A Cyber-attack on the Power Grid is not an “Act of God”
Tracks
Legal Issues in Privacy & Security
| Friday, October 14, 2022 |
| 9:30 AM - 10:30 AM |
| Student Union 104 |
Speaker
Mr. Thomas Doty
Director, Intellectual Asset Protection
Nustrategies, LLC
A Cyber-attack on the Power Grid is not an “Act of God”
Abstract
"Recovery from a coordinated attack could take weeks or months." - Gerry Cauley, North American Electrical Reliability Corp.
One of the scariest revelations at the 2022 Pwn2Own conference, it's pretty easy to hack the program that runs our power grids. Two leading white hat hackers revealed at the conference, “Getting inside a program that runs most of the world's industrial control systems? The easiest thing you'll do all weekend”.
With the U.S. grid divided into three major regions, like any planned cyber-attack, it is not a matter of “if” but “when. The example of the 2021 Texas Groundhog Day Blizzard will be examined, demonstrating the critical need of secure power delivery, and the devastating effects of outages lasting longer than one business day.
This presentation will evaluate the immediate risks of this type of cyber-attack, and contingency planning that should be in in place to continue critical business relations with the clients, courts and experts within the legal system. It will review the applicable MRPC sections and action plans to avert legal sanctions, and business risk costs associated in the event of a prolong outage, or rolling blackouts.
Focusing on the legal industry, and the ethical requirements of the MRPC, the presentation is eligible for CLE’s in Technical Competence and Ethics.
One of the scariest revelations at the 2022 Pwn2Own conference, it's pretty easy to hack the program that runs our power grids. Two leading white hat hackers revealed at the conference, “Getting inside a program that runs most of the world's industrial control systems? The easiest thing you'll do all weekend”.
With the U.S. grid divided into three major regions, like any planned cyber-attack, it is not a matter of “if” but “when. The example of the 2021 Texas Groundhog Day Blizzard will be examined, demonstrating the critical need of secure power delivery, and the devastating effects of outages lasting longer than one business day.
This presentation will evaluate the immediate risks of this type of cyber-attack, and contingency planning that should be in in place to continue critical business relations with the clients, courts and experts within the legal system. It will review the applicable MRPC sections and action plans to avert legal sanctions, and business risk costs associated in the event of a prolong outage, or rolling blackouts.
Focusing on the legal industry, and the ethical requirements of the MRPC, the presentation is eligible for CLE’s in Technical Competence and Ethics.
Biography
Thomas N. Doty, JD, LLM, is the Director of Intellectual Asset Protection at NuStrategies, LLC, a collaboration of “reformed attorneys” and new model technology strategists focusing on Blockchain security and NFT technology supporting the entertainment industry. He is also an adjunct professor at the University of New Hampshire contributing to the inaugural academic credentialing course “Blockchain, Cryptocurreny and Law” teaching Blockchain Security and Cryptoeconomics and Governance. He obtained his LLM in Intellectual Property from the University of New Hampshire (formerly Franklin Pierce Law Center) in 2002 with a focus on business and technology. For the last 15 years, he has advised Fortune 100 companies on legal issues concerning cybersecurity, data privacy, information management, and cyber governance matters. Tom is admitted to the bar in Michigan and California and in the U.S. Court of Appeals for the Federal Circuit, the U.S. Court of International Trade, the U.S. Court of Appeals for the Sixth and Ninth Circuits, and the U.S. District Court for the Eastern District of Michigan and the Northern District of California. He holds several vendor technical credentials, a credential in cyber terrorism and is internationally certified in IP mediation and commercial arbitration.
Mr. Doty is currently focusing on current and proposed changes in the FRCP and MRPC relating to technical competency and ethics, serving as an advisor to the federal judiciary on cybersecurity and technical competency standards for the practice of law in the 21st century.
