Loading…
This event has ended. Visit the official site or create your own event on Sched.
Welcome to the Interactive Agenda for the 2017 Singapore ICS Cyber Security Conference! (View the full Singapore Conference website here)  

Register now to grab a spot at the premier ICS cyber security event for key stakeholders in the APAC region.
View analytic

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Open Workshop [clear filter]
Tuesday, April 25
 

08:40

The Importance of Cybersecurity Training and Policies

Cybersecurity Training and Policies are of Equal Value to Products and Features 

Encryption is touted as the next evolution in securing data.  If the intent is to encrypt text, email content or data objects, the concept is nothing new - mankind has been securing messages in this manner for millennia, the Egyptians used codex’s and the Romans used one time keys and shared secrets.  It is a secure method provided that you ensure integrity of the keys.

If the intent is the encryption of a data channel or communications path, then you may be introducing risk to your system.  If the data is not inspected at either end of the secure channel, then encryption can be creating a secure path for malware into your system.  Encryption can also prevent security appliances from detecting issues.  A deep packet inspection firewall (DPI) for example is rendered useless if deployed to look for anomalous activity on an encrypted path as the firewall will not see packet contents.

Your staff need to be Cybersecurity aware, in fact untrained staff may be your biggest risk. Even in a completely air-gapped system, human interaction can lead to a compromise.  Compromise could come from the use of removable media, or could be intentionally executed by a disgruntled employee.  If a system was compromised, would your staff be capable of detecting it and, if they were, are they suitably trained on how to deal with the issue.

This presentation will give real world examples of how systems have been compromised, how to mitigate this through personnel training and the creation of policies to maintain Cyber awareness within your organization.


Speakers
avatar for Peter Clissold

Peter Clissold

Senior Cyber Security Consultant, Industry Business, Schneider Electric
For over 20 years Peter Clissold has been a leader in the industry with the adoption of new technologies and standards that improve efficiencies in control and driving access to information within the Industrial environment. Peter has been responsible for horizontal and vertical... Read More →


Tuesday April 25, 2017 08:40 - 09:25
Hullet Room 4th Floor

09:30

Surprises in a Decade of Evolving SCADA Security Advice

Over the last decade, Industrial Control System Security has risen to a prominent role in our lives. Much has been said and written to offer our community guidance and structure over this time. Join us for a sometimes humorous, sometimes encouraging, and sometimes pitiful look back at some of the highlights and lowlights from SCADA Security research, advice, and regulation over the past 10 years 


Speakers
avatar for Michael Firstenberg

Michael Firstenberg

Director of Industrial Security, Waterfall Security
Mike Firstenberg is the Director of Industrial Security for Waterfall Security. Mike brings almost two decades of experience in Industrial Control System Security, specializing in Control System Cyber Security. With a proven track record as a hands-on engineer - researching, desi... Read More →


Tuesday April 25, 2017 09:30 - 10:15
Hullet Room 4th Floor

10:45

Online Security Awareness Program for OT – Case Study

Cyber risk is growing for Operational Environments. New threat actors, inherent vulnerabilities and lagging technical controls present significant challenges for the protection of critical assets. Many asset owners and operators recognize that effective security culture requires effective governance between IT security and OT, but a lack of common awareness could lead to alignement and communication issues on both sides.  

Addressing the increased skills gap requires training, but taking time away from mission critical function is often not possible. Industrial companies are now looking for flexible and cost effective solutions that provide the core skills in engineering language across all level  

This session will explain how organizations can enhance their OT environment security, adhere to compliance requirements and benefit from cost savings.


Speakers
avatar for Mark Bakker

Mark Bakker

International Sales & Business Development Manager, Applied Risk
Mr. Mark Bakker has more than 18 years of experience in Industrial and Process Automation. For the last 9 years his focus has been towards Cyber Security for the process industries (mainly in the critical infrastructure). Mr. Bakker has held various Sales (Management) positions at Omron, Baumuller, Citect (Schneider Electric), Cisco , Invensys (Schneider Electric) and Fox-IT. He presented, attended and organized Cyber Security conferences and was a member of the Cyber Secure Reference Architecture Work Group of the WIB (Process Automation... Read More →


Tuesday April 25, 2017 10:45 - 11:15
Hullet Room 4th Floor

11:15

Practical Mechanisms for Effective ICS Protection, Threat Detection & Incident Response (Part 1)

Approaching the Industrial Control System Security dilemma through setting up practical mechanisms for effective protection, threat detection and incident response
The protection of industrial control systems is at the agenda of world leaders and definitely it is a responsibility of industrial cyber security experts to turn out from a dream to a reality. 

This workshop will focus on covering how to conduct proper risk assessments that enable the client to design effective cyber security solutions and enables them to mitigate the risks.  Bringing the IT (Information Technology) and OT (Operational Technology) teams to understand each other and to work with each other is very vital to achieving protection.  The workshop will highlight how teams can work together and the discussion will also focus on the importance of understanding the combination of the industrial cyber security, automation, and understanding plant production models by both IT and OT teams in order to design the right cyber secure infrastructure and solutions.  The session will also demonstrate a demo of threat detection and how a well-defined incidence response plan reduces the potential of disruption of plant operations/production as a result of successful cyber-attack.

Why you should attend

  • Why do we need to protect IT and OT environments much more than ever? And what are the emerging threats on both environments?
  • Discuss the integration between IT and OT infrastructures, threat detection, incidence response
  • Develop ideas on how to move into cyber security by design for the new control systems.
  • Learn how to embed industrial cyber security during the engineering project lifecycle
  • Understand how to build a security Operations Center that can serve both IT and OT infrastructures
  • What IT and OT teams need to know about automation project lifecycle?

Speakers
avatar for Ayman AL-Issa

Ayman AL-Issa

Chief Technologist, Industrial Cyber Security, Booz Allen Hamilton Inc.
Ayman Al Issa is Chief Technologist for Booz Allen Hamilton’s Industrial Cyber Security practice in the Middle East and North Africa region. Over a career which spans more than 23 years to date, Mr. Al Issa has gained vast experience in the fields of automation, information technology, and cyber security. Within these arenas, he counts industrial control systems and systems engineering, as well as cyber security strategy and model building amongst his areas of expertise. Illustrating his contribution to the latter, Mr. Al Issa has developed an ICS defense-in-depth industrial cyber security model that provides early detection of threats based on... Read More →


Tuesday April 25, 2017 11:15 - 13:00
Hullet Room 4th Floor

14:00

Practical Mechanisms for Effective ICS Protection, Threat Detection & Incident Response (Part 2)

(Continuation of Workshop)

Approaching the Industrial Control System Security dilemma through setting up practical mechanisms for effective protection, threat detection and incident response
The protection of industrial control systems is at the agenda of world leaders and definitely it is a responsibility of industrial cyber security experts to turn out from a dream to a reality. 

This workshop will focus on covering how to conduct proper risk assessments that enable the client to design effective cyber security solutions and enables them to mitigate the risks.  Bringing the IT (Information Technology) and OT (Operational Technology) teams to understand each other and to work with each other is very vital to achieving protection.  The workshop will highlight how teams can work together and the discussion will also focus on the importance of understanding the combination of the industrial cyber security, automation, and understanding plant production models by both IT and OT teams in order to design the right cyber secure infrastructure and solutions.  The session will also demonstrate a demo of threat detection and how a well-defined incidence response plan reduces the potential of disruption of plant operations/production as a result of successful cyber-attack.

Why you should attend

  • Why do we need to protect IT and OT environments much more than ever? And what are the emerging threats on both environments?
  • Discuss the integration between IT and OT infrastructures, threat detection, incidence response
  • Develop ideas on how to move into cyber security by design for the new control systems.
  • Learn how to embed industrial cyber security during the engineering project lifecycle
  • Understand how to build a security Operations Center that can serve both IT and OT infrastructures
  • What IT and OT teams need to know about automation project lifecycle?

Speakers
avatar for Ayman AL-Issa

Ayman AL-Issa

Chief Technologist, Industrial Cyber Security, Booz Allen Hamilton Inc.
Ayman Al Issa is Chief Technologist for Booz Allen Hamilton’s Industrial Cyber Security practice in the Middle East and North Africa region. Over a career which spans more than 23 years to date, Mr. Al Issa has gained vast experience in the fields of automation, information technology, and cyber security. Within these arenas, he counts industrial control systems and systems engineering, as well as cyber security strategy and model building amongst his areas of expertise. Illustrating his contribution to the latter, Mr. Al Issa has developed an ICS defense-in-depth industrial cyber security model that provides early detection of threats based on... Read More →


Tuesday April 25, 2017 14:00 - 17:00
Hullet Room 4th Floor