Agenda Day 1
8:30 am - 9:00 am REGISTRATION & COFFEE
9:00 am - 9:10 am 0900 CHAIRMAN’S OPENING REMARKS
9:10 am - 9:50 am EVALUATING THE IMPACT OF THE NIS DIRECTIVE WITHIN INDUSTRY
· Outlining how the NISD has been interpreted and implemented on a practical level within industry
· Challenges to implementing NIST across OT and IT teams
· Lessons identified from the first year under NIST; how successful is NIST in securing cyber systems?
· What further steps are required for NIST to be truly successful? What further steps should be taken to secure ICS from cyber threat
9:50 am - 10:30 am O/T ASSURANCE IN THE CIVIL NUCLEAR SECTORDan Coats - ONR Inspector - Nuclear Security Civil Nuclear Security Programme – Cyber Security & Information Assurance Team, Office for Nuclear Regulation
· The O/T security challenge and the challenges specific to O/T in the nuclear sector
· Understanding how the regulatory framework has evolved the civil nuclear sector
· An overview of results of live testing of OT systems under this redefined framework
· Understanding the challenges faced during this trial – is this model easily translated across other sectors
Dan CoatsONR Inspector - Nuclear Security Civil Nuclear Security Programme – Cyber Security & Information Assurance Team
Office for Nuclear Regulation
10:30 am - 11:10 am MORNING COFFEE AND NETWORKING
11:10 am - 11:50 am CYBER TRIAGE: MITIGATING DAMAGE THROUGH ROBUST CYBER PRACTICE
· Outlining the cyber profile of Anglo-American, and their response to cyber incidents
· Implementing triage and recovery systems in response to cyber incident
· Understanding global data management and analysis in a local context. How global threat relates to localised security teams
· Steps to developing a global cyber security model for business
11:50 am - 12:30 pm PANEL DISCUSSION: HAS THE NIS DIRECTIVE BEEN SUCCESSFUL SO FAR?
· How has the NIS Directive been implemented within industry sectors?
· What challenges have been experienced in implementing NISD? Is it fit for purpose across all business units?
· Does the “NIS Toolkit” work? What parts are missing from this kit?
· What further changes does industry need to see within the NISD
12:30 pm - 1:30 pm NETWORKING LUNCH
1:30 pm - 2:10 pm MANAGING CYBER SECURITY COMMUNICATION ACROSS FUNCTIONSThomas Olsen - Director, Lagoni Engineering
· Demonstrating where a lack of understanding of cyber security at board level is resulting in exposure to hidden risk
· Why communicating cyber security risks to senior levels is a requirement for building cyber security
· How to communicate to the board using specific, industry-relevant, outcome-based case studies
· Understanding how board level ‘buy in’ leads to cultural change on cyber risk
2:10 pm - 2:50 pm IMPLEMENTING AI AND MACHINE LEARNING TO SUPPORT REAL-TIME MONITORING AND DECISION MAKING
· How to use artificial intelligence to detect emerging threats and latent vulnerabilities
· Achieving 100% visibility across OT, IT and Industrial IoT
· Real-world case studies of stealthy cyber-threats identified early by the Industrial Immune System – before a crisis occurred
2:50 pm - 3:30 pm THE ICS FAIRYTALE: ENCOURAGING UNDERSTANDING ACROSS INDUSTRY
· Cyber Security in Industry - How did we get here?
· ICS Cyber Security – outlining the components and players across the cyber domain
· Does OT Cyber Security need a strong IT department?
· Making myth reality - experiences from industrial projects
3:30 pm - 4:00 pm AFTERNOON TEA AND NETWORKING
4:10 pm - 12:00 am BUILDING TRUST WITH CYBER SECURITY PARTNERSEwan Duncan - Group Head of Security, Associated British Ports
· Why large multinational organisations are increasingly looking to outsource cyber security to third parties
· Demonstrating how a lack of communication between site teams and third party security providers can create security lapses
· How can you identify reliable cyber security partners?
· How can cyber security providers demonstrate capabilities in an underreported industry?
Ewan DuncanGroup Head of Security
Associated British Ports
5:00 pm - 5:30 pm PANEL DISCUSSION: HAS THE NIS DIRECTIVE WORKED?Chris Johnson - Head of Computing Science and Steering Group member of the UK Govt NCSC Industrial Control System, Glasgow University
· What impact has the NIS Directive had within industry sectors?
· How should you be preparing the NIS Directive?
· Understanding your role in implementing the NIS Directive
· Demonstrating best practice under the new NIS Directives
Chris JohnsonHead of Computing Science and Steering Group member of the UK Govt NCSC Industrial Control System