Register
Register

Preliminary Agenda

Note: Subject to change. If interested in speaking, please contact us

Day 1 - Tuesday, June 16, 2026


Theme: Foundations & Threat Landscape

9:00 – 9:30 am
Opening Keynote Address
Contextualizing OT security in an era of decentralized infrastructure (growth in number of endpoints, need to connect via IoT, and the impracticality of air gapping)


9:30 – 10:30 am
Session 1: ICS/SCADA Security Basics – What Makes OT Different?
A primer on industrial control systems, their architecture, and why traditional IT security models don’t directly apply.

  • Key ICS/SCADA components (PLCs, RTUs, HMIs, historians)

  • OT vs. IT priorities and constraints

  • Terminology clarity

  • Common ICS protocols and legacy design assumptions

  • Real-world safety and reliability impacts

  • Convergence of OT/IoT Technologies: Security of the Airgap – becoming non-existent

10:30 – 11:00 am
Networking Coffee Break

11:00 am – 12:30 pm
Session 2: Threat Landscape & Notable ICS Incidents -- The Impact of AI
An exploration of past and present attacks on industrial systems and the adversaries behind them.

  • Recent OT case studies (ransomware attacks, DOS, etc.)

  • New levels of instability in networks of OT systems leading to system-wide collapse

  • Nation-state, criminal, and insider threats

  • Impact of AI / ML in transforming the threat landscape: A threat tool as well as a robust part of the toolkit in addressing breaches

  • Common attack vectors bridging IT and OT

  • Use of physics attacks that are not addressed by traditional OT security systems

  • Emerging risks in cloud-connected and remote-access-heavy environments


12:30 – 1:30 pm
Lunch

1:30 – 2:45 pm
Session 3: ICS Risk Assessment & Threat Modeling
How to identify, quantify, and prioritize risks in complex industrial control environments.

  • Mapping critical assets and “crown jewels”

  • OT threat modeling (attack trees, kill chains)

  • Leveraging AI

  • MITRE attack framework for ICS and ATLAS

  • Integrating safety and cyber risk

  • Communicating OT risk to executives and operations leaders


2:45 – 3:15 pm
Networking Coffee Break

3:15 – 4:15 pm
Roundtable discussions
Three main challenges, small group discussions of solutions, and reporting back to larger group

4:15 – 5:15 pm
Session 4: Network Architectures & Segmentation for ICS
Design patterns to limit lateral movement and contain incidents across IT/OT boundaries.

  • Zero-trust security for OT (how to administer, enforce, etc.)

  • Encryption – resilience in a post-quantum future

  • Purdue model relevance and alternatives

  • Network zoning and conduits: DMZs, data diodes, jump hosts

  • Secure remote access for vendors and maintenance teams: making sure updates are secure via mutually attestable communications

  • Balancing segmentation with uptime and reliability

  • Continuing forward some discussion from Session 2 and opening keynote


5:15 - 6:30 pm
Reception

Day 2 - Wednesday, June 17, 2026

Theme: Detection, Response & Resilience

9:00 – 9:15 am
Day 2 Kickoff & Recap

  • Review of Day 1’s key takeaways

  • Overview of Day 2’s themes


9:15 – 10:30 am
Session 5: ICS Monitoring, Anomaly Detection & Logging
Techniques to detect malicious or anomalous activity without disrupting sensitive systems.

  • CIP 14

  • Passive monitoring and traffic capture approaches

  • ICS-aware IDS/IPS and protocol-deep inspection

  • Logging strategies for constrained OT networks

  • Behavioral baselining and anomaly detection


10:30 – 11:00 am
Networking Coffee Break

11:00 am – 12:30 pm
Session 6: Incident Response in ICS Environments
Adapting IR to preserve safety and uptime in industrial operations.

  • Unique IR challenges in OT

  • OT-specific containment strategies

  • Coordination with plant operations and engineering

  • Evidence collection and post-incident reviews

  • Operating in a compromised environment – redundancy and defense-in-depth


12:30 – 1:30 pm
Lunch

1:30 – 3:00 pm
Session 7: Secure Engineering, Patch Management & Lifecycle Security
Embedding security into design, procurement, and asset lifecycle management.

  • Security-by-design for new and legacy systems

  • Cyber-informed engineering (applicable across a number of sessions in this Symposium)

  • What is the fail-safe / fail over scenario

  • Patch/vulnerability management with limited downtime

  • Secure configurations for controllers, HMIs, and historian systems

  • Working with vendors: SLAs, procurement language, SBOMs


3:00 – 3:30 pm
Networking Coffee Break

3:30 – 5:00 pm
Session 8: Building a Long-Term OT Security Program
Strategic frameworks and governance models for sustained ICS security maturity.

  • NIST 800-82, ISA/IEC 62443, NERC CIP

  • Governance roles and ownership in OT security

  • Training and cultural alignment between IT and OT

  • Roadmap planning and maturity measurement

Day 3 - Thursday, June 18, 2026

Masterclass / Workshop: The Influence of AI and ML Agents on ICS Cybersecurity in the Electric Sector

9:00 - 10:15 am
- The use of agentic actors in complex energy systems
- Integrity of data used to train models

10:15 - 10:45 am
Networking Coffee Break

10:45 - 12:00 pm
- Compromise of agentic actors: Reliably identifying and authenticating actors
- Building independent skills regardless of the data the model is trained on

12:00 - 1:00 pm
Lunch

1:00 - 2:15 pm
- Developing acceptable guiderails for what an agent is allowed to see: Output guiderails for checking what is produced before it is put live
- Best practices as infrastructure becomes more decentralized and millions of end points interoperate with the grid

2:15 - 2:45 pm
Networking Coffee Break

2:45 - 4:00 pm
- Identifying particular work flows for specific use cases
- Guard rails for agents that operate without human interaction

Get in touch

Copyright 2026 Smart Grid Observer. All rights reserved

Use this form to reach out to us concerning the Symposium. We will get back to you promptly!