Loading…
This event has ended. Visit the official site or create your own event on Sched.
Welcome to the Interactive Agenda for the 2017 Singapore ICS Cyber Security Conference! (View the full Singapore Conference website here)  

Register now to grab a spot at the premier ICS cyber security event for key stakeholders in the APAC region.
View analytic

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Breakout [clear filter]
Wednesday, April 26
 

14:00

An Industrial Immune System: Using Machine Learning for Next Generation ICS Security

As IT and Operational Technology (OT) environments continue to converge, managers of ICS have been faced with the challenge of protecting these crucial systems and data, in spite of inherent security weaknesses and the continual risk of insider threat. In many industrial processes, reliability of an ICS has a direct and immediate impact on the safety of human lives. Existing, legacy approaches have proven inadequate on their own, especially against insiders who, by definition, have authorized access.

There is an urgent need for a new approach to combat the next generation of cyber-threats, across both OT and IT environments. While total prevention of compromise is untenable, utilizing automated self-learning technologies to detect and respond to emerging threats within a network is an achievable cyber security goal, irrespective of whether the suspicious behavior originated on the corporate network or ICS.

Some of the world’s leading energy and manufacturing companies are using these technologies to detect early indicators of cyber-attacks or vulnerabilities across IT and OT environments, without reliance on pre-identified threat feeds, rules, or signatures. These technologies represent an innovative and fundamental step-change in automated cyber-defense.

In this session, delegates will learn:

  • How new machine learning and mathematics are automating advanced threat detection
  • Why 100% network visibility allows you to preempt emerging situations, in real time, across both IT and OT environments
  • How smart prioritization and visualization of threats allows for better resource allocation and lower risk
  • Real-world examples of detected OT threats, from non-malicious insiders to sophisticated cyber-attackers
Sponsored By: Darktrace

Speakers
avatar for Sanjay Aurora

Sanjay Aurora

Managing Director – Asia Pacific, Darktrace
Sanjay Aurora is the Managing Director, Asia Pacific at Darktrace, where he has spearheaded the company’s expansion in the region since 2015, with the rapid adoption of Darktrace’s award-winning Enterprise Immune System technology, and the opening of 9 offices in Asia Pacific. As a testament to the... Read More →



Wednesday April 26, 2017 14:00 - 14:30
Morrison Room 4th Floor

14:00

Perpetual Connectivity Enabling Business Transformation

With unpresented pace of digital journey and an increased sophistication in Cyber Security attacks in Process Control Industry, Yokogawa from Thought Leadership and Innovation perspective has crafted the framework for Cyber Security in paying particular attention to Availability, Integrity and Confidentiality from Co-innovating perspective with our customers. 

Yokogawa Electric Corporation collaborated with Global Network & Security Leader deliver Industrial Control System Security Solution for Global Oil & Gas Customer.  The solution that were deployed is a comprehensive security management solution for plant control systems that was jointly developed as an initiative between Global Network & Security Leader, Yokogawa, a leader in mission-critical plant automation systems and Global Oil & Gas Customer. The three companies have agreed to proceed over the next three years with the implementation of Industrial Control System Security at around fifty plants globally.

This session will walk through the past deployments and the Operation Model that Global Network & Security Leader and Yokogawa had delivered for Global Oil & Gas Company Security Initiative project.

Sponsored by: Yokogawa


Speakers
avatar for Lee Chee Hoe

Lee Chee Hoe

Senior Global Cyber Security Sales & Marketing Manager for IIoT & Cybersecurity, Yokogawa Electric International
Mr. Lee Chee Hoe is the Senior Global Cyber Security Sales & Marketing Manager for IIoT & Cybersecurity at Yokogawa Electric International. Mr. Lee Chee Hoe has over 16 years of experience in Industrial Cyber Security spearheading as Security Engineer, Consultant and Project Manager across various industries. He has Distinction Degree in Information Technology from Queensland University of Technology and holds both the Certified Information Systems Security Professional (CISSP) and GICSP certifications from... Read More →



Wednesday April 26, 2017 14:00 - 14:30
Moor Room 4th Floor

14:30

Eliminating Security Blind Spots in ICS Environments

This talk will skip the standard pitch about why ICS networks are vulnerable and the criticality of operational continuity, and go right to the point, which is to explain how ICS cyber-attacks really operate and where are the security gaps that enable these attacks.

Industrial networks are inherently different than IT networks. In most IT cyber-attack scenarios, the same protocols are used for configuration and production operations. However, in industrial networks, different protocols are used for different types of operations. The builders of Stuxnet understood this more than 5 years ago, yet most security specialists still don’t fully understand the difference.

In this session we will discuss: 

  • The need to monitor the proprietary network protocols and track all changes to the controllers
  • Why changes to PLC code blocks are transparent to “standard” OT protocol inspections (i.e. MODBUS/DNP3/ICCP) and what should be monitored
  • Which additional security gaps must be addressed in order to protect ICS networks against cyber-attacks, malicious insiders and human errors

Join us for this myth-busting session in which we will dispel common fables around industrial cyber-attacks and explain how they really operate.

Session attendees will:

  • Gain insight into real-world threats to ICS networks and understand how ICS cyber attacks are really executed
  • Review how attackers can compromise critical industrial controllers (PLCs, RTUs) while remaining undetected
  • Understand the proprietary OT network protocols used by vendors to manage industrial controllers, their strengths and weaknesses
  • Learn about best-practices that should be implemented to secure OT networks and industrial controllers

Speakers
avatar for Mille Gandelsman

Mille Gandelsman

CTO and Co-Founder, Indegy
Mille Gandelsman is the CTO and Co-Founder of Indegy, an industrial cybersecurity startup that provides situational awareness and real-time security for industrial control networks. He leads Indegy’s technology research and product management activities. Prior to Indegy, Gandelsman led engineering efforts for Stratoscale and spent several years leading cybersecurity research for... Read More →


Wednesday April 26, 2017 14:30 - 15:15
Moor Room 4th Floor

14:30

The Need for ICS Security Operations Center

Cybersecurity for Industrial Control Systems (ICS) is gaining importance fast and cannot be covered by one single action.

To accept is easy, to continue is difficult; It takes a lot of efforts for ICS assets to reach an acceptable level of security. However, it takes much more to maintain that level over a sustainable period of time; a pitfall that many organizations have failed, or decided to give up altogether.

One key factor is the lack of individuals with a hybrid IT & OT skillset and experience. To make up for this, it makes sense to congregate different talents in an ICS Cybersecurity Operations Center, or ICS SOC. This approach not only form a team with a collective IT & OT skillsets and experiences, it forges team members to look into ICS anomalies in unison; many in skills, one in mind.


Speakers
avatar for Jos Menting

Jos Menting

Chief Technologist, Lab Manager Cybersecurity, ENGIE Lab LABORELEC
Jos Menting graduated in Technical Physics and Industrial Automation at the Saxion University. After some excursions Mr. Menting started working in I&C engineering for different types of thermal power plants. Both new build as brown field and optimization projects delivered a profound base of knowledge in all aspects of... Read More →


Wednesday April 26, 2017 14:30 - 15:15
Morrison Room 4th Floor

15:30

Can SCADA in “the Cloud” be Safe?

The IIoT promises to revolutionize the field of industrial automation with access to cloud-based systems. Expert "big data" analytics promise to yield efficiencies and savings. Cross-client analysis of security data promise to let cloud security vendors draw conclusions about overall threat postures and derive actionable intelligence for individual sites. Industrial "app stores" promise to democratize and revolutionize industrial applications, while dramatically reducing costs.

It's too bad that our industrial data looks nothing like what cloud systems need, and that even if we solved that problem, we're never going to connect the Internet right into the beating heart of our most sensitive control systems.

If only there was a way to gather data from industrial systems safely, and transform that data into cloud-friendly formats. If only there were a way to transmit that now cloud-friendly data out to the Internet - the Internet which is the source of all evil - without any chance at all of evil leaking back into our industrial systems.

When we ask the right questions, the answer no longer seems far-fetched. 


Speakers
avatar for Michael Firstenberg

Michael Firstenberg

Director of Industrial Security, Waterfall Security
Mike Firstenberg is the Director of Industrial Security for Waterfall Security. Mike brings almost two decades of experience in Industrial Control System Security, specializing in Control System Cyber Security. With a proven track record as a hands-on engineer - researching, desi... Read More →


Wednesday April 26, 2017 15:30 - 16:15
Morrison Room 4th Floor

15:30

Safety Instrumented Systems and Cyber Security

Safety instrumented systems are used in many applications today to improve the safety and reliability of process systems. Manufacturers like oil and gas producers, chemical processors or power generators that apply automation to critical plant require high availability systems.  These systems are sometimes referred to as triple modular redundant (TMR) systems, to reduce the risks associated with uncontrolled shutdowns caused by equipment failures. IEC 61511 is a standard that helps governs the application of this technology and has recently undergone a revision that, amongst other changes, requires cybersecurity to be considered in any risk assessment.

Both IEC 61511 and IEC 62443 call for risk assessments to be conducted, however the outcomes of each risk assessment can be very different. This presentation will explore the requirements of a cybersecurity risk assessment and how it could be aligned with the results of a process risk assessment to determine what countermeasures are need. It will explore the current recommendations for cybersecurity in SIS safety systems and also look at what some organizations are implementing to address technical challenges posed by security and geography.


Speakers
avatar for Stefan Schlatter

Stefan Schlatter

Principal Engineer, Schneider Electric
Stefan Schlatter joined Schneider Electric in March 2008 as part of the Teir 3 ClearSCADA Customer Support Team in England before moving to Australia and becoming part of the Industrial Process Automation group. His primary roles have focused around the design, engineering and technical support of Telemetry... Read More →


Wednesday April 26, 2017 15:30 - 16:15
Moor Room 4th Floor

16:15

Cybersecurity in Operational Technology – The Need for Focus on Detection and Response

Cyber threats are on the rise. As industry becomes more connected, risks go up. In the face of this reality, having a strategy that’s fully informed by ICS cybersecurity experts and tuned to the specific risks that you face, is well worth the effort. You need to take the right actions to increase resilience, help ensure safety, and maintain availability across your OT environment. As the threat landscape increases, a smart cyber defense strategy for ICS, SCADA, process control, and other OT networks is in order. This strategy employs people, process and technology to ensure that industrial cyber controls are in place to protect critical assets. Most of the organizations focus on protecting their networks, assets, devices and applications, forgetting to give the same focus ondetecting, responding and recovering from the incidents, if they are to occur. This presentation focuses on the detect, respond and recover phases of the NIST framework.

 


Speakers
avatar for Ganesh Narayanan

Ganesh Narayanan

Director, Advisory-Cyber Security (Operational Technology), Ernst & Young
Ganesh is a Director in EY’s Cybersecurity practice. A SCADA cybersecurity professional with more than 20 years’ experience working on IT systems related industrial control / aviation systems, he has worked with regulators, government agencies and private organizations in definin... Read More →


Wednesday April 26, 2017 16:15 - 17:00
Morrison Room 4th Floor

16:15

Functional Safety at Your Plant Requires IT Security
Speakers
avatar for Friedhelm Best

Friedhelm Best

Vice President Asia Pacific Region, HIMA Asia Pacific
Friedhelm Best is Vice President of the Asia Pacific Region at HIMA, a leading independent provider of solutions for safety-critical applications.  | Friedhelm previously worked as Director of Global Key Account Management Industry in the Electrical Sector of Eaton Corporation. F... Read More →


Wednesday April 26, 2017 16:15 - 17:00
Moor Room 4th Floor
 
Thursday, April 27
 

14:00

Cybersecurity Services for the Next Level of Automation

Driven by business sustainability requirements, access to (near) real-time data within the automation industry has created a growing trend towards interconnectivity between control system and enterprise environments.  A component of this trend is the movement away from proprietary control system platforms and technology, to a more open and interoperable Asset Control System.  This development creates opportunities for businesses, but can also simultaneously increase their exposure to potential vulnerabilities.  Due to the evolving, complex nature of control systems in the enterprise today, many asset owners simply do not know where to start when it comes to devising a security strategy.  A lack of awareness about their current vulnerability state makes the effective application of security controls and /or processes difficult.  Many customers lack experience in determining vulnerability levels, exposure, and possible impacts of threats to network and critical assets.  They also face difficulty in effectively distributing and enforcing appropriate policies and procedures.

This presentation will describe how an external Cybersecurity Services team can provide valuable assessment, implementation, maintenance, and education services for businesses focused on minimizing Operational Technology (OT) cybersecurity risks within their ICS environment.  It will also include an overview of how IT / OT environments are converging today, the challenges with managing that process and the sprawl of the Industrial IoT.  Finally, we’ll discuss some best practices that have been assembled from lessons learned in Building Automation Systems, Water / Wastewater, Refineries, and other critical infrastructure.

Sponsored by: Schneider Electric 


Speakers
avatar for Peter Clissold

Peter Clissold

Senior Cyber Security Consultant, Industry Business, Schneider Electric
For over 20 years Peter Clissold has been a leader in the industry with the adoption of new technologies and standards that improve efficiencies in control and driving access to information within the Industrial environment. Peter has been responsible for horizontal and vertical... Read More →



Thursday April 27, 2017 14:00 - 14:30
Moor Room 4th Floor

14:00

ICS Threatscape & KasperskyOS

This session will first cover the ICS threat landscape in the APAC region, using the very latest information from Kaspersky Lab ICS-CERT. The threat landscape includes regional statistics on ICS malware and incidents, with the intention to give a holistic overview not just in the region, but also in each specific countries. Kaspersky Lab ICS-CERT is a new, non-commercial community-based initiative with a mission is to provide free, timely information on the latest ICS threats, vulnerabilities, security incidents, mitigation strategies, incident response, compliance and investigations. It has a growing number of contributing members from ICS product vendors, government agencies, critical infrastructure operators, and other types of entities.

The next topic will focus on a new technology, KasperskyOS; a secure-by- design environment for the ever-growing and increasingly attacked embedded systems and IoT devices. Designed with specific industries in mind, KasperskyOS is aimed not only to solve security issues, but also addresses organizational and business challenges related to secure application development for embedded systems. And yes, KasperskyOS is non-Linux.

Sponsored by: Kaspersky Lab 


Speakers
avatar for Vikram Kalkat

Vikram Kalkat

Kaspersky Industrial Cyber Security Global Business Development, APAC Region, Kaspersky Lab
Vikram Kalkat joined Kaspersky Lab in 2017 to become the lead for KICS business development in the region. In this role, Vikram is responsible in increasing the cybersecurity company’s footprint in the entire APAC region for the KICS line of business. Vikram is also acting as Sen... Read More →


Thursday April 27, 2017 14:00 - 14:30
Morrison Room 4th Floor

14:30

ICS Life After Stuxnet

Stuxnet made headlines in the OT (Operational Technology) world back in 2010. It was a wake up call to those who never really thought ICS (Industrial Control Systems) could be hacked, let alone cause severe damage to a nuclear plant in Iran.

Today, SCADA/ICS engineers are now expected to design not only functional logic, safety logic but also system hardening for cybersecurity. Cybersecurity for ICS or OT poses different problems that are unlike that of Enterprise or IT Cybersecurity.  

While Enterprise security prioritizes data in the order of CIA (Confidentiality, Integrity, Availability), ICS demands the reverse, i.e. AIC. Why is availability so important to ICS? Well, think of how important is your heart pumping to blood to various organs including your brain. Stop for a few seconds and the consequences could be fatal.

Every piece of data is processed in real-time. These 'data' consist of both sensor data and commands to output elements such as actuators, valves, motors and pumps etc. 

That means latency is a key factor when intercepting such data to analyze becomes challenging. Typically it cannot afford to be delayed more than a few milliseconds. And even if suspicious data is detected, it cannot be filtered out as any false positives could have dire consequences. Nothing shapes human behaviour to ignore 'cry wolf' any more than false alarms. Even to the point of muzzling or by-passing the security mechanism. 

Another aspect of OT is in the area of Functional Safety whereby safety interlocks, Emergency Shutdown System (ESD or SIS) are designed with Safety PLC. Can hackers penetrate the SIS from Process Control System (PCS)? Can malware propagate from PCS to SIS? Can cybersecurity impact safety?

Given that OT is a different animal, are there any effective ways to protect ICS from Cyber attacks? Tune in to find out the current industrial practices and of the shape of things to come. 


Speakers
avatar for David Ong

David Ong

Founder, Excel Marco
Mr. David Ong has obtained his MBA from the University of Louisville in 2002 and a Certified Functional Safety Experts (CFSE). He is the founder for Excel Marco and Attila. Excel Marco is founded in early 2000. Excel Marco is a premier solutions provider for process automation and safety systems for the onshore and offshore oil and gas, marine and logistics industry. For the last 3 years, David is focusing on Cyber Security in Physical Security System (CPS). He also created Attila by branching out from EM Cyber division to focus on Cyber Security on Critical Information Infrastructures (CII) like Water, Energy, Gas... Read More →


Thursday April 27, 2017 14:30 - 15:15
Moor Room 4th Floor

14:30

ICS Security Incidents Case Files & Incident Response

Verizon will detail real-world data breaches that its RISK team investigated which involve critical infrastructure and industrial (OT) network environments.

The names and some figures have been changed to protect the innocent! Two real-world scenarios drawing from real-world cybersecurity incident investigations from one of the world’s foremost investigative response teams.  Both scenarios are told from a different stakeholder bringing perspectives involving Legal Counsel, Human Resources, Corporate Communications and others to the breach response effort. Listen to how the different points-of-view cover critical decision pivot points and split-second actions.


Speakers
avatar for Ashish Thapar

Ashish Thapar

Managing Principal – Investigative Response, APJ, Verizon Enterprise Solutions
Ashish Thapar is the Managing Principal, Verizon RISK team for Asia Pacific and Japan region. In this role he is responsible for all customer-facing computer incident response, digital forensics, electronic discovery, and IT investigations. Prior to this role, Ashish was responsible for the business and portfolio management of... Read More →


Thursday April 27, 2017 14:30 - 15:15
Morrison Room 4th Floor

15:30

A Maturity Model for ICS Cybersecurity

The ICS Cybersecurity Maturity Model reflects a layered approach to implementing an effective, defense-in-depth cybersecurity strategy. Maturity levels in this model represent a recommended sequence of cybersecurity objectives and an associated set of defensive actions.  Each maturity level adds an additional layer of cybersecurity protection and prepares the company for advance to the next level. The ICS cybersecurity maturity model helps companies take control of cybersecurity investments in a rational way that aligns specific security benefits with investments in technology and resources.

Developed by ARC, the maturity model is focused on helping managers who are not cybersecurity experts (e.g. plant managers) gain control of their cybersecurity strategies.  It provides a framework for structuring and evaluating the costs-benefits of cyber investment decisions, considering their risk appetites, financial resources, and cybersecurity capabilities.

Attendees will be provided with free access to the report 22-page Maturity Model for Industrial Cybersecurity Planning after the presentation.   


Speakers
avatar for Bob Gill

Bob Gill

General Manager, Southeast Asia, ARC Advisory Group
Bob is responsible for managing ARC's operations in Southeast Asia. He joined ARC Advisory Group after a decade-long career in industrial technology media, most recently as Editor-in-Chief at Singapore's Contineo Media, where he had editorial management responsibility for Control Engineering Asia, Asia Food Journal, PharmaAsia, Logistics Insight Asia, and Payload Asia, while also concurrently being Editor of Control Engineering Asia. Taken together with his earlier experience at Industrial Automation Asia magazine, he spent more than 10 years covering developments in automation technology in Southeast Asia and became widely recognized as the primary editorial voice for this sector in the region. | | Bob also conceptualized and launched supply chain management and logistics technology publication Logistics Insight Asia to the regional market in... Read More →


Thursday April 27, 2017 15:30 - 16:15
Moor Room 4th Floor

15:30

Never Underestimate the Laziness of Adversaries: Lessons from Real World Attacks

In the world of cyber security, it is easy to be distracted by the most scary, the most obscure and the most exotic. And while that is positively frightening and arguably very entertaining, it doesn't qualify as a very good way to approach securing the systems, processes and information that your business ultimately depends on. Lessons from real world attacks and attack assignments provide a much more realistic foundation that can inform your decisions.

In this talk, delegates will learn:

  • How adversaries would attack you given their objectives. That could well include RTUs with cellular components, microwave links or physical attacks. But in many cases, the answer is less scary, less obscure and less exotic than we have the tendency to believe. Think systems exposed directly to the internet, or viable pathways from L4 through L3.
  • How you would verify if the above holds true for your organisation as well.
  • How you can avoid common pitfalls in securing ISC/SCADA environments.
  • Best practices for securing ICS/SCADA environments with the above in mind. Should you consider L4 breached and if so, what does that really mean?

So yes, IT may be from Venus, and OT may be from Mars, but they don’t exist in isolation and an undue focus on this difference may lead you to focus on the wrong things or overlook the obvious.


Speakers
avatar for Erik de Jong

Erik de Jong

Chief Research Officer, Fox-IT
Erik de Jong Chief Research Officer at Fox-IT (part of NCC Group). Fox-IT prevents, solves and mitigates the most serious cyber threats with smart solutions for governmental bodies, defense, law enforcement, critical infrastructure, banking and large enterprises worldwide. Prior to his current position at Fox-IT (part of NCC Group), Erik led its Security Research Team -hunting and applying intelligence- and FoxCERT... Read More →


Thursday April 27, 2017 15:30 - 16:15
Morrison Room 4th Floor

16:15

ICS Cyber Security Challenges of Mitigation Implementation

As industrial control systems advance to IoT, the risk of cyber-attacks is increasing more than ever before. However, industrial control systems have problems due to different characteristics/specification from information systems,

There is a reality that security measures cannot be implemented easily as information systems. This presentation will address 4 challenges (Awareness, Organization/Process, Knowledge, and Technology) and how to implement security measures.


Speakers
TO

Tadashi Onodera

Manager, Cyber Risk Services, Deloitte
Tadashi Onodera is IT related business specialist and booster of consulting projects. He has more than 14 years job history, now working for Deloitte Japan. Tadashi has worked as a consultant, project manager, system developper, researcher, and more. He is now leading ICS & IoT c... Read More →


Thursday April 27, 2017 16:15 - 17:00
Moor Room 4th Floor

16:15

ICS Security Journey
Speakers
avatar for Koh Wan Ching

Koh Wan Ching

System Engineer, Shell
System Engineer, Shell


Thursday April 27, 2017 16:15 - 17:00
Morrison Room 4th Floor