Agenda Day 2

8:30 AM - 9:00 AM REGISTRATION & COFFEE

9:00 AM - 9:10 AM CHAIRMAN’S OPENING REMARKS

•How has the cyber attack threat evolved in response to advanced cyber defences?
•Demonstrating how cyber attacks can exploit and attack Industrial Control Systems weaknesses
•Understanding why ICS is increasingly targeted by Cyber Attack
•How can you develop an integrated response to the growing cyber threat?

Helge Janicke

Director of the Cyber Technology Institute
De Montfort University

Chris Hankin

Director of the Institute for Security Science and Technology
Imperial College London

Chris Johnson

Head of Computing Science and Steering Group member of the UK Govt NCSC Industrial Control System
Glasgow University

9:50 AM - 10:30 AM MANAGING CYBER SECURITY RISK IN THE MARINE ENVIRONMENT

Ewan Duncan, Group Head of Security , Associated British Ports
•Understanding the consequences of a cyber attack on maritime facilities, and why maritime facilities are a major target for cyber terrorism
•Demonstrating why facilities continue to be exposed to cyber risk
•Understanding how Associated British Ports has responded to the growing cyber threat
•How the lessons learnt from the maritime sector can be applied to wider industry


Ewan Duncan

Group Head of Security
Associated British Ports

10:30 AM - 11:00 AM MORNING COFFEE AND NETWORKING

•Establishing why large multinationals and CNI infrastructures ICS are increasingly managed by centralised cyber security hubs
•Why large organisations need a consolidated cyber security measure that can be interfaced with differing OT equipment
•Understanding why many organisations consider ‘off the shelf’ cyber security approaches as too inflexible for OT requirements, and struggle to be interfaced into operational technologies
•How can you implement global off-site security and enforce security on site

Holger Karn

Directory Information Security and Data Privacy
Continental Secure Data Germany GmbH

11:40 AM - 12:20 PM HOW TO MAINTAIN SYSTEM INTEGRITY WHEN USING THIRD PARTY CONSULTANTS

Mark Finch, General Manager Information Security & IT Risk Management EMEA, Opel Vauxhall
•How third party consultants can introduce risk to your ICS network
•Demonstrating how third parties can be introduced to an organisations risk culture
•Determining how external systems can be monitored for risk
•How do you address cyber security to consultants without harming productivity?

Mark Finch

General Manager Information Security & IT Risk Management EMEA
Opel Vauxhall

12:20 PM - 1:20 PM NETWORKING LUNCH

1:20 PM - 2:00 PM HOW REMOTE MANAGEMENT SOLUTIONS CAN ADDRESS CYBER SECURITY

Samuel Korpi, Information Security Specialist, Neste
•Understanding why organisations would look to remotely manage cyber security
•Why budget restraints and a lack of IT professionals mean cyber security is often outsourced off-site
•Establishing how remote management options provide cyber secure alternatives to in-house teams
•How do you integrate remote risk management with on-site requirements?

Samuel Korpi

Information Security Specialist
Neste

2:00 PM - 2:40 PM HOW TO BUILD TRUST WITH CYBER SECURITY PARTNERS

Cevn Vibert, ICS Security Evangelist, Vibert Solutions
•Why large multinational organisations are increasingly looking to outsource cyber security to third parties
•Demonstrating how a lack of communication between site teams and third party security providers can create security lapses
•How can you identify reliable cyber security partners?
•How can cyber security providers demonstrate capabilities in an underreported industry?

img

Cevn Vibert

ICS Security Evangelist
Vibert Solutions

2:40 PM - 3:10 PM AFTERNOON TEA AND NETWORKING

3:10 PM - 3:50 PM HOW TO INCORPORATE KNOWN CYBER SECURITY FAULTS IN MANUFACTURING

Jonni Talsi, Project Manager (I&C) and Chief Engineer Cyber Security, Poyry
•Why specialist manufacturing requirements and limited procurement options mean equipment with known cyber security limitations are procured
•How the long life cycle of OT equipment against IT solutions means products are released to market with known cyber security exposure
•How can you use technological solutions to address known weakness in equipment?
•How organisations can address known weaknesses with human solutions

Jonni Talsi

Project Manager (I&C) and Chief Engineer Cyber Security
Poyry

3:50 PM - 4:30 PM RESPONDING TO THE CRASH OVERRIDE / INDUSTROYER CYBER ATTACK

William Horner, Process Automation Consultant, Horner Technologies
•Industroyer, also known as CrashOverride, was a highly targeted attack that hit a single, 200-megawatt Ukrainian transmission substation in late December 2016, however the attack vector remains unknown
•Why this attack is a major turning point for cyber security in ICS systems
•Determining the implications of this attack for your organisation
•How you can defend against similar attacks with unknown vectors?


img

William Horner

Process Automation Consultant
Horner Technologies

4:30 PM - 4:40 PM CHAIRMAN’S CLOSING REMARKS AND END OF DAY TWO