Tuesday, 3 April 2018

Nuclear Cyber Security Conference returns to Warrington United Kingdom

On May 22/23rd the Cyber Senate 3rd annual Industrial Control Cybersecurity Nuclear conference returns to Warrington, United Kingdom. This year's show includes a superior line up of specialist thought leadership from asset owners, cybersecurity subject matter experts, consultants, integrators and leading academics addressing best practice across the nuclear ecosystem.

We are pleased to welcome back Chris Blask, Chair, US ICS ISAC as our panel moderator and Chairman for the event. The Cyber Senate will also be hosting day two working group roundtables for attendees to dive deeper into topics on standardization, supply chain and IOT risk and incident response.

This year we welcome a new view on the nuclear integrator’s perspective "Industry 4.0 Standardization on Cybersecurity & Interoperability." Presented by Dr. Karl WAEDT, Concepts & Architecture and Cybersecurity, Framatome GmbH, this talk will further address:
  • Cybersecurity in Industry 4.0
  • Interoperability and Functional Safety in Industry 4.0
  • The Safety / Cybersecurity Interface
  • Relation to Generic and Nuclear Cybersecurity Standards
  • Impact on Nuclear and Critical Infrastructure
Early Bird registrations have now ended but we still have incentives for Group Bookings.
Call +44 (0)20 7096 5081 or email marketing@cybersenate.com

3rd Annual
Nuclear Industrial Control Cybersecurity and Resilience Conference 
May 22/23rd
Warrington United Kingdom
Royal Parks Hotel
Sponsored by Unisys, Context Information Security and Engie Laborelec

Partners include iHacklabs, CDM Magazine and Infosec Conferences
Next Events

5th Annual Industrial Control Cyber Security USA
Mitigating cybersecurity impact on safety systems
Citizens Hotel Sacramento California | Sept 18/19th 2018

5th Annual Industrial Control Cyber Security Europe: Cyber Security for Industry 4.0
IOT/OT Security, Mitigating the Impact on Safety Cases. Smart Grid, Nuclear, Oil and Gas, Rail, Maritime, Aviation, Chemical and more
Marriott Hotel Regents Park London, England | October 9/10th 2018

2nd Annual Aviation Cyber Security Summit Summit
Identifying Priorities and Mitigating the Cyber Impact on Safety Cases
Royal Aeronautical Society London, England | November 6/7th 2018

Nuclear Asset Information Monitoring and Maintenance
Leveraging People, Process and Technology to meet Organisational Goals
The Park Royal, Warrington United Kingdom

Monday, 16 October 2017

DDoS attacks on rail infrastructure

According to recent press, "DDoS attacks on two separate days have brought down several IT systems employed by Sweden's transport agencies, causing train delays in some cases. The incidents took place early in the mornings of Wednesday and Thursday, October 11 and 12, this week.
Trafikverket officials said the attack was cleverly aimed at TDC and DGC, the agency's two service providers, but they were both aimed in such a way to affect the agency's services.
Trafikverket was able to restore service in a few hours, but the delays affected the entire day's train operations.
While initially, some might have thought this was a random incident, the next day, a similar DDoS attack hit the website of another government agency, the Sweden Transport Agency (Transportstyrelsen), and public transport operator Västtrafik, who provides train, bus, ferry, and tram transport for parts of Western Sweden."
-- Source Bleeping Computer

Fortunately there was no loss of life, however, according to reports Trafikverket's email systems and website were down and passengers were unable to make reservations or get travel information updates.

"In July 2017 criticism was mounting over IT security at Swedish government agencies after it emerged that millions of Swedes' driving licence data may have been leaked to other countries. Sweden's security police Säpo has investigated the Swedish Transport Agency (Transportstyrelsen) after information about all vehicles in the country – including police and military – was made available to IT workers in Eastern Europe who had not gone through the usual security clearance checks when the agency outsourced its IT maintenance to IBM in 2015.
One Transport Agency staff member described the outsourcing without proper security checks as handing over "the keys to the Kingdom" in an interview with Säpo, reports DN.- Source " source-TheLocal.SE' July 2017 

The Cyber Senate 3rd Annual Rail Cyber Security Summit will continue to address the key most critical issues challenging rail and infrastructure owners in the transport sector March 13/14th in London 2018. We are already confirming speakers and our headline solution providers will be announced imminently.

The 2018 Summit will be a two-day single-track senior level business critical and technical summit including multiple panel sessions and roundtables addressing the following but limited to; 
  • SOC's and different models that can contribute to cybersecurity management for the sector
  • Incident Response and Anomoly Detection
  • Government and Industry- Creating a Culture of Awareness, defining leadership for the sector
  • Developing a baseline for cyber maturity
  • What we can learn from vertical sectors including nuclear, oil and gas, utilities, aviation and chemcial
  • Securing IOT and IOT - Playing Catch-Up in the 21st Century
  • Securing asset information, passenger information systems
  • Cyber Security and Safety- Ensuring operational integrity
  • Supply Chain Security and Managing 3rd Party Risk
Call for Papers

3rd Annual 
Rail Cyber Security Summit 

London England
13th & 14th March 2018
The Marriott Regents Park
Sponsorship available for a limited time

Tuesday, 10 October 2017

Aviation Cyber Security, Industrial Control Cyber Security and Critical Infrastructure Protection

How secure are aviation flight systems and passenger data? What actionable steps can airline executives take to position themselves to be prepared for the evolving threat landscape?
How can we better secure asset information, manage data, increase efficiencies, collaboration and competitiveness when software is inherently vulnerable?
Join us November 21/22 in London England as the Cyber Senate address key challenges facing the aviation sector in a two-day in-depth engagement with industry leaders, including interactive panel sessions on Supply Chain and IOT Risk, Safety and Cyber Security Integration, Building a Culture of Awareness, Gaining C Level Buy-In, Public and Private Information Sharing and more.

Today we welcome Peter Cooper, Independent cyber security advisor, Nonresident Senior Fellow, Atlantic Council Cyber Statecraft Initiative, who will join us discussing:
Cyber Security – Perception or Inception?
  • Why perceptions are critical in aviation cyber security?
  • Defender and adversary perceptions?
  • What are we defending, what are they attacking?
  • Using this knowledge for better strategy and more accurate risk management

Aviation Cyber Security Summit

London United Kingdom
November 21/22
Marriott Regents Park Hotel
Headline Sponsors Airbus and SITA
Co-Sponsors Unisys
Save £200 before October 26th using code EARLYBIRD
Airlines, Airports and Aviation Asset Owners are FREE

Interests in our shows? Contact marketing@cybersenate.com or Daryl.Fig@cybersenate.com

Thought Leaders confirmed:
  • Chris Blask, U.S ICS ISAC, UNISYS, Director Industrial Control Security
  • Kevin Borley, Bristol Airport, Head of IT and Innovation    
  • Anson Fong, Los Angeles World Airports,Chief Information Security Officer 
  • Mike Heath, Calgary Airport Authority, Information Security Lead
  • Deb Helton, Dallas Fort Worth International Airport, Emergency Management Administrator    
  • Dr Paul Hunton, Hunton Woods Limited, Digital Forensics Expert
  • Chris Johnson, University of Glasgow, Head of Computing    
  • Phil Jones, Airbus, Chief Operating Officer    
  • Jonas Jorgensen, Copenhagen Airports, IT Director    
  • Ladislav Kašpar, Czech Airlines, j.s.c., Head of Security and Emergency Response Planning    
  • Filippos Komninos, Athens International Airport S.A, Information Security Specialist    
  • Francesco Di Maio, ENAV, Head, Security Department
  • Rossella Mattioli, ENISA, Officer in Network and Information Security
  • John Hird, Eurocontrol, ATM Security Specialist Directorate ATM, CMC/SEC 
  • Gerry Ngu, CERT-EU/ EASA, Cybersecurity in Aviation Officer
  • Cecil Pineda, Dallas Fort Worth International Airport, Assistant Vice President, Technology Security Information Technology Services    
  • Fazle R Quasha, Fort McMurray Airport Authority, Manager Information Technologies    
  • Matt Shreeve, Helios, Principal Consultant
  • Peter Williams, Manchester Airports Group (MAG), Chief Information Security Officer    
  • Peter Cooper, Nonresident Senior Fellow, Cyber Statecraft Initiative, Brent Scowcroft Centre on International Security, Atlantic Council

    Who attends?
    Delegates will be made up of key security decision makers from airports and airlines around the world. The purpose of the summit is to collaborate, share information and devise a common strategy to tackle cyber threats. We will be addressing key issues such as supply chain and third party risk, incident response, integrating of cyber security and safety, IT and OT convergence, security operations centers, and much more.

    The Cyber Senate is a network and information provider and we host events that offer guidance on pressing cybersecurity issues across key smart infrastructure sectors such as Energy, Healthcare, Utilities, and Transport, to further progress public and private cybersecurity information sharing.

Monday, 4 September 2017

Aviation Cyber Security industry look at cyber security as a business enabler this November in London

Cyber security is a business enabler in the 21st century and getting it right provides a foundation that is necessary to move the business forward. Companies need to understand and manage risks before decisions can be made that are transformational, which are key to the rapidly changing aviation industry. 
Join us on November 21nd and 22nd in London. as the Cyber Senate looks at steps to align business strategy and goals with cyber security, key areas of focus for your cyber security program- getting the basics right and transforming from business silos to an enterprise program.

Delegates will be made up of key security decision makers from airports and airlines around the world, government influencers, cyber security subject matter experts and some of the world's leading solution providers in the sector.

The purpose of the summit is to collaborate, share information and devise a common strategy to tackle cyber threats.
Secure your position while seating remains. 

Aviation Cyber Security Summit
London United Kingdom
November 21/22
Marriott Regents Park Hotel
Sponsored by Unisys

4 Exhibition Stands remain. We also have sponsored lunches and networking breaks for those who are seeking visibility in this market.
 Contact marketing@cybersenate.com or Daryl.Fig@cybersenate.com
+44(0)207 096 1754

Wednesday, 16 August 2017

Vulnerability Management and Assessment of industrial control systems by Idaho National Labs

"The security threats to U.S. critical infrastructure span the digital divide. Resent attacks, like those in the Ukraine, blend the cyber and physical environment to cause confusion within and damage to the production environment. Modern cyber defense requires sophisticated operational tactics and strategies. Although, cyber hygiene is essential for fending off the daily barrage of lower level threats that can impair an organization’s performance, few companies are prepared for a targeted attack on their core operational processes from an advanced adversary.

If it can be programmed, it can be hacked. This daunting reality facing our interconnected and digital environments has been described as a battle to be won every day by cybersecurity professionals.
Control systems present unprecedented challenges as they are transitioned to a modern architecture based on digital control systems and increasingly wireless communications systems.  This transition creates a paradox – more efficient, effective operation, but dramatically increased vulnerabilities and attack surfaces.

INL’s unparalleled capabilities in nuclear nonproliferation and cybersecurity are fundamentally changing how the nation and world approach complex threats to nuclear assets, energy systems and cyber-physical systems.

•       Internationally recognized nonproliferation experts with real-world experience in nuclear facility inspection, physical protection, modeling and simulation, material science, physics and engineering.

•       Comprehensive instrumentation and control, cyber and nuclear nonproliferation capabilities with similar nuclear infrastructure and examination equipment found worldwide.

•       INL’s full-scale infrastructure includes; isolated, industry scale power grid, water and telecommunication distribution systems to provide an expansive and unique test site that can replicate critical services across a region or municipality.

•       Inclusive nuclear security approach that allows for field and laboratory technology evaluation.

•       Replication of typical control system network for architecture reviews and system hygiene to support asset owners in securing their systems.

•       Protocol analysis, reverse engineering and cybersecurity forensics to advance persistent threat mitigations for the nuclear industry.

•       Cyber-informed risk methods and unique engineering methodologies and tools designed to anticipate cyber and physical security risk, and inform investment strategies.

•       Frameworks for prioritization of investments and threat indicators to inform and advanced security profile for high-consequence operations.

Safeguarding critical infrastructure including the power grid, nuclear materials and facilities is inextricably linked to the cybersecurity of the command and control environment.

These environments are complicated by instrumentation and controls that are continuously connected with information technology and wireless communications.

An integrated cyber physical security approach is essential to address the resiliency of the power and nuclear installations and continuity of operations.

INL’s world-leading cyber and industrial control systems security experts are changing the way the nation and the world meet the unique security demands of operational environments."

INL will be presenting at the 4th annual Industrial Control Cyber Security Summit in Sacramento California October 3/4th. www.industrialcontrolcybersecusa.com

Tuesday, 15 August 2017

Why USB devices are still the #1 source of malware in Industrial Control Systems, presented by Honeywell

This September in London and October in Sacramento, we learn from Honeywell why USB devices are still the #1 source of malware in ICS. This discussion will help you understand how USB devices can pose a threat even without malware, including:
o    Surprisingly effective HID attacks
o    More advanced threats posed by rogue network devices, serial adapters and more
Participants in London and Sacramento will see real examples of the impact these attacks can pose to ICS, plus Eric Knapp, Global Director of Cyber Security Solutions and Chief Cyber Security Engineer for Honeywell Process Solutions asks "Are these really advanced? Do you even have to worry about this?"

This year all critical national infrastructure are invited to join both shows free as an initiative to further cyber resilience in both public and private domains!
Contact Daryl Fig for your free guest pass for your team at daryl.fig@cybersenate.com 

4th Annual Industrial Control Cyber Security Europe
Millennium Gloucester Hotel
London United Kingdom
September 19/20th
Headline Sponsors Leidos
Co Sponsors Honeywell
Associate Sponsor Verve Industrial Protection
Associate Sponsor Airbus
Network and share best practice with leaders from Nuclear, Water, Oil and Gas, Chemical, Automotive and Smart Grid sectors

4th Annual Industrial Control Cyber Security USA Summit
The Sutter Club
Sacramento California
October 3/4
Cyber Ark

Associate Sponsors
Attivo Networks


Further events you won't want to miss from the Cyber Senate:
  • European Rail Cyber Security Working GroupSeptember 11/12th London
  • Aviation Cyber Security Summit, November 21/22 London United Kingdom

Interests in our shows? Contact marketing@cybersenate.com or Daryl.Fig@cybersenate.com