State of Maryland Critical Infrastructure
Cyber Resilience Workshop Part Two (MD CICW-II)
Focus Sector: Energy
March 18-20, 2026
7:30am - 4:30pm
7000 Columbia Gateway, Suite 150, Columbia, MD 21046
The purpose of this workshop is to provide a collaborative environment for federal, state, local, and commercial partners to:
Assist utilities in improving their ability to defend themselves against cyberspace threats
Share information on cyber defense technologies and processes available for use in the energy sector
Leverage a cyber tabletop exercise to identify roles, processes, and impediments for joint cyber incident response
Build partnerships and communication channels necessary for protecting Maryland’s energy sector
Identify and define terms with federal, state, local, and commercial partners to create common understanding
Ensure that utility companies and local stakeholders understand that cyber hardening is affordable, achievable, and benefits the Department of War and the utility companies’ customer base
Workshop Presentations will Include:
- Perspectives from the Federal Government, State Government, and Commercial
Partners - Technical demonstrations on vulnerabilities and cost-effective mitigations
- Discussion on available no-cost tools and solutions
- Threat briefings and lessons learned
- Updates on applicable critical infrastructure protection standards
- Various Others
Registration Now Closed For This Event
Apply to Attend Maryland's Critical Infrastructure Cyber Resiliency Workshop Part II: Energy Sector
Please complete the form. You will receive an email notification at the address provided once your submission has been approved.
Agenda
LEGEND
Overarching Topics
Management Track
Technical Track
TIME
07:30 – 08:00 AM
TOPIC
Arrival and Check In
TIME
08:00 – 08:10 AM
TOPIC
Welcome and Opening Remarks
SPEAKER
MAJ Harrison Bittenbender (MDNG)
TIME
08:10 – 09:00 AM
TOPIC
Joint Opening Remarks
SPEAKER
MG Janeen Birckhead (Adjutant General, Maryland) Mr. John Garstka (Director, Cyber Warfare, OUSW(A&S))
TIME
09:00 – 09:30 AM
TOPIC
Perspectives from the Applied Research Lab for Intelligence and Security (ARLIS)
SPEAKER
Dr. Charles Harry (Univ. of Maryland)
09:30 – 09:45 AM Break
TIME
09:45 – 10:15 AM
TOPIC
Cyber Risk Reduction Perspectives from Cyber Protection Team 169 Focused on Supporting Federal, State, and Commercial Partners
SPEAKER
MAJ Marissa Robbins (MDNG)
TIME
10:15 – 10:45 AM
TOPIC
E-ISAC Energy Sector Threat Assessment
SPEAKER
Mr. Zach Fields (Electricity ISAC)
10:45 – 11:00 AM Break
TIME
11:15 – 11:45 PM
DEMONSTRATION
Technologies Challenges, Vulnerabilities, and Practical Mitigations
SPEAKER
Mr. Larry Grate (OUSW(A&S) CWD)
TIME
11:45 – 12:00 AM
GROUP PHOTO
11:45 – 01:00 PM Working Lunch Topic for Discussion: Support Coordination and Partnership Building
TIME
01:00 – 02:00 PM
PANEL
Federal and State Efforts on Reducing Cascading Effects of Cyber Risk
MODERATOR
Col Joed Carbonell (MDNG)
PANEL
Energy Sector Sensing and Monitoring with More Situational Awareness for Industrial Control Systems (MOSAICS) and Behavioral Alerting Sets for Control Systems (BAS/CS)
MODERATOR
Mr. Kyle Hoover (DAU)
SESSION
Mr. Alan Herd (FERC) Ms. Ariana Garcia (MCAC) Mr. Greg Busch (MDE) Lt. Col Micheal Graham (MDNG)
SESSION
Mr. Alex Beall (JHU/APL) Mr. Matt Steele (JHU/APL)
TIME
02:00 – 02:30 PM
TOPIC
Differences in Authorities (Title 10, 32, and SAD) and/or Legal Aspects for Cyber Defense and Incident Response
TOPIC
IT Infection of OT Systems: When Convenience Becomes a Critical Infrastructure Risk
SESSION
COL Marci Sam (MDNG)
SESSION
Mr. Monty Mills (TAC)
TIME
02:30 – 03:00 PM
TOPIC
ICS4ICS - Incident Command System for Industrial Control Systems
TOPIC
Joint Electric Power Range (JEPR) Capability Brief
SESSION
Mrs. Megan Samford (ISA)
SESSION
Michael Hollingsworth (CNF Technologies)
03:00 - 03:15 PM: BREAK
TIME
03:15 – 04:00 PM
INTERACTIVE DISCUSSION
Critical Infrastructure Challenges and Solutions – Interactive Discussion Based on Pre-Survey Results Moderator: Ms. Olena Roraff (OUSW(A&S) CWD)
WORKSHOP AUDIENCE
TIME
04:00 – 04:15 PM
TOPIC
End of Day 1 - Closing Remarks
SPEAKER
Mr. Kuan (Ken) Wang (OUSW(A&S) CWD)
TIME
07:30 – 08:00 AM
TOPIC
Arrival and Check In
TIME
08:00 – 08:10 AM
TOPIC
Welcome and Opening Remarks
SPEAKERS
Mr. Kuan (Ken) Wang (OUSW(A&S) CWD)
TIME
08:10 – 08:30 AM
TOPIC
Operational Technology and Industrial Control System Vulnerabilities and Exploit Trends
SPEAKERS
1LT (MD) Price (Maryland Defense Force)
TIME
08:30 – 09:15 AM
TOPIC
Advocating for Resources to Reduce Critical Infrastructure Cyber Risks and Assessments
SPEAKERS
Mr. John Garstka (Director, Cyber Warfare, OUSW(A&S))
09:15 – 09:30 AM Break
TIME
09:30 – 10:30 AM
TOPIC
Best Practices and Lessons in Developing Operational Technology Asset/Device
SPEAKERS
Mr. Larry Grate (OUSW(A&S) CWD)
TIME
10:30 – 11:00 AM
TOPIC
Lessons Learned from the Estonia Delegation on Protecting the Electrical Grid
SPEAKERS
Estonia Delegation
11:00 – 11:15 AM Break
TIME
11:15 – 11:45 AM
TOPIC
Power System Commercial Critical Infrastructure Requirements
SPEAKERS
Mr. Tim Frey (JHU/APL)
11:45 – 01:00 PM: Working Lunch Topic for Discussion: Support Coordination and Partnership Building
TIME
01:00 – 01:30 PM
TIME
01:30 – 02:00 PM
TOPIC
From Assessment to Action: A Framework-Based Approach to Energy Sector Cyber Resilience and Cross-Sector Dependency Analysis
TOPIC
Applying D3FEND for OT to Strengthen Your Security Architecture
TOPIC
Indicators of Behavior – Machine Readable Representation of Adversary Behavior to Accelerate Cyber Detection and Response for Critical Infrastructure
SESSION
Mr. Tim Klett (DOE/INL)
SESSION
Ms. Emma Holt (MITRE)
SESSION
Mr. Tim Zhan (JHU/APL)
TIME
02:00 – 02:30 PM
TOPIC
Cyber Risk Reduction Perspectives from Maryland Department of the Environment
TOPIC
MITRE INF1LTRATE – A Physical Threat Framework
SESSION
Mr. Zachary Schafer (MDE)
SESSION
Mr. Tyler Schechter, Mr. Brett Paradis (MITRE)
TIME
02:30 – 03:00 PM
TOPIC
Cyber Risk Reduction Perspectives from Maryland Department of Information Technology
TOPIC
Why Software-Defined Networking Matters for Protecting Defense-Critical Energy - A Decade of Lessons Toward Zero Trust
SESSION
Mr. Miheer Khona (MD DoIT)
SESSION
Mr. Jeremiah Miller (DOE/PNNL)
03:00 – 03:15 PM : BREAK
TIME
03:15 – 04:00 PM
PANEL DISCUSSION
Panel Discussion Federal-State Unity of Effort on Critical Infrastructure Cybersecurity Moderator: BG Craig Hunter (MDNG)
SPEAKERS
Mr. Steven Burke (MD DoIT) Mr. Brian Pickard (MDE) Mr. Ben Abramovitz (MD PSC)
TIME
04:00 – 04:15 PM
TOPIC
End of Day 2 - Closing Remarks
SPEAKER
BG Craig Hunter (MDNG)
07:30 – 08:00 AM: Arrival and Check In
TIME
08:00 – 08:15 AM
TOPIC
Welcome and Opening Remarks
SPEAKERS
BG Craig Hunter (MDNG)
TIME
08:15 – 08:30 AM
TOPIC
Purpose / Objectives / Cyber Tabletop Exercise Process Overview
SPEAKERS
Lt. Col Michael Graham (MDNG)
TIME
08:30 – 08:45 AM
TOPIC
Incident Response Reporting Requirements
SPEAKERS
Steven Burke (MD DoIT) Chris Kraweic (MD DoIT)
TIME
08:45 – 09:00 AM
TOPIC
Scenario Summary / Ground Rules
SPEAKERS
Lt Col Michael Graham (MDNG)
09:15 – 09:30 AM : Break
TIME
09:15 – 11:30 AM
Phase 1
Mult-Agency Coordination / Preliminary Response
Stakeholder Participants
11:30 – 12:30 PM : Working Lunch Topic for Discussion: Support Coordination and Partnership Building
TIME
12:30 – 1:30 PM
Phase 2
Coordinated Response Actions / Capabilities
Stakeholder Participants
TIME
01:30 – 02:30 PM
Phase 3
Recovery Operations / Resource Gaps / Follow on Actions
Stakeholder Participants
02:30 – 02:45 PM: BREAK
TIME
02:45 – 3:45 PM
TOPIC
Cyber Tabletop Exercise Hotwash and Gaps Discussion
ALL
TIME
03:45 – 04:00 PM
TOPIC
End of Day Three - Closing Remarks
SPEAKERS
BG Craig Hunter (MDNG)
*Disclaimer: The Cyber Tabletop Exercise Agenda (Day 3) is subject to change
FAQ
Who is the intended audience for this event?
This event is targeted toward critical infrastructure operators and cyber defenders from both the public and private
sector. It is not intended for members of academia or vendors trying to sell their products. It is jointly organized by
the State of Maryland, the Office of the Under Secretary of War for Acquisition and Sustainment Cyber Warfare
Directorate, and the Maryland National Guard.
Is attendance limited?
Yes. Attendance is limited by the capacity of the venue. A virtual option is available.
Once the application is received, what is the process?
We will provide confirmations to all registrations via email.
What is the cost to attend?
The event is free, paid for by the U.S. government.
Will meals be provided?
Yes, light breakfast, snacks, and boxed lunches will be provided.
Is parking available on-site?
Yes, there is ample parking available at no cost.
Will there be an option to attend remotely?
If you desire to participate remotely, please select that option in the Attendance section on the registration page.
Is there a waiting list that I can get on if on-site capacity is reached?
No, once the workshop registrations reach capacity no further on-site registrations will be accepted.
What is the dress code for the event?
Civilians: business casual. Military members: appropriate duty uniform.
Contact
Questions on Venue : Ms. Alexis Davis: acdavis@thetac.tech
Event Questions :
faith.blankenship@aletatechnologies.com
jay.kurowsky@aletatechnologies.com
Location: TheLink
Workshop Survey: Coming Soon
NOTE: The purpose of this event is to foster a collaborative exchange of information amongst the attendees, solely for informational purposes. The State of Maryland and DoW are not endorsing any commercial products or services that may be discussed or displayed during the event. This event is not to be considered as a Sources Sought or Request for Proposal opportunity, nor will contracts will be awarded by the State of Maryland or DoW.