KEYNOTE
Security by Design — A Communication Problem?
Sarah Fluchs, CTO, admeritia GmbH
For a long time, cybersecurity regulation has mainly addressed critical infrastructure operators. This year, the focus has shifted to product manufacturers with regulations like EU’s Cyber Resilience Act (CRA) the UK Product Security and Telecommunications Infrastructure Act (PSTI) or UNECE R155/156 for cars. In addition, national security authorities from dozens of countries, led by US CISA, are pushing security by design globally through joint recommendations, and many countries are introducing cybersecurity labels for IoT products.
If everybody wants Security by Design – then why is it still not done? Maybe it’s not the technology. Maybe not even the money. Maybe the problem we need to solve is a communication problem between product manufacturers and operators / users. Sarah substantiates this point by summarizing what the above regulations require from manufacturers and shows new approaches for communicating cybersecurity – during design as well as after design, between engineers as well as towards management and an interested public.
INTELLIGENCE EVOLUTION TRACK
Intro to Intelligence Evolution
Megan Samford, VP, Chief Product Security Officer - Energy Management, Schneider Electric
In this introduction to intelligence evolution, our expert presenter will provide an overview of the latest advancements in artificial intelligence, machine learning and data analytics while exploring how these technologies are transforming the way we understand and interact with the world around us.
IOT CYBERSECURITY TRACK
Intro to Cybersecurity
Brian Holliday, Managing Director, Siemens, Co-Chair Made Smarter Commission, Made Smarter UK
In this introductory session, Brian Holliday will talk about his experience with Made Smarter UK and provide a comprehensive overview of the fundamentals of cybersecurity. Attendees will gain a solid understanding of the key concepts, strategies and best practices for protecting digital assets and mitigating risk in today's interconnected world. Don't miss this opportunity to lay the foundation for a stronger, more secure digital future!
INTELLIGENCE EVOLUTION TRACK
Leveraging an Outcomes-based Approach with International Standards to Mitigate Cyber Risks
Mohammed Zumla, Managing Consultant, Cyber ICS
Operators of essential services, regulators, government, vendors and consultancies have been navigating their way through compliance. Although the spirit of NIS regulations is to uplift the overall level of cyber resilience for critical national infrastructure, the journey has been complex and often misunderstood by many. This presentation helps all those concerned to focus on this spirit and develop a staged approach to both satisfy compliance requirements and be resilient against the ever-evolving threats.
IOT CYBERSECURITY TRACK
Secure by Design
Rob Barnes, Cyber Security Technical Expert, Rolls-Royce Civil Nuclear UK
In this informative session, Rob Barnes will delve into the core principles of Secure by Design, a critical approach to developing secure software and systems from the ground up. Attendees will learn about best practices for incorporating security into the entire development lifecycle, from design and coding to deployment and maintenance. This talk is designed for anyone looking to enhance their understanding of how to build security into the foundation of digital products and services.
IOT CYBERSECURITY TRACK
Impact of New Tech in Standards
Cindy Segond von Banchet, OT Cybersecurity Lead, Yokogawa Europe
Join us as we discuss the complex interplay between new technology standards in the rapidly evolving world of cybersecurity. Attendees will learn how emerging technologies, such as AI, IoT and cloud computing, are shaping the development and enforcement of security standards. The talk will explore the challenges and opportunities presented by this intersection, as well as the implications for the future of cybersecurity. This session is designed for anyone seeking to enhance their understanding of how new technologies are transforming the standards landscape and how to effectively navigate these changes to maintain a strong security posture.
INTELLIGENCE EVOLUTION TRACK
Fireside Chat: Understanding the Hardware Side of Supply Chain Risk and Protecting It
JC Herz, Senior Vice President, Cyber Supply Chain, Exiger
Cassie Crossley, Vice President, Supply Chain Security Security, Schneider Electric
During this fireside chat, our speakers will explore the dynamic relationship between the hardware side of supply chain risk and how to protect it. Our panel of industry experts will discuss the unique challenges and opportunities, offering valuable insights on how to leverage intelligence to identify and mitigate risks in the hardware supply chain industry. Attendees will learn about the latest trends and best practices for securing their hardware infrastructure and gain practical advice on how to stay ahead of emerging threats.
INTELLIGENCE EVOLUTION TRACK
Supply Chain Intelligence Sharing
Chris Blask, Vice President of Strategy, Cybeats
The CISA SBOM sharing working group recently published a document defining three key roles in SBOM sharing: author, distributor and consumer. In this session, the group's co-chair will discuss the current and future state of supply chain intelligence networks, and provide actionable steps for attendees in any of these roles.
PANEL DISCUSSION
Linking Hardware and Software
Rob Barnes, Cyber Security Technical Expert, Rolls-Royce Civil Nuclear UK
Megan Samford, VP, Chief Product Security Officer - Energy Management, Schneider Electric
Paul Hingley, Business Manager, Industrial Security and Safety Services, Siemens
In this informative panel discussion, we will explore the critical link between hardware and software in securing our digital world. Listen as our panelists talk about the intersection of these two crucial components of cybersecurity, discussing the latest trends, challenges and opportunities in securing both hardware and software systems. Learn about the importance of implementing a holistic approach to cybersecurity, as well as practical strategies for enhancing the security of both hardware and software infrastructure.
IOT CYBERSECURITY TRACK
Ensuring IIoT Device Security Through Certification and the ISA Secure Standard
Patrick O'Brien, Cybersecurity Team Leader, exida
As the Industrial Internet of Things (IIoT) continues to expand, ensuring the security of connected devices has become a critical concern for organizations. This technical presentation will delve into the importance of IIoT device certification and the role of the ISA Secure standard in addressing these challenges.
IOT CYBERSECURITY TRACK
Cybersecurity in Action: Real-World Applications of ISA/IEC 62443 in Energy Storage Systems
SZ Lin, Chief Cybersecurity Expert, Bureau Veritas
This presentation explores the integration of cybersecurity measures in energy storage systems (ESS), a vital aspect in the increasingly interconnected and digitalized energy sector. It focuses on the practical application of the ISA/IEC 62443 standard, an essential framework for industrial cybersecurity, especially within the context of ESS. The session highlights common challenges faced by organizations in the energy sector during the implementation of these standards and pinpoints crucial areas requiring attention for a robust cybersecurity posture.
KEYNOTE
The Intersection of Sustainability and Cybersecurity
Simon Hodgkinson, Former CISO, BP
As the world becomes increasingly digitized, the importance of cybersecurity is greater than ever. At the same time, the growing awareness of the environmental impact of technology has made sustainability a crucial consideration. In this keynote, we will explore the intersection of these two critical issues and discuss how organizations can balance security and sustainability in their digital strategies.
Attendees will gain a deeper understanding of the relationship between cybersecurity and sustainability and learn practical strategies for building a secure and environmentally responsible digital future.
INTELLIGENCE EVOLUTION TRACK
Combatting Cybersecurity with Sustainability
Prabhu Soundarrajan, President, ISA
In intelligence evolution, it is important to know where you are in the world. What laws, standards, regulations and technologies are impacting you? In this session, we will discuss new laws, regulations and standards in the EU, UK and US. We will dive into how those new laws and challenges impact us for a new greener and safer network.
INTELLIGENCE EVOLUTION TRACK
Critical Infrastructure: Introduction to RUSI
Carolyn Swinney, Head of Defensive Cyber Operations, Royal United Services Institute
Critical infrastructure, such as energy, transportation, and communications systems, are essential for the functioning of our society. However, these systems are also vulnerable to cyber-attacks, which can have severe consequences. In this session, we will discuss the importance of threat intelligence in protecting critical infrastructure and share strategies for identifying and mitigating emerging threats.
IOT CYBERSECURITY TRACK
Navigating the Complexities of Maritime Cybersecurity: Challenges, Controls and Collaboration
Christopher Stein, Lead Engineer, Maritime Cybersecurity, Royal Caribbean Group
The maritime industry is rapidly digitizing, making cybersecurity a critical concern. Join us as we explore the unique challenges of cybersecurity in maritime environments, including the need to balance safety and security and the challenges of applying traditional Industrial Control Systems (ICS) security measures. Learn about the key cybersecurity controls for the maritime industry — such as asset management, multi-factor authentication and risk assessment – and come to understand the importance of collaboration between maritime stakeholders, including shipowners, equipment manufacturers and cybersecurity experts, to develop effective cybersecurity strategies and mitigate risks. Drawing on real-world examples from companies like Royal Caribbean, Christopher Stein will provide insights into how the maritime industry can navigate the complexities of cybersecurity and ensure the safety and security of its operations.
IoT CYBERSECURITY TRACK
Exploring the Security Impacts of GenAI in IT and OT
Dr. Andrew Rogoyski, Director of Innovation, Surrey Institute for People-Centered AI
Generative AI (GenAI) has emerged as a transformative technology with numerous applications across industries. While GenAI presents exciting opportunities for innovation, it also introduces new security challenges in both Information Technology (IT) and Operational Technology (OT) environments. This technical presentation will explore the security impacts of Generative AI in IT and OT.
IOT CYBERSECURITY TRACK
Workforce Development
Sean McBride, Director, Informatics Research Institute, Idaho State University
Many countries face a national security imperative to develop a workforce capable of securely designing, building, operating, maintaining and defending critical infrastructure industrial automation and control systems. This presentation presents the results of a years-long collaborative research project among the International Society of Automation (ISA), Idaho National Laboratory (INL) and Idaho State University (ISU) to create a curricular guidance document that describes what an industrial cybersecurity professional needs to know that is different from a traditional IT cybersecurity professional. The resulting Curricular Guidance: Industrial Cybersecurity Knowledge document is a foundational element to educating and training the interdisciplinary cybersecurity workforce of the future.
INTELLIGENCE EVOLUTION TRACK
Defining an Incidence Response Plan on a National Level
Ivan Monforte Fugarolas, Head of Communication, Ecosystem and Cybersecurity Culture, Cybersecurity Agency of Catalonia
As cyber threats continue to evolve and become more sophisticated, having a robust incident response plan is essential for minimizing damage and ensuring a quick recovery. This session will explore the challenges and best practices for defining and implementing an incident response plan on a national level in Spain, with a focus on coordination between government agencies, critical infrastructure operators and other stakeholders.
PANEL DISCUSSION
Threat Intelligence
Gentry Lane, CEO & Founder, ANOVA Intelligence
Jack Duffield, Royal United Services Institute
Presenter, Schneider Electric
Johnny Awad, Senior Manager, Deloitte
This panel discussion will bring together experts in the field of threat intelligence to share their experiences, strategies and best practices. Our panelists will discuss the current state of threat intelligence, including the latest trends, challenges and opportunities. Attendees will learn about strategies and best practices for building and maintaining a threat intelligence program that can help your organization stay ahead of emerging threats.
WORKSHOP
Standards Workshop: Empowering Global Automation with ISA's International Standards Program
Charley Robinson, Director, Standards Administration, ISA
International standards play a vital role in promoting safety, reliability and interoperability across industries. This workshop aims to provide attendees with an in-depth understanding of the International Society of Automation (ISA)'s standards program and its collaboration with the International Electrotechnical Commission (IEC).
