Upload
james-nesbitt
View
227
Download
1
Embed Size (px)
Citation preview
Industrial Control Security
www.cybersenate.com
www.industrialcontrolsecurityeurope.com
Register at www.industrialcontrolsecurityeurope.com
29th and 30th September 2014Royal Aeronautical Society, London, UK
Event OverviewIdentify, protect, detect, respond and recover. All stakeholders have a new responsibility in ensuring the safety, reliability and stability of our Critical National Infrastructure. Public and Private partnerships are paramount and information sharing on an international level a priority. We will be addressing key areas of vulnerability, threat detection, mitigation, and planning for the Energy Sector. The ICS Energy Europe conference has been developed under the guidance of the Cyber Senate. An exclusive community of authoritative global leaders with unparalleled experience and knowledge in both Cyber and Industrial Control sectors.
Key SpeakersHenrik Magnusson, Technical Strategy Manager, SSE Power Distribution
David Ogden, Head of Operational Technology, United Utilities
Lhoussain Lhassani, CISSP, Sr. Specialist Asset management, STEDIN
Paul Smith, Chief Security Officer, United Utilities
John Goldring Jnr, ICS and SCADA Manager, South Staffordshire and Cambridge Water
Sandro Etalle, Professor and head of the security of embedded systems group, University of Eindhoven
Jos Menting, Chief Technologist and Technology Manager Automation,Laborelec, GDF Suez
Kaspar Kaarlep, Head of Operational Technology, Elektrilevi
Johan Rambi, Privacy & Security advisor GRC,Alliander
William Barker, Cybersecurity Standards and Technology Advisor, NIST
Laurent Schmitt, Co Chairman of the Security Working Group of the Advisor, ETSI-CEN-CENELEC SmartGrid standardisation group, VicePresident Smart Grids Solutions, ALSTOM
Rauli Kaksonen, Founder and Chief Technology Officer, Codenomicon
Understand the challenges and solutions Oil, Gas, Electricity and Water companies face with integrated enterprise interfaces
Witness a demonstration from the founders of Heartbleed, hear about the impact and find out what you need to know to secure your infrastructure
IT/OT Converged technology - Integration from substation to data centre: Key insight from the second largest supplier of electricity and natural gas in the United Kingdom, and the UK’s largest generator of renewable energy.
Hear and debate a unique case study where a European plant experienced inexplicable load changes and was actually shut down. Was it a cyber attack or a failure of interconnected systems?
Defence in Depth – Hear from leading Utilities as they share their strategies from ICS and IT through to HR and physical resilience.
Learn new methodologies for offshore Industrial Control rig testing .
Gain insight into the development and standardization of cyber security controls and processes
Why you should attend:
Media Partners
Day One
17.00
16.30
09.10
11.55
12.35
10.30
09.50
15.10
14.30
11.15
End of Day One
Evolution of ICS security from a Distribution System Operator Perspective
• Security risks of a DSO • Awareness and management support • Organizational roots of security issues • Regulator perspective and legislative activities • Strategies for moving forward
Kaspar Kaarlep, Head of Operational Technology, Electrilivi
Integration from substation to data centre
• IT/OT converged technology: risks and opportunities • A complete loop: Substation to Data centre • The Role of Enterprise Architecture in developing Smart Grids • An architectural framework for development
Henrik Magnusson, Technical Strategy Manager, Scottish and Southern Energy
Resilience and digital interconnection dependency
• Resilience and digital interconnection dependency • Securing communications infrastructure, network reliability and security • The design and implementation of interoperable architectures- what is the security risk? • High security architecture best practices • Security by design
Lhoussain Lhassani, CISSP, Sr. Specialist Asset management, Stedin
Roundtable Discussions
NIST ROUNDTABLE – The NCCoE approachThe NCCoE approach starts with engaging representatives from specific industrial and economic sectors to identify, from a business perspective, cybersecurity problems associated with organizations’ processes, operations, and services.
Reducing vulnerabilities within the procurement processLed by South Staffordshire and Cambridge Water
Methodologies for Offshore Rig Testing
12.55 Networking Luncheon09.00 Chairman’s Opening Remarks
The development and standardization of cybersecurity controls and processes
• Changing nature and increasing importance and vulnerability of internetworks and internetworked processes and process control systems. • Importance in adoption, as well as development, of cybersecurity controls • Initiatives aimed at accelerating effective adoption of controls. • NCCoE as one approach to facilitation of implementation of security frameworks. • Larger cybersecurity context for ICS and critical infrastructure initiatives.
Willam Barker, Chief Cyber Security Advisor, NIST
Cyber Resilience in the Energy Sector • Alliander Cyber Resilience vision • European Energy-ISAC initiative • Situational Awareness in Control Center • Convergence of Physical and Cyber Security • Future thoughts of Smart Grid Cyber Security
Johan Rhambi, Privacy & Security advisor GRC, Alliander
Coffee and Exhibitor networking
European roadmap on cyber security standardization for ICS Energy sectorLaurent Schmitt, Smart Grid standardisation group, Co Chairman, VicePresident Smartgrids Solutions, Alstom, ETSI-CEN-CENELEC
Heartbleed: What is the impact and what do you need to know?Demonstration and discussion by founders CodenomiconRauli Kaksonen, Founder and Chief Technology, Codenomicon
15.50 Coffee and Exhibitor Networking
29th - 30th September2014Ex
clu
sive
up
da
te
Register at www.industrialcontrolsecurityeurope.com
Day Two
11.15
11.55
14.30
13.15
09.00
09.10
12.35
09.50
10.30
16.45 Close of conference
16.00 Reserved Presentation
Panel DiscussionHow to create a efficient Cyber Security Strategy
• Ensuring interoperability • Information sharing • System convergence • Cross division functionalities
Networking Lunch
Chairman’s Opening Remarks
The Art of DetectionSynopsis: Targeted attacks, advanced persistent threats and alike are raising concerns for the CSO’s of critical infrastructure organizations worldwide. In this presentation we will discuss what research is providing us with to detect such sophisticated attacks in the context of Industrial Control Systems. In particular, we will dive a bit into the area of network monitoring and intrusion detection in OT networks.
• Network Monitoring • Intrusion Detection in OT • Blacklisting, Whitelisting, Anomaly Detection
Sandro Etalle, Professor and Head of the security of embedded systems group, University of Eindhoven
Defence-in-depth: from ICS and IT through to HR and physical resilience.
• Technology within the IT environment has matured against a backdrop of continued cyber threat • ICS/SCADA has traditionally perated within a closed-world environment and has in many instances been adapted to use IT technologies • In the rush to utilise IT technologies within the ICS/SCADA domain, security issues have in many instances been overlooked. • Are vendors starting to meet the challenges of offering better levels of protection from cyber attack?
John Golding Jnr, ICS and SCADA Manager, South Staffordshire and Cambridge Water
Case Study: Why tripped my power plant?Plants are becoming more interconnected. If the information exchange is not designed well and procedures lack, incidents can happen. In this particular case the plant faced inexplicable load changes, and did shut down. Was is a cyber issue?Jos Menting, Chief Technologist, Technology Manager Process Automation, Laborelec, GDF Suez
Methodology for Offshore Rig TestingThe pursuit of technologies to make IT operations more efficient
• Malware designed to go undetected, remotely activated • Stealing intellectual property and exploiting information Example: “Shamoon” virus • Consequences: Offshore facilities - Oil spills, Economic risk, bigger threats to Centralised government run companies
Duncan Page, Director, IT Risk Assurance, Cyber Security, Power and Utilities, Pricewaterhouse Coopers
Our footprint and infrastructure (Waste water, water treatment, Chemical Process plants, Biological Waste water). The merging of environments, moving towards efficiency. Automated but regulated• Regulation barriers, investment fragmentation• Integrated enterprise interfaces – challenges and solutions• Event recognition, remote control of site infrastructure• Designing a integrated control centre, corporate system developmentDavid Ogden, Chief EICA Engineer, United UtilitiesPaul Smith, Head of Security, United Utilities
Coffee and Exhibitor Networking
15.15 Coffee and Exhibitor Networking
29th - 30th September2014
Case study: IT/OT Security Transformation “Control and Secure Change”
Register at www.industrialcontrolsecurityeurope.com