16 & 17 NOVEMBER 2021
Industrial Security Conference Copenhagen WWW.ISC-CPH.COM
THESE AND MANY MORE SPEAKERS Joe Slowik, Threat Researcher Gigamon
Patrick Miller, CEO, Ampere Industrial Security & board of directors, EnergySec Lars Erik Smevold, Security Analyst, KraftCERT Søren Rex Hansen, Senior Key Expert - Cyber Security Siemens Gamesa Marie Moe, Senior Security Consultant Threat intelligence Mnemonic James McQuiggan, Security Awareness Advocate KnowBe4
InsightIT
Confirmed partners
Industrial Security Conference Copenhagen Hacking costs companies and consumers trillions every year. Hacking of critical infrastructure such as the energy sector, transport, public sector services, telecommunications and critical manufacturing industries can disrupt necessities such as water, heat, healthcare, and food supply. Cybercrime is growing, cybercriminals are increasingly collaborating and every day new vulnerabilities are discovered, and new types of malwares are staying undetected. The threat landscape is ever changing and so are the tools necessary to keep networks, IT/OT systems, and people protected from cyber-attacks. It is no longer a question if your company will be compromised, but rather when it will be. Join us in Copenhagen on 16-17th of November 2021 and experience interesting keynotes, expert presentations, knowledge sharing and networking. Over the course of 2 days, you will be updated on the current threat landscape. You can look forward to hearing renowned experts share knowledge on securing industrial control systems – such as SCADA, PLC and Distributed Control Systems. Industrial Security Conference Copenhagen is relevant for anyone interested in securing control systems, critical infrastructure, automation, and smart grid. The conference gathers ICS/SCADA stakeholders across many different types of critical infrastructures from many countries.
Speakers List Peter Frøkjær President ISACA Denmark Maite Carli García Communication Manager & European CCI Coordinator, Industrial Cybersecurity Center CCI Mikael Vingaard OT Specialist En Garde Security Patrick Miller CEO Ampere Industrial Security & board of directors EnergySec Marie Moe Senior Security Consultant Threat intelligence Mnemonic Joe Slowik Threat Researcher Gigamon
James McQuiggan Security Awareness Advocate KnowBe4 Søren Egede Knudsen CEO & IT/OT Security expert Egede Aps Jens Peter Høgh Senior Manager Security & Technology PWC Vivek Ponnada Director of ICS Security ICI Electrical Engineering Jørgen Hartig Managing Director & Partner SecuriOT Lars Erik Smevold Head of R&D/ Security Analyst KraftCERT Søren Rex Hansen Senior Key Expert - Cyber Security Siemens Gamesa
Martin Scheu Security Engineer SWITCH-CERT René Matthiassen Senior Security Consultant Timmig Office Backup Michael Weng Principal Cyber Security Consultant NCC Group
PROGRAM TUESDAY 16 NOVEMBER 2021 08.30
Registration and refreshments Register at the conference reception, receive your nametag and conference material
09.00
Opening of the conference by Nina Meyer, Senior Project Manager, Insight Events
09.05
Chairman Peter Frøkjær, President of ISACA Denmark introduces today’s program
09.10
The State of the Industrial Cybersecurity in Europe Maite Carli, Communication Manager & European Coordinator, CCI
09.50
Short break
09.55
Top 20 Secure PLC Coding Practices This project brought together hundreds of OT Professionals and ICS Engineers, resulting in an easy-to-use guideline meant for Engineers to build/utilize native functionality at Purdue Level 1 towards a defensible security posture. Vivek Ponnada, Director of ICS Security, ICI Electrical Engineering
10.35
Refreshments and networking
11.00
Industrial Technology Trajectory: Running with Scissors Innovative and disruptive technologies are enhancing and invading our traditional industrial business model. Future infrastructure organizations will need more data to operate efficiently and succeed in the brave new interconnected world. The diversity of new technologies and data will fuel more diversity in business opportunity. Everyone expects more OT, more IOT, and more IT – and all of it is supposed to be highly reliable and secure. These factors (and more) lead to a landscape shift for the industrial cybersecurity risk profile. In this session, hear ways to recognize the problems and gain some clarity on possible solutions through historic lessons, made up words, and practical front-line experience. Patrick Miller, CEO, Ampere Industrial Security & board of directors, EnergySec
11.40
Lunch and networking
12. 30
DevSecOps, say what? Cyber secure solutions and integrations are not just something you develop, test and then handover. Hear how Siemens Gamesa Renewable Energy are utilizing best practices from the software community, boosting development, security, and operations, by bridging the gap between IT and OT. Keywords: DevSecOps, Secure development life cycle, long time support, delivery pipeline, risk assessment, blueprints Søren Rex Hansen, Senior Key Expert - Cyber Security, Siemens Gamesa
13.10
Short break
13.15
How do you cover and validate security requirements in tenders for your suppliers? How did the Danish State Railways ensure to cover cybersecurity in the large scale sourcing of a new trainfleet in one of the largest sourcing projects in Europe in 2021? René Matthiassen, Senior Security Consultant, Timmig Office Backup
13.55
Refreshments and networking
14.20
Serious fun with ... several industrial PLC’s and zerodays In the daily grinder, it often hard to find time to get trained in industrial Security - budget restrictions, Covid and corporate travel ban are not helping either. This presentation will provide insight in how the new ICS range training environment works - build with real industrial security devices. The ideas behind the range, the scope and gamification and a sneak-peak on some of the labs would be described in the presentation. The environment are online – always ready, when the student have time and there are no need to allocate precious in-house man-power to design, build and maintain the range. Mikael Vingaard, En Garde security
15.00
Short break
15.10
Cyber security in an offshore OT environment In the first part of this talk you get presented the results of an empirical study of cyber incident response readiness in the Norwegian oil and gas industry. The second part of this talk presents a recent use-case where mnemonic designed a solution for securing remote access into SAAS and protecting IACS subsystems offshore from cyber threats. Here Mnemonic implemented a system allowing the control room offshore to dynamically grant access and isolate critical subsystems offshore by pressing a “big red button”. The key takeaways from this talk will be an insight into the unique challenges of the petroleum industry when it comes to incident response readiness, including a real-world example of how to design secure remote access with a built in practical emergency network segmentation solution. Marie Moe, Senior Security Consultant Threat intelligence, Mnemonic
PROGRAM TUESDAY 16 NOVEMBER 2021 15.55
Short break
16.10
Network visibility considerations in industrial control system monitoring Traffic security, primarily through encryption, is frequently considered a desirable feature to prevent attacks, traffic spoofing, or traffic modification. In industrial networks, encryption has typically been looked down on for higher processing overhead and potential latency issues, but otherwise desirable if it can be properly implemented. In this presentation, we will look into questions of network traffic security and industrial control system monitoring to see what asset owners should look for when protecting their environments. This presentation will cover what is known of recent industrial intrusions and incidents, and examine how these relate to network visibility consideration. After reviewing technical details, we will then examine matters in light of other logging and visibility sources (or the lack thereof) to see what the overall industrial security picture looks like. From this exploration, we will arrive at a final discussion of how seemingly insecure traffic flows may actually enhance overall network and facility security posture through their availability for monitoring and analysis. Joe Slowik, Threat Researcher, Gigamon
17.00
Specialist talks Common challenges around a large scale OT cyber security program - Where to start ? How to get information ? What are the common pain points ? What should be the steps ? Claroty Addressing the Fast Evolving OT Threat Landscape with Unified Visibility Armis Pre-emptive cyber maintenance in IT/OT converged environments Dominic Storey, Principal OT Security Engineer, Tenable
17.30
Chairman Peter Frøkjær, President of ISACA Denmark rounds up today’s learnings
17.45
Networking reception
18.30
Dinner & Networking (requires separate signup)
PROGRAM WEDNESDAY 17 NOVEMBER 2021 09.00
Chairman Peter Frøkjær, President of ISACA Denmark introduces today’s program
09.10
Network security monitoring inside SCADA / OT networks SCADA / OT networks are often a black spots on the network map, even though organizations heavily rely on them. In this presentation you will learn what is doable with open source network monitoring software. The aim is to get you started with network monitoring, learn how to baseline your network, define what to detect and how to alarm. Martin Scheu, Security Engineer, SWITCH-CERT
09.50
Short break
10.00
Penetration testing in critical environments Why should we use penetration testing in our critical environment, and how can it be done? These two questions are often asked and discussed, but also sometimes misunderstood. In this session, Søren Egede Knudsen will both present information on why and how you should use penetration tests in the critical environment, but also how you can use the information from the penetration tests. He will be using some technical examples from the real world. Søren Egede Knudsen, CEO & IT/OT Security expert
10.40
Refreshments and networking
11.05
Zero Trust in OT/ICS ICS/OT environments are typically “flat”, originally designed with a reliability mindset and a security posture never intended to secure environments connected to the corporate network nor to the Internet. On the other hand, the trend towards digital connectedness is ever intensifying. And this, along with the marked shift in the OT threat landscape, has made ICS a prime target for cyberattacks. Implementing ”Zero Trust” principles in such industrial control networks is particularly challenging; not the least due to the difficulty to test new paradigms and technologies in an always-on industrial environment. Learn from PwC what is the state-of-the-art in this area, how to overcome the testing barriers, and how to deploy such principles - in combination with improved infrastructure visibility and positive reinforcement for your security policies - to better secure your Operational Technology. Jens Peter Høgh, Senior Manager Security & Technology, PWC
PROGRAM WEDNESDAY 17 NOVEMBER 2021 11.45
Tie the knot on OT/ICS cyber security activities Vendors, their Sales and Marketing departments and all kinds of experts seems to know what’s best for your company, when it comes to improving cyber security. AI, ML, Zero Trust and more, are thrown around. But are they right, and are they telling the whole story? This talk will go through some of the ‘behind the scene’ difficulties we experience when it comes to helping our clients implement and deploying new cyber security activities, to help boost their defense and/or forensics capabilities. It’s not all that easy, it seems … Michael Weng, Principal Cyber Security Consultant, NCC Group
12.25
Lunch and networking
13.25
Hardware security – Trust in the supply chain and why? There’s an all-time high focus from attacker groups on industrial control systems, whether it´s SCADA, local control, PLCs or the infrastructure. The hardware and software components that are the core of these systems, our most sensitive and critical infrastructure, are increasingly protected, and the management presents the new and great security solutions. Safe as in the bank or do we still have some uncharted waters? Also in the energy sector, companies are exposed to unwanted ICT incidents, both opportunistic and targeted. Computer attacks on businesses via the digital value chains appear to be on the rise. In this presentation, you will be presented with case studies and some thoughts about how to handle the value in the supply chain. Lars Erik Smevold, Head of R&D/ Security Analyst, KraftCERT
14.15
Short break
14.25
IEC 62443 Shit! The back door was open, and the lights went out. Digitization of production systems and utility services are becoming more and more widespread and has many positive effects. In the ”old days”, OT infrastructure and business IT were ”Air-gapped”, but that’s over now. The use of 5G, Edge computing, remote access to critical systems and the use of Cloud services, etc. has opened doors that also can be used by cyber criminals. How should you handle the new “reality”, and how can IEC62443 standards help you close the ”door”? Jørgen E. Hartig, Managing Director & Partner, SecuriOT
15.05
Refreshments and networking
15.30
Why Security Awareness isn’t enough for your users to protect your organization Cybercriminals continue to successfully trick users into clicking on links, effectively bypassing the firewalls and opening the organization’s proverbial front door for attacks. Discover the art and science behind deception and why users may fall for social engineering tricks even after understanding how they work. From the sleight-of-hand used by magicians to the slight-of-tongue used for social engineering, we are all wired to deceive and be deceived. See how threat actors use these techniques against your users and how an evolved security awareness training can help them spot deceptions before it’s too late. However, just because they are aware, what makes them care? What does it take to operate and maintain these security awareness programs successfully? Learn how organizations can review their ABCs of security training. Awareness, Behaviors, and Culture can significantly reduce the risk of attack for an organization. This session will explain why users succumb to social engineering attacks, including ways to make your users care and improve your security awareness and training program. James McQuiggan, Security Awareness Advocate, KnowBe4
16.10
Chairman Peter Frøkjær, President of ISACA Denmark talks about today’s learnings
16.25
The conference ends
We take reservations for misprints and changes in the program. For further information please contact Senior Project Manager Nina Meyer, Tel: (+45) 3055 3092 or e-mail: nm@insightevents.dk
VENUE & REGISTRATION DATES & CONFERENCE VENUE
The conference will be held 16 & 17 November 2021 at Tivoli Hotel & Congress Center Arni Magnussons Gade 2 1577 Copenhagen V
ACCOMMODATION
Accommodation is not included in the registration fee.
REGISTRATION FEE Number of days
Early Bird
Special offer
Normal price
Attend 1 or 2 days
Until 1 October 2021
Until 29 October 2021
From 30 October 2021
1 day
DKK 7,995
DKK 8,995
DKK 10,495
2 days
DKK 8,995
DKK 9,995
DKK 11,495
Invoice and confirmation of your registration will be submitted upon registration. The price includes catering (coffee/tea, fruit/cake and lunch as well as a network reception). You can also join an optional network dinner on 16th of November for DKK 650,-. All fees are exclusive VAT
GROUP DISCOUNT
It is possible to register 3+ entries for the conference and get a discount. Contact us for more information. .
REGISTRATION
To register for the conference the best and quickest way is to fill in the online registration form on cashandtreasury.dk. We also accept bookings by post, Tel: (+45) 35 25 35 45 and e-mail: info@insightevents.dk. Once we have received your registration you will receive an invoice. Your registration is binding.
CANCELLATION
All cancellations must be submitted in writing. If cancelled up to 14 days before the event, a fee of 10% will be withheld. Should cancellation be made less than 14 days prior to the event, 50% will be withheld and, if cancelled later than 2 days before the date of the event, full price will be paid. If you are prevented from participating, you also have the opportunity to transfer your participation to a colleague. All substitutions must be received in writing.
COVID-19: Safe Participation
In Denmark, more than 70 % have already been vaccinated against COVID-19. Most of the restrictions have been removed, and we are allowed to conduct conferences as normal. However, you may still present a corona pass (vaccine, negative test maximum 72 hours, or have been tested positive within the last 14 to 180 days) to be able to eat in the restaurants at the venues. Insight Events ApS, Silkegade 17, st., Postbox 2023, DK-1012 Copenhagen K, Tel: (+45) 35 25 35 45, info@insightevents.dk, www.insightevents.dk, VAT registered No 24 24 03 71
Insight Events ApS • Silkegade 17, st. • Postboks 2023 • 1012 København K
Insight Events conference
Industrial Security Conference Copenhagen Join us in Copenhagen 16-17 November 2021 and experience interesting keynotes, expert presentations, knowledge sharing and networking. Experience an international program The program is composed in cooperation with key players within the industry. You will learn from your international peers who are working with projects such as Honeypots, Penetration testing in critical environments, Information Security Awareness, Red Team/Blue Team playground and much more. Expand your network Industrial Security Conference Copenhagen is relevant for anyone interested in securing control systems, critical infrastructure, automation and smart-grid. The conference gathers ICS/SCADA stakeholders across many different types of critical infrastructures from many countries.
(+45) 35 25 35 45
www.isc-cph.com info@insightevents.dk
Insight Events Silkegade 17, st. 1113 København K
21scada
4 ways to register: