SIGS Special Interest Group
7th SCADA Forum (SCADA, ICS and OT Security)

 
Save the DateClick on the .ics file to save the date

Target Audience Information Security Professionals interested in SCADA, ICS or OT Security

CIO’s, CISO, IT Manager, Security Executives, Security Engineers and all other persons who are responsible and interested in this specific topic

Security Consultants and Reseller only technical interested persons. Per Consulting Company max. one participant. Vendors and peoples from the Sales/Marketing part are not authorized to take part.

CPE Credits Earn 4 CPE (Continuing Professional Education) for attending this SIGS event. Please request a confirmation.
Location Hilton Zurich Airport Hotel
Hohenbuehlstrasse 10
8152 Opfikon-Glattbrugg

There are a lot of free park places available.
Train: railway station Zurich Airport – take the hotel shuttle

Date of Event 30th of May 2018
Further planned dates: 29th of August, 28th of November 2018
Language English
Participation Costs Fr. 55.— per participants
Organization, presentations, beverages and apéro riche included

 
Agenda

 

1:30 – 2:00 Registration & Coffee
2:00 – 2:30 Dominic de Kerf, Plant Systems and Controls COE lead at Cargill.

Cargill’s journey in making the OT and Automation systems in facilities more secure
Dominic de Kerf is Corporate Automation COE leader at Cargill Inc with 29 years in industry. He is working with Automation and Engineering teams in all 1500+ Cargill entities across the world and also an active member of a cross-business functional safety management community in the WIB, a close partner of NAMUR.

Dominic will share Cargill’s journey in making the OT and Automation systems in facilities more secure. He will also share insights on the dilemma of balancing security and safety and how to map architectures to IEC 62443 Security Levels.

2:30 – 3:00 Thomas Cueni, Security Specialist at Tenable
Thomas Cueni joint Tenable as a Security Specialist for Switzerland and Austria. He is a cybersecurity professional with almost fifteen years of technical experience in network and endpoint security, security operations and vulnerability management.

Prior to joining Tenable he was working for FireEye and Blue Coat (now Symantec), where he was doing pre-sales for major global accounts based out of Switzerland.

How continuous asset discovery and vulnerability detection help to protect ICS, SCADA and other safety-critical operational systems
In this session you will learn how passive monitoring can provide you safe and reliable insight – so you know what you have and what to protect. Covering a wide range of ICS, SCADA, manufacturing, and other systems, Tenable Industrial Security helps IT and OT security, plant operations, and compliance teams enhance security, improve asset protection, and strengthen regulatory compliance.

3:00 – 3:30 Donald Codling, formerly Unit Chief FBI Cyber Devision
Donald Codling currently serves as CISO and CPO for My Double Check and previously held these roles for Urban FT and Swift Exchange. Prior to these commercial projects, Don worked with the FBI for 23 years and retired as Unit Chief, FBI Cyber Division. While at the FBI, Don supervised a variety of investigative programs with a primary focus overall on international cyber crime and cyber national security operations, and with a particular emphasis on the cyber security challenges that have significant impacts on global financial services, energy and health care industries. His experience also includes the cyber vulnerability aspects of Industrial Control Systems (ICS), digital currencies, theft of intellectual property, foreign counter-intelligence, technical operations, and undercover operations.

Don served as chairman for the Cyber Security for Energy and Utilities Sector in UAE conference in 2014, 2015, 2017 and conceived and hosted three International Cyber Security forums held in Washington D.C. in 2012 , 2013 and 2017.

Organizations
Don belongs to the ISC2, the International Association of Privacy Professionals (IAPP) and maintains accreditation with his CISSP, CIPP (US) and holds multiple other technical certifications following his government service. Don currently has U.S. Top Secret Clearance (with counter intelligence polygraph) and maintains close ties with various U.S. State Department entities including the Overseas Security Alliance Council (OSAC) and the National Cyber Forensic and Training Alliance (NCFTA).

The Cyber Security rollercoaster-what surprises await the world in 2018 and beyond
There will be an inevitable infiltration of Internet of Things (IoT) devices into all aspects of our personal and professional lives…and the difficulties of maintaining control and visibility into any networks will become even more complex. An important and often overlooked aspect of any network ‘incident’ from my time in the FBI and at the U.S. ICS-CERT as liaison officer, was the overload of data without solid/stable processes to manage the equipment and more importantly…the people (from leadership to the media to the line mangers of a firm) during an incident.

An example of what leaders must consider-how will the inevitable blending of IoT into both Operational Technology and Information Technology systems impact your firms ability to be resilient and recover from a cyber event? Or how about-the purpose of the cyber attack or incident is to shut off/disable your firms critical life safety systems-what is your recovery or fallback position?

Discussion will include specific advise on three best practices to anticipate ‘the worst things happening’ and plan accordingly in a SCADA environment (worst things include probably due to the introduction of a malicious malware package, a motivated insider threat actor or the collapse/disablement of underlying infrastructure like the intent backbone, power grid, cellular system, etc).

3:30 – 4:15 Coffee Break
4:15 – 6:00 pm Breakout Sessions
Interactive sessions/talks – chose the one you like to attend

Strategic Breakout Session
by Donald Codling

This workshop and round table sessions will focus on best practices to recognize and deal with emerging challenges with the ‘inevitable integration’ of OT (Operational Technology) platforms mixing with IT (Information Technology) or God Forbid IoT (Internet of Things) environments.

Examples and recommended mitigation steps will be discussed from real world ‘situations- otherwise known as “crisis events” during my time as the U.S. FBI Cyber Divisions Chief Liaison Officer to the U.S. DHS U.S. Cert and ICS-CERT. Specific operational experiences with Shamoon , Petya and Not Petya will be covered as well as commercial experiences with evolving threat vectors from Nation State all the way thru professional ‘hacker’ groups for hire.

Roundtables will focus on a pair of topics (depends on the time):

  • Examples of ICS/SCADA threats actors planning operations in the Deep and Dark web space? How to monitor that and be able to mitigate or defend against these threats
  • Current best practices to recognize when OT/IT/IoT issues may arise and monitor the health of networks and ‘attempt’ to maintain network segmentation
  • Since in the real world ‘humans make lots of mistakes-either lazy, clumsy or maliciously-how does a network operator maintain control of his critical operational technology with the emerging Internet of Things universe knocking at every door?

Technical Breakout Session
by Thomas Cueni, Security Specialist at Tenable

Safely Inventory and Protect Critical Infrastructure – 10 Point Checklist to Protect your Critical Infrastructure
The days of air-gapped operational technology assets are gone. Increasingly OT environments interconnect with IT, adopting exploitable assets and protocols. The result: OT systems are exposed to IT threats. Referring to IT devices in operational environments, a SANS survey found, “IT devices such as computer assets running commercial OSes continue to be considered most at risk (70%) and having the greatest impact (46%)”.

This interactive session will explore the 10 focus areas that organisations have to concentrate on in order to protect their ICS, SCADA, manufacturing, and other systems. Attendees will receive a concrete action plan to protect their critical infrastructure.

6:00 – open end Apéro Riche & Networking
The speakers will be onsite for Q&A

The sponsors of this event are:

This is a ‘must attend’ event for all which are interested in SCADA/OT Security! We are confident that the relationships you develop here will prove to be crucial to your continuing success.

So don’t wait and send us your registration by email

With the registration for this event you accept, that SIGS may use the data entered for its own purposes and may share it with its event partners and event sponsors of this platform. In addition, we share the contacts as well with the community itself.

Earn CPE Credits for
attending SIGS Events

 

So don’t wait and
register by

email