Agenda Day 1

8:30 AM - 9:00 AM REGISTRATION & COFFEE

9:00 AM - 9:10 AM 0900 CHAIRMAN’S OPENING REMARKS

9:10 AM - 9:50 AM BUILDING TRUST WITH CYBER SECURITY PARTNERS

Ewan Duncan, Group Head of Security , Associated British Ports
· Why large multinational organisations are increasingly looking to outsource cyber security to third parties
· Demonstrating how a lack of communication between site teams and third party security providers can create security lapses
· How can you identify reliable cyber security partners?
· How can cyber security providers demonstrate capabilities in an underreported industry?


Ewan Duncan

Group Head of Security
Associated British Ports

9:50 AM - 10:30 AM HOW TO BUILD A CYBER DEFENCE THROUGH ORGANISATIONAL ENGAGEMENT

Keith Kent, Business Security Liaison, National Grid
•Demonstrating the risks of cyber attack within organisations is a major challenge leaving industry over-exposed to threat
•Effectively securing against cyber risk requires active involvement from all organisation personnel
•How do you address a lack of appreciation for cyber security risks within organisations
•How actively engaging with your organisations leads to stronger cyber security risks

Keith Kent

Business Security Liaison
National Grid

10:30 AM - 11:00 AM MORNING COFFEE AND NETWORKING

11:00 AM - 11:40 AM ENSURING QUALITY AND COMPLIANCE DURING THE PROCUREMENT PROCESS & IDENTIFYING SUPPLY CHAIN PARTNERS ON THE INTERNATIONAL MARKET

John Easton, Lecturer, School of Electronic, Electrical and Systems Engineering, University of Birmingham
•How cyber security considerations impact current procurement processes
•How Organisations have been successful in meeting compliance requirements across it’s international supply chain
•Slow development cycles of manufacturing equipment cause disparity between available equipment and required cyber resilience
•Why limited market options and vetting processes can result in high costs and reliance on equipment with known faults


John Easton

Lecturer, School of Electronic, Electrical and Systems Engineering
University of Birmingham

11:40 AM - 12:20 PM WHY CYBER SECURITY RISK NEEDS TO BE COMMUNICATED AT BOARD LEVEL

Thomas Olsen, Director, Lagoni Engineering
•Demonstrating where a lack of understanding of cyber security at board level is resulting in exposure to hidden risk
•Why communicating cyber security risks to senior levels is a requirement for building cyber security
•How to communicate to the board using specific, industry-relevant, outcome-based case studies
•Understanding how board level ‘buy in’ leads to cultural change on cyber risk

Thomas Olsen

Director
Lagoni Engineering

12:20 PM - 1:20 PM NETWORKING LUNCH

1:20 PM - 2:00 PM WHY IT ‘TRADITIONALISTS’ NEED TO APPROACH CYBER SECURITY FROM AN OPERATIONAL STANDPOINT

•Identifying why IT staff need to understand the specific requirements of ICS and OT environments
•Demonstrating the impact IT systems have on the operating environment, and why cyber risks are not prioritised
•How to balance IT cyber security requirements with keeping operations and productivity high
•Why understanding the operational environment can allow IT teams to better work alongside OT to identify and defend against ICS targeted cyber attacks

2:00 PM - NaN:NaN AM WHY THE GAP BETWEEN OPERATIONAL TECHNOLOGY (OT) AND INTERNET TECHNOLOGY (IT) POSES A THREAT TO CYBER SECURITY

Andy Oliver, Project Manager -Industrial Control Systems Cyber Security, GSK
•Why a gap between IT and OT department is leaving unseen breaches in the cyber network
•How demonstrating this gap can actively engage employees on cyber awareness
•Understanding how far the OT / IT gap be closed with technological solutions
•How best practice IT/OT approaches can be developed to close cyber security gaps

Andy Oliver

Project Manager -Industrial Control Systems Cyber Security
GSK

2:40 PM - 3:20 PM UNDERSTANDING THE INSURANCE RISKS OF A CYBER ATTACK

Erik van der Heijden, Senior Risk Engineer - Cyber Security, If P&C Insurance
•Cyber security insurance is one of the fastest growing market areas, as industries increasingly turn to IT solutions
•Assessing what lessons can be learnt from the recent cyber attacks in 2017
•Understanding exclusion clauses; why do organisations continue to operate at risk?
•Why associating cyber risk with data loss is creating a false sense of security for organisations utilising ICS


Erik van der Heijden

Senior Risk Engineer - Cyber Security
If P&C Insurance

3:10 PM - NaN:NaN AM AFTERNOON TEA AND NETWORKING

· What impact is the NIS Directive going to have for your organisation?
· How should you be preparing the NIS Directive?
· Understanding your role in implementing the NIS Directive
· Demonstrating best practice under the new NIS Directives

Andreas Neumann


German Federal Office for Information Security (BSI)

Dan Tofan

Network and Information Security Expert
European Union Agency for Network and Information Security (ENISA)

Senior Speaker


National Cyber Security Centre

Chris Johnson

Head of Computing Science and Steering Group member of the UK Govt NCSC Industrial Control System
Glasgow University

Ewan Duncan

Group Head of Security
Associated British Ports
· Understanding your responsibilities under the NIS Directive
· Understanding how the NIS Directive will be enforced in Europe
· What impact will the NIS Directive have on your organisation?
· How can you be preparing for the NIS Directive?

Andreas Neumann


German Federal Office for Information Security (BSI)

4:20 PM - 4:50 PM THE NIS DIRECTIVE IN THE UK

Senior Speaker, , National Cyber Security Centre
· Understanding your responsibilities under the NIS Directive
· Understanding how the NIS Directive will be enforced in the UK
· What impact will the NIS Directive have on your organisation?
· How can you be preparing for the NIS Directive?

Senior Speaker


National Cyber Security Centre

5:00 PM - 5:10 PM CHAIRMAN’S CLOSING REMARKS AND END OF MAIN CONFERENCE