Loading…
5th Annual Industrial Control Cyber Security Europe Summit. London Marriott Hotel Regents Park London, England | October 9/10th 2018IOT/OT Security, Threat Detection and Mitigating the Impact on Safety CasesSectors Represented include Smart Grid, Nuclear, Oil and Gas, Rail, Maritime, Aviation, Chemical and more to be announced!

Log in to bookmark your favorites and sync them to your phone or calendar.

Presentation [clear filter]
Tuesday, October 9
 

9:20am

Keynote Presentation: “Think like a hacker, but act like an engineer”
It is often advantageous to think like an attacker in order to find weaknesses in systems, but that doesn’t mean we should give up on following sound engineering and maintenance practices when designing, operating and maintaining cyber systems.  Learn how companies are starting to apply principles adopted from safety analysis, as well as emerging concepts such as “cyber informed” or “consequence driven” engineering.
  • Identify devices and components that facilitate risk, determine critical functions and high-consequence events then prioritise what cannot fail based on the consequences
  • Think like an attacker to illuminate specific, detailed attack paths, access, information and action to have an effect and highlight system vulnerabilities in networks and the supply chain
  • Engineer out the prioritised cyber-risk with controls, tripwires, mitigations and backstops to interrupt high-consequence risk
  • The importance of collective resilience, collaboration and information sharing to combat high-consequence risk across the supply chain
  • It is often advantageous to think like an attacker in order to find weaknesses in systems, but that doesn’t mean we should give up on following sound engineering and maintenance practices when designing, operating and maintaining cyber systems.  Learn how companies are starting to apply principles adopted from safety analysis, as well as emerging concepts such as “cyber informed” or “consequence driven” engineering.
    • Identify devices and components that facilitate risk, determine critical functions and high-consequence events then prioritise what cannot fail based on the consequences
    • Think like an attacker to illuminate specific, detailed attack paths, access, information and action to have an effect and highlight system vulnerabilities in networks and the supply chain
    • Engineer out the prioritised cyber-risk with controls, tripwires, mitigations and backstops to interrupt high-consequence risk


Speakers
avatar for Marty Edwards

Marty Edwards

Director of Strategic Initiatives, International Society of Automation (ISA)
Marty Edwards is a globally recognized industrial automation and control systems (IACS) cybersecurity expert who collaborates with industry, government, and academia to raise awareness of the growing risks of industrial cybersecurity incidents and the need to take steps to mitigate... Read More →


Tuesday October 9, 2018 9:20am - 9:50am
TBA

9:50am

Beyond the Attacks – What Teachings can be Learned from Various Attacks that help Inform Advanced Defences?
  • From the simple first Ukraine attack, to the following years’ second attack, to an unrelated MENA attack, what can be learned of the broader strategic implications of these three attacks.  Are they connected, or can they be? A conjecture
  • By looking at attacks and questioning the various Why’s, not necessarily the what happened or the how it happened, a picture emerges of an adversary looking to create instabilities by utilizing many attributes of conflict. Physical, cyber, media, disinformation, all play a part in these engagements
  • When the Whys are looked at the closely coupled complex attacks can begin to be understood. This is the arena where targets can be chosen, and impacts dialled up to levels of interest by an adversary

Speakers
avatar for Tim Roxey

Tim Roxey

Chief Security Officer (Interim) and Chief Special Operations Officer, NERC
Tim Roxey is presently the Chief Cyber Security Officer for the North American Electric Reliability Corporation (NERC).Previously Mr. Roxey was the Deputy Chair for the Nuclear Sector Coordinating Council and also the Technical Assistant to the Vice Chair for Constellation Energy.Mr... Read More →


Tuesday October 9, 2018 9:50am - 10:20am
TBA

11:20am

Detecting Industrial Network Anomalies without the Risk of Disruption
Many asset owners have seen firsthand that becoming proactive about cyber protection for industrial systems in their plants is becoming a requirement. Yet at the same time, production processes cannot be disrupted, even for reducing cybersecurity risk in some cases. Key security controls that can address high risk areas such as secure remote access for employees and third party vendors/supply chain partners, and continuous monitoring of plant assets for threats and vulnerabilities are essential to deter cyber threats which can disrupt process controls and production.

In this session, Dave Weinstein, Claroty VP of Threat Research shares use cases from the field that demonstrate “zero-impact” deep packet inspection to precisely profile and dissect communications between assets in complex and sensitive industrial networks which can often indicate hidden cyber risks.

These passive techniques can identify misconfigurations, vulnerabilities, and anomalies plus provide operational security gaps and context so that plants can now have visibility into what’s happening and what to do about it without downtime, manual labor or having to become industrial cybersecurity experts overnight.

Speakers
avatar for Dave Weinstein

Dave Weinstein

VP of Threat Research, Claroty
Dave Weinstein is the VP of Threat Research at Claroty. Prior to joining Claroty, Dave was the Chief Technology Officer of New Jersey. He began his career as an operations planner at U.S. Cyber Command, where he served for three years. Dave holds a Bachelor's degree from Johns Hopkins... Read More →


Tuesday October 9, 2018 11:20am - 11:50am
TBA

11:50am

NEW RESEARCH! Major Malware at the Front Door: New Industrial USB Threat Research
This presentation has been updated and Eric will presenting brand new research as opposed to our previously advertised content. 

Speakers
avatar for Eric Knapp

Eric Knapp

Chief Engineer and Global Director of Solutions and Technology, Honeywell
Eric D. Knapp (@ericdknapp) is Global Director of Cyber Security Solutions and Chief Cyber Security Engineer for Honeywell Process Solutions.  Eric is a recognized expert in industrial control systems cyber security. He is the author of “Industrial Network Security: Securing Critical... Read More →


Tuesday October 9, 2018 11:50am - 12:20pm
TBA

1:50pm

Why a Focus on Recovery Improves Cyber Security Maturity
·        Understanding that recovery is much more than developing incident response plans and procedures

·        Taking a business approach to understand key business processes, operational impacts and systems

·        Developing an adaptive capability to respond to cyber threats and move the risk needle



Speakers
avatar for Rob Hayes

Rob Hayes

Lead for Cyber Security and Resilience of Operational Technology (OT), Critical National Infrastructure and Large Industrials, Deloitte
Rob is the lead for cyber security and resilience of operational technology (OT), critical national infrastructure and large industrials. He has an international engineering and consulting background with over 20 years’ experience in OT cyber security and industrial digital transformation... Read More →


Tuesday October 9, 2018 1:50pm - 2:20pm
TBA

3:50pm

Results from Analyzing Real-World ICS Malware in an ICS Network Sandbox
TRITON and CrashOverride showed us the potential of autonomous, purpose-built malware that enumerates and subsequently hijacks ICS devices using their native protocols. What if we could detonate ICS-specific malware in an "ICS Network Sandbox" that detects and analyzes purpose-built ICS malware before it even gets deployed? Current malware sandboxing technologies are designed for IT protocols and devices rather than OT protocols and devices; as a result, ICS-specific malware such as TRITON is undetected because IT malware sandboxes are unable to flag ICS-specific activities such as OPC scanning, overwriting of PLC configuration files, calls to ICS-specific libraries and ports, etc. CyberX's research team has built ICS-aware malware analysis sandbox that simulates a complete ICS execution environment in a virtual or offline state, and also instruments the execution environment to detect ICS-specific behavior. During this session, we'll describe the results of analyzing known ICS malware (Stuxnet, Industroyer, TRITON)  in the sandbox as well as data we've collected about the prevalence of ICS-specific malware "in the wild." Attendees will learn about ICS malware characteristics and ICS attack vectors so they can be better prepared to detect and respond to ICS security incidents in the future.


Speakers
avatar for Ron Yosefi

Ron Yosefi

Sales Director, CyberX
Ron Yosefi leads CyberX’s sales and partner management in Europe. He brings more than 20 years of experience in Industrial Automation and Software Solutions for Manufacturing and Infrastructure. Ron held various Business Development, Sales and Marketing roles in leading International... Read More →


Tuesday October 9, 2018 3:50pm - 4:20pm
TBA

4:20pm

Simplifying SCADA Environments with Migration to the Cloud
The increase in complexity of operational technology control systems has highlighted a growing skills gap and security concerns around the increased connectivity of industrial systems has fundamentally shifted the approach needed to OT cybersecurity. The bid to reduce costs often results in a trade-off between increased operational capabilities and security, and it has become essential to find solutions that can help to address this problem at speed and at scale. Moving to cloud-based SCADA systems can, in some cases, dramatically decrease complexity, present significant opportunities to reduce capital expenditure and improve control capabilities. This presentation will discuss some of the key considerations in embarking on cloud migration and provide lessons learned from doing so.
  • Eliminating capital expenditure on control and backup centres and the need for dedicated SCADA teams
  • How cloud solutions can help in effectively creating a green field environment in which to automate
  • How we have ensured effective collaboration with key vendors to securely and cost-effectively migrate our OT environment to the cloud
  • Is scepticism around security and reliability of cloud solutions for industrial applications justified and what are the limitations?

Speakers
avatar for Mo Ahddoud

Mo Ahddoud

Chief Information Security Officer, SGN
Mo Ahddoud is a security expert who is currently serving as the Chief Information Security Officer at SGN, which manages and operates over 74,000 km of gas mains and services in Scotland and the south of England. Prior to coming to SGN, Mo acted as the International IT Security Lead... Read More →


Tuesday October 9, 2018 4:20pm - 4:50pm
TBA
 
Wednesday, October 10
 

9:30am

Industrial Control System Security- Enabling Business with Digital Infrastructure
  • The World is Changing for Industrial Enterprises
  • There Will Be Winners and Losers
  • Cryptographic Zoning
  • ISA99 Architecture
  • Plan to Embrace ---Digital Innovation

Speakers
avatar for Chris Blask

Chris Blask

Director, Industrial Control Systems Security, Unisys and the US ICS ISAC
Chris Blask has been involved in the industrial control system and information security industries for more than twenty five years.Mr. Blask’s career spans the breadth of the cybersecurity spectrum. He invented one of the first commercial firewall products, built a multi-billion... Read More →


Wednesday October 10, 2018 9:30am - 10:00am
TBA

1:30pm

Securing Future Railways
  • What do we mean by a “modern” digital system?
  • Threat –Who (or what...) is “attacking” our modern systems?
  • Vulnerability –How does malware enter our systems?
  • Probability –How worried should we be as industry?
  • Impact –What is the worst that can happen?
  • Risk –How do we pragmatically protect ourselves?

Speakers
avatar for Vish Kalsapura

Vish Kalsapura

Principal Engineer Digital Railway, Network Rail Digital Railway
Vish has more than 25 years’ experience in overseeing technology programs and possess an in-depth understanding of emerging technologies and their commercial applications in Railway, Engineering and Defence sectors. He is a control systems expert and has worked on signalling and... Read More →


Wednesday October 10, 2018 1:30pm - 2:00pm
TBA

2:30pm

IEC Cyber Security Standards to Certification
  • "Architecture" view for standards perspective
  • Risk assessment basis of standards to certification
  • Product development assurance and testing
  • Mutual recognition of testing results through the Certification Scheme
  • Will it be possible to achieve transnational testing and certification?

Speakers
avatar for Didier Giarratano

Didier Giarratano

IEC Expert, IEC


Wednesday October 10, 2018 2:30pm - 2:50pm
TBA

2:50pm

Creating an International Framework for Industry-Driven ISA/IEC 62443 Conformity Assessment (CA)
  • Understanding 3rd party testing and certification mechanisms
  • Developing CA in line with market needs of individual sectors
  • The value of peer led interpretation and CA

Speakers
avatar for Eyal Adar

Eyal Adar

IEC Expert, IEC / Advisor to McKinsey & Company
Eyal Adar is an IT/OT cybersecurity specialist. With a strong record of 30+ year of integrating: strategic and technical consulting, research, solution development and International Standardization.·        Eyal is a member of IEC (International Electrotechnical Commission) CAB... Read More →


Wednesday October 10, 2018 2:50pm - 3:10pm
TBA
 

Twitter Feed