With malicious software, such as BlackEnergy, and hacker groups such as Dragonfly intriguing and frightening cyber security experts in equal measure, and spreading unease throughout the community, it is evident that the integrity of the systems controlling our Critical National Infrastructure and large manufacturing plants is still very much under threat. With potential attacks on water, electricity and other features of a nation’s critical infrastructure carrying an increasingly damaging impact, security practices within private companies are becoming public business – as such practitioners must scrutinise their operations in order to minimise their exposure to such attacks.
Held under Chatham House rules, ICS Cyber Security, Europe 2015 will unite Cyber Security professionals with Control Systems managers and SMEs to address these issues and more.
SOLID WASTE MANAGEMENT SYSTEM OF FENI PAURASHAVA, BANGLADESH.pdf
ICS Cyber Security Europe 2015
1. GUARDING OUR CRITICAL NATIONAL INFRASTRUCTURE
ANDTHE SYSTEMSTHAT CONTROLTHEM
Location: London, United Kingdom
Main Conference: 28th -29th April 2015
Post ConferenceWorkshop: 30th April 2015
SENIOR SPEAKER PANEL INCLUDES:
The Right Honourable James Arbuthnot,
Former Chairman of the Defence Select Committee,
Houses of Parliament
Mr John Dickinson, Cybersecurity
Control Systems Manager,
Sellafield Ltd
Mr Mohib Rahman, EnergyTeam Lead, CPNI
Section, Office of Cyber Security and Information
Assurance, UK Cabinet Office
Mr Lhoussain Lhassani, CISSP, Sr. Specialist Asset
Management, Stedin
Mr Ragnar Rattas, Head of CIIP Section,
Republic of Estonia Information System
Authority
Mr DavidWillacy, Digital Risk & Security
Manager, The UK National Grid
Mr Helder Francisco, SCADA Manager,
EDP SA
“Cyberspace is a complex and rapidly changing
environment and it contains many and various
threats to our Critical National Infrastructure – I
am very much looking forward to chairing and
speaking at this event next April.
The Right HonourableJamesArbuthnot
”
FIRST 10 OPERATORS
ATTEND
FREE
+44 (0) 207 368 9737 enquire@defenceiq.com www.icscybersecurityevent.com
PROUDLY SPONSORED BY:
TOP 4 REASONSTO ATTEND:
1Benefit from a panel of SCADA controllers and Heads of Information
Security from a Energy toTransport to Manufacturing –learn how they
protect their critical systems.
2Learn about the guidelines and legislation being developed to monitor
and control the quality of the cyber security solutions protecting
these ICSs in order to align your long term security strategy. Hear from
Speakers such asThe Right Honourable James Arbuthnot and Dr.
Evanglies Ouzounis of ENISA
3Further your understanding of the current solutions available in the
market and how they can protect your control systems from malicious
intrusions – place your company at the forefront of the field in terms of
the software protecting your automated control systems.
4Ensure that you are prepared to maximize resilience and minimise your
vulnerability by learning about the latest cyber threats to ICSs, both
human and technical, in the world today – with expert insight from
the European Cybercrime Centre and US CENTCOM.
2. Dear Colleague,
Following the great success of the inaugural 2014 event, ICS Cyber Security will be returning to London in April, boasting a more diverse speaker panel and a
new rationale: communicating the business risk of cyber intrusions into ICS.
Industrial Control Systems are increasingly receiving more attention as both businesses and governments realize the severe ramifications of a cyber attack
on CNI or a key plant. As a result, we are delighted to announce the attendance of Sellafield Ltd., Stedin,Waternet and US Central Command, presenting case
studies and success stories of foiled cyber attacks on their systems.
ICS Cyber Security 2015 will not only raise your awareness of the current threats to industrial control systems but also explore how to combat them,
emphasising the preventative and reactive measures that you can take to protect the systems and the plants that they control.
If you would like more details about any aspect of the event then please do not hesitate to contact our enquiries team on +44 (0) 20 7368 9737.
Until then, I look forward to welcoming you to London in April.
Yours Sincerely,
Alexander Jupp
Conference Producer | ICS Cyber Security | Defence IQ
ICS CYBER SECURITY 2015 SPEAKER FACULTY
The Right Honourable James Arbuthnot, Former Chairman of the
Defence Select Committee, Houses of Parliament
Mr John Dickinson, Cybersecurity
Control Systems Manager, Sellafield Ltd
Mr Lhoussain Lhassani, CISSP, Sr. Specialist Asset Management,
Stedin
Mr Michael Boyer, Chief of Cyber Initiatives and Cyber Security,
US CENTCOM
Miguel Garcia-Menendez, Head of Corporate Governance and
Strategy, Industrial Cybersecurity Centre
Mr Helder Francisco, SCADA Manager, EDP SA
Mr Stefano Mele, Research Director, IISS
Mr Mohib Rahman, EnergyTeam Lead, CPNI Section, Office of Cyber
Security and Information Assurance, UK Cabinet Office
Mr Ragnar Rattas, Head of CIIP Section,
Republic of Estonia Information System Authority
Ms Marian Krotofil, ICS Security Engineer, ENCS
Mr DavidWillacy, Digital Risk & Security Manager, The UK
National Grid
MrTroels Oerting, Assistant Director and Head of EC3,
EUROPOL – European
Mr Christopher Hankin,Director of the Institute for Security Science and
Technology and Head of the Sub-Group onTrustworthy Industrial Control
Systems, Imperial College London
ADVISORY BOARD
Emphasizing the business risk posed by cyber attacks on
SCADA systems and how to communicate this within your
organisation – make board members understand the impact
these attacks can have on the bottom line.
Examining and evaluating various methods for guarding
against human error and preventing successful cyber intrusions
in our post-conference workshops, hosted by Sellafield and
ENCS.
The speaker panel will be more diverse than ever before,
boasting a stimulating blend of organisations, businesses and
government representatives.
A detailed examination of the work being done by European
institutions and governments for the protection of industrial
control systems - how are these bodies working with Critical
Infrastructure operators and how can you get involved?
WHAT’S NEW FOR 2015?
+44 (0) 207 368 9737 enquire@defenceiq.com www.icscybersecurityevent.com
Mr Richard Piggin, Principal Security Consultant,
Atkins Global
MrWilliam Horner, Process Automation Consultant, Sabic
Mr Michael Boyer, Chief of Cyber Initiatives and Cyber Security,
US CENTCOM
Mr John Dickinson, Cybersecurity Control Systems Manager,
Sellafield Ltd.
The Right Honourable James Arbuthnot, Former Chairman of the
Defence Select Committee, Houses of Parliament
3. CONFERENCE DAY ONE / 28TH APRIL 2015
08:30 COFFEE & REGISTRATION
09:00 Chairman’s Opening Remarks
The Rt. Hon. James Arbuthnot MP
09:10 The Cyber Protection of UK Critical National
Infrastructure
Current UK government strategy for protecting CNI from
malicious cyber intrusion
Why the government and industry must work more closely
together in this regard
What is the future of UK strategy in this area?
The Right Honourable James Arbuthnot, Former Chairman of
Defence Select Committee, Houses of Parliament
09:50 Cyber Security for ICS –‘Good Practice Guidelines’
What can be done to identify, secure, maintain, modify,
manage and protect a system?
Going beyond‘Don’t Connect SCADA to the internet’–The
challenge of attaching digital cyber security solutions to
analogue control systems
Current and future cyber threats to CNI – improving the
resilience of Sellafield to handle them
Mr John Dickinson, Cybersecurity Control Systems Manager,
Sellafield Ltd.
10:20 Presentation from Lead Industry Sponsor Atkins Global
Mr Richard Piggin, Principal Security Consultant, Atkins Global
10:40 COFFEE & NETWORKING
11:10 Providing for the Cyber Security of the UK’s Critical
National Infrastructure
Threats – from a high level perspective
The importance we attach to the CNI and our approach to
protecting it - incorporating risk based approaches and read
across from physical
The work currently being done by departments and industry
to understand vulnerabilities and improve resilience
Our ambition for what the landscape should look like going
forward, post the national cyber security programme -
business as usual, continuous improvement and standards
development
Mr Mohib Rahman, Energy Lead for CNITeam, Office of
Cyber Security and Information Assurance
11:40 ENISA’s Approach to ICS-SCADA Security
EU Cyber Security Strategy - emphasis on ICS-SCADA
EU proposed NIS Directive - emphasis on ICS-SCADA
ENISA’s work on ICS-SCADA
Good Practices and recommendations on ICS-SCADA.
DrVangelis Ouzounis, Head of Resilience and Critical Information
Infrastructure , ENISA
12:10 Cyber Security Architecture for OperationalTechnology
(ICS/SCADA)
Best practices from the field – gaining experience from different
sectors
Success factors for achieving business continuity in the face of
potential vulnerabilities
A risk-based approach to Cyber Security
Mr Lhoussain Lhassani, CISSP, Sr. Specialist Asset management.,
STEDIN
12:40 NETWORKING LUNCH
13:40 Cyber Security for ICS –Where Business and
Government Converge
Why business must start taking IT security more seriously!
Convincing the boardroom that resilient Cyber Protection is worth
the outlay
The trade-off between buying‘off-the-shelf’cyber security
solutions that can be implemented without a break in production
and taking Control Systems offline to build new security programs
into the structure of those systems
Mr Michael Boyer, Chief of Cyber Initiative and Cyber Security,
US CENTCOM
14:20 AdvancedThreats Require Advanced ICS Cybersecurity:
An Intelligence-Driven Defence
ICS cyber security in today’s reality requires moving beyond defence-in-depth
to effectively address the targeting of Industrial Controls Systems (ICS) by
Advanced PersistentThreats (APT). Recent ICS aware cyber attacks have
demonstrated the need to develop capabilities beyond traditional prevention
strategies although it is vital to do so only from a solid foundation. ICS
defenders will need to consider their security strategy and optimize for
detecting intrusion attempts and identifying and responding to suspicious
events within the ICS and process. It is no longer sufficient to focus on
“Prevention”, a prepared organization can detect and disrupt the types of
attacks reported in today’s headlines.
During this presentation participants will learn:
Insight into APTs targeting ICS and critical infrastructure
Recommendations on how to move beyond firewall and defensive
protections
How to use intelligence to combat targeted attack against ICS
How to apply the Cyber Kill Chain® methodology to reduce risk to
your organization
AndrewWadsworth, Head of Process Control Security,
Lockheed Martin IS&GS
14:40 Increasing Awareness of the Cyber threat to ICS, as the
Water Network Becomes More Remote Accessible
The company’s approach to Cyber Security – Separating IT and ICS
Networked Critical National Infrastructure – the potential ripples
felt in one sector of CNI, as a result of a successful cyber attack on
the ICS in another
Proposals for solutions at both the technical and personnel level –
increasing resilience
15:20 COFFEE AND NETWORKING
15:50 BoardroomWorkshops
Seize the chance to engage with other end-users and
operators over the specific challenges afflicting your sector:
Learn from thought-leaders about the progress and future
direction of cyber security solutions in your field
Work together to generate smart, effective and up to date
measures to protect your systems and production
Limited Spaces Available!
17:20 Focus Panel: Feedback from the Boardroom sessions
17:40 CHAIRMAN’S CLOSE AND END OF DAY ONE
Securing the integrity
of the systems
controlling extraction
and production sites
Exploring the impact of
a disruption to a
nation’s water supply
Maintaining the
consistent operation of
complex transport
networks
Safeguarding the
productivity of large
manufacturing centres
ManufacturingTransportationOil & GasUtilities
4. CONFERENCE DAYTWO / 29TH APRIL 2015
08:30 COFFEE & REGISTRATION
09:00 Chairman’s Recap of Day One
09:10 Providing for the UK’s Energy Needs
Handling the cyber security of a large and complex system of
systems
Lifecycle management and security for IT in the engineering
environment
Achieving complete visibility and awareness of security risk during
the entire procurement process
Mr DavidWillacy, Digital Risk & Security Manager,
UK National Grid
09:50 Mapping the Future of Cyber Protection at EDP SA
– Analysing the Key requirements
Implementing new firewalls onto an interconnected system
When changing the cyber security software of one corporation has
ramifications for parent companies
Case study of a recent update made to the plant’s SCADA systems
Mr Helder Francisco, Control Systems Manager,
EDP SA
10:30 COFFEE & NETWORKING
11:00 Estonian approach to ICS/SCADA security assessment:
lessons learnt and conclusions
How the EISA has carried out multiple ICS/SCADA security
assessments over the period of last 3 years in various sectors
including energy, utilities and transport
What was assessed and what assessed companies gained out of
those projects
What we learned and concluded from the state perspective
Mr Ragnar Rattas, CIIP,
Republic of Estonia Information System Authority
11:40 A Collective EU Response to Cybercrime
Why the‘collective response’is so vital to the protection of our ICS
What work does the ECC do to this end?
What will collaboration on Cyber Security for the ICS in our CNI
look like in the future?
MrTroels Oerting, Assistant Director and Head of EC3,
EUROPOL – European Cybercrime Centre
12:20 NETWORKING LUNCH
13:30 Not everything needs to be encrypted: Confidentiality
in Industrial Control Systems
This talk will debunk the myth about insecurity of Industrial Control Systems
due to lacking encryption support in the field protocols.
Clarification of vocabulary: confidentiality, privacy, anonymity
What data and information need to be confidential in the context
of Industrial Control Systems.
Alternatives to encryption for ensuring confidentiality of the field
data
Marina Krotofil, Senior Security Consultant, ENCS
14:10 Critical Energy Infrastructure and Cyber Attacks: A
Strategic Analysis ForTactical Protection
The exponential spread of new‘Cyber-weapons’
The strategic application of these weapons to industrial control
systems and the danger they pose therein
Improving the resilience of CNI to these weapons
Stefano Mele, Research Director, Italian Institute of Strategic
Studies‘Niccolò Machiavelli’
14:50 COFFEE AND NETWORKING
15:20 The Research Institute:Trustworthy Industrial Control
Systems
The Activities of the Research Institute: assessing physical
damage as a result of Cyber attacks on ICSs; communicating an
appreciation of business risk posed by cyber attacks to
vulnerable industrial entities; developing technical interventions
to improve the resilience of these systems to attack
Update on the results of the Institute’s recent research into
developing resilience in CNI
Projection for the future; generating impactful and practical
solutions to Industrial Cyber Security threats
Mr Christopher Hankin, Director, Institute for Security Science and
Technology, Imperial College
15:50 The importance of a multidisciplinary ecosystem for
industrial cybersecurity
Why the vulnerability of ICS to Cyber attacks is a long term,
strategic business problem
Establishing the costs of cyber attacks at both a business and
technical level
Collating intelligence on cyber threats effectively
Miguel Garcia-Menendez, Head of Corporate Governance and
Strategy, Industrial Cyber Security Centre
16:20 Focus Panel Discussion
How to improve the physical reliability of ICS systems
Bridging the gap between the cyber security needs of CNI and
existing regulations in the EU
How to ensure that industry and their ICS stay up to date with the
evolving threat environments
17:00 CHAIRMAN’S CLOSE AND END OF DAYTWO
+44 (0) 207 368 9737 enquire@defenceiq.com www.icscybersecurityevent.com
TURN OVER
FOR
WORKSHOP
DETAILS
5. COFFEE & REGISTRATION
09:50 Chairman’s Recap
WORKSHOP A
10:00 Preventative actions to be taken to defend against Cyber Security Attacks on ICS
Attend a workshop where you will have the chance to learn practicable Cyber Security Skills from qualified control systems
professionals
Develop your understanding of the best protocols governing human actions, which can provide a first line of defence
against Cyber attacks
Understanding the form of current cyber threats to ICS from the basic level to the complexity of REGIN
Deciding on the correct solutions (whether software, hardware or a new personnel protocol)
Integrating those solutions within your existing industrial architecture
Testing and assessing the protection provided by the new solutions – what gaps are left
Mr John Dickinson, Cybersecurity Control Systems Manager, Sellafield Ltd
12:00 NETWORKING LUNCH
WORKSHOP B
13:10 A mission-centric approach to threat assessment for Industrial Control Systems
Mission-oriented (or business process-oriented) approach to risk assessment is currently gaining acceptance in the industry.The interactive
workshop will take the audience through the steps of the mission-oriented risk and threat assessment for Industrial Control Systems.
Every organization has a mission, e.g. to generate profit, which can be fulfilled through the accomplishment of the smaller missions such
as delivering services and products to customers, billing, maintaining health of the own infrastructure, compliance with the regulatory
requirements, etc.Traditionally, the success of cyber security measures are determined by the level of protection of critical network infrastructure
components and software assets from attackers. At the same time, it is understood that the ultimate goal of cyber security is to protect ongoing
and planned missions (operational goals). Using current methods, it is virtually impossible to determine the impact of a cyber-attack on the
physical process under control and attainment of mission objectives. Do we know which mission elements are affected? Can we continue to
operate and fulfill the mission? Can we salvage part of the mission? As a result the ability to respond to an attack is much less effective than it
could be.
Mission-oriented approach is sustainable in that once it is done, it doesn’t need to be revisited or changed often. It is also actionable in that
the exposure of the process to a new form of attack can be quickly analyzed so appropriate protections can be implemented.
Commonalities with the current standards (ISO27005 and IEC62443) and established approaches.
Practical process of mapping cyber resources to activities, tasks, and missions.
Layered approach to the analysis of the infrastructure dependencies: gaining awareness of the dependencies between
cyber and physical assets and their impact on the health of the process control systems and underlying physical process.
Introduction of the operational security properties to facilitate qualitative evaluation of the impact of a cyber-attack
on the operational goals set for the missions. Integration of timing parameter to evaluate the amount of impact an
incident will have.
Impact assessment of cyber-physical attacks and maintaining continuity of operations during network incidents.
Marina Krotofil, Senior Security Consultant, ENCS
POST-CONFERENCEWORKSHOP DAY / 30TH APRIL 2015
FOR MORE NEWS, ARTICLES,
PODCASTS ANDWHITE PAPERS
ON ICS CYBER SECURITY,VISIT:
WWW.ICSCYBERSECURITYEVENT.COM
+44 (0) 207 368 9737 enquire@defenceiq.com www.icscybersecurityevent.com
6. ICS CYBER SECURITY, EUROPE 2015 / PROUD SPONSORS
LEAD EVENT PARTNER
SPONSOR
Atkins’ is a globally renowned provider of professional, technologically-based consultancy and support services
to industry, commerce and government on every continent.We employ over 18,000 staff based in more than 300
offices worldwide.Our vision is to be the world’s best infrastructure consultancy.Atkins is the largest engineering
consultancy in the UK, the third largest multidisciplinary consultancy in Europe and the fourteenth largest
global design firm. It was also the official engineering design services provider for the London 2012 Olympic and
Paralympic Games. Our skills lie in the expansive area of infrastructure – the wiring of society – encompassing
buildings; land, sea, and air transport; information communications and security systems; and utilities (including
energy and water); as well as in our experience of working for a broad range of clients, including national and local
governments and the commercial sector.The social and environmental framework of our work is crucial, and we
view all our projects in the context of the communities in which they are delivered.
Lockheed Martin’s Industrial Defender products and services deliver leading solutions for cybersecurity,
compliance and change management of industrial control systems (ICS). Its flagship product, Industrial Defender
Automation Systems Manager™ (ASM), has become the de facto standard to ensure the availability and reliability
of key industrial processes amid escalating cyber threats, increasing regulatory burdens and accelerating ICS
management challenges. Over 400 companies in 25 countries rely on Lockheed Martin’s Industrial Defender
products and services to reduce costs, manage risks and enhance operational excellence.
Website
www.atkinsglobal.co.uk
Website
www.industrialdefender.com
+44 (0) 207 368 9737 enquire@defenceiq.com www.icscybersecurityevent.com
MEDIA PARTNERS
WHO’S ATTENDING?
ABOUT DEFENCE IQ
You will benchmark and connect with key decision makers, solution providers and IT experts from key organisations facing the
challenges of ICS Cyber Security, including:
Defence IQ is an authoritative news source for high quality and exclusive commentary and analysis on global defence and military-related topics. Sourcing interviews and insights directly from
senior military and industry professionals on air defence, cyber warfare, armoured vehicles, naval defence, land defence and many more topics, Defence IQ is a unique multimedia platform to
discussandlearnaboutthelatestdevelopmentswithinthedefencesector.Sojoinover70,000defenceprofessionalstoaccessalltheexclusivevideointerviews,podcasts,
articles and whitepapers that are available and updated on a daily basis. Join today for free by signing up on our website:www.DefenceIQ.com
Electric Power Generation Stations
Nuclear Electric Power Generation Stations
Energy Retailers
Water Supply and Irrigation Systems
Construction
Aerospace Product and Parts Manufacturing
RailTransportation
Commuter Rail Systems
IT Security Services
Telecommunications
Engineering Services
InformationTechnology Services
IT Solutions & Services Providers
International Affairs
Defence
7. How Can You Meet Your Marketing And Business Development
Objectives At ICS Cyber Security, Europe 2015?
Generate new sales
leads: Our event will bring
together the region’s
key-decision makers, all of whom
have strong business reasons for
attending the event. By exhibiting and
presenting, you can impact on these
buyers. By the very nature of the high
quality of delegate attendance, the
contacts generated will lead to very
high conversion rates.
Demonstrate
thought
leadership:
Speaking on the
programme will allow
you to demonstrate your
market knowledge and
expertise to an audience
of high level decision
makers.
Building
customer loyalty:
Face-to-face
contact at conferences, and
showing continued support
of the market, helps develop
client loyalty as well as
cement your position as an
industry player.
Building relations with
the media: We have
researched the market
media partners. We understand that
opportunities for editorial coverage
and developing better relations
can be integral to your company’s
success, so our media partnerships
beyond the standard sponsorship
package.
Brokering new
business partnerships:
Currently there are huge
opportunities to partner with OEM
suppliers actively looking to adjust
their supply chains.
Enter new
markets:
Sponsorship
is one of the most
effective ways to enter
new markets. It is a great
opportunity to research
and network whilst
gaining exposure to a
Positioning your
company brand:
Being part of this
establishes your company as
a strong brand and highlights
your company’s abilities and
strengths. Commitment to this
event also demonstrates your
capability as a global player.
01 03 05 07
08
04 06Launch new products or
services: Use the event as
a launch pad to promote
your latest products or system. With
industry in attendance, plus carefully
selected media partners at the event,
innovative new technology will always
generate a buzz.
02
8waysICSCyberSecurity,Europe2015canbenefityou!
Networking
Ensure that you have the opportunity to
engage with the key decision makers within
your industry.We can create a platform for
you to effectively interact with your top
customers and prospects in the environment
of your choice.This can range from formalised
private meetings / workshops right through
to less structured networking events such as
sponsored drinks receptions, coffee breaks or
lunches. Ultimately whatever you decide is the
right forum; we will support you in your quest
to advance relationships with the key people
who can influence the future of your business.
Branding
Your company can be elevated to a position
where they are seen as a market leader. In a
fiercely competitive market you need to ensure
that your brand is differentiated from the
competition. Failure to create a clear identity
will see your organisation fade into the
background.We ensure that we do everything
we can to effectively lift your brand before,
during and after the event. Not only do we
create a fully integrated marketing campaign,
which your company can be part of, but we
also offer high impact premium branding
opportunities for example on bags, water
bottles, pens, lanyards etc.
Thought Leadership
If you think that you should be viewed as a true
industry leader then you need to demonstrate
your market knowledge and expertise through
a thought leadership opportunity, such as
speaking or chairing.This is a highly unique
opportunity for your company to educate the
market, and as long as you are credible enough
to fit into a high level event programme, we
can position your organisation alongside top
customers and prospects in our speaker faculty.
As part of this speaker faculty your company
will be set apart from other industry attendees
giving you the competitive edge required to
make further strides in the market.
To the left you will find an example of some
sample packages which are designed to be
multi functional across the above objectives.
These are just examples because all of our
sponsorship packages are specifically designed
to meet your company’s individual marketing
and business development objectives.
Package Exhibition Associate Plenary Lead
Advisory Board Member ✔ ✔
Exhibition 6x3 ✔ ✔
Exhibition 3x2 ✔ ✔
Conference Delegate Passes ✔ ✔ ✔
Branding at Conference ✔ ✔ ✔ ✔
Pre Event Branding (brochure) ✔ ✔ ✔ ✔
Customised Mailing ✔ ✔ ✔ ✔
Wish List ✔ ✔ ✔ ✔
30-40 Minute Plenary Speaking ✔ ✔ ✔
1 Day Conference Chair ✔
IPAD Conference Note/information pack sponsor ✔ ✔
Workshop ✔
Lanyards ✔ ✔
For sponsorship opportunities please contact
Alex Darby on +44 (0) 207 368 9300
or by e-mail at sponsor@iqpc.co.uk
+44 (0) 207 368 9737 enquire@defenceiq.com www.icscybersecurityevent.com