SIGS Special Interest Group
4th SCADA Forum (SCADA, ICS and OT Security)
This time “Workshop on Best Practices for Industrial Cybersecurity”
Klick for the .ics file to save the date
||Information Security Professionals interested in SCADA, ICS or OT Security
CIO’s, CISO, IT Manager, Security Executives, Security Engineers and all other persons who are responsible and interested in this specific topic
Security Consultants and Reseller only technical interested persons. Per Consulting Company max. one participant. Vendors and peoples from the Sales/Marketing part are not authorized to take part.
||Earn 4 CPE (Continuing Professional Education) for attending this SIGS event. Please request a confirmation.
||Hilton Zurich Airport Hotel
There are a lot of free park places available.
Train: railway station Zurich Airport – take the Hotel Shuttle
|Date of Event
||11th of May 2017
Further planned dates:
24th of August 2017
2nd of November 2017
||English if not German speaking persons will attend, otherwise German
||CyberX, an industrial cybersecurity company founded in 2013 and based in Israel, is the exclusive sponsor of this event and has graciously agreed to waive the usual entry fee for all qualified participants.
|1:30 – 1:45
||Welcome and Introduction by Omer Schneider, CEO and Co-Founder at CyberX
|1:45 – 2:30
||Markus Lenzin, Head of Substation Automation Technology at SwissGrid
Case Study: Continuous Monitoring of Cyber and Operational Incidents for Electrical Substations
Ensuring the safety of the electrical power grid by strengthening its resilience is one of the most important responsibilities of the system operator. After all, the power grid is probably the most complex and most critical infrastructure of any civilized society. In particular, all of the other critical infrastructure sectors are dependent on a working electrical grid, such as water, transportation, telecommunications and financial services.
Both cyberattacks and operational failures pose major risks to electrical utilities and therefore to all other organizations as well. This case study will discuss how Swissgrid is implementing a continuous monitoring system to rapidly detect and mitigate these risks. This is achieved using behavioural analytics algorithms to detect cyber and operational anomalies in all remote and geographically-distributed electrical substations.
|2:30 – 3:15
||Head of IT Security (details follow)
Assessing Vulnerabilities & Risk in Manufacturing Plants
Most manufacturing organizations still rely on ICS and SCADA systems that were designed decades ago, lacking many of the security controls we now take for granted in enterprise IT networks. The challenge is compounded as industrial organizations adopt digitization initiatives such as Industry 4.0 to optimize operations, further increasing risk from the convergence of IT and OT networks. This presentation will describe a holistic “people, process and technology” strategy for enabling global manufacturing organizations to operate securely in the digital and connected world, protect their critical business assets from cyberattacks, and enhance cyber resilience.
|3:15 – 3:45
|3:45 – 4:15
||Matthias Bossardt, Partner & Head of Cyber Security Services at KPMG
Auditing OT Using In-Depth Network Analytics
Security assessments are an essential component of every organization’s risk mitigation strategy. To ensure that a business’ crown jewels are adequately protected, a comprehensive understanding of OT related security risks is critical. The characteristics and challenges of OT security are quite different from IT, and traditional approaches to assess IT risks are not appropriate for OT environments. Aiming at a comprehensive and sound understanding of security risks, this presentation will describe our approach to assessing OT risks leveraging in-depth network analytics.
|4:15 – 4:45
||Bernd Jaeger, Practice Lead for IoT/ICS Security Deutsche Telekom at T-Systems Security
Machine Learning for Industrial Cybersecurity
Threat detection has evolved from 1st-generation (Signature-based IDS) to 2nd-generation (rule-based SIEM) to 3rd-generation (behavioral analysis and anomaly detection). This session will discuss machine learning challenges in the context of industrial cybersecurity, and how finite state machine (FSM) modeling algorithms can be applied to OT networks to enhance continuous monitoring and incident response.
|4:45 – 5:15
||Nir Giller, CTO/Co-Founder at CyberX
Update on Latest IIoT & ICS Threat Intelligence Research
CyberX has a world-class team of threat intelligence experts constantly monitoring the global ICS ecosystem for new industrial malware and cyber-operations, and uncovering zero-day vulnerabilities in ICS/SCADA systems. The threat intel team recently discovered Operation BugDrop, a massive cyber-reconnaissance operation targeting critical infrastructure organizations, that records sensitive conversations using PC microphones and then exfiltrates data using Dropbox. This session will provide an overview of the company’s ICS threat intelligence research including Operation BugDrop, BlackEnergy3, RADIATION (an IoT botnet) and critical zero-days discovered in widely-used ICS/SCADA devices.
|5:15 – 6:00
||Reto Francioni, Chairman of the Board of Directors at Swiss International Airlines
How to Present Cyber Risk to the Board
Information security has now become an essential part of risk management across most organizations. CISOs must now effectively regularly present to boards and other C-level executives, in order to articulate their risk posture, describe potential threat actors and risk mitigation strategies, and justify their budgets. This session will provide a chairman’s perspective on how CISOs and other security professionals can simplify security issues and provide a business-level perspective in order to position themselves to be key influencers in the boardroom.
|6:00 – open end
||Apéro Riche & Networking
The speakers will be onsite for Q&A
The Sponsor of this event is:
This is a ‘must attend’ event for all which are interested in SCADA/OT Security! We are confident that the relationships you develop here will prove to be crucial to your continuing success.
So don’t wait and send us your application to register by email
With the registration for this event you accept, that SIGS may use the data entered for its own purposes and may share it with its event partners and event sponsors of this platform.