European smart grid cyber and scada security
1 like1,967 views
The document outlines the 4th annual European Smart Grid Cyber and SCADA Security Conference, scheduled for March 10-11, 2014, at the Marriott Hotel, Regents Park, London. It includes discussions on enhancing security through predictive forecasting, addressing minimum security measures for smart grids, and featuring various industry experts and workshops focusing on data analytics for ICS/SCADA cyber security. Attendees will gain insights into current cyber threats, compliance standards, and innovative security measures in relation to smart grids.
European smart grid cyber and scada security
- 1. SMi proudly present their 4th annual conference on... European Smart Grid Cyber and SCADA Security Marriott Hotel, Regents Park, London UK 10TH - 11TH MAR 2 014 Enhancing security through predictive forecasting and monitoring models 2014 HIGHLIGHTS INCLUDE EVENT HIGHLIGHTS INCLUDE • European Governments "Minimum Security measures for Smart Grids" • Insight into internal and external challenges to cyber security approaches • Automating the distribution network increases threats and utilities are incorporating new compliance standards • Hostile behaviors aimed at the Smart Grid can be detected early Hear what . protective countermeasures are being put in place • New approaches to predictive forecasting models and process monitoring • Waternet, Security Officer Process Automation, Martin Visser • ENISA - European Network and Information Security Agency, Expert in Network & Information Security, Konstantinos Moulinos • Scottish and Southern Energy, Technical Strategy Manager for the Future Networks Team, Henrik Magnusson , • Maersk Oil Qatar Head of Global Information Security, Claudio Lo Cicero ransmission Security Cooperation, • T Chairman, swissgrid AG, Senior Advisor Operations, Rudolf Baumann • California Water and Power Company, Head of Security, Steve Brunasso • ENCS, (European Network for Cyber Security), Program Manager, Rob van Bekkum • Enel Engineering and Research, Generation Systems, Diagnostics and Automation, Research, Daniela Pestonesi • Viasat, Director Critical Infrastructure Security, Brett Luedde POST- CONFERENCE HALF DAY WORKSHOP 12th MARCH 2014 Data analytics and predictive models for ICS/SCADA cyber security Presented by Dr Damiano Bolzoni, COO, Security Matters 8.30am - 12.45pm SPONSORED BY www.smartgridcybersecurity.co.uk Register online or fax your registration to +44 (0) 870 9090 712 or call +44 (0) 870 9090 711 Utility Academic and Goup Discounts Available , Book by 29th November 2013 and save £300 • Book by 31st January 2014 and save £100
- 2. DAY ONE 10th March 2014 European Smart Grid Cyber and SCADA Security 8.30 REGISTRATION & COFFEE 1.50 CYBER SECURITY WHITE BOX TESTING 9.00 CHAIRMAN'S OPENING REMARKS • Relevant cyber security standards for the smart grid Edward Hamilton, Head of Threat and Vulnerability • Smart grid security requirements Management, Price Waterhouse Coopers • Security by validation • Security guiding principles • Cyber security testing methodologies 9.10 MINIMUM SECURITY MEASURES FOR SMART • In depth security testing of smart grid devices; GRIDS challenges and solutions • Study methodology and working methods Robin Massink, Cyber Security Specialist, DNV Kema • Minimum security measures • EG2 consultations on minimum security measures • Recommendation to European Commission 2.30 THE TOPSECTOREN PROJECT MONITORING, : • Next steps PRIVACY TECHNOLOGIES, TESTING AND Konstantinos Moulinos, Expert in Network & STANDARDS Information Security, ENISA - European Network and Monitoring: Information Security Agency • IDS optimal sensor placement • Sensors for encrypted and un-encrypted data 9.50 CYBER SECURITY RISK BASED ASSESSMENT • Monitoring solution for ICS SCADA APPROACH Privacy enhancing technologies: • Internal and external challenges to cyber security • Development and test of a privacy preserving approaches protocol for smart metering • Using formal methods and modelling to assess risk Testing: and model controls • Framework for End-to-End security testing of Smart • The need for a holistic view in developing projects Grid systems • Verification methods used Henrik Magnusson, Technical Strategy Manager for the Standards: Future Networks Team, SSE • Which standards are applicable to ICS SCADA? • Risk and security assessments Frans Campfens, Senior Innovation Manager Alliander N.V , . 10.30 MORNING COFFEE , Rob van Bekkum, Program Manager European Network 11.00 CYBER SECURITY FOR SMART GRID AND for Cyber Security CONTROL SYSTEMS ASSETS AND NETWORKS • Challenges in securing critical infrastructure control 3.10 AFTERNOON TEA 3.40 PREDICTIVE FORECASTING MODELS TO system assets while maintaining real-time control and minimizing system downtime • Automation of the distribution system increases the ENHANCE SECURITY PROCESS MONITORING need for comprehensive security and cybersecurity • New approaches to identify potential security issues capabilities • Monitoring and prediction through data analytics • Cyber-intrusions are certain to increase as • Getting quantifiable value out of the data sets and infrastructure transitions to more distributed common mapping platforms • Value for situational awareness • Case study of how a major utility company Damiano Bolzoni, COO, Security Matters addressed these issues and is executing a plan to incorporate new compliance standards in their systems 4.20 SECURE POWER SUPPL , MARKET RENEWABLES Y , Brett Luedde, Director Critical Infrastructure Security, AND SMART GRIDS, ALL DEPENDING ON CYBER Secure Network Systems, Viasat Inc SECURITY • Evolution of the TSC Security Initiative in Central 11.40 SITUATIONAL AWARENESS; 2.0 MONITORING Europe INCIDENTS, BEHAVIOUR, RATIONAL RESPONSE • Importance of International Standards • Detect hostile behavior aimed at the smart grid • Impact of European Network Codes • Monitoring the physical and cyber infrastructures • Seamless Communication as a condition once hostile behavior is detected Rudolf Baumann, Chairman of the Transmission • Protective countermeasures • How Alliander will build and operate Security Cooperation, Senior Advisor Operations, Johan Rambi, Privacy & Security Officer, Alliander swissgrid AG N.V . 5.00 12.20 NETWORKING LUNCH CHAIRMAN'S CLOSING REMARKS AND CLOSE OF DAY ONE Register online at: www.smartgridcybersecurity.co.uk • Alternatively fax your registration
- 3. DAY TWO 11th March 2014 8.30 REGISTRATION & COFFEE 9.00 European Smart Grid Cyber and SCADA Security 1.50 PRIVACY AND SECURITY BY DESIGN • Cost of security • Delivering Innovation, with security as architecture • The sign for Privacy and Security • Case studies Frank Hyldmar Vice President, ESMIG , CHAIRMAN'S OPENING REMARKS 2.00 HOW THE O&G INDUSTRY IS RESPONDING, IDENTIFYING AND MITIGATING THREAT VECTORS • Advanced Persistent Threats (APTs): What is old is new again • The Front Lines: Employees ARE your first line of cyber defense • Active Monitoring and Security Analytics: Pro-active or reactive • Managed Security Services v2.0: Smart enterprise security or not • Supply Chain Security: Risks and countermeasures Claudio Lo Cicero, Head of Global Information Security , Maersk Oil Qatar A S 2.40 SMART GRID COMMUNICATIONS SECURITY • Securing Smart Grid comms is not like securing enterprise IT comms • IP will be the dominant protocol, replacing proprietary protocols. Is that good or bad? • Legacy devices are not going away anytime soon. So where does that leave us? • Security spending is still driven by compliance. • Utilities are deploying mobile technologies to their field forces – ToughPads, etc. • AMI and DA are being integrated at the hardware layer – who should worry more, IT or OT? • Public comms infrastructures are here to stay in Smart Grids – as the Telefónica UK awards by DECC demonstrate Bob Lockhart, Research Director, Navigant Research 3.20 AFTERNOON TEA 3.50 HOW CAN CYBER SECURITY INSURANCE MITIGATE THE EFFECT OF ATTACKS AND ENCOURAGE BEST PRACTICE IN OPERATIONAL SECURITY • What are insurable and uninsurable risks? • What is cyber insurance and how is it tailored for Smart Grid and SCADA coverage? • Insurance is not just about Risk Transfer: Vetting Incident Response and Operational Risk Management practices • Aegis BAE White Paper on Operational Technology; an Overview on Breach and Vulnerability Analysis Rick Welsh, Head of Cyber Insurance at Aegis at Lloyds, Aegis London 4.30 BUILDING AN INTEGRATED SECURITY OPERATIONS CENTER (ISOC): CHALLENGES, PITFALLS, AND LESSONS LEARNED • Correlating logs, alarms, and attack information from corporate systems, operational technology (OT) systems, physical security and external sources , remains a difficult challenge for many utilities • An ISOC is designed to collect, integrate, and analyze alarms and logs from these traditionally siloed domains • This approach can provide much greater situational awareness to a utility’s security team • This presentation will describe the planning process for an ISOC, discuss challenges and trade-offs with various design choices, and provide guidelines for utilities seeking to develop an ISOC • The results are based on current research and an examination of existing ISOC implementations in the electric sector Galen Rasche, Technical Executive, Electric Power Research Institute 5.10 CHAIRMAN'S CLOSING REMARKS AND CLOSE OF DAY TWO Edward Hamilton, Head of Threat and Vulnerability Management, Price Waterhouse Coopers 9.10 MODERN SCADA AND CONTROL SYSTEMS SECURITY • Legacy and New Control in a secure model • VMWare SCADA and invisible networks in virtual environments • Secure remote access by vendors into development and production systems. Lifecycle controls to ensure security and reliability • Instrumenting network with packet brokers for operations and secuirty • Secure design to improve operations reliability and avoid user errors • Complete isolation of ICS systems with data diodes. • Network whitelisting for control systems to secure, reliable deterministic networks for protection Steve Brunasso, Manager of Security and Networking, California Water and Power Company 9.50 ICS CYBER SECURITY IN POWER GENERATION AND ELECTRIC GRIDS • CI owner requirements for ICS protection • The electric grid protection: new frontiers • Enel Cyber Security Laboratory and main results • EU FP7 - CRISALIS project: advanced tools development Daniela Pestonesi, Automation and Diagnostics, Enel Engineering & Research SpA 10.30 MORNING COFFEE 11.00 SECURITY GOVERNANCE WITHIN ENEXIS; BRINGING SECURITY DOMAINS TOGETHER • Experiences in bringing fragmented security domains within Enexis together • The information security related domains (IT , outsourced operations, SCADA/DMS, Assets, Smartmeters etc.) • Challenges of integration • Ongoing work, barriers, challenges Philip Westbroek, Telecommunications and Security Advisor, Enexis Mauriche Kroos, Security Officer, Enexis 11.40 WATERNET PERSPECTIVE TO CYBER THREATS, CHALLENGES AND COUNTERMEASURES (C3) • Keep track on data integrity • The added value of information sharing working groups • Application code review, reality or a bridge to far • IDS in SCADA, nice to have or must • Security by design • Security awareness, top-down approach • IACS exercising program Martin Visser Security Officer Process Automation, , Waternet 12.20 NETWORKING LUNCH to +44 (0) 870 9090 712 or call +44 (0) 870 9090 711 • GROUP DISCOUNTS AVAILABLE •
- 4. POST- CONFERENCE WORKSHOP 12th March 2014, Marriott Hotel, Regents Park, London UK Data analytics and predictive models for ICS/SCADA cyber security Overview of workshop This workshop will present data analytics approaches for enhancing cyber security in ICS/SCADA environments. In recent years cyber attacks have increased in frequency and impact. While certain solutions have been devised to detect “system-related threats” (e.g., those based on software exploits), little has been done in the context of “processrelated threats”. Programme 8.30 Registration & Coffee 9.00 Chairman's Opening Remarks 9.15 Why data analytics in ICS/SCADA for cyber security: • What could be detected 9.45 Information sources: • Which information should be analysed • Which are the problems related with the analysis 10.45 Morning Coffee 11.00 Modeling information and extracting relevant insights: • Predictive models • Dealing with missing data We will present new approaches to detect this class of attackers, using data analytics to model and predict when the underlying process is not showing an expected behaviour. 11.45 Visual analytics 12.15 Demo's and hands on 12.45 Q&A and end of workshop Why you should attend: • Understand data analytics approaches for enhancing cyber security About the workshop host Dr Damiano Bolzoni (1981) received his PhD in 2009 from the University of Twente, where he performed research on anomalybased intrusion detection. Since 2008 he has been involved in securing computer networks of critical infrastructure. Before joining the University of Twente, he has been working for the Italian branch of KPMG, within the Information Risk Management division. Since 2009 he holds the position of Chief Operations Officer within SecurityMatters BV . • Gain insight into the context of process related threats • Learn what can be detected • Hear what information should be analysed • What are the problems related with the analysis? • How do we extract relevant insights? • Dealing with missing data... what now? • Questions and Answers demonstrations not to be missed Official Platinum Media Partner About Security Matters SecurityMatters develops and markets state-of-the-art network monitoring and intrusion detection systems. With 10+ cumulative years of academic research in IT security and 5+ cumulative years of field experience in security , auditing within a worldwide renowned consultancy firm in the past, SecurityMatters delivers an unmatched technology to detect the latest and most advanced cyber threats. SecurityMatters is committed to bring continuous innovations to the market to cope with the emerging threats. Official Silver Media Partner Official Leading Media Partners Want to know how you can get involved? Interested in promoting your services to this market? Supported by Contact Julia Rotar , SMi Marketing on +44 (0) 207 827 6088 or e-mail: jrotar@smi-online.co.uk Don’t miss out on social media networking! Follow us on Twitter @UtilitiesSMi and join us on Linkedin http://uk.linkedin.com/in/smigroup www.smartgridcybersecurity.co.uk
- 5. SPONSORED BY DNV KEMA Energy & Sustainability with more than 2,300 experts , in over 30 countries around the world, is committed to driving the global transition toward a safe, reliable, efficient, and clean energy future. With a heritage of nearly 150 years, we specialize in providing world-class, innovative solutions in the fields of business & technical consultancy testing, inspections & certification, risk management, , and verification. As an objective and impartial knowledge-based company we advise and support organizations along the energy , value chain: producers, suppliers & end-users of energy equipment , manufacturers, as well as government bodies, corporations and nongovernmental organizations. DNV KEMA Energy & Sustainability is part of DNV a global provider of services for managing risk with , more than 10,000 employees in over 100 countries. For more information on DNV KEMA Energy & Sustainability visit , www.dnvkema.com ViaSat cybersecurity platform bundles security automation, and , compliance. It defends against attacks to SCADA and industrial control systems addressing both internal and external threats to the operations networks. Real-time monitoring, detection, and response delivers secure situational intelligence that provides operators with actionable information improving reliability and resiliency . www.viasat.com/critical-infrastructure-security 2011-2013 Event Attendees by Country For Sponsorship or Speaking Opportunities please contact Sadia Malick, Director P: +44 (0) 20 7827 6748 M: +44 (0) 7538 640 027 Email: smalick@smi-online.co.uk USA 14% Middle East and Asia 10% Europe 42% UK and Ireland 34% www.smartgridcybersecurity.co.uk
- 6. EUROPEAN SMART GRID CYBER AND SCADA SECURITY Conference: 10th and 11th March 2014, Marriott Hotel, Regents Park, London UK Workshop: 12th March 2014 4 WAYS TO REGISTER ONLINE at www.smartgridcybersecurity.co.uk POST your booking form to: Events Team, SMi +44 (0) 870 9090 712 FAX your booking form to PHONE on +44 (0) 870 9090 Group Ltd, 2nd Floor South, Harling House, 47-51 Great Suffolk Street, London, SE1 0BS 711 EARLY BIRD DISCOUNT Unique Reference Number Our Reference □ □ Register by 29th November 2013 and receive £300 off the conference price Register by 31st January 2014 and receive £100 off the conference price CONFERENCE PRICES GROUP DISCOUNTS AVAILABLE LV U-024 I would like to attend: (Please tick as appropriate) Fee DELEGATE DETAILS UTILITY & ACADEMICS □ Conference & Workshop £1498.00 + VAT £1797.60 Please complete fully and clearly in capital letters. Please photocopy for additional □ Conference only £899.00 +VAT £1078.80 delegates. □ Workshop only £599.00 + VAT £718.80 COMMERCIAL ORGANISATIONS □ Conference & Workshop £2298 + VAT £2757.60 □ Conference only £1699 +VAT £2038.80 Job Title: □ Workshop only £599.00 +VAT £718.80 Department/Division: PROMOTIONAL LITERATURE DISTRIBUTION □ Distribution of your company’s promotional literature to all conference attendees £999.00 + VAT £1198.80 Title: Forename: Surname: Company/Organisation: Email: Total The conference fee includes refreshments, lunch, conference papers and access to the Document Portal containing all of the presentations. Address: LIVE STREAMING/ON DEMAND/ DOCUMENTATION Town/City: Post/Zip Code: Country: Direct Tel: Direct Fax: Mobile: Switchboard: Signature: Date: I agree to be bound by SMi's Terms and Conditions of Booking. Unable to travel, but would like to watch the conference live, ask questions, participate as if you were in the room. Price Total □ Live Streaming £999.00 + VA (UK) T £1198.80 □ On demand £599.00 + VA (UK) T £718.80 (available 24 hours after the event) □ Access to the conference documentation on the Document Portal £499.00 + VA T £598.80 □ The Conference Presentations - paper copy £499.00 £499.00 (or only £300 if ordered with the Document Portal) ACCOUNTS DEPT Title: Forename: PAYMENT Surname: Payment must be made to SMi Group Ltd, and received before the event, by one of the following methods quoting reference U-024 and the delegate’s name. Bookings made within 7 days of the event require payment on booking, methods of payment are below. Please indicate method of payment: Email: Address (if different from above): □ UK BACS □ Wire Transfer Town/City: Post/Zip Code: Country: Direct Tel: Direct Fax: VENUE Marriott Hotel, Regents Park, 128 King Henry's Road London, NW3 3ST United Kingdom , □ Please contact me to book my hotel Alternatively call us on +44 (0) 870 9090 711, email: hotels@smi-online.co.uk or fax +44 (0) 870 9090 712 □ Cheque □ Credit Card Sort Code 300009, Account 00936418 Lloyds TSB Bank Plc, 39 Threadneedle Street, London, EC2R 8AU Swift (BIC): LOYDGB21013, Account 00936418 IBAN GB48 LOYD 3000 0900 9364 18 We can only accept Sterling cheques drawn on a UK bank. □ Visa □ MasterCard □ American Express All credit card payments will be subject to standard credit card charges. □□□□ □□□□ □□□□ □□□□ Valid From □□/□□ Expiry Date □□/□□ CVV Number □□□□ Card No: 3 digit security on reverse of card, 4 digits for AMEX card Terms and Conditions of Booking Payment: If payment is not made at the time of booking, then an invoice will be issued and must be paid immediately and prior to the start of the event. If payment has not been received then credit card details will be requested and payment taken before entry to the event. Bookings within 7 days of event require payment on booking. Access to the Document Portal will not be given until payment has been received. Substitutions/Name Changes: If you are unable to attend you may nominate, in writing, another delegate to take your place at any time prior to the start of the event. T wo or more delegates may not ‘share’ a place at an event. Please make separate bookings for each delegate. Cardholder’s Name: Signature: Date: I agree to be bound by SMi's Terms and Conditions of Booking. Card Billing Address (If different from above): Cancellation: If you wish to cancel your attendance at an event and you are unable to send a substitute, then we will refund/credit 50% of the due fee less a £50 administration charge, providing that cancellation is made in writing and received at least 28 days prior to the start of the event. Regretfully cancellation after this time cannot be accepted. We will however provide the conferences documentation via the Document Portal to any delegate who has paid but is unable to attend for any reason. Due to the interactive nature of the Briefings we are not normally able to provide documentation in these circumstances. We cannot accept cancellations of orders placed for Documentation or the Document Portal as these are reproduced specifically to order If we have to cancel the event for any reason, then we will . make a full refund immediately but disclaim any further liability , . Alterations: It may become necessary for us to make alterations to the content, speakers, timing, venue or date of the event compared to the advertised programme. Data Protection: The SMi Group gathers personal data in accordance with the UK Data Protection Act 1998 and we may use this to contact you by telephone, fax, post or email to tell you about other products and services. Unless you tick here □ we may also share your data with third parties offering complementary products or services. If you have any queries or want to update any of the data that we hold then please contact our Database Manager databasemanager@smi-online.co.uk or visit our website www .smi-online.co.uk/updates quoting the URN as detailed above your address on the attached letter . VAT VAT at 20% is charged on the attendance fees for all delegates. VAT is also charged on live Streaming, on Demand, Document portal and literature distribution for all UK customers and for those EU Customers not supplying a registration number for their own country here. ________________________________________________________________________________________________ If you have any further queries please call the Events Team on tel +44 (0) 870 9090 711 or you can email them at events@smi-online.co.uk