September

Sunday – Friday,
16-21 June 2024

NO TRAVEL NEEDED

Savoy Place – London, UK
Strand Palace – London, UK

GUEST EXPERTS

Technical Content and Training Courses

LEARN & NETWORK

Learn & Network

AboutThe Event intro

This event will focus on the leading international standards and conformance systems that are being used to keep operational technology (OT) safe and secure in industries such as energy, manufacturing, building automation, and more. New developments within the ISA/IEC 62443 standards series will be highlighted and technical training and certification programs designed to help you implement the standards into your business operations and workforce will be reviewed. Professionals involved in the security process should attend this event to learn more about workforce development strategies, hardware and software protection practices, and ways to improve infrastructure and data security measures.


Venues

Conference Venue: Savoy Place – London, UK
Conference Venue and Hotel: Strand Palace – London, UK

Attendees will be able to participate in live sessions, networking breaks, receptions, and tabletop exhibits. After the conference, presentation recordings will be uploaded for all participants and registrants who purchased the Post-Event Recording and Virtual Tradeshow Pass.

Make sure to check the agenda for the exact location and venue where your sessions will take place.

Professionals involved in the security process should attend this event to learn more about workforce development strategies, hardware and software protection practices, and ways to improve infrastructure and data security measures.

Join an audience of fellow technical professionals including

Who Should Attend?

  • Automation Engineers
  • Process Control Engineers
  • Security Engineers
  • QA Engineers
  • Plant Engineers
  • Manufacturing Engineers
  • ICS Cybersecurity Engineers
  • Digital Transformation Managers
  • Engineering Managers
  • Security Operations Center (SOC) Managers
  • Compliance and Risk Managers
  • Chief Information Officers (CIOs)
  • Chief Information Security Officers (CISOs)

Why Should I Attend?

  • Sarah Fluchs will be discussing her role in the 3-2 updates on the 62443 Standard Series.
  • Learn how CR8, Network and Information Systems Directive 2 (NIS2) and the European Artificial Intelligence Act (EU AI Act) could impact your business and hear examples of what other companies are doing to adjust for these new regulations around cybersecurity.
  • Hear case studies on new cyber threats, where they are coming from and next steps to combat them for your company.
  • See examples of new technology and how it is impacting manufacturing and energy industries on the cybersecurity front.
  • Every employee is on the front line for handling cybersecurity issues. Ensure your workforce is ready to handle new issues and implement a cyber business strategy that works.

AgendaPreliminary Programschedule

Agenda

time iconJune 17, 2024 08:00

Incident Command System for Industrial Control Systems Workshop

Savoy Place | Flowers Room

Onsite/In-person delivery (Separate Registration Fees Apply)

Incident Command System for Industrial Control Systems (ICS4ICS) is designed to improve cybersecurity incident response efforts that impact industry by combining three capabilities that already exist in most companies:

1) Incident Command System is a proven process for managing various types of incidents

2) Cybersecurity teams leverage Computer Incident Response processes to investigate cyber

3) Industrial Control System/Operational Technology experts manage the technical aspects of many types of incidents

This session will help participants learn how ICS4ICS is the emergency cyber reposnse for workforce development. 

time iconJune 16, 2024 09:00

Europe, Middle East, and Africa (EMEA) District Leadership Conference

Strand Palace

Day 1 | 09:00 - 17:00

This is a meeting of coded section volunteers of the Europe, Middle East, and Africa District. 

time iconJune 17, 2024 08:00

Europe, Middle East, and Africa (EMEA) District Leadership Conference

Strand Palace

Day 2 | 08:00 - 12:00

This is a meeting of coded section volunteers of the Europe, Middle East, and Africa District. 

time iconJune 17, 2024 13:00

Volunteer Workshop

Strand Palace

This custom-designed workshop crafts plans for mission-focused, vibrant, and successful sections and divisions. Current and aspiring volunteers will leave this workshop with a plan, with energy, with knowledge, and with an expanded network of other volunteers who believe in and want to shape ISA’s future.

time iconJune 17, 2024 17:00

Young Professionals Reception

Strand Palace
time iconJune 18, 2024 08:00

Morning Tea

Savoy Place | Maxwell Library
time iconJune 18, 2024 08:30

Keynote: Security by Design - A Communication Problem?

speaker headshot Sarah Fluchs
CTO of admeritia
Savoy Place | Kelvin Theatre

Security by Design is one of the things that are hard to argue against: Considering security early on during design instead of bolting on security later sounds like a no-brainer. Also, the issue has the attention of international policymakers. It’s going to be mandated in the EU Cyber Resilience Act, and national security authorities from dozens of countries, led by US CISA, are pushing it globally through joint recommendations. If everybody wants Security by Designs and we have all these recommendations for secure by design principles – then why is it still not done? Maybe it’s not the technology. Maybe not even the money. Maybe the problem we need to solve is a communication problem. Sarah shows new approaches for communicating cybersecurity – during design as well as after design, between engineers as well as towards management and an interested public.

time iconJune 18, 2024 09:30

Intelligence Evolution Track: Intro to Intelligence Evolution

Savoy Place | Kelvin Theatre

In this introduction to intelligence evolution, our expert presenter will provide an overview of the latest advancements in artificial intelligence, machine learning, and data analytics, and explore how these technologies are transforming the way we understand and interact with the world around us.

time iconJune 18, 2024 09:30

IoT Cybersecurity Track: Intro to Cybersecurity

speaker headshot Brian Holliday
Managing Director, Siemens, Co-Chair Made Smarter Commission, Made Smarter UK
Savoy Place | Turing Theatre

In this introductory session, Brian Holliday will talk about his experience with Made Smarter UK and provide a comprehensive overview of the fundamentals of cybersecurity. Attendees will gain a solid understanding of the key concepts, strategies, and best practices for protecting digital assets and mitigating risk in today's interconnected world. Don't miss this opportunity to lay the foundation for a stronger, more secure digital future!

time iconJune 18, 2024 10:15

Cyber Pavilion Tech Demo Break: Sponsored by UL Solutions

Savoy Place | Kelvin Theatre

Join us for a presentation by UL Solutions.

time iconJune 18, 2024 10:45

Cyber Escape Room

Savoy Place | Flowers Room

Onsite/In-person delivery (Separate Registration Fees Apply)

Join us in our immersive OT cyber escape room. Using the latest shared immersive technology, we’ve created a realistic OT environment in virtual space.

Imagine you're on an offshore oil and gas floating production unit. In the control room a ransomware message pops up on a control system console. Now your marine team has no visibility or control over the mooring and buoyancy systems. Your team has 15 minutes to solve the challenges our AI engine presents before the facility experiences a loss of stability and capsizes. Can you succeed before the clock runs out? Who will complete the challenge, and who will be the fastest to reach the goal?

time iconJune 18, 2024 10:45

Intelligence Evolution Track: Leveraging an outcomes-based approach with international standards to mitigate cyber risks

speaker headshot Mohammed Zumla
Managing Consultant, Cyber ICS
Savoy Place | Kelvin Theatre

Operators of essential services, regulators, government, vendors, and consultancies have been navigating their way through compliance. Although the spirit of NIS regulations is to uplift the overall level of cyber resilience for critical national infrastructure, the journey has been complex and often misunderstood by many. This presentation helps all those concerned to focus on this spirit and develop a staged approach to both satisfy compliance requirements and be resilient against the ever-evolving threats.

time iconJune 18, 2024 10:45

IoT Cybersecurity Track: Secure by Design

speaker headshot Rob Barnes
Cyber Security Technical Specialist, Rolls-Royce
Savoy Place | Turing Theatre

In this informative session, Rob Barnes will delve into the core principles of Secure by Design, a critical approach to developing secure software and systems from the ground up. Attendees will learn about best practices for incorporating security into the entire development lifecycle, from design and coding to deployment and maintenance. This talk is designed for anyone looking to enhance their understanding of how to build security into the foundation of digital products and services.

time iconJune 18, 2024 11:15

Lunch Break I

Savoy Place | Maxwell Library
time iconJune 18, 2024 11:30

IoT Cybersecurity Track: ENISA Horizontal Policy

Savoy Place | Turing Theatre

Join us for an engaging discussion about the important role of ENISA Horizontal Policy in shaping the cybersecurity landscape in the European Union. Our speaker will discuss the key components of this policy, and attendees will gain valuable insights into how these policies contribute to EU cyber policy, enhance trustworthiness, and shape the management of cybersecurity resources.

time iconJune 18, 2024 12:00

IoT Cybersecurity Track: Impact of New Tech in Standards

Savoy Place | Turing Theatre

Join us as we discuss the complex interplay between new technology standards in the rapidly evolving world of cybersecurity. Attendees will learn about the ways in which emerging technologies, such as AI, IoT, and cloud computing, are shaping the development and enforcement of security standards. The talk will explore the challenges and opportunities presented by this intersection, as well as the implications for the future of cybersecurity. This session is designed for anyone seeking to enhance their understanding of how new technologies are transforming the standards landscape and how to effectively navigate these changes to maintain a strong security posture.

time iconJune 18, 2024 12:15

Intelligence Evolution Track: Fireside Chat: Understanding the Hardware Side of Supply Chain Risk and Protecting It

speaker headshot Cassie Crossley
Vice President, Supply Chain Security in the global Cybersecurity & Product Security Office at Schneider Electric
speaker headshot CISA, U.S. Department of Homeland Security

speaker headshot Exiger

Savoy Place | Kelvin Theatre

In this informative fireside chat, our speakers will explore the dynamic relationship between the hardware side of supply chain risk and how to protect it. Our panel of industry experts will discuss the unique challenges and opportunities, offering valuable insights on how to leverage intelligence to identify and mitigate risks in the hardware supply chain. Attendees will learn about the latest trends and best practices for securing their own hardware infrastructure and gain practical advice on how to stay ahead of emerging threats.

time iconJune 18, 2024 12:30

Lunch Break II

Savoy Place | Maxwell Library
time iconJune 18, 2024 12:45

Intelligence Evolution Track: Supply Chain Intelligence Sharing

speaker headshot Chris Blask
Vice President of Strategy, Cybeats
Savoy Place | Kelvin Theatre

Software Bills of Materials (SBOMs) and other supply chain intelligence is being shared at an increasing pace and volume. As part of this trend, the CISA SBOM Sharing working group published a document early this year that defines the three Roles in SBOM Sharing - SBOM Author, SBOM Distributor, and SBOM Consumer - and the considerations related to each. In this session the co-chair of that working group will describe for attendees the shape of current and future supply chain intelligence networks and the actionable steps attendees can take when they find themselves in any of these roles.

time iconJune 18, 2024 13:30

Linking Hardware and Software for Panel Discussion

speaker headshot Rob Barnes
Cyber Security Technical Expert, Rolls-Royce Civil Nuclear UK
speaker headshot CISA, U.S. Department of Homeland Security

speaker headshot Speaker from Schneider Electric
Schneider Electric
speaker headshot Speaker from Siemens
Siemens
Savoy Place | Kelvin Theatre

In this informative panel discussion, we will explore the critical link between hardware and software in securing our digital world. Listen as our panelists talk about the intersection of these two crucial components of cybersecurity, discussing the latest trends, challenges, and opportunities in securing both hardware and software systems. Learn about the importance of a implementing a holistic approach to cybersecurity, as well as practical strategies for enhancing the security of both hardware and software infrastructure.

time iconJune 18, 2024 14:30

Intelligence Evolution Track: Securing Your Networks with the Addition of 5G Technology

speaker headshot Greig Paul
University of Strathclyde
Savoy Place | Kelvin Theatre

As technology continues to evolve, so do the threats to our networks. The addition of 5G technology brings new challenges and opportunities for securing our networks. In this technical session, we will explore the latest developments in 5G technology and the impact on network security. Our expert speakers will discuss the intelligence evolution and how it affects the security of our networks. Attendees will gain insights into the best practices for securing 5G networks and learn about the emerging threats and mitigation strategies.

time iconJune 18, 2024 14:30

IoT Cybersecurity Track: Business Case - OT Cybersecurity

speaker headshot Patrick O'Brien
exida, Cybersecurity Team Leader
Savoy Place | Turing Theatre

In this insightful session, Patrick O’Brien will share the critical importance of safety and OT cybersecurity through a practical business use case. Learn how businesses can integrate safety and cybersecurity measures to protect their critical infrastructure, minimize risks, and ensure the safety of their operations. Attendees will gain valuable insights on the latest trends and best practices in OT safety and cybersecurity, as well as a real-world example of how a business successfully implemented these measures to safeguard their operations. 

time iconJune 18, 2024 15:00

Afternoon Tea Break

Savoy Place | Maxwell Library
time iconJune 18, 2024 15:15

Cyber Pavilion Tech Demo Break: Sponsored by Armis

Savoy Place | Kelvin Theatre

Join us for a presentation by Armis.

time iconJune 18, 2024 15:45

Intelligence Evolution Track: Post Quantum

speaker headshot Andersen Cheng
Founder of Post-Quantum, Expert on Quantum Cyber Security
Savoy Place | Kelvin Theatre

Is quantum computing the new Y2K?  Our presenter will talk about Crypto BoMs, the importance of a quantum plan, challenges and opportunities, and the new face quantum computing leaves us with.

time iconJune 18, 2024 15:45

IoT Cybersecurity Track: Cybersecurity in Action: Real-World Applications of ISA/IEC 62443 in Energy Storage Systems

speaker headshot SZ Lin
Embedded Linux Developer, Debian
Savoy Place | Turing Theatre

This presentation explores the integration of cybersecurity measures in energy storage systems (ESS), a vital aspect in the increasingly interconnected and digitalized energy sector. It focuses on the practical application of the ISA/ IEC 62443 standard, an essential framework for industrial cybersecurity, especially within the context of ESS. The session highlights common challenges faced by organizations in the energy sector during the implementation of these standards and pinpoints crucial areas requiring attention for a robust cybersecurity posture.

The overview covers unique cybersecurity challenges presented by energy storage systems, including operational complexities and potential cyber-physical threat risks. The discussion then delves into the specifics of applying ISA/ IEC 62443 in ESS, discussing various components such as system and component requirements, and their effective integration into the energy storage ecosystem.

This presentation significantly focuses on addressing the common challenges encountered in the implementation of ISA/IEC 62443 in ESS. Key among these challenges are the responsibilities and communication between asset owners and service providers, the methodologies for conducting risk assessments, the search for products compliant with the standards of 62443, the interplay and awareness of safety and cybersecurity, and the complexities involved in maintaining compliance with continuously evolving standards. To bring these points to life, real-world examples are provided, showcasing how these challenges directly impact the security and operational functionality of energy storage systems.

Additionally, the session highlights key considerations for successful implementation, emphasizing the need for a comprehensive cybersecurity strategy that encompasses technical solutions, organizational policies, and a culture of security awareness. The importance of a risk-based approach, regular vulnerability assessments, and the integration of cybersecurity considerations into the design and development phase of ESS are also underscored.

time iconJune 18, 2024 17:00

ISAGCA/ISA Secure Welcome Reception

Savoy Place | Riverside Terrace
time iconJune 19, 2024 08:00

Morning Tea

Savoy Place | Maxwell Library
time iconJune 19, 2024 08:30

Keynote: The Intersection of Sustainability and Cybersecurity

speaker headshot Simon Hodgkinson
Formerly CISO, BP
Savoy Place | Kelvin Theatre

As the world becomes increasingly digitized, the importance of cybersecurity is greater than ever. At the same time, the growing awareness of the environmental impact of technology has made sustainability a crucial consideration. In this keynote, we will explore the intersection of these two critical issues and discuss how organizations can balance security and sustainability in their digital strategies.

Attendees will gain a deeper understanding of the relationship between cybersecurity and sustainability and learn practical strategies for building a secure and environmentally responsible digital future.

time iconJune 19, 2024 09:15

Cyber Escape Room

Savoy Place | Flowers Room

Onsite/In-person delivery (Separate Registration Fees Apply)

Join us in our immersive OT cyber escape room. Using the latest shared immersive technology, we’ve created a realistic OT environment in virtual space.

Imagine you're on an offshore oil and gas floating production unit. In the control room a ransomware message pops up on a control system console. Now your marine team has no visibility or control over the mooring and buoyancy systems. Your team has 15 minutes to solve the challenges our AI engine presents before the facility experiences a loss of stability and capsizes. Can you succeed before the clock runs out? Who will complete the challenge, and who will be the fastest to reach the goal?

time iconJune 19, 2024 09:30

Intelligence Evolution Track: Combatting Cybersecurity with Sustainability

speaker headshot Prabhu Soundarrajan
ISA President
Savoy Place | Kelvin Theatre

In intelligence evolution, it is important to know where you are in the world. What laws, standards, regulations, and technologies are impacting you? In this session, we will discuss new laws, regulations and standards in the EU, UK, and US. We will dive into how those new laws and challenges impact us for a new greener and safer network.

time iconJune 19, 2024 09:30

IoT Cybersecurity Track: Securing IoT

Savoy Place | Turing Theatre

As technology continues to advance, so do the threats to cybersecurity. Staying ahead of cybercriminals is crucial for the protection of sensitive information and infrastructure. In this session, we will explore the current state of cybersecurity and discuss the future trends and challenges that organizations will face.

This session will provide you with the knowledge and tools you need to stay ahead of the curve and protect your organization against emerging cybersecurity threats.

time iconJune 19, 2024 10:15

Cyber Pavilion Tech Demo Break: Sponsored by Dragos

Savoy Place | Kelvin Theatre

Join us for a special by Dragos.

time iconJune 19, 2024 10:45

Intelligence Evolution Track: Critical Infrastructure: Introduction to RUSI

speaker headshot Jack Duffield
Royal United Services Institute
Savoy Place | Kelvin Theatre

Critical infrastructure, such as energy, transportation, and communications systems, are essential for the functioning of our society. However, these systems are also vulnerable to cyber-attacks, which can have severe consequences. In this session, we will discuss the importance of threat intelligence in protecting critical infrastructure and share strategies for identifying and mitigating emerging threats.

time iconJune 19, 2024 10:45

IoT Cybersecurity Track: Navigating the Complexities of Maritime Cybersecurity: Challenges, Controls, and Collaboration

speaker headshot Christopher Stein
Lead Engineer, Maritime Cybersecurity, Royal Caribbean
Savoy Place | Turing Theatre

The maritime industry is rapidly digitizing, making cybersecurity a critical concern. Join us as we explore the unique challenges of cybersecurity in maritime environments, including the need to balance safety and security and the challenges of applying traditional Industrial Control Systems (ICS) security measures. Learn about the key cybersecurity controls for the maritime industry – such as asset management, multi-factor authentication, and risk assessment – and come to understand the importance of collaboration between maritime stakeholders, including shipowners, equipment manufacturers, and cybersecurity experts, to develop effective cybersecurity strategies and mitigate risks. Drawing on real-world examples from companies like Royal Caribbean, Christopher Stein will provide insights into how the maritime industry can navigate the complexities of cybersecurity and ensure the safety and security of its operations.

time iconJune 19, 2024 11:15

Lunch Break I

Savoy Place | Maxwell Library
time iconJune 19, 2024 11:30

IoT Cybersecurity Track: AI and Self Driving Cars, Image and Speech Generation and Cybersecurity

speaker headshot Dr. Andrew Rogoyski
Director of Innovation, Surrey Institute for People-Centered AI
Savoy Place | Turing Theatre

Artificial intelligence is transforming various industries, from transportation to cybersecurity. In this session, we will explore the latest developments in AI and discuss how it is being used to create self-driving cars, generate images and speech, and protect against cyber threats. This session will provide a deeper understanding of the capabilities and limitations of AI and its potential impact on various industries.

time iconJune 19, 2024 12:00

IoT Cybersecurity Track: Workforce Development

speaker headshot Sean McBride
Director, Informatics Research Institute, Idaho State University
Savoy Place | Turing Theatre

Many countries face a national security imperative to develop a workforce capable of securely designing, building, operating, maintaining, and defending critical infrastructure industrial automation and control systems. This presentation presents the results of a years-long collaborative research project among the International Society of Automation (ISA), Idaho National Laboratory (INL), and Idaho State University (ISU) to create a curricular guidance document that describes what an industrial cybersecurity professional needs to know that is DIFFERENT from a traditional IT cybersecurity professional. The resulting Curricular Guidance: Industrial Cybersecurity Knowledge document is a foundational element to educating and training the interdisciplinary cybersecurity workforce of the future.

time iconJune 19, 2024 12:15

Intelligence Evolution Track: Military Offensive Operations on Critical Infrastructure

speaker headshot Gentry Lane
CEO & Founder, NovaIntel
Savoy Place | Kelvin Theatre

The companies responsible for the critical goods and services that we rely on every day are finding themselves on the front line of a live, multinational cyber conflict....with no strategy, no means of coordination, no leader, unevenly distributed and inadequate defenses, no timely intelligence, and no training in military cyber combat. Worst of all, many of the boards & C-suites execs of these companies don’t understand and dismiss the gravity and larger geopolitical national security implications of state-sponsored aggression on their company.

This is the reality of cyber conflict today and a formula for defeat.

This talk is a wake up call with solutions. We'll examine the current capability gaps and requirements required for investor owned companies to be able to reliably defend against and deter persistent focused aggression from the major threat actors.

time iconJune 19, 2024 12:30

Lunch Break II

Savoy Place | Maxwell Library
time iconJune 19, 2024 12:45

Intelligence Evolution Track: Water Case Study

Savoy Place | Kelvin Theatre

Many industries shy away from digitization efforts due to low budgets, uncertainty in the marketplace, or supply chain issues, which leave older systems vulneable. In this session we will discuss how to modernize older OT systems with newer cyber plans to protect from outside threats. 

time iconJune 19, 2024 13:30

Threat Intelligence Panel Discussion

Savoy Place | Kelvin Theatre

In this panel discussion, we will bring together experts in the field of threat intelligence to share their experiences, strategies, and best practices. Our panelists will discuss the current state of threat intelligence, including the latest trends, challenges, and opportunities. Attendees will also learn about strategies and best practices for building and maintaining a threat intelligence program that can help your organization stay ahead of emerging threats.

time iconJune 19, 2024 14:30

Cyber Pavilion Tech Demo Break: Sponsored by Cyolo

Savoy Place | Kelvin Theatre

Join us for a presentation by Cyolo.

time iconJune 19, 2024 15:00

Afternoon Tea Break

Savoy Place | Maxwell Library
time iconJune 19, 2024 15:15

Standards Workshop

Savoy Place | Turing Theatre
time iconJune 19, 2024 16:15

Closing Session

Savoy Place | Kelvin Theatre
time iconJune 20, 2024 08:00

ISA Training: Using the ISA/IEC 62443 Standards to Secure Your Control Systems (IC32)

speaker headshot Carlos Montes Portela
ISA/IEC 62443 Trainer, Senior OT/ICS Cybersecurity Manager

Onsite/In-person delivery (Separate Registration Fees Apply)

  • Course days: 20-21 June 2024
  • Course Hours: 8:00 a.m. - 4:00 p.m.
  • CEU Credits: 1.4
  • Certification of Completion: A certificate of completion indicating the total number of CEUs earned will be provided upon successful completion of the entire two-day course.

Description:

The move to using Ethernet, TCP/IP, and web technologies in supervisory control and data acquisition (SCADA) and process control networks has exposed these systems to the same cyberattacks that have wreaked havoc on corporate information systems. This course provides a detailed look at how the ISA/IEC 62443 standards framework can be used to protect critical control systems. It also explores the procedural and technical differences between the security for traditional IT environments and those solutions appropriate for SCADA or plant floor environments.

 

You will be able to:

  • Discuss the principles behind creating an effective long term program security
  • Interpret the ISA/IEC 62443 industrial security framework and apply them to your operation
  • Define the basics of risk and vulnerability analysis methodologies
  • Describe the principles of security policy development
  • Explain the concepts of defense in depth and zone/conduit models of security
  • Analyze the current trends in industrial security incidents and methods hackers use to attack a system
  • Define the principles behind the key risk mitigation techniques, including anti-virus and patch management, firewalls, and virtual private networks

 

You will cover:

  • Understanding the Current Industrial Security Environment: What is Electronic Security for Industrial Automation and Control Systems? | How IT and the Plant Floor are Different and How They are the Same
  • How Cyberattacks Happen: Understanding the Threat Sources | The Steps to Successful Cyberattacks
  • Creating A Security Program:  Critical Factors for Success/Understanding the ANSI/ISA-62443-2-1 (ANSI/ISA-99.02.01-2009)- Security for Industrial Automation and Control Systems: Establishing an Industrial Automation and Control Systems Security Program
  • Risk Analysis:  Business Rationale | Risk Identification, Classification, and Assessment 
  • Addressing Risk with Security Policy, Organization, and Awareness: Cyber Security Management System Scope | Organizational Security | Staff Training and Security Awareness
  • Addressing Risk with Selected Security Counter Measures: Personnel Security | Physical and Environmental Security | Network Segmentation | Access Control
  • Addressing Risk with Implementation Measures: Risk Management and Implementation | System Development and Maintenance | Information and Document Management
  • Monitoring and Improving the CSMS: Compliance and Review | Improve and Maintain the CSMS
  • Validating or Verifying the Security of Systems: What is being done? | Developing Secure Products and Systems

 

Classroom/Laboratory Demo:

  • PCAP Live Capture Analysis

 

Includes ISA Standards:

  • ANSI/ISA-62443-1-1 (ANSI/ISA-99.00.01-2007), Security for Industrial Automation and Control Systems Part 1: Terminology, Concepts & Models
  • ANSI/ISA-62443-2-1 (ANSI/ISA-99.02.01-2009), Security for Industrial Automation and Control Systems: Establishing an Industrial Automation and Control Systems Security Program
  • ANSI/ISA-62443-3-3, Security for industrial automation and control systems: System security requirements and security levels
time iconJune 20, 2024 08:00

ISA Training: Assessing the Cybersecurity of New Existing IACS Systems (IC33)

speaker headshot Prashanth AC
Cybersecurity Strategy and Program | IEC 62443 Expert, Implementer and Trainer | SIS | NERC-CIP | SDLC for OT product & solution
Savoy Place

Onsite/In-person delivery (Separate Registration Fees Apply) 

Course days: 20-21 June 2024 

Course Hours: 8:00 a.m. - 4:00 p.m. 

CEU Credits: 1.4 

Certification of Completion: A certificate of completion indicating the total number of CEUs earned will be provided upon successful completion of the entire two-day course. 

 

Learning Objectives 

  • Identify and document the scope of the IACS under assessment
  • Specify, gather, or generate the cybersecurity information required to perform the assessment 
  • Identify or discover cybersecurity vulnerabilities inherent in the IACS products or system design 
  • Interpret the results of a Process Hazard Analysis (PHA) 
  • Organize and facilitate a cybersecurity risk assessment for an IACS 
  • Identify and evaluate realistic threat scenarios 
  • Identify and assess the effectiveness of existing countermeasures 
  • Identify gaps in existing policies, procedures, and standards 
  • Evaluate the cost, complexity, and effectiveness of new countermeasures to make meaningful recommendations 
  • Establish and document security zones and conduits 
  • Develop a Cybersecurity Requirements Specification (CRS) 

  

Topics Covered 

 

Preparing for an Assessment 

  • Security lifecycle 
  • Scope 
  • System architecture diagrams 
  • Network diagrams 
  • Asset inventory 
  • Cyber criticality assessment 

 

Cybersecurity Vulnerability Assessment 

  • Risk 
  • Types of cybersecurity vulnerability assessments 
  • High-level assessments 
  • Passive and active assessments 
  • Penetration testing 
  • Conducting high-level assessments 
  • Assessment tools 
  • Cyber Security Evaluation Tool (CSET) 

Oursponsors

Platinum Sponsor

Gold Sponsor

Reception Sponsor

FAQsFrequently Asked Questions inquire


Increase your understanding of how to use standards and conformance systems to keep operational technology (OT) safe and secure.