The next evolution of Hack the Capitol, Critical Effect DC is a two-day, annual critical infrastructure-focused conference connecting policymakers, members of civil society and academia, and OT/ICS stakeholders.
About Critical Effect '25
Presented by ICS Village, in partnership with the Institute for Security and Technology, Crowell LLP, and the National Security Institute, this year’s event prioritized timely, solution-driven content with a sense of urgency, focusing on initiatives that can be implemented in the next two years.
Why this sense of urgency?
Agenda
Track I: Critical Mass
Policy, strategy, and governance-focused panels and presentations, including keynotes and fireside chats by leading government officials.
Thursday, June 12
| 8:30 am | Networking and coffee |
| 9:00 am | Opening Remarks Bryson Bort, ICS Village and Joshua Corman, IST |
| 9:05 am | Fireside Chat Representative Nick Begich III (AK) and Bryson Bort, ICS Village |
| 9:35 am | Why Critical Effect? Why Now? Bryson Bort, ICS Village and Joshua Corman, IST |
| 10:00 am | Rethinking Cybersecurity: From Volt Typhoon to Resilience by Design Despite decades of investment—billions spent on cybersecurity tools, training, and advanced hardware—our systems remain fundamentally vulnerable. The Volt Typhoon campaign, a stealthy infiltration of U.S. critical infrastructure attributed to a nation-state actor, is the latest warning sign: our adversaries are outpacing our defenses. Why, after all this effort, are we still broken? This panel brings together leaders from government, industry, and academia to examine the root causes of these persistent vulnerabilities. Is the issue rooted in complexity, poor adoption of best practices, or fundamental design flaws? Have we prioritized compliance at the expense of innovation. Moderator: Mehdi Tarrit Mirakhor, Associate Professor, Department of Information and Computer Sciences, University of Hawaii Panel: Kevin E. Greene, Chief Security Strategist at BeyondTrust; Kirk Lawrence, Section Chief, Secure by Design, CISA/DHS; Adam Robbie, Head of OT Threat Research, Palo Alto Networks |
| 11:00 am | No Water, No Hospitals: Emergency Response Under Fire China’s 2027 intentions toward Taiwan are fast approaching and US Water is in the crosshairs. Volt Typhoon’s credible threat of disruption and destruction of water infrastructure has immediate risks to public safety, human life, and national security. In peacetime, this Public-Private-Partnership’s participation remains a single digit %. As we face hybrid conflict this panel will surface and test assumptions regarding cross-sector, cascading failure. We will also discuss some of the findings and recommendations of UnDisruptable27- focussed on the resilient continuity of operations at the intersections of water and access to emergency care. Moderator: Josh Corman, Executive in Residence for Public Safety and Resilience, Institute for Security and Technology (IST) Panel: Jonathan Horowitz, Deputy Head Legal Department, International Committee of the Red Cross (ICRC); Kevin Morley, Manager, Federal Relations, American Water Works Association (AWWA); Blake Scott, Senior Public Health Emergency Preparedness Planner, Coconino County Health and Human Services; Jennifer Lyn Walker, Director of Infrastructure Cyber Defense, WaterISAC |
| 12:00 pm | Lunch |
| 1:00 | Keynote Congresswoman Robin Kelly (IL-2) |
| 1:15 pm | Practicing for Disaster: MITRE’s Multi-Sector CyberSecurity Exercise Moderator: Mark Bristow, Director, Cyber Infrastructure Protection Innovation Center, MITRE |
| 2:10 pm | Code in the Combine: Protecting Agriculture in the Age of Cyber Conflict Moderator: Matt Hayden, Former Assistant Secretary of Homeland Security for Cyber, Infrastructure, Risk and Resilience Policy and Vice President of Cyber and Emerging Threats, General Dynamics Information Technology |
| 3:05 pm | The Future of Cybersecurity Policy and Regulations: A Multiverse Approach The panel will focus on a discussion exploring diverse cybersecurity and privacy regulatory models, conceptualized as potential timelines within the cyber policy multiverse. We will delve into various frameworks, including traditional command-control regulations, impact/performance-based models, outcome-based regulations, and self-regulation standards, to envision the future landscape of cybersecurity policy. Moderator: Evan Wolff, Partner, Crowell & Moring LLP Panel: Megan Stifel, Chief Strategy Officer, Institute for Security and Technology; Jeanette Manfra, Global Director of Risk and Compliance, Google Cloud; Randy Sabett, Special Counsel, Cooley LLP; and John Woods, Partner, Sidley Austin LLP. |
| 3:55 pm | Closing remarks |
| 5:00 pm – 7:00 pm | Reception The City Club, 555 13th St NW, Washington, DC 20004. |
All times listed are in Eastern Time.
Friday, June 13
| 8:30 am | Networking and coffee |
| 8:55 am | Opening remarks Bryson Bort, ICS Village, and Josh Corman, Institute for Security and Technology (IST) |
| 9:45 am | Keynote Representative Rich McCormick (GA-7) |
| 10:00 am | Peace through Cyber Strength – What Needs to Change in U.S. Cyber Posture Moderator: Lucian Niemeyer, CEO, BuildingCyberSecurity.org Panel: Christopher Cleary, President, Military Cyber Professional Association; Matt Hayden, Former Assistant Secretary of Homeland Security for Cyber, Infrastructure, Risk and Resilience Policy and Vice President of Cyber and Emerging Threats, General Dynamics Information Technology; Michael G. McLaughlin, Co-Leader, Cybersecurity and Data Privacy Practice Group and Principal Policy Advisor, Buchanan Ingersoll & Rooney PC; Mark Montgomery, Senior Director, Center on Cyber and Technology Innovation, Foundation for Defense of Democracies |
| 11:00 am | Conveying the Looming Threat of Critical Infrastructure Hacking Moderator: Lily Hay Newman, WIRED |
| 12:00 pm | Lunch |
| 1:00 pm | Cyber Policy Shark Tank Beau Woods, I Am the Cavalry, Hackers on the Hill, and Stratigos Security Learn more and apply at https://hackersonthehill.org/critical-effect/. |
| 2:00 pm | Closing remarks Bryson Bort, ICS Village, and Josh Corman, Institute for Security and Technology (IST) |
All times listed are in Eastern Time.
Track II: Strategic Effect
A series of half-hour individual sessions, each of which will dive deep into leading issues in ICS security. Topics include the corporate, legal and regulatory environment, and specific technical or operational details.
Thursday, June 12
| 8:30 am | Networking and coffee |
| 10:00 am | A Typhoon in a Teacup? Critically Evaluating Reporting on High Profile Threats Joe Slowik, Dataminr |
| 10:30 am | Cybersecurity Threats and Policy Implications for Battery Energy Storage Systems Dr. Emma Stewart, Idaho National Laboratory (INL) |
| 11:00 am | “When the well is dry, we know the worth of water”: A firsthand account of a DEF CON Franklin volunteer supporting water utility critical infrastructure Tim Pappa, Walmart Global Tech |
| 11:30 am | Fortifying DoD Operational Technology: Securing the Cyber Battlefield Against Nation-State Threats Kathryn Wang, SandboxAQ, and Alison King, Forescout Technologies |
| 12:00 pm | Lunch |
| 1:15 pm | All hands on deck needed for Everything Everywhere All At Once Andrew Dettmer, Black and Veatch and Katrina Rosseini, CR-ISAC |
| 1:35 pm | The Volt-Bolt: UnDisruptable27 & The work to be done over the next 18 months Josh Corman, Institute for Security and Technology (IST) |
| 2:05 pm | No Sector is an Island Andrew Krapf, Loudoun Water |
| 2:35 pm | Military Mobility Depends on Secure Critical Infrastructure Mark Montgomery, Center on Cyber and Technology Innovation, Foundation for Defense of Democracies |
| 3:05 pm | Individual and Regional Healthcare Impacts of Cyberattack Natalie Sullivan, George Washington University |
| 3:35 pm | Securing America’s Water Systems: Engineering-Based Approaches to Cyber Resilience Gus Serino, I&C Secure, Inc |
| 5:00 pm – 7:00 pm | Reception The City Club, 555 13th St NW, Washington, DC 20004. |
All times listed are in Eastern Time.
Friday, June 13
| 9:00 am | Networking and coffee |
| 10:00 am | What’s the worst that could happen? Cyber Consequence Analysis for Critical Infrastructure Virginia Wright, Idaho National Laboratory (INL) |
| 10:30 am | Critical Infrastructure Security as a Key Enabler for Resilience Critical Infrastructure by definition is deemed important for a Nation. Like with other aspects (hurricanes, earthquakes etc.) that pose a significant risk to Critical Infrastructure, gaps in OT Security can lead to cutting off access to key resources such as Power, Water or Oil, even possibly unacceptable loss of life & property. However, a systematic approach to addressing those gaps would enable resilience, and reduce the severity of the impacts even if other nation-states are waging an active cyber-campaign. This presentation focuses on the low hanging fruit (best practices for reducing risk as well as decreasing impact) to address and resolve the major gaps in OT Security. Vivek Ponnada, Frenos |
| 11:00 am | Securing Rural America: Supporting Electric Cooperatives of all Sizes The National Rural Electric Cooperative Association (NRECA) supports electric co-ops of all sizes and varying cybersecurity maturity. NRECA’s cybersecurity program works to implement programs that support each of these co-ops with their unique requirements. Project Guardian, NRECA’s Co-op Cyber Goals, and other initiatives are just some of the ways NRECA meets co-ops where they are to support their cybersecurity programs. This talk will discuss the cutting-edge ways NRECA is delivering for its members. Adrian McNamara, National Rural Electric Cooperative Association |
| 11:30 am | Understanding Today’s Cyber Threat Landscape FBI Intelligence Analyst Gabrielle Ma will provide an overview of the current, increasingly complex cyber threat landscape facing a variety of critical infrastructure sectors. She will also discuss the importance of information sharing and partnering in securing operational technology and building resilience. |
| 12:00 pm | Lunch |
All times listed are in Eastern Time.
Track III: Tactical Mastery
Also known as the Beer-ISAC, this featured series of half-hour individual sessions is dedicated to peer-to-peer information sharing.
Thursday, June 12
9:00 am | Networking and coffee |
10:00 am | Secure By Default: Closing the Loop |
10:30 am | Impact-Centric Cyber Resilience Quantification (CRQ): Estimating Cyber-Physical Damage at Scale |
11:00 am | Stop Applying IT Fixes to OT Problems: The OT Security Wake-up Call |
11:30 am | Crown Jewels Analysis for Control Systems |
12:00 pm | Lunch |
1:15 pm | Blowing up gas stations for fun and profitSince the war(s) broke loose last year, a lot has been said about cyberwarfare, attacks on critical infrastructure, ICS/OT vulnerabilities, you name it. In this talk, we are going to talk about a specific set of ICS: Automated Tank Gauging (ATG) systems. These systems control the safe storage and management of fuel in critical infrastructures like gas stations, military bases, airports and hospitals. We will discuss multiple (10) zero-day vulnerabilities that expose these systems to catastrophic risks, from environmental hazards to significant economic losses. Despite past warnings, thousands of ATG systems remain online, unprotected, and vulnerable to exploitation. This track will talk about past ATG research, the new vulnerabilities found and their technical details, demonstrating how they can be exploited to gain unauthorized control over ATG systems. In the end, we will dive into our quest to cause physical damage remotely, in hopes of blowing up (our) gas station.
|
1:35 pm | Better Attack Surface Management: What Attackers See That You Don’t |
2:05 pm | Defending the Digital Core: Cyber Ranges and the Future of Operational Technology Security |
2:35 pm | Bridging the Gap: ICS Cybersecurity Awareness and Public Education |
3:05 pm | Resilience Now: Translating How Different Sectors Mitigate the Risk of Legacy Infrastructure |
3:35 pm | Hunting the Intruder: Detecting and Mitigating Rogue Master Devices in ICS |
5:00 pm –7:00 pm | ReceptionThe City Club, 555 13th St NW, Washington, DC 20004. |
All times listed are in Eastern Time.
Friday, June 13
| 9:00 am | Networking and coffee |
| 10:00 am | Cyber-Physical Digital Twins for Intrusion Detection This presentation will provide an update on ongoing research on digital twins (DTs) for better cyber intrusion detection. DTs are detailed physics-based models of real systems, enhanced with historical data to improve accuracy. They predict equipment failures, optimize performance, and analyze new conditions. By adding data layers from control systems and cyber-communications interactions, these enhanced DTs offer insights into equipment responses to control signals. Creating an attack library and comparing it with DT responses helps cyber defenders quickly identify potential attacks. Jason Hollern, Electric Power Research Institute (EPRI) |
| 10:30 am | Operationalizing MITRE EMB3D: Threat Modeling to Create and Acquire Secure-by-Design Devices How can threat modelling be used to make more secure device acquisition decisions, build more secure devices, and conduct and communicate research findings? In this talk we will explore how MITRE EMB3D, recently updated to include technical Mitigations, is being used by security practitioners across multiple sectors to better secure the embedded device and operational ecosystems. Jack Cyprus, MITRE and Wyatt Ford, Red Balloon Security |
| 12:00 pm | Lunch |
All times listed are in Eastern Time.
