Agenda Day 2
8:30 am - 9:00 am REGISTRATION & COFFEE
9:00 am - 9:10 am CHAIRMAN’S OPENING REMARKS
9:10 am - 9:50 am UNDERSTANDING THE INTELLECTUAL THREAT OF CYBER INCIDENTSDavid Blonder - Director, Legal Counsel Regulatory and Privacy, BlackBerry Mobile
· Outlining Intellectual Property (IP) concerns to industry – why should you care?
· Demonstrating the relationship between cyber attacks against industrial systems and Intellectual Property (IP) theft
· Developing a wider engagement policy for your IT/OT teams to manage IP theft awareness
· How can you develop an integrated response to the growing cyber threat?
David BlonderDirector, Legal Counsel Regulatory and Privacy
9:50 am - 10:30 am LESSONS IDENTIFIED FROM THE WIDER CYBER DOMAINAndy Oliver - Workstream Lead - Networks, TSB
· Incorporating Cyber Security into the business model
· New approaches to Cyber Security from outside the ICS bubble
· Moving from ICS to other industry; lessons learnt from the other side
· Repurposing cyber lessons for ICS
Andy OliverWorkstream Lead - Networks
10:30 am - 11:10 am MORNING COFFEE AND NETWORKING
11:10 am - 11:50 am CYBER AUDIT MANAGEMENT: WHAT YOU NEED TO KNOWJon Gray - Cyber Threat Intelligence Manager, PWC
· Assessing cyber operational efficiency – key indicators of capability in ICS cyber security
· Identifying Internal Control And Regulatory Deficiencies within your organisation
· Understanding the audit checklist – practical steps to audit management
· Fail to prepare, prepare to fail? Should cyber maturity be based on a pass/fail system?
Jon GrayCyber Threat Intelligence Manager
11:50 am - 12:30 pm MANAGING ICS CYBER SECURITY WITHIN SMALL AND MEDIUM ENTERPRISEMalcolm Warr - Member, UK Federation of Small Businesses
· Understanding the cyber set-up for industry SME’s
· Identifying true risk vectors for your organisation
· Methods to scaling cyber capability relative to your risk appetite
· How smart prioritization and visualization of threats allows for better resource allocation and lower risk
UK Federation of Small Businesses
12:30 pm - 1:30 pm NETWORKING LUNCH
1:30 pm - 2:10 pm CYBER INSURANCE: KEY FACTORS IN THE INSURANCE CYCLEErik van der Heijden - Senior Risk Engineer - Cyber Security, If P&C Insurance
· Understanding the insurance process and requirements within a cyber context
· Demonstrating true business impact of a cyber incident, and linking cyber incident to loss
· Cyber proofing; understanding how robust cyber defence planning can support the insurance process
· Ensuring proper insurance measures to protect against cyber incident
Erik van der HeijdenSenior Risk Engineer - Cyber Security
If P&C Insurance
2:10 pm - 2:50 pm DEMONSTRATING CYBER SECURITY AS A SAFETY CONCERN
· Understanding the safety aspects of a cyber attack is a major barrier to incorporating the operational teams in cyber security
· How associating cyber risk with safety in operational areas can engage both OT and IT operatives
· Examining how you can demonstrate cyber risk as a safety concern
· Determining how cyber security can be considered on a day-to day basis amongst operations teams
2:50 pm - 3:20 pm AFTERNOON TEA AND NETWORKING
3:20 pm - 4:00 pm PANEL DISCUSSION: THE CYBER TURNING POINT? IS CYBER SECURITY NOW PROPERLY RECOGNISED WITHIN ICS
· Have events in 2017 / 2018 signified a major turning point for Cyber Security in Industrial Control Systems?
· Have new regulations, such as NIS, been successful in changing approaches to cyber?
· What are the true emerging threats? Is industry reactive enough to address these?
· How will the cyber threat landscape evolve over the next 12 months? Is CNI likely to become a higher priority target for cyber criminals?
4:00 pm - 4:40 pm AGILE INCIDENT RESPONSE IN ICSHelge Janicke - Director of the Cyber Technology Institute, De Montfort University
· An overview of the threats, risks and mitigation strategies of SCADA systems
· Considering the characteristics of ICS incident response capabilities
· Building agility into ICS; working software and collaboration in incident management
· Managing adaptive security within a security network
Helge JanickeDirector of the Cyber Technology Institute
De Montfort University