Cyber Security 2020 - incidents and mitigations

a Cyber Security conference focus on standards and best practice within the OT area in a life cycle perspective.

We are proud to present our keynote speakers Joe Slowik from Dragos Inc. and Suzanne Lightman from National Institute of Standards & Technology.

We showcase a lot of exciting lectures covering topics of interest for cyber physical industry in Norway and abroad.

Leading standards that apply today will be presented. We also look into how the standards are being applied within different corporations’ governance frameworks and procedures.

The conference will continue the previous focus on cyber and safety. You will learn about what practical implications it will have for the different businesses. We will also give good, practical examples and experiences from the area of Cyber Security. Both incidents and mitigations will be covered.

Learn More: Take a look at NFEAs complete event overview

Program (the program is subject to change)

Download program (pdf)
  • 09:00

    Registration

  • 09:50

    Welcome

    Karin Sundsvik, NFEA

  • 10:00

    Process Targeting in ICS Attacks

    Joe Slowik, Dragos Inc.

  • 10:45

    From the Highest Level to the Control Level: Using the NIST Cybersecurity Framework to Implement Control System Security

    Suzanne Lightman, National Institute of Standards and Technology

  • 11:30

    LUNCH at Grand Cafe

  • 12:30

    5G Security & Challenges

    Ravishankar Borgaonkar, SINTEF Digital

  • 13:00

    Securing the future digitalized transmission grid (in practice): From sensors to digital stations

    Siv Hilde Houmb, Statnett SF

  • 13:30

    Break

  • 14:00

    Poor cybersecurity causing major accidents across industries

    Kenneth Titlestad, Sopra Steria

  • 14:30

    White Hat Hacking

    John-Andrè Bjørkhaug, NTT Security

  • 15:00

    Training is key to maintaining safety of operations during cybersecurity events

    Nina Tvedt, Secure-NOK & Vikash Katta, IFE

  • 15:30

    Break

  • 15:45

    Gameplay: 0 Downtime: Blackout Edition OT Security Awareness Game from Limes Security

    Kerstin Reisinger & Thomas Brandstetter, Limes Security

  • 17:15

    End day 1

  • 19:00

    Conference dinner at the restaurant "Stratos"

  • 08:30

    Cyber attack Hydro

    Torstein Gimnes Are, Digital Marshall & CISO Hydro Aluminium AS

  • 09:10

    Why cybersecurity is an integral part of safety & IACS kill chain defenses

    Einar Færaas, Equinor ASA

  • 09:40

    Break

  • 10:10

    IEC62443 updates

    Dr. Pierre Kobes, Siemens AG

  • 10:50

    Adaption IEC 62443

    Fredric Gratte, Aker Solutions ASA

  • 11:30

    LUNCH at the hotel

  • 12:30

    A practical application of 62443 to a control system (system vendor view)

    Tomas Lindström, ABB Process Control Platform

  • 13:00

    Implementing IEC 62443 - the path to secure production

    Dr.Ing. Lutz Jänicke, PHOENIX CONTACT GmbH & Co. KG

  • 13:30

    Break

  • 13:45

    Cyber security requirement specification – challenges and pitfalls

    Kristina Drage-Arianson, Lloyd’s Register

  • 14:15

    PDS/CDS forum - Industry forum for industrial automation and control systems

    Lars Bodsberg, SINTEF Digital

  • 14:45

    End of conference

Registration

Presenters

Joe Slowik, Dragos

Joe Slowik works as a Principal Adversary Hunter at Dragos – finding, tracking, and defeating ICS-focused malicious actors is his job and passion. Joe’s primary missions include analyzing malware, identifying infection vectors, and profiling campaigns. The ultimate goal is to develop a behavior-focused characterization of adversaries targeting ICS resources to further Dragos’ mission: safeguarding civilization!Prior to joining Dragos, Joe ran the Computer Security and Incident Response Team (CSIRT) at Los Alamos National Laboratory within the US Department of Energy (DOE). While in DOE, Joe worked to shift security operations from passive response to events to a threat-focused, hunting operation designed to catch and mitigate intrusions as early as possible. Before his time at LANL, Joe was an Information Warfare Officer in the US Navy, having served at Navy Information Operations Command Maryland, the USS Wayne E. Meyer, and Navy Information Operations Command San Diego. Additionally, Joe deployed as part of a joint task force to Afghanistan from 2011 to 2012.Outside of catching and defeating ICS adversaries, Joe continues to live in Los Alamos, New Mexico – playing the serene landscape provided by the Jemez Mountains against ever increasing threats to critical infrastructure. When not analyzing malware, tracing network infrastructure, or Tweeting questionable content, Joe is usually doing something outdoors with his kids.

Suzanne Lightman, NIST

Suzanne Lightman has over a decade of experience in information security policy in positions all over the government, as well as in the private sector. She has held positions in both the legislative and executive branches which gives her a unique perspective on the development and implementation of government policy. Currently, Ms. Lightman is a Senior Advisor at the Computer Security Division of the Information Technology Lab at the National Institute of Standards and Technology (NIST). In that position, she is involved with a diverse portfolio of topics including development of the Cybersecurity Framework required under Executive Order 13636, cybersecurity in cyber-physical systems, identity management, and cybersecurity policy. She is also one of the team developing the Privacy Risk Management Framework at NIST.

Practical information

Date

22.04.20 - 23.04.20

Location

Grand Hotel
Karl Johans gate 31
0159 Oslo

Map

Participation fee

  • Company member NOK kr. 7 000,-
  • Personal member NOK kr. 7 000,-
  • Education member NOK kr. 4 000,-
  • Education Non member NOK kr. 5 000,-
  • Non member NOK kr. 9 000,-

Cancellation later than three weeks before theconference will be charged with a fee of NOK 2.000,-. Cancellation later than 10 days will be charged with the
full fee. Cancellation needs to be notified in writing to be valid.

Dinner

NFEA will arrange a dinner at «Stratos» on the evening of April 22. Price: NOK 1.000,- We hope you will attend this social gathering. Sign up for the dinner latest within 15th of April. Cancellation later than 7 days before will be charged. Adress: Youngstorget 2 A, 0181 Oslo

About the venue: Stratos is known as one of the great pearls of functionalist architectural style in Oslo. Located at the top of the famous building, «Folketeateret» in old town Youngstorget, Stratos serves you a breath-taking view of Oslo city from the popular rooftop terrace.

Accommodation

HOW TO BOOK YOUR CONFERENCE RATE VIA PROMOTION CODE:

Enter grand.no and enter your stay dates and your assigned promotional booking code BNOR200420 in the “Promo code” field.
Offered rates and roomtypes will then appear and can be booked. A confirmation will be sent to your email address shortly after you have completed your reservation!

LAST BOOKING DATE: March 21th 2020

Exhibition / logo

Exhibition (max 3 m. length) -inclusive one participant:

  • Members NOK kr. 12 000,-
  • Non members NOK kr. 14 000,-

Exhibition incl. logo: – inclusive one participant:

  • Company member NOK kr. 16 000,-
  • Non member NOK kr. 18 000,-

Exhibitors can rig up stand from Wednesday at 08:00.

Logo in the program:

  • Members NOK kr. 5000,-
  • Non members NOK kr. 7500,

Program Committee

  • Jan Munkejord – Equinor ASA, Commitee Leader
  • Tor Anders Hauge – Glencore Nikkelverk AS
  • Trygve Kristoffersen – Triple-S AS
  • Marie Moe – mnemonic AS
  • Margrete Raaum – KraftCert
  • Judith Rossebø – ABB AS
  • Karin Sundsvik– NFEA
  • Tonje Olsen – NFEA

Other information

Blackout Edition OT Security Awareness Game from Limes Security, Agenda Day One, 15:45-17:15: In the ICS cyber security simulation game, you become the defender of your corporate values. Several teams compete against each other and learn to simulate reality. The simulation game is based on a serious consideration: The participants learn about current IT threat scenarios and adequate security concepts as countermeasures at the forefront. Through the direct involvement of each individual, the learning content anchors itself strongly and sustainably; at the same time, teamwork is essential.

Language: If possible prepare the written presentations in English. Each individual speaker may decide whether they wish to speak Norwegian or English, however the preferred language is English.

Presentations: A link to the presentations which we are allowed to publish will be sent to participants after the conference.

NFEA is not responsible for expenses participants may have in connection with the conference due to unforeseen events like flight cancellations etc.