IT-OT Cybersecurity Conference & Exhibition

08:00

Registration and Refreshments

08:20

Welcome from the Chair - Ryan Bradetich, Senior Vice President of Research & Development, Schweitzer Engineering Laborotories

08:30

Information Sharing - Creating robust and trusted information sharing mechanisms to support responsible disclosure and real-time threat intelligence across the entire grid ecosystem

• Proactively leading your organisation’s information sharing regionally and globally to create aligned, and responsive threat intelligence and disclosure program
• Striking the correct balance between managing risk, and compliance to data privacy regulations with the benefits of improved and expanded information sharing across the grid supply chain
• Establishing trusted and effective information sharing mechanisms to help drive end-to-end grid security and become more responsive to active threats

Massimo Rocca

Board Member

EE-ISAC

09:15

NIS 2 Directive - Developing a cybersecurity programme change management strategy to meet the technical requirements of asset owner compliance to the NIS 2 Directive

• Getting a detailed technical understanding of how to approach asset management, access control, risk management, network segmentation, and logging & monitoring compliance under NIS 2
• Establishing the governance needed to manage the increased focus on risk management and incident reporting to the European Cyber Crises Liaison Organisation Network
• Overcoming organisational resistance to enable SecOps technology that can facilitate cost-effective, automated processes to meet the new regulatory requirements
• Adopting a collaborative approach with suppliers to develop cybersecurity platforms and solutions that can enable compliance and collective security

Antoine D’Haussy

OT Security Practice Head EMEA

Fortinet

10:00

Morning Refreshments

10:30

Regulatory Compliance - Developing an integrated view of data privacy and information security regulations to support a holistic approach to compliance

• Obtaining oversight of European and domestic regulation and operational need to strike the correct balance between effective information flow and regulatory requirements around the sharing of information
• Overcoming the complexity of meeting physical security, safety, data privacy and cybersecurity requirements to develop an efficient approach to compliance in line with operational need
• Employing a holistic approach beyond the requirements of individual authorities to reduce the risk of being impacted by cyber attacks

Janne Hagen

Special Adviser Contingency Planning

NVE

11:15

Network Code on Cybersecurity - Preparing to implement the Network Code on Cybersecurity as part of a consolidated approach with critical infrastructure regulations to achieving sector-wide operational resilience

• Understanding the overlap between the requirements for information sharing in NIS 2 and the NCCS to take a coherent approach to compliance
• Improving the flow of information between Utilities, National CSIRTs and European institutions to create active feedback and responsiveness across all entities
• Raising the level of maturity across all European utilities to develop a more resilient grid ecosystem that is responsive to evolving threats

Anjos Nijk

Managing Director

ENCS

Barry Coatesworth

Director and Cybersecurity Leader

Guidehouse

Jeff Montagne

CISO

Enedis

12:00

Live Demo Lab Session - SUBNET Solutions Inc.

12:05

Lunch, Exhibition and Networking

IT Track - Vulnerabilities

OT Track - Vulnerabilities

Chair: Ryan Bradetich, Senior Vice President of Research & Development, Schweitzer Engineering Laborotories

13:30

Ghost in the Wires - An attacker can do stealthy lateral movement around the network, exploiting misconfigurations and even IOT-devices, doing reconnaissance, privilege escalation and gathering credentials, all by executing simple commands/scripts and using built-in tools; and without being detected

• Demonstrating system vulnerabilities and the limitations of compliance, through a series of technical demos, to raise awareness of threat actors’ methodologies and capabilities
• Developing scripts to bypass detection systems, conducting reconnaissance, and looking for credentials to show practical paths that can be used to exploit vulnerabilities
• Understanding how configuration need to be improved, and detection algorithms hardened to mitigate threat

Tom Jøran Sønstebyseter Rønning

Team Leader of Operational Security

Statnett

OT Cybersecurity Innovation Panel - Leveraging the latest advances in OT cybersecurity to support the deployment of the smart grid

During this session 3-4 suppliers of next generation OT cybersecurity solutions will share the results of their recent implementations and future product development roadmap. Formal presentations will be followed by Q&A and panel discussion, providing you with the opportunity to quiz the tech experts and determine how best to integrate future solutions into your deployment plans.

Ozan Dayanc

Product Specialist, Power Grid Cybersecurity

Omicron

Antoine Thomas

Product Line Manager, Automotive and IoT Solutions

Thales

Jérôme Arnaud

Product Manager

Rhebo

 

Roy Braha

Business Development Director

Israel Electric Corporation

 

14:15

Resilient EV charging infrastructure - Preparing the EV charging infrastructure for resilience against current and future cybersecurity risks

∙ Understanding how the EV charging infrastructure is evolving into a critical infrastructure
∙ Exploring current and future cyber security risks in the EV charging infrastructure
∙ Preparing for resilience using global standards like ISO/IEC-62443 and ISA/IEC-62443 and apply them on real-life use cases

Carlos Montes Portela

OT Security Manager

Enexis

 

15:00

Afternoon Refreshments, Exhibition and Networking

Afternoon Refreshments, Exhibition and Networking

15:30

Threats and Vulnerabilities - Highlighting threats to and vulnerabilities of cyberphysical systems to ensure reliability, security and privacy of the smart grid

• Gaining an understanding of the overlapping demands of reliability, security and privacy in cyberphysical systems as a basis for a coherent strategy
• Developing safety, security, and privacy systems that can resist machine learning attacks and optimize performance levels
• Integrating advanced computing, networking, and communication techniques and capabilities into the smart grid to improve reliability and productivity

Leandros Maglaras

Professor of Cybersecurity

De Montfort University

Asset Vulnerability Management - Understanding OT asset vulnerabilities to develop more effective asset management practices

• Demonstrating examples of attacks affecting OT systems to raise awareness of vulnerabilities in SCADA systems and common attack vectors
• Deepening knowledge of OT infrastructure to overcome the complexities of patching and updating
• Increasing resilience to minimize the impact of attacks on business IT infrastructure on critical assets

Dmytro Cherkashyn

Head of Cybersecurity Development

UNISS

16:15

Attack Paths - Modelling the path of attacks to understand vulnerabilities and become more resilient

• Building a special Hardware in the Loop Digital Substation environment a spart of the CybWin power grid research project in order to test different offensive and defensive security actions
• Implementing 14 different cyber-attacks against the target substation to cover the general steps of offensive actions against power substations, such as reconnaissance activities, operation failure attacks by spoofed commands or denial of service type of attacks
• Raising awareness of IEC 60870-5-104 Scada protocol attacks against power grid substationsfor grid asset owners to better protect their infrastructures.  

Laszlo Erdodi

Associate Professor

NTNU

Threat Modelling - Correlating vulnerabilities against threat to create an integrated continuous risk and vendor management process

• Mapping the threat landscape and emulating OT attacks in a controlled substation environment to understand the full capabilities of threat actors
• Understanding how vendor vulnerabilities from the enterprise network, lack of firmware updates, lack of updates on SCADA systems can be exploited by advanced, persistent threat actors to overcome the weaknesses and limitations of your systems
• Modelling threat from the point of view of how an attacker may exploit your systems to identify, mitigate and proactively defend against attack

Siv Houmb

Senior Adviser

Statnett

17:00

Roundtable Discussions - during this session the audience breaks out into several smaller working groups, each focused on a specific theme that arose during the day’s presentations. Each working group will comprise of representatives of the entire smart grid cybersecurity community to ensure a well-rounded and holistic discussion

18:00

Roundtable Summaries - during this session each working group leader will provide a 5-min summary back to the wider group, highlighting the issues raised, the solutions discussed, and the recommendations made to take the matter to the next level

19:00

Networking Evening Reception - time to relax after an intensive day of presentations and discussions! All participants are invited to join this networking reception where you will have the opportunity to enjoy the company of colleagues from across the European power grid cybersecurity community, in a relaxed and informal setting

22:00

Close of Conference Day One

08:00

Registration and Refreshments

08:20

Welcome from the Chair - Antoine D’Haussy, OT Security Practice Head EMEA, Fortinet

08:30

Cybersecurity Culture - Developing a cybersecurity ambassadorship programme to embed sustainable cyber-awareness across the organisation

• Identifying and training office leaders to embed cyber-awareness in every area of the business through an effective communication campaign
• Maintaining the level of engagement among ambassadors needed to create a sustainable, reliable long-term program
• A cost-effective approach to achieving demonstrable resilience to phishing and DDoS attacks and improving reaction times to active threats

Erki Guhse

CISO

Enefit

09:15

Win-Win-Win - How cybersecurity can unite IT and OT teams, make power grids more resilient, and save you time in the process

• Understanding and preparing for the current organizational challenges and threat landscape
• Defining risk in terms of business continuity: cybersecurity vs. operational needs
• Leveraging cybersecurity solutions and automation to mitigate risk, get daily operational value and streamline efforts and communication among IT and OT teams

10:00

Morning Refreshments

10:30

Skills Development - Striking the optimal balance in bilateral training of IT and OT experts to develop the capability needed to achieve secure grid modernization and operational resilience

• Overcoming resource scarcity to embed the level of capability needed to meet the increased need for managing virtualised applications in the OT environment
• Establishing a dedicated OT security team within the IT business unit to provide focused expertise for OT specific requirements while maintaining continuity with enterprise IT functions
• Creating a bridge between IT and OT to ensure security, availability and reliability of substation systems

Michael Knuchel

Head of SAS Engineering

Swissgrid

11:15

Cybersecurity Awareness Training - Integrating security training into existing cultural frameworks to enable organisation-wide cyber-awareness

• Preparing internal and public-facing teams to work collaboratively towards mitigating cyber-threat
• Developing metrics to demonstrably measure the success of training
• Fostering a culture of positive communication in combination with greater awareness of attack vectors and vulnerabilities to improve preparedness for and responsiveness to cyber incidents

Isabell Neise

Head of Business Development

UNISS

12:00

Lunch, Exhibition and Networking

IT Track - Solutions

OT Security Track - Solutions

Chair: Antoine D’Haussy, OT Security Practice Head EMEA, Fortinet

13:30

Threat Management - Using automation for effective threat management

• Automating threat indicator identification, validation and escalation to reduce time and improve confidence
• Migrating OT data into SOC and SIEM to correlate threats across IT and OT environments and establishing confidence levels against each threat
• Creating reliable and robust threat information sharing mechanisms between TSOs, DSOs, Generation, ISACs and Government bodies to drive sector wide security

Shawn McBurnie

Head of IT/OT Security & Compliance

Northland Power

OT Security in Procurement Projects - Moving targets: Covering OT-Security requirements for Amprion Offshore HVDC projects in a changing regulatory landscape

• Covering OT Security requirements for offshore HVDC projects in the critical infrastructure domain
• Challenges of changing regulatory OT security requirements in long-running and complex projects
• Lessons learned from large procurement projects over the past ten years and how to avoid common mistakes
• Conducting technical security pre-tests and acceptance testing to meet the need for accelerated system design and project delivery

Stephan Beirer

Team Manager ICS/OT Security

GAI NetConsult

Simon Gustafson

Project Engineer Offshore Grid Connection Systems

Amprion Offshore

14:15

Systems Configuration - Automating virtualised substation configuration management to improve confidence and reduce complexity

• Determining the optimal way of managing the complexity and volume of configuration requirements across your assets’ lifecycle
• Overcoming difficulties with virtualised automation of backups across multi-vendor systems including legacy technology to improve systems availability
• Reducing manual configuration and limiting the possibility of human error to improve confidence in system backups

Sampo Turunen

Secondary Systems Specialist

Fingrid

Remote Control - Leveraging IEC 62443 to future-proof remote control of medium and low voltage substation automation

• Using IEC 62443 principles to support secure data flows and remote access
• Overcoming resource scarcity, legacy technology and the need to use public communication networks to ensure the secure communication between the control centre and LV/MV substations
• Making the RTU in secondary substations a secure gateway to provide observable data in LV/MV substations in support of advanced analytical, predictive and IIoT applications, grid stability and flexibility for future upgrades

Luka Mocnik

ICT Infrastructure Architect

Elektro Gorenjska

 

15:00

Afternoon Refreshments, Exhibition and Networking

Afternoon Refreshments, Exhibition and Networking

15:30

Smart Meter Security - Hacking, Defending, and Developing Secure Smart Meter Systems

• Hacking: highlights from spending 3 months on hacking into the external part of a real-world smart meter system (with authorization from the utility)

• Defending: observations from the operational security side

• Developing: challenges in developing secure smart meter systems

Emil Gurevitch

Chairman of the Security Committee

OSGP

Remote Management - Deploying an advanced remote management platform to enable remote, automated configuration, password management, and log management for OT devices in substations

• Establishing a universal solution to overcome the scale and complexity of current management processes
• Assessing implementation risks and project timeframes to develop fit-for-purpose specifications and procurement requirements for a solution that can effectively manage configuration and password automation across the majority of devices in the substation environment
• Simplifying and accelerating backups, updates, and upgrades of switches, routers, relays and IEDs to drive operational efficiency

Indrek Kunapuu

CISO

Elektrilevi

16:15

Cloud Implementation - Implementing trusted cloud architecture to optimise storage and processing of data

• Accelerating cloud adoption to reach the maturity needed to support energy system and utility business model change
• Tackling technical limitations of legacy OT and achieving the mindset shift needed to support the necessary shift to cloud-based systems
• Reducing cost of traditional on-prem solutions and facilitating the management of the volumes of data needed to operate increasingly distributed grid infrastructure

Kristian Alsing

Cybersecurity Executive

Independent

AMI Security - Mitigating threats to advanced metering infrastructure to secure data flow in OT environments

• Getting visibility of the key weaknesses of Advanced Metering Infrastructure and how threat actors may attempt to exploit them
• Conducting penetration tests to verify the resistance of Advanced Metering Infrastructure to cyber threats
• Identifying and eliminating weak points of AMI infrastructure and its elements to increase its cybersecurity resilience

Tomasz Wysztygiel

Cybersecurity Manager

EY OT/IOT Hub

17:00

Close of Conference Day Two

Close of Conference Day Two

08:00

Registration and Refreshments

08:20

Welcome from the Chair: Anthony Eshpeter, CTO, SUBNET

08:30

Systems Resilience - Implementing a systemic security classification of assets to optimise confidentiality, integrity and availability of critical systems

• Employing a mutual strategy across IT and OT to enable offline operation of the most critical systems in the event of a major attack or catastrophic failure
• Overcoming resource scarcity in a remote island location and reliance on remote vendor access and expertise to ensure secure, reliable operation
• Gaining in depth knowledge of systems and applications to efficiently communicate criticality and prioritise remediation plans

Annilisa Arge Klevang

CISO

SEV

09:00

Integrated IT/OT SOC - Developing an integrated IT and OT SOC capable of a holistic response to threats across converged environments

• Overcoming cultural and technical barriers to deploying security monitoring solutions in the OT environment
• Gaining full visibility of OT dependencies and vulnerabilities, and modelling use cases to effectively and automatically reduce logged events (false positives) without missing any real OT relevant security events
• Preparing effective substation and supply chain security measures, incident response plans and playbooks to counter combined threats to your IT and OT systems

Ivo Maritz

Senior Adviser Cybersecurity

Monti Stampa Furrer & Partners Ltd

09:30

Design zero-trust architecture on your OT network with software-defined networking

• Analyze common requirements of an OT network
• Discuss why SDN fits perfectly with the OT environment
• Review how to quickly deploy SDN infrastructure 

Giorgio Vielmini

Regional Technical Manager

SEL

10:15

Morning Refreshments

10:45

Cyber-informed Engineering - Establishing a national cyber-informed engineering strategy to embed security in clean energy system transformation

• Harnessing expertise and insight from energy companies, energy systems and cybersecurity manufacturers, standards bodies, researchers, DOE National Laboratories, and Federal partners in the cybersecurity and engineering mission space to adopt a national strategy towards increasing the security, reliability, and resilience of the US’s energy sector
• Leveraging CIA to address gaps in how we train engineers and technicians to provide them with the means to build in security from the ground up
• Establishing the framework to embed cybersecurity into energy systems and avoid the need to retrospectively secure critical systems

Andy Bochman

Senior Grid Strategist

Idaho National Laboratory

11:15

Systems Resilience - Using AI and computational intelligence to detect, prevent, respond, and recover from attacks on cyber-physical power systems

• Hardware in the loop simulations with power grid digital twins, digital substations, Control Room of the Future (CRoF) and IT-OT cyber range to develop strategies for detection and mitigation of cyber attacks on OT systems and prevent cascading failures
• Developing AI-based incident response and recovery strategies from cyber attacks on CRoF and digital substations
• Allowing utilities to stress OT systems, technology and processes using a digital twin of the end-to-end power grid to ensure cyber resilience and support cyber security innovation

Alex Stefanov

Director

Control Room of the Future

11:45

Lunch, Exhibition, and Networking

IT Security Track - Implementation

OT Security Track - Implementation

Chair: Kelly Stich, Chief Cybersecurity Architect, Subnet 

13:30

Network Re-segmentation - From critical infrastructure security design to IT architecture and processes transformation

• Leveraging standards and best practices to improve the separation of the IT and OT networks, while supporting the business’s smart grid transformation
• Realignment of the security and infrastructure services for the re-designed network
• Using the opportunity to transform the architecture processes and enforce the secure-by-design paradigm

Jeremi Gryka

ICT Security Director

PSE

Incident Response - Establishing an incident response and recovery playbook for OT engineers to ensure ongoing operability and resilience of OT networks in the event of a cyber incident

• Equipping OT engineers with tools and training to enable speedy first response to the incident
• Creating an incident and recovery playbook which is understood and respected by OT engineers
• Maintaining availability while responding to suspicious activity

Lukasz Kisielewski

OT Security Delivery & Senior Manager

Accenture

14:15

ISO 27001 ­- Mapping new ISO 27000 requirements and normative changes to the ISMS of electricity grid providers

• Understanding how regulatory and normative changes will be transposed into national law to obtain clear guidance on the impact to your management systems
• Mapping and applying new requirements to inform your change management strategy
• Reorganizing your ISMS in line with new norms to reduce complexity

Michael Ring

Information Security Officer (ISO) GFO

TenneT

OT Modernization - Opening the OT mindset towards IT agility and innovation to enable transformation, achieve cost savings, and drive efficiency

• Prioritising education to align people, process and technology across all levels of the organisation
• Establishing and developing an integrated framework to map governance, risk, compliance, technical security controls and audit and establish a common language
• Defining effective KPIs for management, budget holders, engineers, and IT to support tangible security

Deniz Tugcu,

Lead Senior OT Cybersecurity Specialist

Vattenfall

15:00

Afternoon Refreshments, Exhibition and Networking

Afternoon Refreshments, Exhibition and Networking

15:30

Risk Management - Implementing a risk management strategy under an ISO 27000 certified ISMS

• Using section 5 of ISO 27001 to determine and prevent risk in a cycle of continual improvement
• Developing documentation for identification, assessment, and treatment of risk on an ongoing basis to demonstrate risk tolerance, termination or transfer and to deploy effective controls
• Establishing processes to demonstrate compliance to cybersecurity regulations and become more resilient to cyberattacks

Ruben Figueiredo

Cyber Security GRC Manager

E-REDES

OT Supplier Security Assessment - Taking a criticality-based assessment approach to establish a secure and resilient OT-Supplier pool

• Implementing standards and procedures to provide transparent requirements for OT-suppliers
• Collaborating with suppliers on a continuous basis to develop trust and collectively ensure control of risk
• Applying best practice for grid operators to proactively optimize cyber security resilience, and ensure a reliable level of trust in components of OT systems and services

Salim Bouramman

Expert OT Cyber Resilience and Cyber Range

E.ON

16:15

Close of Conference Day Three

Close of Conference Day Three