Agenda Day 2

9:00 AM - 9:10 AM CHAIRMAN’S RECAP OF DAY 1

9:10 AM - 9:50 AM ASSESSING THE POTENTIAL PHYSICAL AND CONSEQUENTIAL IMPACTS OF AN ATTACK ON CYBER-PHYSICAL SYSTEMS

Michael Ebner, Chief Information Security Officer, EnBW
  • Physical impacts encompass the set of direct consequences of ICS failure, including personal injury and loss of life, the loss of property (including data) and potential damage to the environment
  • Economic impacts are a secondary effect from physical impacts ensuing from an ICS incident, inflicting a greater economic loss on the facility, organisation, or others dependent on the ICS
  • The consequence from the loss of national or public confidence in an organisation is, at times, overlooked. However, it is a very real consequence that could result from an ICS incident

Michael Ebner

Chief Information Security Officer
EnBW

9:50 AM - 10:30 AM Cybercrime – The Real Deal - Why do cyberattacks still succeed?

Torsten Noack, International Sales Executive , Fox-IT
  • Impact of latest ICS cyberattacks
  • Why do cyberattacks succeed?
  • What can we do about it?
  • Preview of what will happen the next years

Torsten Noack

International Sales Executive
Fox-IT

10:30 AM - 11:00 AM MORNING COFFEE AND NETWORKING

11:00 AM - 11:40 AM HOW TO BUILD AND TRAIN A CROSS-FUNCTIONAL TEAM WITHIN YOUR ORGANISATION

Haya Shulman, Department Head Cybersecurity Analytics and Defences, Fraunhofer Institute for Secure Information Technology SIT
How can cross-functional information security teams be encouraged to share their varied domain knowledge and experience to evaluate and mitigate risk in the ICS?
Encouraging control engineers to take a larger role in the security of ICS, and providing them with ease of collaboration and support from both the IT department and management
Implementing an effective reporting structure, and understanding where the ultimate authority and responsibility lie

Haya Shulman

Department Head Cybersecurity Analytics and Defences
Fraunhofer Institute for Secure Information Technology SIT

11:40 AM - 12:20 PM TOWARDS SAFER PLANTS – FINDING OT CYBER SECURITY

Jonni Talsi, Project Manager (I&C) and Chief Engineer Cyber Security, Poyry
  • Translating cyber security measures effectively into the OT world
  • Understanding what the roles and responsibilities of the OT team are
  • Anticipating the factors affecting project execution
  • An analysis of the difficulties integrating IT and OT into an Integrated Cyber Security Solution

Jonni Talsi

Project Manager (I&C) and Chief Engineer Cyber Security
Poyry

12:20 PM - 1:20 PM NETWORKING LUNCH

1:20 PM - 2:00 PM WHAT EUROPE IS DOING TO SUPPORT THE EUROPEAN CYBERSECURITY MARKET

Luigi Rebuffi, Secretary General, ECSO
  • The creation and the priorities of the European Public Private Partnership between the European Commission and ECSO (European Cyber Security Organisation)
  • How the discussion on Industrial Control Systems is taking place in ECSO
  • What is the expected contribution from users operators and suppliers of Industrial Control Systems; what is their interest in participating in a common market development?

Luigi Rebuffi

Secretary General
ECSO

2:00 PM - 2:40 PM IDENTIFICATION AND AUTHENTICATION: PREPARING FOR CHALLENGES FACED WITH ICS USER’S ABILITY TO RECALL AND ENTER A PASSWORD MAY BE IMPACTED BY THE STRESS OF THE MOMENT

Christoph Riedmann, Senior Adviser - Digitisation, Cyber Security, Industrial Policy, Fachverband Metalltechnische Industrie
  • Considering the security needs and the potential ramifications of the use of authentication mechanisms on these critical systems
  • Providing an equivalent security capability or level of protection for the ICS situations where the system cannot support authentication mechanisms
  • Implementing special considerations when pushing down policies based on login password authentication within the ICS environment

Christoph Riedmann

Senior Adviser - Digitisation, Cyber Security, Industrial Policy
Fachverband Metalltechnische Industrie

2:40 PM - 3:10 PM AFTERNOON TEA AND NETWORKING

3:10 PM - 3:50 PM THE PHYSICAL PROTECTION OF THE CYBER COMPONENTS AND DATA ASSOCIATED WITH THE ICS THAT MUST BE ADDRESSED AS PART OF THE OVERALL SECURITY OF A PLANT

Thomas Usländer, Head of Department, Information Management and Production Control, Fraunhofer IOSB
  • Mitigating the risk of physical modification, manipulation, theft or other removal, or destruction of existing systems, infrastructure, communications interfaces, personnel, or physical locations impacting the security of these systems
  • Preventing unauthorised observation of sensitive informational assets through visual observation, note taking, photographs, or other means
  • Blocking the ability of new systems, communications interfaces, or other hardware being introduced to the infrastructure
  • Creation of a policy that prevents installation of devices intentionally designed to cause hardware manipulation, communications eavesdropping, or other harmful impact

Thomas Usländer

Head of Department, Information Management and Production Control
Fraunhofer IOSB

3:50 PM - NaN:NaN AM UNDERSTANDING HOW TO IMPLEMENT EFFECTIVE MONITORING, LOGGING, AND AUDITING SOLUTIONS, AND ASSESSING THE BENEFIT OF DOING SO TO YOUR SECURITY PROCEDURES

Christoph Moder, Senior Researcher, RiskViz Consortium
  • Creating an ICS security architecture that can incorporate mechanisms to monitor, log, and audit activities occurring on various systems and networks
  • Understand the importance of monitoring, logging, and auditing activities validating that the system is operating as intended, and that no policy violations or cyber incidents have hindered the operation of the system
  • Strong system monitoring, logging, and auditing is necessary to troubleshoot and perform any necessary forensic analysis of the system

Christoph Moder

Senior Researcher
RiskViz Consortium

4:30 PM - 5:00 PM CHAIRMAN’S CLOSING REMARKS