Loading…
Attending this event?
5th Annual Industrial Control Cyber Security Europe Summit. London Marriott Hotel Regents Park London, England | October 9/10th 2018IOT/OT Security, Threat Detection and Mitigating the Impact on Safety CasesSectors Represented include Smart Grid, Nuclear, Oil and Gas, Rail, Maritime, Aviation, Chemical and more to be announced!
View analytic

Log in to bookmark your favorites and sync them to your phone or calendar.

Tuesday, October 9
 

9:00am

Welcome from the Cyber Senate Founder, James Nesbitt
Tuesday October 9, 2018 9:00am - 9:10am
TBA

9:10am

Introduction from our Top Table
Speakers
avatar for Chris Blask

Chris Blask

Director, Industrial Control Systems Security, Unisys and the US ICS ISAC
Chris Blask has been involved in the industrial control system and information security industries for more than twenty five years.Mr. Blask’s career spans the breadth of the cybersecurity spectrum. He invented one of the first commercial firewall products, built a multi-billion... Read More →
avatar for Marty Edwards

Marty Edwards

Managing Director. Former Director of the U.S. Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team, Automation Federation
Marty Edwards, a globally recognized industrial control systems cybersecurity expert and speaker, serves as Managing Director of the Automation Federation. (www.automationfederation.org) The Automation Federation—an association of non-profit member organizations—is dedicated to... Read More →
avatar for Tim Roxey

Tim Roxey

Chief Security Officer (Interim) and Chief Special Operations Officer, NERC
Tim Roxey is presently the Chief Cyber Security Officer for the North American Electric Reliability Corporation (NERC).Previously Mr. Roxey was the Deputy Chair for the Nuclear Sector Coordinating Council and also the Technical Assistant to the Vice Chair for Constellation Energy.Mr... Read More →


Tuesday October 9, 2018 9:10am - 9:20am
TBA

9:20am

Keynote Presentation: “Think like a hacker, but act like an engineer”
It is often advantageous to think like an attacker in order to find weaknesses in systems, but that doesn’t mean we should give up on following sound engineering and maintenance practices when designing, operating and maintaining cyber systems.  Learn how companies are starting to apply principles adopted from safety analysis, as well as emerging concepts such as “cyber informed” or “consequence driven” engineering.
  • Identify devices and components that facilitate risk, determine critical functions and high-consequence events then prioritise what cannot fail based on the consequences
  • Think like an attacker to illuminate specific, detailed attack paths, access, information and action to have an effect and highlight system vulnerabilities in networks and the supply chain
  • Engineer out the prioritised cyber-risk with controls, tripwires, mitigations and backstops to interrupt high-consequence risk
  • The importance of collective resilience, collaboration and information sharing to combat high-consequence risk across the supply chain
  • It is often advantageous to think like an attacker in order to find weaknesses in systems, but that doesn’t mean we should give up on following sound engineering and maintenance practices when designing, operating and maintaining cyber systems.  Learn how companies are starting to apply principles adopted from safety analysis, as well as emerging concepts such as “cyber informed” or “consequence driven” engineering.
    • Identify devices and components that facilitate risk, determine critical functions and high-consequence events then prioritise what cannot fail based on the consequences
    • Think like an attacker to illuminate specific, detailed attack paths, access, information and action to have an effect and highlight system vulnerabilities in networks and the supply chain
    • Engineer out the prioritised cyber-risk with controls, tripwires, mitigations and backstops to interrupt high-consequence risk


Speakers
avatar for Marty Edwards

Marty Edwards

Managing Director. Former Director of the U.S. Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team, Automation Federation
Marty Edwards, a globally recognized industrial control systems cybersecurity expert and speaker, serves as Managing Director of the Automation Federation. (www.automationfederation.org) The Automation Federation—an association of non-profit member organizations—is dedicated to... Read More →


Tuesday October 9, 2018 9:20am - 9:50am
TBA

9:50am

Beyond the Attacks – What Teachings can be Learned from Various Attacks that help Inform Advanced Defences?
  • From the simple first Ukraine attack, to the following years’ second attack, to an unrelated MENA attack, what can be learned of the broader strategic implications of these three attacks.  Are they connected, or can they be? A conjecture
  • By looking at attacks and questioning the various Why’s, not necessarily the what happened or the how it happened, a picture emerges of an adversary looking to create instabilities by utilizing many attributes of conflict. Physical, cyber, media, disinformation, all play a part in these engagements
  • When the Whys are looked at the closely coupled complex attacks can begin to be understood. This is the arena where targets can be chosen, and impacts dialled up to levels of interest by an adversary

Speakers
avatar for Tim Roxey

Tim Roxey

Chief Security Officer (Interim) and Chief Special Operations Officer, NERC
Tim Roxey is presently the Chief Cyber Security Officer for the North American Electric Reliability Corporation (NERC).Previously Mr. Roxey was the Deputy Chair for the Nuclear Sector Coordinating Council and also the Technical Assistant to the Vice Chair for Constellation Energy.Mr... Read More →


Tuesday October 9, 2018 9:50am - 10:20am
TBA

10:20am

Networking Break
Tuesday October 9, 2018 10:20am - 10:50am
TBA

10:50am

Discussion Session: Advanced 3rd Party Risk Management – Developing Trust Across the Supply Chain
Recent APT attacks affecting multiple sectors through a common attack surface have driven home the lesson that no matter how well we think we have secured our perimeters, our information and systems may still be vulnerable to attack through 3rd party systems with weak security controls. Individually we may all be resilient, but collectively we are not. As critical infrastructure relies more heavily on interconnectivity to function efficiently our mindset needs to evolve to consider cyber-vulnerability not as an individual, but a collective problem. Managing 3rd party risk runs deeper than many imagine and opens fundamental questions around the way we go about the business of building security into our systems and products. We can’t have a 360 degree view of supply chain security, but how can we move towards developing the trust and mechanisms to better support a collaborative approach to security with our suppliers, partners and interrelated sectors?
  • Nothing can be achieved in isolation – What are the barriers to meaningful collaboration between regulators, asset owners, integrators and vendors on mitigating cyber risk?
  • Do all parties concerned have a voice, and is it listened to?
  • Where might we be doubling our efforts and how can we streamline?
  • What work needs to be done around liability and mediation?
  • How are we faring with efforts to collaborate across the supply chain to develop fit for purpose standards regimes, audit compliance check lists and conformity assessments?

Speakers
avatar for Mo Ahddoud

Mo Ahddoud

Chief Information Security Officer, SGN
Mo Ahddoud is a security expert who is currently serving as the Chief Information Security Officer at SGN, which manages and operates over 74,000 km of gas mains and services in Scotland and the south of England. Prior to coming to SGN, Mo acted as the International IT Security Lead... Read More →
avatar for Marty Edwards

Marty Edwards

Managing Director. Former Director of the U.S. Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team, Automation Federation
Marty Edwards, a globally recognized industrial control systems cybersecurity expert and speaker, serves as Managing Director of the Automation Federation. (www.automationfederation.org) The Automation Federation—an association of non-profit member organizations—is dedicated to... Read More →
avatar for Dave Weinstein

Dave Weinstein

VP of Threat Research, Claroty
Dave Weinstein is the VP of Threat Research at Claroty. Prior to joining Claroty, Dave was the Chief Technology Officer of New Jersey. He began his career as an operations planner at U.S. Cyber Command, where he served for three years. Dave holds a Bachelor's degree from Johns Hopkins... Read More →


Tuesday October 9, 2018 10:50am - 11:20am
TBA

11:20am

Detecting Industrial Network Anomalies without the Risk of Disruption
Many asset owners have seen firsthand that becoming proactive about cyber protection for industrial systems in their plants is becoming a requirement. Yet at the same time, production processes cannot be disrupted, even for reducing cybersecurity risk in some cases. Key security controls that can address high risk areas such as secure remote access for employees and third party vendors/supply chain partners, and continuous monitoring of plant assets for threats and vulnerabilities are essential to deter cyber threats which can disrupt process controls and production.

In this session, Dave Weinstein, Claroty VP of Threat Research shares use cases from the field that demonstrate “zero-impact” deep packet inspection to precisely profile and dissect communications between assets in complex and sensitive industrial networks which can often indicate hidden cyber risks.

These passive techniques can identify misconfigurations, vulnerabilities, and anomalies plus provide operational security gaps and context so that plants can now have visibility into what’s happening and what to do about it without downtime, manual labor or having to become industrial cybersecurity experts overnight.

Speakers
avatar for Dave Weinstein

Dave Weinstein

VP of Threat Research, Claroty
Dave Weinstein is the VP of Threat Research at Claroty. Prior to joining Claroty, Dave was the Chief Technology Officer of New Jersey. He began his career as an operations planner at U.S. Cyber Command, where he served for three years. Dave holds a Bachelor's degree from Johns Hopkins... Read More →


Tuesday October 9, 2018 11:20am - 11:50am
TBA

11:50am

Debunking Security Control Myths
  • No single control will solve any problem entirely on its own
  • Why Patching Isn’t THAT Important
  • Is tech companies’ marketing winning mindshare over logic and fact?
  • Network discovery tools won’t solve your compliance & inventory needs

Speakers
avatar for Eric Knapp

Eric Knapp

Chief Engineer and Global Director of Solutions and Technology, Honeywell
Eric D. Knapp (@ericdknapp) is Global Director of Cyber Security Solutions and Chief Cyber Security Engineer for Honeywell Process Solutions.  Eric is a recognized expert in industrial control systems cyber security. He is the author of “Industrial Network Security: Securing Critical... Read More →


Tuesday October 9, 2018 11:50am - 12:20pm
TBA

12:20pm

Discussion Session: The Evolving Risk to Safety Systems
  • What does the current active threat landscape look like?
  • Are we seeing evolutions or adaptations of Triton?
  • Recommendations on simple methods to be identify and mitigate threats to safety systems

Speakers
avatar for Cavus Batki

Cavus Batki

Design Authority Cyber Security Specialist, EDF Nuclear New Build
Cavus is the Design Authority cyber security specialist for EDF Nuclear New Build, responsible for ensuring that the cyber security risks to OT systems are understood, managed and accepted. Cavus previously worked as a security consultant for BAE Systems. His experience includes OT... Read More →
avatar for Andrea Carcano

Andrea Carcano

CPO and Co-founder, Nozomi Networks
Andrea Carcano is an expert in industrial network security, artificial intelligence and machine learning, and has published a number of academic papers on the subject. His passion for cybersecurity and solving the unique challenges around ICS became the focus of his PhD in Comp... Read More →
avatar for Tim Roxey

Tim Roxey

Chief Security Officer (Interim) and Chief Special Operations Officer, NERC
Tim Roxey is presently the Chief Cyber Security Officer for the North American Electric Reliability Corporation (NERC).Previously Mr. Roxey was the Deputy Chair for the Nuclear Sector Coordinating Council and also the Technical Assistant to the Vice Chair for Constellation Energy.Mr... Read More →


Tuesday October 9, 2018 12:20pm - 12:50pm
TBA

12:50pm

Networking Lunch
Tuesday October 9, 2018 12:50pm - 1:50pm
TBA

1:50pm

Why a Focus on Recovery Improves Cyber Security Maturity
·        Understanding that recovery is much more than developing incident response plans and procedures

·        Taking a business approach to understand key business processes, operational impacts and systems

·        Developing an adaptive capability to respond to cyber threats and move the risk needle



Speakers
avatar for Rob Hayes

Rob Hayes

Lead for Cyber Security and Resilience of Operational Technology (OT), Critical National Infrastructure and Large Industrials, Deloitte
Rob is the lead for cyber security and resilience of operational technology (OT), critical national infrastructure and large industrials. He has an international engineering and consulting background with over 20 years’ experience in OT cyber security and industrial digital transformation... Read More →


Tuesday October 9, 2018 1:50pm - 2:20pm
TBA

2:20pm

Manufacturing Case Study: DCS Cyber Security Implementation Programme



Speakers
avatar for Martin Fabry

Martin Fabry

OT CISO, Multinational Manufacturing Company
Martin (CISSP, GICSP,CISA, CSSA) is a cyber-security consultant with almost 20 years of world-wide experience in the IT industry. Over the last 5 years, his main focus is OT cyber security consulting, project & programme leadership management and helping customers to assess their... Read More →


Tuesday October 9, 2018 2:20pm - 2:40pm
TBA

2:40pm

Rail Case Study: An attackers-eye view of an Operating Station
What are the weaknesses that an attacker is most likely to exploit and how do you turn them into easy wins for increasing resilience?

Speakers
avatar for Christian Schlehuber

Christian Schlehuber

Cyber Security Team Leader, DB Netz
Christian Schlehuber studied informatics and IT-Security at the TU Darmstadt with a specialization in critical infrastructures. After receiving his master degree he started to research at the Security Engineering Group of TU Darmstadt on the topic Critical Infrastructure Protection... Read More →


Tuesday October 9, 2018 2:40pm - 3:00pm
TBA

3:00pm

Utility Case Study: Securing ICS at DWR Cymru
  • Delivering operational availability in a secure manner
  • Overcoming IT/OT convergence challenges
  • Developing an internal working group to develop standards
  • 3rd party standards management

Speakers
avatar for Thomas Murtagh

Thomas Murtagh

Technical Information Security Officer, DWR Cymru
Thomas is currently part of the Welsh Water InfoSec team with a focus on enhancing and improving security of the Operational Technology area. Prior to his current role, he has held positions of Senior Systems Security Engineer at a defence company delivering tactical communications... Read More →


Tuesday October 9, 2018 3:00pm - 3:20pm
TBA

3:20pm

Networking Break
Tuesday October 9, 2018 3:20pm - 3:50pm
TBA

3:50pm

Results from Analyzing Real-World ICS Malware in an ICS Network Sandbox
TRITON and CrashOverride showed us the potential of autonomous, purpose-built malware that enumerates and subsequently hijacks ICS devices using their native protocols. What if we could detonate ICS-specific malware in an "ICS Network Sandbox" that detects and analyzes purpose-built ICS malware before it even gets deployed? Current malware sandboxing technologies are designed for IT protocols and devices rather than OT protocols and devices; as a result, ICS-specific malware such as TRITON is undetected because IT malware sandboxes are unable to flag ICS-specific activities such as OPC scanning, overwriting of PLC configuration files, calls to ICS-specific libraries and ports, etc. CyberX's research team has built ICS-aware malware analysis sandbox that simulates a complete ICS execution environment in a virtual or offline state, and also instruments the execution environment to detect ICS-specific behavior. During this session, we'll describe the results of analyzing known ICS malware (Stuxnet, Industroyer, TRITON)  in the sandbox as well as data we've collected about the prevalence of ICS-specific malware "in the wild." Attendees will learn about ICS malware characteristics and ICS attack vectors so they can be better prepared to detect and respond to ICS security incidents in the future.


Speakers
avatar for Phil Neray

Phil Neray

VP of Industrial Cybersecurity, CyberX
Bio Coming Soon


Tuesday October 9, 2018 3:50pm - 4:20pm
TBA

4:20pm

Simplifying SCADA Environments with Migration to the Cloud
The increase in complexity of operational technology control systems has highlighted a growing skills gap and security concerns around the increased connectivity of industrial systems has fundamentally shifted the approach needed to OT cybersecurity. The bid to reduce costs often results in a trade-off between increased operational capabilities and security, and it has become essential to find solutions that can help to address this problem at speed and at scale. Moving to cloud-based SCADA systems can, in some cases, dramatically decrease complexity, present significant opportunities to reduce capital expenditure and improve control capabilities. This presentation will discuss some of the key considerations in embarking on cloud migration and provide lessons learned from doing so.
  • Eliminating capital expenditure on control and backup centres and the need for dedicated SCADA teams
  • How cloud solutions can help in effectively creating a green field environment in which to automate
  • How we have ensured effective collaboration with key vendors to securely and cost-effectively migrate our OT environment to the cloud
  • Is scepticism around security and reliability of cloud solutions for industrial applications justified and what are the limitations?

Speakers
avatar for Mo Ahddoud

Mo Ahddoud

Chief Information Security Officer, SGN
Mo Ahddoud is a security expert who is currently serving as the Chief Information Security Officer at SGN, which manages and operates over 74,000 km of gas mains and services in Scotland and the south of England. Prior to coming to SGN, Mo acted as the International IT Security Lead... Read More →


Tuesday October 9, 2018 4:20pm - 4:50pm
TBA

4:50pm

Discussion Session: A strategic Approach to IT and OT Convergence – What are the key Elements to Success?
As businesses efficiency drivers have increased the need to gain better visibility of operational processes, the convergence of IT and OT has quickly become imperative and raised serious challenges. When it comes to security, we are no longer able to think of OT environments as distinct and separate from enterprise IT networks. We must however continue to appreciate that their uniqueness to make them secure without compromising operational efficiency and safety. With fundamental differences in both mindset and process in IT and OT, what are the pain points and what have been hallmarks of successful convergence projects that have overcome them?
  • Confidentiality, Integrity and Availability vs Safety, Reliability and Productivity
  • Building an orchestrated platform with best of breed IT security tools fully supported and tested by ICS Engineers
  • The importance of taking a scaled approach
  • Integration across OEM platforms
  • IT/OT pairing on projects
  • Overcoming complexity

Speakers
avatar for Martin Fabry

Martin Fabry

OT CISO, Multinational Manufacturing Company
Martin (CISSP, GICSP,CISA, CSSA) is a cyber-security consultant with almost 20 years of world-wide experience in the IT industry. Over the last 5 years, his main focus is OT cyber security consulting, project & programme leadership management and helping customers to assess their... Read More →
avatar for Mo Javadi

Mo Javadi

Director of Engineering, Lagoni Engineering
Mo Javadi is the Director of Engineering at Lagoni, a growing engineering consultancy firm providing multidisciplinary engineering with a particular focus on technical safety and cyber security within brownfield, high risk and complex environments. | Mo has over 10 years of international... Read More →
avatar for Ben Kaintoch

Ben Kaintoch

Regional Sales Director, SecurityMatters
Ben is EMEA Sales Director for Security matters. With over 10 years of ICS cyber security experience working across domains for the likes of Industrial Defender, L3 and SANS he has seen the major transformations in the industry from products, services and training giving him great... Read More →


Tuesday October 9, 2018 4:50pm - 5:20pm
TBA

5:30pm

 
Wednesday, October 10
 

8:00am

NIS Directive - Cyber Assessment Framework
  • Requirements of Competent Authorities (CAs) to have the ability to assess the cyber security of Operators of Essential Services (OES)
  • Working with lead government departments, regulators and industry to develop a systematic method of assessing the extent to which an organisation is adequately managing cyber security risks in relation to the delivery of essential services
  • Understanding Assessment methods and the  Cyber Assessment Framework (CAF) 

Speakers
avatar for Phil Litherland

Phil Litherland

Principal Consultant Critical National Infrastructure, Context Information Security
Phil is a member of the Advisory team within Context Information Security, where his focus is to identify and provide requisite cyber security & information assurance advice, & technical support and practical guidance to client organisations across Critical National Infrastructure... Read More →
avatar for Rob Orr

Rob Orr

Cyber Security Risk Consultant - CNI, Context Information Security
Rob is Context Information Security’s joint lead for consultancy support to Critical National Infrastructure (CNI) organisations and Operators of Essential Services (OES). His current focus is mainly on the transport sector.  Rob has extensive experience advising clients on cyber... Read More →


Wednesday October 10, 2018 8:00am - 9:00am
TBA

9:00am

Welcome back from the Cyber Senate
Wednesday October 10, 2018 9:00am - 9:10am
TBA

9:10am

Industrial Control System Security- Enabling Business with Digital Infrastructure
  • The World is Changing for Industrial Enterprises
  • There Will Be Winners and Losers
  • Cryptographic Zoning
  • ISA99 Architecture
  • Plan to Embrace ---Digital Innovation

Speakers
avatar for Chris Blask

Chris Blask

Director, Industrial Control Systems Security, Unisys and the US ICS ISAC
Chris Blask has been involved in the industrial control system and information security industries for more than twenty five years.Mr. Blask’s career spans the breadth of the cybersecurity spectrum. He invented one of the first commercial firewall products, built a multi-billion... Read More →


Wednesday October 10, 2018 9:10am - 9:40am
TBA

9:40am

MAERSK Presentation details to follow
More information to follow

Speakers
avatar for Andy Powell

Andy Powell

CISO, A.P. Moller - Maersk
Bio to follow shortly


Wednesday October 10, 2018 9:40am - 10:10am
TBA

10:10am

Building Cyber Security in an OT Environment – Lessons Learned
  • Real-world experiences of the journey from obscurity towards maturity
  • What are the practical challenges we face and the pragmatic solutions we use?
  • How we make the most out of what we have

Speakers
avatar for Steve Trippier

Steve Trippier

Chief Information Security Officer (CISO), Anglian Water Services
Steve is currently Group Chief Information Security Officer at Anglian Water where he is accountable for ‘all things cyber’ which includes developing and delivering the vision, strategy, security programme and sec-ops across the organisation. His remit includes traditional IT... Read More →


Wednesday October 10, 2018 10:10am - 10:40am
TBA

10:40am

Networking Coffee Break
Wednesday October 10, 2018 10:40am - 11:10am
TBA

11:10am

Securing Level 1 Devices: A Practitioners’ View
Hinkley Point C is the first UK nuclear plant in a generation. Our focus is to maintain safety by protecting the level 1 automation systems (PLCs). However, most ICS security measures focus on protecting the PC-based level 2 and level 3 systems connected to them. This presentation will discuss one view on the direct threat to level 1 systems, and how they can be hardened.

Speakers
avatar for Cavus Batki

Cavus Batki

Design Authority Cyber Security Specialist, EDF Nuclear New Build
Cavus is the Design Authority cyber security specialist for EDF Nuclear New Build, responsible for ensuring that the cyber security risks to OT systems are understood, managed and accepted. Cavus previously worked as a security consultant for BAE Systems. His experience includes OT... Read More →


Wednesday October 10, 2018 11:10am - 11:40am
TBA

11:40am

Discussion Session: Do we Know what is on our Network? Are we Getting any Better at Threat Detection?
(Panellists to be announced)

  • It goes without saying that we cannot design a holistic defence without full visibility of the assets on our ICS network and how they are connected, but do we have it?
  • Are we getting a clearly defined picture of the threat or are we spending too much time chasing false positives?
  • Are threat detection solutions taking a holistic approach to assessing risk, identifying complete characteristics of complex threats and escalating appropriately?
  • How is machine learning impacting our ability to respond to multiple complex threats and what are the limitations?

Speakers
avatar for Eric Knapp

Eric Knapp

Chief Engineer and Global Director of Solutions and Technology, Honeywell
Eric D. Knapp (@ericdknapp) is Global Director of Cyber Security Solutions and Chief Cyber Security Engineer for Honeywell Process Solutions.  Eric is a recognized expert in industrial control systems cyber security. He is the author of “Industrial Network Security: Securing Critical... Read More →
avatar for Prof Prashant Pillai

Prof Prashant Pillai

Director, Professor of Cyber Security, Wolverhampton Cyber Research Institute
Prof Prashant Pillai has over 15 years of research experience and specializes in the area of Communication protocols and Cyber Security. He is currently the Director of the Wolverhampton Cyber Research Institute. The Institute comprises of over 20 academic staff with research carried... Read More →

Panellist
avatar for Geir Arild Engh-Hellesvik

Geir Arild Engh-Hellesvik

CISO, NSB Group
Information Security and Privacy Specialist.Operational security, incident handling and related management processes. What are the critical assets, how are they vulnerable and how to deal with incidents.Analysis of operational implications/consequences of strategy, laws and regulations... Read More →


Wednesday October 10, 2018 11:40am - 12:10pm
TBA

12:10pm

Case Study: Implementing AI and Machine Learning to Support Real-time Monitoring and Decision-making
  • How much of a challenge has overlaying AI on legacy systems presented and what solutions were deployed to overcome it?
  • How has SCADA and ICS Cybersecurity expertise been leveraged to design a system that allows machine-learning algorithms to view and interpret data in the right way?
  • How has the use of AI driven speed, scale and accuracy in anomaly detection and response and how has this translated into tangible benefit?
  • What limitations have been identified in the capabilities of AI to provide a consistent and accurate picture of OT security and where is work needed to provide the framework for more advanced applications?

Speakers
avatar for Sam Alderman-Miller

Sam Alderman-Miller

Director, Darktrace Industrial
Sam Alderman-Miller joined Darktrace in 2015 and began providing cybersecurity solutions for IT and OT environments, before joining the founding team at Darktrace Industrial in 2017. At Darktrace Industrial, Sam is a Director, working with our most high profile industrial clients... Read More →


Wednesday October 10, 2018 12:10pm - 12:40pm
TBA

12:40pm

Networking Lunch
Wednesday October 10, 2018 12:40pm - 1:40pm
TBA

1:40pm

Securing Future Railways
  • What do we mean by a “modern” digital system?
  • Threat –Who (or what...) is “attacking” our modern systems?
  • Vulnerability –How does malware enter our systems?
  • Probability –How worried should we be as industry?
  • Impact –What is the worst that can happen?
  • Risk –How do we pragmatically protect ourselves?

Speakers
avatar for Vish Kalsapura

Vish Kalsapura

Principal Engineer Digital Railway, Network Rail Digital Railway
Vish has more than 25 years’ experience in overseeing technology programs and possess an in-depth understanding of emerging technologies and their commercial applications in Railway, Engineering and Defence sectors. He is a control systems expert and has worked on signalling and... Read More →


Wednesday October 10, 2018 1:40pm - 2:10pm
TBA

2:10pm

Developing a Common Language for IACS Cybersecurity Harmonization with ISA/IEC 62443
  • An overview of the ISA/IEC 62443 family of standards
  • Understanding the IACS life-cycle context to clearly define the responsibilities of product suppliers, systems integrators and asset owners
  • Establishing commonality of vocabulary, concepts and models to facilitate meaningful conversation

Speakers
avatar for Andre Ristaino

Andre Ristaino

Managing Director, ISA Security Compliance Institute
Andre Ristaino is managing director of the ISA Automation Standards Compliance Institute (ASCI) based in Research Triangle Park, N.C. He provides staff leadership for ISA’s conformance certification programs, including the ISASecure IACS certification program managed under the ISCI... Read More →


Wednesday October 10, 2018 2:10pm - 2:40pm
TBA

2:40pm

Creating an International Framework for Industry-Driven ISA/IEC 62443 Conformity Assessment (CA)
  • Understanding 3rd party testing and certification mechanisms
  • Developing CA in line with market needs of individual sectors
  • The value of peer led interpretation and CA

Speakers
avatar for Eyal Adar

Eyal Adar

IEC Expert, IEC
Eyal Adar is an IT/OT cybersecurity specialist. With a strong record of 30+ year of integrating: strategic and technical consulting, research, solution development and International Standardization.·        Eyal is a member of IEC (International Electrotechnical Commission) CAB... Read More →
avatar for Didier Giarratano

Didier Giarratano

IEC Expert, IEC
avatar for David Hanlon

David Hanlon

Secretary of the IEC Conformity Assessment Board, IEC
In his current role as Secretary of the IEC Conformity Assessment Board, based in Geneva Switzerland, David liaises with many international organizations and presents at international events on various topics including cybersecurity. David holds a Bachelor in Electrical Engineering from... Read More →


Wednesday October 10, 2018 2:40pm - 3:10pm
TBA

3:10pm

Networking Coffee Break
Wednesday October 10, 2018 3:10pm - 3:40pm
TBA

3:40pm

Working Group Break-out Sessions
How can Asset Owners Transform their Mindset to Become Security Focused?
- To what extent is security an afterthought to operational availability?
- Does security interfere or compete with operations?
- The importance of a holistic understanding of security at different organisational levels
-  What are the steps that can be taken to make meaningful progress towards adopting a security minded approach?
- How will security impact work practices, user behavior, and user attitudes?
Why Configuration Management Strategy is Essential to Security
- Secure out of the box is a myth
- Understanding that user capability is essential to security and acting accordingly
- What essential steps need to be taken to effectively manage accounts, administrators and patching to ensure our systems are secure
- How much configuration is necessary to customize security features for a site?
- How does the asset owner know what needs to be configured and what values are necessary?
Implementing Security Standards within the Constraints of an Operational Technology Environment - Where Should we start?
-        What are the main areas of incompatibility in operational technology with cyber security standards?
-        How can we take a risk-based approach to knowing when prioritise operational capability over security?
-        What backstops are appropriate where traditional IT security tools are not fit for purpose?
-        How do we then provide adequate assurance and certificate?
Are we on the right trajectory to develop a framework for secure and efficient ICS technology?
- What is the current state of ICS security and what are the fundamental challenges we face in the immediate and near-term future?
- How well are we developing standards that govern the balance of interoperability and diversity required of ICS technology to achieve operational excellence and security?
- Where should we draw the lines between transparency and privacy to optimise our resilience to risk?
- What steps do we need to take to defend the future?
What measures need to be taken to address the inadequacy of the resource stream at entry and mid-career level?
- What is currently in place to incentivize relevant skills development?
- Where are we lacking the necessary infrastructure to develop short, medium and long-term skills development in both the public and private sectors?
- What does a fit for purpose training and development standard look like?
- What objectives should be set and how can we sell the benefits of new initiatives?
What needs to be prioritised to move towards more effective collection, processing and escalation of information on threats?
- How well defined is the threshold at which private sector threat information should be escalated to government authorities, and can we agree first on what should and must be shared?
- How does GDPR influence our ability to effectively process and communicate information on an incident?
- What do the mechanics of an effective information sharing infrastructure look like?
- To what extent do we have the national and transnational infrastructure in place to facilitate effective conversations?
How can the public sector better support a defined supply chain risk management strategy?
- What standards are currently available to define configuration management requirements across the supply chain?
- Do we need further regulation to attribute accountability, or can the market successfully self-regulate?
- What are the key points we need to address to reach agreement between public and private entities on a functional process to address supply chain risk?
- How do we move forward with measures to better facilitate supply chain management in partnership?


Speakers
avatar for Eyal Adar

Eyal Adar

IEC Expert, IEC
Eyal Adar is an IT/OT cybersecurity specialist. With a strong record of 30+ year of integrating: strategic and technical consulting, research, solution development and International Standardization.·        Eyal is a member of IEC (International Electrotechnical Commission) CAB... Read More →
avatar for Marty Edwards

Marty Edwards

Managing Director. Former Director of the U.S. Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team, Automation Federation
Marty Edwards, a globally recognized industrial control systems cybersecurity expert and speaker, serves as Managing Director of the Automation Federation. (www.automationfederation.org) The Automation Federation—an association of non-profit member organizations—is dedicated to... Read More →
avatar for Didier Giarratano

Didier Giarratano

IEC Expert, IEC
avatar for David Hanlon

David Hanlon

Secretary of the IEC Conformity Assessment Board, IEC
In his current role as Secretary of the IEC Conformity Assessment Board, based in Geneva Switzerland, David liaises with many international organizations and presents at international events on various topics including cybersecurity. David holds a Bachelor in Electrical Engineering from... Read More →
avatar for Andre Ristaino

Andre Ristaino

Managing Director, ISA Security Compliance Institute
Andre Ristaino is managing director of the ISA Automation Standards Compliance Institute (ASCI) based in Research Triangle Park, N.C. He provides staff leadership for ISA’s conformance certification programs, including the ISASecure IACS certification program managed under the ISCI... Read More →
avatar for Tim Roxey

Tim Roxey

Chief Security Officer (Interim) and Chief Special Operations Officer, NERC
Tim Roxey is presently the Chief Cyber Security Officer for the North American Electric Reliability Corporation (NERC).Previously Mr. Roxey was the Deputy Chair for the Nuclear Sector Coordinating Council and also the Technical Assistant to the Vice Chair for Constellation Energy.Mr... Read More →


Wednesday October 10, 2018 3:40pm - 4:45pm
TBA

4:45pm

Working Group Outcomes
Our table leaders will present informally on the outcomes of these working groups, best practice and guidance. 

Speakers
avatar for Marty Edwards

Marty Edwards

Managing Director. Former Director of the U.S. Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team, Automation Federation
Marty Edwards, a globally recognized industrial control systems cybersecurity expert and speaker, serves as Managing Director of the Automation Federation. (www.automationfederation.org) The Automation Federation—an association of non-profit member organizations—is dedicated to... Read More →
avatar for Andre Ristaino

Andre Ristaino

Managing Director, ISA Security Compliance Institute
Andre Ristaino is managing director of the ISA Automation Standards Compliance Institute (ASCI) based in Research Triangle Park, N.C. He provides staff leadership for ISA’s conformance certification programs, including the ISASecure IACS certification program managed under the ISCI... Read More →
avatar for Tim Roxey

Tim Roxey

Chief Security Officer (Interim) and Chief Special Operations Officer, NERC
Tim Roxey is presently the Chief Cyber Security Officer for the North American Electric Reliability Corporation (NERC).Previously Mr. Roxey was the Deputy Chair for the Nuclear Sector Coordinating Council and also the Technical Assistant to the Vice Chair for Constellation Energy.Mr... Read More →


Wednesday October 10, 2018 4:45pm - 5:15pm
TBA

5:15pm

Wash Up and End of Conference
Wednesday October 10, 2018 5:15pm - 5:30pm
TBA
 

Twitter Feed