=1548878656366511

https://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&ved=2ahUKEwiLoo2W5ZPgAhVkleAKHT1OCMMQjRx6BAgBEAU&url=https://gfycat.com/gifs/search/john%2Bcleese%2Byou%2Bbastards&psig=AOvVaw24dBphBOvYyk9S-8BcPfT9&ust=1548878656366511

https://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&ved=2ahUKEwjZ-sP85ZPgAhURTt8KHblDAzoQjRx6BAgBEAU&url=https://www.youtube.com/watch?v%3DyH_jHCTslaY&psig=AOvVaw0GDBIFZ3wX_Ilihgq17wsO&ust=1548878904050522

https://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&ved=2ahUKEwj94qTM5pPgAhUB1qwKHSzBCJQQjRx6BAgBEAU&url=http://www.fanpop.com/clubs/monty-python/images/380143/title/french-soldiers-photo&psig=AOvVaw3ltQceIQn86Pk6Wo1b9biR&ust=1548879091998921

Questions

Steven BriggsSenior Program Manager I&C systems Generation Cyber SecurityTennessee Valley Authority• E-mail: sabriggs@tva.gov• Twitter: @tnvolsfan29

mailto:sabriggs@tva.gov

a steven briggs story - sans institute · a steven briggs story. power operations cyber security...

Documents

briggs stratton

myers briggs test * what is your myers-briggs personality...

raymond briggs

briggs toolbook

tim briggs

1 briggs law corporation [file: 1593.60] cory j. briggs

asa briggs, baron briggs of lewes, 1921-2016 › ... ›...

henry briggs

briggs hillier

briggs & co.'s patent transferring papers · 2012. 5....

engagor day ii - steven degelaen - telenet, a social care...

poppy's corner, a christmas story by steven donnini

steven gerrard my liverpool story -

the following story was written by mrs . briggs’ 1 st ...

spotlight steven roberts executive committee kim hunt...

myers-briggs personality type indicator – mbti kathy prem...

probate index er lee 1926 estate briggs, fred d 1943 estate...

brodie l. reid, steven b. briggs, louise e. karagiannidis,...

cyprus story - metropolitan museum of...

briggs amplifiers