In-Person Conference:
ISA Member: 500 GBP
Non-member: 600 GBP
Post Event Recording and Virtual Tradeshow Pass:
500 GBP
September

Sunday – Friday,
16-21 June 2024

NO TRAVEL NEEDED

Savoy Place – London, UK
Strand Palace – London, UK

GUEST EXPERTS

Technical Content and Training Courses

LEARN & NETWORK

Learn & Network

Browse our immersive and lifelike virtual venue

View webinars on-demand in the virtual auditorium

Interact with exhibit booths in the virtual exhibit hall

Experience our wide range of features for yourself

 

About the Event

This event will focus on the leading international standards and conformance systems that are being used to keep operational technology (OT) safe and secure in industries such as energy, manufacturing, building automation, and more. New developments within the ISA/IEC 62443 standards series will be highlighted and technical training and certification programs designed to help you implement the standards into your business operations and workforce will be reviewed. Professionals involved in the security process should attend this event to learn more about workforce development strategies, hardware and software protection practices, and ways to improve infrastructure and data security measures.


Venues

Conference Venue: Savoy Place – London, UK
Conference Venue and Hotel: Strand Palace – London, UK

Attendees will be able to participate in live sessions, networking breaks, receptions, and tabletop exhibits. After the conference, presentation recordings will be uploaded for all participants and registrants who purchased the Post-Event Recording and Virtual Tradeshow Pass.

Make sure to check the agenda for the exact location and venue where your sessions will take place.

Professionals involved in the security process should attend this event to learn more about workforce development strategies, hardware and software protection practices, and ways to improve infrastructure and data security measures.

Join an audience of fellow technical professionals including

Who Should Attend?

  • Automation Engineers
  • Process Control Engineers
  • Security Engineers
  • QA Engineers
  • Plant Engineers
  • Manufacturing Engineers
  • ICS Cybersecurity Engineers
  • Digital Transformation Managers
  • Engineering Managers
  • Security Operations Center (SOC) Managers
  • Compliance and Risk Managers
  • Chief Information Officers (CIOs)
  • Chief Information Security Officers (CISOs)

Why Should I Attend?

  • Sarah Fluchs will be discussing her role in the 3-2 updates on the 62443 Standard Series.
  • Learn how CR8, Network and Information Systems Directive 2 (NIS2) and the European Artificial Intelligence Act (EU AI Act) could impact your business and hear examples of what other companies are doing to adjust for these new regulations around cybersecurity.
  • Hear case studies on new cyber threats, where they are coming from and next steps to combat them for your company.
  • See examples of new technology and how it is impacting manufacturing and energy industries on the cybersecurity front.
  • Every employee is on the front line for handling cybersecurity issues. Ensure your workforce is ready to handle new issues and implement a cyber business strategy that works.

AgendaPreliminary Programschedule

Program

time iconJune 17, 2024 08:30

Incident Command System for Industrial Control Systems Workshop

Savoy Place | Flowers Room

Note: In-person/Onsite Delivery



Incident Command System for Industrial Control Systems (ICS4ICS) is designed to improve cybersecurity incident response efforts that impact the industry by combining three capabilities that already exist in most companies:


  1. Incident Command System is a proven process for managing various types of incidents
  2. Cybersecurity teams leverage Computer Incident Response processes to investigate cyber
  3. Industrial Control System/Operational Technology experts manage the technical aspects of many types of incidents

This session will help participants learn how ICS4ICS is the emergency cyber response for workforce development.


speaker headshot

Brian Peterson
ICS4ICS Program Manager, ISA

time iconJune 17, 2024 13:00

Volunteer Workshop

Strand Palace | Exeter Suite

This custom-designed workshop crafts plans for mission-focused, vibrant and successful sections and divisions. Current and aspiring volunteers will leave this workshop with a plan, with energy, with knowledge and with an expanded network of other volunteers who believe in and want to shape ISA’s future.


Separate registration is required. Click here to register.


time iconJune 17, 2024 17:00

Young Professionals Reception

Strand Palace | Haxell's Private Dining Room
time iconJune 17, 2024 18:30

ISA OT Cyber Summit Kick Off Reception sponsored by Black & Veatch Corporation

Oche | The Strand

105 Strand, London

WC2R 0AA, United Kingdom


Join us for a reception to kick off the ISA OT Cybersecurity Summit! We'll be gathering at Oche | The Strand, a unique venue in the heart of London, for an evening of networking and fun. Don't miss this opportunity to connect with fellow cybersecurity professionals in a casual setting.

time iconJune 18, 2024 08:00

Morning Tea

Savoy Place | Maxwell Library
time iconJune 18, 2024 08:30

Keynote: Security by Design - A Communication Problem?

Savoy Place | Kelvin Theatre

For a long time, cybersecurity regulation has mainly addressed critical infrastructure operators. This year, the focus has shifted to product manufacturers with regulations like EU’s Cyber Resilience Act (CRA) the UK Product Security and Telecommunications Infrastructure Act (PSTI) or UNECE R155/156 for cars. In addition, national security authorities from dozens of countries, led by US CISA, are pushing security by design globally through joint recommendations, and many countries are introducing cybersecurity labels for IoT products.

If everybody wants Security by Design – then why is it still not done? Maybe it’s not the technology. Maybe not even the money. Maybe the problem we need to solve is a communication problem between product manufacturers and operators / users. Sarah substantiates this point by summarizing what the above regulations require from manufacturers and shows new approaches for communicating cybersecurity – during design as well as after design, between engineers as well as towards management and an interested public.

speaker headshot

Sarah Fluchs
CTO, admeritia GmbH

time iconJune 18, 2024 09:15

Cyber Escape Room

Savoy Place | Siemens Boardroom

Onsite/In-person delivery (Separate Registration Fees Apply)

 

Join us in our immersive OT cyber escape room. Using the latest shared immersive technology, we have created a realistic OT environment in a virtual space.

 

Imagine you are on an offshore oil and gas floating production unit. In the control room, a ransomware message pops up on a control system console. Now your marine team has no visibility or control over the mooring and buoyancy systems. Your team has 15 minutes to solve the challenges our AI engine presents before the facility experiences a loss of stability and capsizes. Can you succeed before the clock runs out? Who will complete the challenge, and who will be the fastest to reach the goal?


time iconJune 18, 2024 09:30

Intelligence Evolution Track: Intro to Intelligence Evolution

Savoy Place | Kelvin Theatre

In this introduction to intelligence evolution, our expert presenter will provide an overview of the latest advancements in artificial intelligence, machine learning and data analytics while exploring how these technologies are transforming the way we understand and interact with the world around us.

speaker headshot

Megan Samford
VP, Chief Security Officer, US National Security Agreements & US Federal Business, Schneider Electric

time iconJune 18, 2024 09:30

IoT Cybersecurity Track: The Growing Cyber Threat and Need to Respond in the OT Space

Savoy Place | Turing Theatre

In this introductory session, Brian Holliday will talk about his experience with Made Smarter UK and provide a comprehensive overview of the fundamentals of cybersecurity. Attendees will gain a solid understanding of the key concepts, strategies and best practices for protecting digital assets and mitigating risk in today's interconnected world. Don't miss this opportunity to lay the foundation for a stronger, more secure digital future!

speaker headshot

Brian Holliday
Managing Director, Siemens, Co-Chair Made Smarter Commission, Made Smarter UK

time iconJune 18, 2024 10:15

Tech Demo - Sponsored by Armis: See and Secure Every Device and Connection in the Industrial Environments

Savoy Place | Kelvin Theatre

A lot of the challenges faced in today’s Operational Technology (OT) environments stem from the ever-evolving attack surface. Given growing reliance on interconnected assets and cloud services, operators in manufacturing and critical infrastructure processes are more vulnerable than ever to attack. This session will demonstrate how organisations can see, protect and manage their OT infrastructure with Armis Centrix™, the cyber exposure management platform.

speaker headshot

Nick Morgan
Solution Architect, Armis

time iconJune 18, 2024 10:45

Intelligence Evolution Track: Leveraging an outcomes-based Approach with International Standards to Mitigate Cyber Risks

Savoy Place | Kelvin Theatre

Operators of essential services, regulators, government, vendors and consultancies have been navigating their way through compliance. Although the spirit of NIS regulations is to uplift the overall level of cyber resilience for critical national infrastructure, the journey has been complex and often misunderstood by many. This presentation helps all those concerned to focus on this spirit and develop a staged approach to both satisfy compliance requirements and be resilient against the ever-evolving threats.

speaker headshot

Mohammed Zumla
Managing Consultant, Cyber ICS

time iconJune 18, 2024 10:45

IoT Cybersecurity Track: Secure by Design

Savoy Place | Turing Theatre

In this informative session, Rob Barnes will delve into the core principles of Secure by Design, a critical approach to developing secure software and systems from the ground up. Attendees will learn about best practices for incorporating security into the entire development lifecycle, from design and coding to deployment and maintenance. This talk is designed for anyone looking to enhance their understanding of how to build security into the foundation of digital products and services.

speaker headshot

Rob Barnes
Security Systems Architect, Rolls-Royce SMR Ltd.

time iconJune 18, 2024 11:15

Lunch Break I

Savoy Place | Maxwell Library
time iconJune 18, 2024 11:30

IoT Cybersecurity Track: Practical Experience with NIS2 Directive Implementation Leveraging ISA/IEC 62443

Savoy Place | Turing Theatre

The presentation explores practical insights from implementing the NIS2 Directive using mainly ISA/IEC 62443 in two large enterprises from the chemical & pharmaceutical industry and from healthcare. It details the identification of OT systems within the NIS2 scope, insight into the Czech transposition of NIS2, and steps taken to achieve compliance with NIS2, ISA/IEC 62443 and ISO 27001 together in these organizations. This session aims to equip attendees with actionable steps which might serve as a basis for their own implementations or inspire them on how to do it on their own. 

speaker headshot

Ilja David
CEO & Security Manager and Architect, Iron OT

time iconJune 18, 2024 12:00

IoT Cybersecurity Track: Impact of New Tech in Standards

Savoy Place | Turing Theatre

Join us as we discuss the complex interplay between new technology standards in the rapidly evolving world of cybersecurity. Attendees will learn how emerging technologies, such as AI, IoT and cloud computing, are shaping the development and enforcement of security standards. The talk will explore the challenges and opportunities presented by this intersection, as well as the implications for the future of cybersecurity. This session is designed for anyone seeking to enhance their understanding of how new technologies are transforming the standards landscape and how to effectively navigate these changes to maintain a strong security posture.

speaker headshot

Cindy Segond von Banchet
OT Cybersecurity Lead, Yokogawa Europe

time iconJune 18, 2024 12:15

Intelligence Evolution Track: Fireside Chat: Understanding the Hardware Side of Supply Chain Risk and Protecting It

Savoy Place | Kelvin Theatre

During this fireside chat, our speakers will explore the dynamic relationship between the hardware side of supply chain risk and how to protect it. Our panel of industry experts will discuss the unique challenges and opportunities, offering valuable insights on how to leverage intelligence to identify and mitigate risks in the hardware supply chain industry. Attendees will learn about the latest trends and best practices for securing their hardware infrastructure and gain practical advice on how to stay ahead of emerging threats.

speaker headshot

Cassie Crossley
Vice President, Supply Chain Security, Schneider Electric

speaker headshot

JC Herz
Senior Vice President, Cyber Supply Chain, Exiger

time iconJune 18, 2024 12:30

Lunch Break II

Savoy Place | Maxwell Library
time iconJune 18, 2024 12:45

Intelligence Evolution Track: Supply Chain Intelligence Sharing

Savoy Place | Kelvin Theatre

The CISA SBOM sharing working group recently published a document defining three key roles in SBOM sharing: author, distributor and consumer. In this session, the group's co-chair will discuss the current and future state of supply chain intelligence networks, and provide actionable steps for attendees in any of these roles.

speaker headshot

Chris Blask
Vice President of Strategy, Cybeats

time iconJune 18, 2024 13:30

Panel Discussion: Linking Hardware and Software

Savoy Place | Kelvin Theatre

In this informative panel discussion, we will explore the critical link between hardware and software in securing our digital world. Listen as our panelists talk about the intersection of these two crucial components of cybersecurity, discussing the latest trends, challenges and opportunities in securing both hardware and software systems. Learn about the importance of implementing a holistic approach to cybersecurity, as well as practical strategies for enhancing the security of both hardware and software infrastructure.

speaker headshot

Megan Samford
VP, Chief Security Officer, US National Security Agreements & US Federal Business, Schneider Electric

speaker headshot

Paul Hingley
Business Manager, Industrial Security and Safety Services, Siemens

speaker headshot

Anna Burrell
Cyber Security for Industrials, OT SME, Director, Deloitte

speaker headshot

Moderator: Steve Mustard
President & CEO, National Automation, Inc.

speaker headshot

Sarah Fluchs
CTO, admeritia GmbH

time iconJune 18, 2024 14:30

Intelligence Evolution Track: Securing Your Networks with the Addition of 5G Technology

Savoy Place | Kelvin Theatre

As technology continues to evolve, so do the threats to our network. The addition of 5G technology brings new challenges and opportunities for securing our networks. During this session, we will explore the latest developments in 5G technology and its impact on network security. Our expert speaker will discuss the intelligence evolution and how it affects the security of our networks. Attendees will gain insights into the best practices for securing 5G networks and learn about the emerging threats and mitigation strategies.

speaker headshot

Greig Paul
Research Engineer, Electronic and Electrical Engineering, University of Strathclyde

time iconJune 18, 2024 14:30

IoT Cybersecurity Track: Ensuring IIoT Device Security Through Certification and the ISA Secure Standard

Savoy Place | Turing Theatre

As the Industrial Internet of Things (IIoT) continues to expand, ensuring the security of connected devices has become a critical concern for organizations. This technical presentation will delve into the importance of IIoT device certification and the role of the ISA Secure standard in addressing these challenges.

speaker headshot

Patrick O'Brien
Cybersecurity Team Leader, exida

time iconJune 18, 2024 15:00

Afternoon Tea Break

Savoy Place | Maxwell Library
time iconJune 18, 2024 15:15

Tech Demo - Sponsored by Claroty: Mitigating Risks in Operational Technology: Best Practices and Innovations

Savoy Place | Turing Theatre

Many organisations are struggling to move forward with their risk management programme. This session delves deeper into how companies are moving to a pragmatic approach, and how this has helped them to adopt frameworks such as NIST, 62443, OG86, CAF and more. Learn practical examples of how other organisations have leverage the data found through exposure management and how you can leverage this as part of an overall OT Cyber management system. 

speaker headshot

David Van Crout
Senior Director, Europe, Claroty

time iconJune 18, 2024 15:15

Tech Demo - Sponsored by UL Solutions: Assessment and Certification Strategy for OT-security

Savoy Place | Kelvin Theatre

Learn how to comply with a multitude of regulations and standards globally, in an efficient and sustainable way.

speaker headshot

Alexander Koehler
Principal Security Advisor, UL Solutions

time iconJune 18, 2024 15:45

Intelligence Evolution Track: Brave New World: How do we start the quantum migration?

Savoy Place | Kelvin Theatre

When the Quantum Computing Cybersecurity Preparedness Act became law in the United States in December 2022, quantum migration became a reality. Adoption began with U.S. federal agencies and was closely followed by other nation states. Critical nation infrastructures and highly-automated sectors have been identified as particularly vulnerable, and action needs to be taken now.

speaker headshot

Andersen Cheng
Founder, Post-Quantum

time iconJune 18, 2024 15:45

IoT Cybersecurity Track: Cybersecurity in Action: Real-World Applications of ISA/IEC 62443 in Energy Storage Systems

Savoy Place | Turing Theatre

This presentation explores the integration of cybersecurity measures in energy storage systems (ESS), a vital aspect in the increasingly interconnected and digitalized energy sector. It focuses on the practical application of the ISA/IEC 62443 standard, an essential framework for industrial cybersecurity, especially within the context of ESS. The session highlights common challenges faced by organizations in the energy sector during the implementation of these standards and pinpoints crucial areas requiring attention for a robust cybersecurity posture.

speaker headshot

SZ Lin
Chief Cybersecurity Expert, Bureau Veritas

time iconJune 18, 2024 18:00

ISAGCA/ISA Secure Welcome Reception

Savoy Place | Riverside Terrace
time iconJune 19, 2024 08:00

Morning Tea

Savoy Place | Maxwell Library
time iconJune 19, 2024 08:30

Keynote: The Intersection of Sustainability and Cybersecurity

Savoy Place | Kelvin Theatre

As the world becomes increasingly digitized, the importance of cybersecurity is greater than ever. At the same time, the growing awareness of the environmental impact of technology has made sustainability a crucial consideration. In this keynote, we will explore the intersection of these two critical issues and discuss how organizations can balance security and sustainability in their digital strategies.

Attendees will gain a deeper understanding of the relationship between cybersecurity and sustainability and learn practical strategies for building a secure and environmentally responsible digital future.

speaker headshot

Simon Hodgkinson
Former CISO, BP

time iconJune 19, 2024 09:15

Cyber Escape Room

Savoy Place | Siemens Boardroom

Onsite/In-person delivery (Separate Registration Fees Apply)

 

Join us in our immersive OT cyber escape room. Using the latest shared immersive technology, we have created a realistic OT environment in a virtual space.

 

Imagine you are on an offshore oil and gas floating production unit. In the control room, a ransomware message pops up on a control system console. Now your marine team has no visibility or control over the mooring and buoyancy systems. Your team has 15 minutes to solve the challenges our AI engine presents before the facility experiences a loss of stability and capsizes. Can you succeed before the clock runs out? Who will complete the challenge, and who will be the fastest to reach the goal?

time iconJune 19, 2024 09:30

Intelligence Evolution Track: Cybersecurity and Sustainability: Partners to Drive Growth and Governance

Savoy Place | Kelvin Theatre

Cybersecurity and sustainability are two sides of the same coin, working together to drive business growth and corporate governance alike. Both cybersecurity and sustainability are driven by regulatory, reporting and standards frameworks that help shareholders, the general public and regulatory bodies to develop trust and understand how an enterprise operates. This presentation will cover how cybersecurity, sustainability and automation act in partnership to accelerate growth and safety. 

speaker headshot

Prabhu Soundarrajan
President, ISA

time iconJune 19, 2024 09:30

IoT Cybersecurity Track: Clean Energy Cybersecurity

Savoy Place | Turing Theatre

As the world transitions to clean energy sources, the cybersecurity of these systems becomes increasingly critical. This session will explore the unique challenges and opportunities of securing clean energy infrastructure, from solar panels to electric vehicle charging stations.

Attendees will learn about the latest cybersecurity threats and trends in the clean energy sector, as well as strategies for protecting against them.

speaker headshot

Emma Stewart
Chief Power Grid Scientist & Research Strategist, Idaho National Laboratory

time iconJune 19, 2024 10:15

Tech Demo - Sponsored by Dragos: Simplifying Deployment by Preparing in Advance

Savoy Place | Kelvin Theatre

Need to monitor your OT networks, but worried about how long it will take and paranoid about breaking something? Like anything, good planning and preparation can help smooth the journey. Here, we'll talk about some steps you can take to plan how you'll implement a monitoring solution, gaining quality visibility without causing any unwanted impact.

speaker headshot

Neil Brown
Senior Solutions Architect, Dragos

time iconJune 19, 2024 10:15

Tech Demo - Sponsored by Cyolo: Enabling secure and simple privileged remote access to OT

Savoy Place | Kelvin Theatre

In this session, you will learn how Cyolo can enable simple to use and secure remote access for your OT environment such as providing a reduced attack surface, greater visibility and control and practical controls like segmentation, encryption, identity, and privilege management. As a highly flexible solution for on premises, hybrid and cloud connect environments, you will understand how Cyolo can meet the demands of all enterprises, replacing insecure and complex to manage VPN connectivity.

speaker headshot

Ian Cuthbertson
Sales Engineer, Cyolo

time iconJune 19, 2024 10:45

Intelligence Evolution Track: Critical Infrastructure and Threat Intelligence

Savoy Place | Kelvin Theatre

Critical infrastructure, such as energy, transportation, and communications systems, are essential for the functioning of our society. However, these systems are also vulnerable to cyber-attacks, which can have severe consequences. In this session, we will discuss the importance of threat intelligence in protecting critical infrastructure and share strategies for identifying and mitigating emerging threats.

speaker headshot

Carolyn Swinney
University of Essex, Executive Fellow

time iconJune 19, 2024 10:45

IoT Cybersecurity Track: Navigating the Complexities of Maritime Cybersecurity: Challenges, Controls and Collaboration

Savoy Place | Turing Theatre

The maritime industry is rapidly digitizing, making cybersecurity a critical concern. Join us as we explore the unique challenges of cybersecurity in maritime environments, including the need to balance safety and security and the challenges of applying traditional Industrial Control Systems (ICS) security measures. Learn about the key cybersecurity controls for the maritime industry — such as asset management, multi-factor authentication and risk assessment – and come to understand the importance of collaboration between maritime stakeholders, including shipowners, equipment manufacturers and cybersecurity experts, to develop effective cybersecurity strategies and mitigate risks. Drawing on real-world examples from companies like Royal Caribbean, Christopher Stein will provide insights into how the maritime industry can navigate the complexities of cybersecurity and ensure the safety and security of its operations.

speaker headshot

Christopher Stein
Lead Engineer, Maritime Cybersecurity, Royal Caribbean Group

time iconJune 19, 2024 11:15

Lunch Break I

Savoy Place | Maxwell Library
time iconJune 19, 2024 11:30

IoT Cybersecurity Track: Exploring the Security Impacts of GenAI in IT and OT

Savoy Place | Turing Theatre

Generative AI (GenAI) has emerged as a transformative technology with numerous applications across industries. While GenAI presents exciting opportunities for innovation, it also introduces new security challenges in both Information Technology (IT) and Operational Technology (OT) environments.

This technical presentation will explore the security impacts of Generative AI in IT and OT.

speaker headshot

Dr. Andrew Rogoyski
Director of Innovation, Surrey Institute for People-Centered AI

time iconJune 19, 2024 12:00

IoT Cybersecurity Track: ISA Cybersecurity Programs and Initiatives

Savoy Place | Turing Theatre

Join us for an overview of ISA cybersecurity programs and initiatives, including our industry-leading consortia. In this session, we will delve into the details of the ISA/IEC 62443 Cybersecurity Certificate Program, which provides training and knowledge-based recognition in industrial cybersecurity based on the world's only consensus-based series of standards.

speaker headshot

Andre Ristaino
Managing Director, Global Consortia, Conformity Assessment, ISA

time iconJune 19, 2024 12:15

Intelligence Evolution Track: Where Conflict and Adversaries Collide Within the Cyber Supply Chain

Savoy Place | Kelvin Theatre

Geopolitical conflict and the geopolitical fault lines in critical industries have made cybersecurity into a higher-dimension intelligence problem: product vulnerabilities, exploitability and targeting are more effectively prioritized and managed with an overlay of supplier risks that are not present or detectable with code scans. These risks can be detected and managed by combining operational transparency with geopolitical risk data metrics on devices, software and upstream service providers and software suppliers.


 Attendees will walk away with:


 • an overview of the intersection of cybersecurity and intelligence
 • positioning of the supply chain challenges relating to threats not simply found through tools
 • non-obvious threats in the software and firmware ecosystem
 • how these threats can be detected and managed through a comprehensive program that can be tailored to your risk appetite and regulatory obligations

speaker headshot

JC Herz
Senior Vice President, Cyber Supply Chain, Exiger

time iconJune 19, 2024 12:30

Lunch Break II

Savoy Place | Maxwell Library
time iconJune 19, 2024 12:45

Intelligence Evolution Track: Defining an Incidence Response Plan on a National Level

Savoy Place | Kelvin Theatre

As cyber threats continue to evolve and become more sophisticated, having a robust incident response plan is essential for minimizing damage and ensuring a quick recovery. This session will explore the challenges and best practices for defining and implementing an incident response plan on a national level in Spain, with a focus on coordination between government agencies, critical infrastructure operators, and other stakeholders.

speaker headshot

Ivan Monforte Fugarolas
Head of Communication, Ecosystem and Cybersecurity Culture, Cybersecurity Agency of Catalonia

time iconJune 19, 2024 13:30

Panel Discussion: Evolving Threat Landscape

Savoy Place | Kelvin Theatre

This panel discussion will bring together experts in the field of threat intelligence to share their experiences, strategies, and best practices. Our panelists will discuss the current state of threat intelligence, including the latest trends, challenges, and opportunities. Attendees will learn about cyber threat intelligence, addressing and identifying the threats, and emerging risk.

speaker headshot

Jack Duffield
Royal Air Force

speaker headshot

Johnny Awad
Senior Manager, Deloitte

speaker headshot

JC Herz
Senior Vice President, Cyber Supply Chain, Exiger

speaker headshot

Moderator: Scott Reynolds
Security Engineering Manager - ITD, Johns Manville

speaker headshot

Phil Tonkin
Field Chief Technology Officer, Dragos

time iconJune 19, 2024 14:30

Tech Demo - Sponsored by Fortinet: Evidencing Zones and Conduits

Savoy Place | Kelvin Theatre

Fortinet will present an application of ISA/IEC 62443 Zones and Conduits in the context of simple PID loop environment in Operational Technology. The Demo will show how FortiGate and FortiSwitch can perform Segmentation and Protocol Inspection We will summarize this demo by then showing Foundational Requirements alignment.




speaker headshot

Stefan Liversidge
OT SE & Subject Matter Expert, Fortinet

speaker headshot

Ben White
UKI OT Business Development Manager, Fortinet

time iconJune 19, 2024 15:00

Afternoon Tea Break

Savoy Place | Maxwell Library
time iconJune 19, 2024 15:15

Standards Workshop: Empowering Global Automation with ISA's International Standards Program

Savoy Place | Turing Theatre

ISA’s international standards play a vital role in promoting safety, cybersecurity, and efficiency across global industry. This workshop will provide an overview of ISA’s international standards program and its relationship to and collaboration with the International Electrotechnical Commission (IEC). A panel of experts representing standards stakeholders  will then answer questions from the audience.

speaker headshot

Charley Robinson
Senior Director, Standards Administration, ISA

time iconJune 19, 2024 16:00

Panel Discussion: Applying Standards to Industry

time iconJune 20, 2024 08:30

ISA Training: Using the ISA/IEC 62443 Standards to Secure Your Control Systems (IC32)

Strand Palace | Exeter Suite


Note: Registration for this course is closed as the class is full.


Onsite/In-person delivery

  • Course days: 20-21 June 2024
  • Course Hours: 8:30 a.m. - 5:00 p.m.
  • CEU Credits: 1.4
  • Certification of Completion: A certificate of completion indicating the total number of CEUs earned will be provided upon successful completion of the entire two-day course.

Description:

The move to using Ethernet, TCP/IP, and web technologies in supervisory control and data acquisition (SCADA) and process control networks has exposed these systems to the same cyberattacks that have wreaked havoc on corporate information systems. This course provides a detailed look at how the ISA/IEC 62443 standards framework can be used to protect critical control systems. It also explores the procedural and technical differences between the security for traditional IT environments and those solutions appropriate for SCADA or plant floor environments.

 

You will be able to:

  • Discuss the principles behind creating an effective long term program security
  • Interpret the ISA/IEC 62443 industrial security framework and apply them to your operation
  • Define the basics of risk and vulnerability analysis methodologies
  • Describe the principles of security policy development
  • Explain the concepts of defense in depth and zone/conduit models of security
  • Analyze the current trends in industrial security incidents and methods hackers use to attack a system
  • Define the principles behind the key risk mitigation techniques, including anti-virus and patch management, firewalls, and virtual private networks

 

You will cover:

  • Understanding the Current Industrial Security Environment: What is Electronic Security for Industrial Automation and Control Systems? | How IT and the Plant Floor are Different and How They are the Same
  • How Cyberattacks Happen: Understanding the Threat Sources | The Steps to Successful Cyberattacks
  • Creating A Security Program:  Critical Factors for Success/Understanding the ANSI/ISA-62443-2-1 (ANSI/ISA-99.02.01-2009)- Security for Industrial Automation and Control Systems: Establishing an Industrial Automation and Control Systems Security Program
  • Risk Analysis:  Business Rationale | Risk Identification, Classification, and Assessment 
  • Addressing Risk with Security Policy, Organization, and Awareness: Cyber Security Management System Scope | Organizational Security | Staff Training and Security Awareness
  • Addressing Risk with Selected Security Counter Measures: Personnel Security | Physical and Environmental Security | Network Segmentation | Access Control
  • Addressing Risk with Implementation Measures: Risk Management and Implementation | System Development and Maintenance | Information and Document Management
  • Monitoring and Improving the CSMS: Compliance and Review | Improve and Maintain the CSMS
  • Validating or Verifying the Security of Systems: What is being done? | Developing Secure Products and Systems

 

Classroom/Laboratory Demo:

  • PCAP Live Capture Analysis

 

Includes ISA Standards:

  • ANSI/ISA-62443-1-1 (ANSI/ISA-99.00.01-2007), Security for Industrial Automation and Control Systems Part 1: Terminology, Concepts & Models
  • ANSI/ISA-62443-2-1 (ANSI/ISA-99.02.01-2009), Security for Industrial Automation and Control Systems: Establishing an Industrial Automation and Control Systems Security Program
  • ANSI/ISA-62443-3-3, Security for industrial automation and control systems: System security requirements and security levels
speaker headshot

Instructor: Carlos Montes Portela
ISA/IEC 62443 Trainer, Senior OT/ICS Cybersecurity Manager

time iconJune 20, 2024 08:30

ISA Training: Assessing the Cybersecurity of New Existing IACS Systems (IC33)

Savoy Place | Wedmore Boardroom (Day 1); Mountbatten Exhibition Room (Day 2)

Onsite/In-person delivery (Separate Registration Fees Apply)


Course days: 20-21 June 2024 

Course Hours: 8:30 a.m. - 5:00 p.m. 

CEU Credits: 1.4 

Certification of Completion: A certificate of completion indicating the total number of CEUs earned will be provided upon successful completion of the entire two-day course. 

 

Learning Objectives 

  • Identify and document the scope of the IACS under assessment
  • Specify, gather, or generate the cybersecurity information required to perform the assessment 
  • Identify or discover cybersecurity vulnerabilities inherent in the IACS products or system design 
  • Interpret the results of a Process Hazard Analysis (PHA) 
  • Organize and facilitate a cybersecurity risk assessment for an IACS 
  • Identify and evaluate realistic threat scenarios 
  • Identify and assess the effectiveness of existing countermeasures 
  • Identify gaps in existing policies, procedures, and standards 
  • Evaluate the cost, complexity, and effectiveness of new countermeasures to make meaningful recommendations 
  • Establish and document security zones and conduits 
  • Develop a Cybersecurity Requirements Specification (CRS) 

  

Topics Covered 

 

Preparing for an Assessment 

  • Security lifecycle 
  • Scope 
  • System architecture diagrams 
  • Network diagrams 
  • Asset inventory 
  • Cyber criticality assessment 

 

Cybersecurity Vulnerability Assessment 

  • Risk 
  • Types of cybersecurity vulnerability assessments 
  • High-level assessments 
  • Passive and active assessments 
  • Penetration testing 
  • Conducting high-level assessments 
  • Assessment tools 
  • Cyber Security Evaluation Tool (CSET) 


speaker headshot

Instructor: Prashanth AC
Cybersecurity Strategy and Program, IEC 62443 Expert, Implementer and Trainer

ThankYou to Our Sponsors

Platinum Sponsor

Gold Sponsor

Silver Sponsor

Reception Sponsor

Booth Sponsor

Conference e-Book Sponsor

Break Sponsor

FAQsFrequently Asked Questions inquire


Increase your understanding of how to use standards and conformance systems to keep operational technology (OT) safe and secure.