5th annual Industrial Control Cyber Security Europe Summit

Recent APT attacks affecting multiple sectors through a common attack surface have driven home the lesson that no matter how well we think we have secured our perimeters, our information and systems may still be vulnerable to attack through 3rd party systems with weak security controls. Individually we may all be resilient, but collectively we are not. As critical infrastructure relies more heavily on interconnectivity to function efficiently our mindset needs to evolve to consider cyber-vulnerability not as an individual, but a collective problem. Managing 3rd party risk runs deeper than many imagine and opens fundamental questions around the way we go about the business of building security into our systems and products. We can’t have a 360 degree view of supply chain security, but how can we move towards developing the trust and mechanisms to better support a collaborative approach to security with our suppliers, partners and interrelated sectors?

• Nothing can be achieved in isolation – What are the barriers to meaningful collaboration between regulators, asset owners, integrators and vendors on mitigating cyber risk?
• Do all parties concerned have a voice, and is it listened to?
• Where might we be doubling our efforts and how can we streamline?
• What work needs to be done around liability and mediation?
• How are we faring with efforts to collaborate across the supply chain to develop fit for purpose standards regimes, audit compliance check lists and conformity assessments?

• What does the current active threat landscape look like?
• Are we seeing evolutions or adaptations of Triton?
• Recommendations on simple methods to be identify and mitigate threats to safety systems

As businesses efficiency drivers have increased the need to gain better visibility of operational processes, the convergence of IT and OT has quickly become imperative and raised serious challenges. When it comes to security, we are no longer able to think of OT environments as distinct and separate from enterprise IT networks. We must however continue to appreciate that their uniqueness to make them secure without compromising operational efficiency and safety. With fundamental differences in both mindset and process in IT and OT, what are the pain points and what have been hallmarks of successful convergence projects that have overcome them?

• What lessons have been learned so far in implementing UK NIS Regulations?
• What key challenges lie ahead both for OESs and CAs?
• How are different CAs engaging with OESs and what can we expect from more prescriptive approaches vs those favouring self-regulation?
•  How are the CAs supporting OESs with Incident Reporting, major incident management, and Information sharing?
•  How can we get a clearer view on cross-jurisdictional and cross-sector requirements?
•  What help is needed (by whom, from whom, and by when), to make NIS work?
•  How can operators seek support?

• It goes without saying that we cannot design a holistic defence without full visibility of the assets on our ICS network and how they are connected, but do we have it?
• Are we getting a clearly defined picture of the threat or are we spending too much time chasing false positives?
• Are threat detection solutions taking a holistic approach to assessing risk, identifying complete characteristics of complex threats and escalating appropriately?
• How is machine learning impacting our ability to respond to multiple complex threats and what are the limitations?