Agenda Day 1

8:30 AM - 9:00 AM REGISTRATION & COFFEE

9:00 AM - 9:10 AM 0900 CHAIRMAN’S OPENING REMARKS

9:10 AM - 9:50 AM DEMONSTRATING CYBER SECURITY AS A SAFETY CONCERN

Heinz Janiec, Sen. Consultant/ Sen Project Manager, Shell

•Understanding the safety aspects of a cyber attack is a major barrier to incorporating the operational teams in cyber security
•How associating cyber risk with safety in operational areas can engage both OT and IT operatives
•Examining how you can demonstrate cyber risk as a safety concern
•Determining how cyber security can be considered on a day-to day basis amongst operations teams

Heinz Janiec

Sen. Consultant/ Sen Project Manager
Shell

9:50 AM - 10:30 AM HOW TO BUILD A CYBER DEFENCE THROUGH ORGANISATIONAL ENGAGEMENT

Keith Kent, Business Security Liaison, National Grid
•Demonstrating the risks of cyber attack within organisations is a major challenge leaving industry over-exposed to threat
•Effectively securing against cyber risk requires active involvement from all organisation personnel
•How do you address a lack of appreciation for cyber security risks within organisations
•How actively engaging with your organisations leads to stronger cyber security risks

Keith Kent

Business Security Liaison
National Grid

10:30 AM - 11:00 AM MORNING COFFEE AND NETWORKING

11:00 AM - 11:40 AM HOW BOARDS ARE PREPARING AGAINST CYBER THREAT

Steven Trippier, Group Chief Information Security Officer, Anglian Water Services
· Understanding how boards are preparing against cyber security threats
· How do boards prioritise cyber security risk against cost
· How understanding the board level view of cyber risk will help your cyber defence strategy
· What actions can boards take to consolidate their cyber security risk


Steven Trippier

Group Chief Information Security Officer
Anglian Water Services

11:40 AM - 12:20 PM WHY CYBER SECURITY RISK NEEDS TO BE COMMUNICATED AT BOARD LEVEL

Thomas Olsen, Director, Lagoni Engineering
•Demonstrating where a lack of understanding of cyber security at board level is resulting in exposure to hidden risk
•Why communicating cyber security risks to senior levels is a requirement for building cyber security
•How to communicate to the board using specific, industry-relevant, outcome-based case studies
•Understanding how board level ‘buy in’ leads to cultural change on cyber risk

Thomas Olsen

Director
Lagoni Engineering

1:20 PM - 2:00 PM WHY IT ‘TRADITIONALISTS’ NEED TO APPROACH CYBER SECURITY FROM AN OPERATIONAL STANDPOINT

, ,
•Identifying why IT staff need to understand the specific requirements of ICS and OT environments
•Demonstrating the impact IT systems have on the operating environment, and why cyber risks are not prioritised
•How to balance IT cyber security requirements with keeping operations and productivity high
•Why understanding the operational environment can allow IT teams to better work alongside OT to identify and defend against ICS targeted cyber attacks

12:20 PM - 1:20 PM NETWORKING LUNCH

2:00 PM - NaN:NaN AM WHY THE GAP BETWEEN OPERATIONAL TECHNOLOGY (OT) AND INTERNET TECHNOLOGY (IT) POSES A THREAT TO CYBER SECURITY

Andy Oliver, Project Manager -Industrial Control Systems Cyber Security, GSK
•Why a gap between IT and OT department is leaving unseen breaches in the cyber network
•How demonstrating this gap can actively engage employees on cyber awareness
•Understanding how far the OT / IT gap be closed with technological solutions
•How best practice IT/OT approaches can be developed to close cyber security gaps

Andy Oliver

Project Manager -Industrial Control Systems Cyber Security
GSK

2:40 PM - 3:20 PM HOW THE NETWORK AND INFORMATION SYSTEMS (NIS) DIRECTIVE WILL IMPACT ORGANISATIONAL CYBER SECURITY

Dan Tofan, Network and Information Security Expert, European Union Agency for Network and Information Security (ENISA)
•Understanding the need for the 2016 NIS Directive on cyber security
•Why the NIS Directive will increase cyber security in ICS
•How should organisations manage the transition to the new regulations set out in the NIS Directive?
•Demonstrating how the NIS Directive should be applied in practice

Dan Tofan

Network and Information Security Expert
European Union Agency for Network and Information Security (ENISA)

3:10 PM - NaN:NaN AM AFTERNOON TEA AND NETWORKING

3:40 PM - 4:20 PM ENSURING QUALITY AND COMPLIANCE DURING THE PROCUREMENT PROCESS & IDENTIFYING SUPPLY CHAIN PARTNERS ON THE INTERNATIONAL MARKET

John Easton, Lecturer, School of Electronic, Electrical and Systems Engineering, University of Birmingham
•How cyber security considerations impact current procurement processes
•How Organisations have been successful in meeting compliance requirements across it’s international supply chain
•Slow development cycles of manufacturing equipment cause disparity between available equipment and required cyber resilience
•Why limited market options and vetting processes can result in high costs and reliance on equipment with known faults


John Easton

Lecturer, School of Electronic, Electrical and Systems Engineering
University of Birmingham

4:20 PM - 5:00 PM UNDERSTANDING THE INSURANCE RISKS OF A CYBER ATTACK

Erik van der Heijden, Senior Risk Engineer - Cyber Security, If P&C Insurance
•Cyber security insurance is one of the fastest growing market areas, as industries increasingly turn to IT solutions
•Assessing what lessons can be learnt from the recent cyber attacks in 2017
•Understanding exclusion clauses; why do organisations continue to operate at risk?
•Why associating cyber risk with data loss is creating a false sense of security for organisations utilising ICS


Erik van der Heijden

Senior Risk Engineer - Cyber Security
If P&C Insurance

5:00 PM - 5:10 PM CHAIRMAN’S CLOSING REMARKS AND END OF MAIN CONFERENCE