Join this session and learn how to overcome the challenges of limited visibility and operational inefficiencies that manual processes impose on manufacturers. You will learn about solutions to connect systems, people and processes—eliminating blind spots and maximizing productivity.
.
–Karan Shrivastava, Director of Product Management, ServiceNow

In this keynote, Morgan Adamski, Director Cybersecurity Collaboration Center, NSA shares lessons learned from sharing cybersecurity threat information with defense industrial base companies, and how manufacturing companies can take such lessons on board to ultimately protect their assets.
.
– Morgan Adamski, Director Cybersecurity Collaboration Center, NSA

The pandemic brought big challenges to industries, making it hard for owners to keep things going safely and efficiently with fewer people around. They had to use remote ways to connect, like VPNs and creative firewall rules. This worked well, but it also opened many new attack vectors.Now, companies have more complicated systems with lots of people, data, and devices all connected. It’s not easy to keep everything safe. We will talk about smart ways to protect these systems, including consolidated and effective access methods and trust rules. These are crucial for making sure our digital changes work well and stay safe in the Industry 4.0 world.
.
– Joe O’Donnell, GM OT / IoT-SVP Corporate Development, Cyolo

Join this session as we review different frameworks that can be used for designing an OT security program: IEC 62443, SANS 5 ICS cybersecurity critical controls, Cybersecurity Framework Version 1.1 Manufacturing Profile… And how we designed one within Ingevity and what we learned from the process.
.
– Derek Anderson, Manager OT Cybersecurity, Ingevity

OT environment vulnerability and exposure to threats are at an all-time high which will only accelerate going forward. CXOs face a precarious balancing act of maintaining availability, uptime, and safety while deploying and maintaining world-class security. Attend to learn how Palo Alto Networks has helped clients with their zero trust security journey in OT environments.
space
– Del Rodillas, Senior Director of Product Management, Industrial Cybersecurity, Palo Alto Networks

Network visibility is a common starting point for many operational entities, but is limited in the depth and breadth of endpoint data it can collect. It also can leave significant gaps in accurate risk analysis efforts and is why more and more organizations are adopting targeted endpoint solutions. By going directly to the assets themselves, organizations worldwide are gaining significant, multidimensional visibility into OT environments that enable context specific risk indicators that, in turn, allow for the development of targeted, appropriate, and OT-safe procedures to mitigate risks.
space
In this session, Verve CEO, John Livingston, will discuss:
space

• How to gather and create a detailed and comprehensive asset inventory
• How to add multiple other data sources and indicators of risk to that inventory (vulns, operational impact, compensating controls, etc)
• How that contextual risk results in targeted, scalable, appropriate risk reduction projects and improvements

– John Livingston, CEO, Verve

Join this talk as we shed light on our journey of updating security to work cross-functionally throughout our organisation in order to accept a reasonable level of third party risk.
.
– Paige Lambert, Sr Manager, Information Risk Management, Kimberly-Clark Corporation

What matters the most to cybersecurity when you’re facing a planned or unplanned convergence of OT and IT? In this era of competing priorities, a few basic underlying cybersecurity truths still exist.
Join this session to cut through the noise and understand the true ballast points of cybersecurity that will help you plan and act accordingly in a converged environment.
space
– Jason Rivera, Director Cybersecurity Consulting, Security Risk Advisors

Aligning your cybersecurity posture with business objectives is essential to protect your business against cyber attacks. But how do we get there? In this session, we share actionable insights on:
space

• How we built strategic security partnerships with business leaders
• How to communicates how cyber risk can enable the business
• How we developed a cyber governance committee

–Ahmeed Ahmeed, Director Cyber and Information Security, Inteva Products

In this presentation Yair will take us on a journey through time from 1784 right up to today and what security controls have been put in place to protect our physical systems, now interconnected, cyber-physical. He will paint a picture that will logically demonstrate that focusing on risk, and then creating mitigations by having contextual understanding of the physical environments with OT is the next step in security evolution. He will talk about the journey of OTORIO’s founder’s as being part of the Israeli IDF and creation of the Iron Dome to protect their citizens from physical attack to the idea of protection of cyber physical systems in the same contextual way. Yair will leave the audience with top 5 actions to ensure operational security with an emphasis of building a OT risk and security program.
space
– Yair Attar, CTO & Co-founder, OTORIO

Strong leadership from key stakeholders is necessary to ensure that both IT and OT collaborate, and use best practices and tools available to them. Join this conversation as our experts share their first-hand experience with:

• How to shift the paradigm of a change-resisting culture
• How to empower the two departments to pull in the same direction
• How to build trust

– Moderator: Stephen Davis, CISO, Revlon
– Paige Lambert, Sr Manager, Information Risk Management, Kimberly-Clark Corporation
– Reynaldo Gonzalez, Principal Cybersecurity Architect, Cummins
–Rebecca Wernette, BISO, OT Cybersecurity Lead, Flex

Join this talk as we discuss how we moved away from a siloed environment through implementing a global approach to OT security, different from that towards IT security but working seamlessly together.  We’ll walk you through the milestones of a 4-5 year journey where we built not only the foundational technology, but also governance and processes. Finally, we’ll share some lessons learned and considerations on how our approach might change if we had to start from scratch.
space
-Dennis Reitz, Head of Manufacturing & Lab Security, Takeda

This presentation aims to remove some of the hesitancy or trepidation around utilising a Managed Services Provider to address the lack of skill set and gap in knowledge prevalent in OT cybersecurity. By covering how an MSSP can address an organisation’s security posture, there will be valuable points brought to bear on utilising an MSSP for anything from staff augmentation to full-blown, three-tiered services in a Managed SOC situation. Attention will be paid to the economics of leveraging an OT MSSP as well.
.
– Ken Dohan, Sr. Director, OT Cyber & MSSP, Americas, Cybolt

• What are the top 3 lessons you have learned through devising and testing incident response plans?
• How is your cyber incident response plan tailored to address the unique risks in ICS?
• What steps have you taken to be able to rapidly contain damages and mobilize response resources when a cyber incident occurs? What advice can you share with peers?

– Moderator: Sandra Parker, Director, Manufacturing Cybersecurity, Dow
– Ahmeed Ahmeed, Director Cyber and Information Security, Inteva Products
– Anup Singh, CISO, REV Group
– Paolo Vallotti, CISO, Tate & Lyle

.
T1. Should we leverage existing IT policies and processes and apply them to OT, or do OT completely separately?
– Sachin Shah, OT/ICS Cyber Security Architect, Applied Materials
.
T2. How do you choose a framework to design your OT security program?
– Derek Anderson, Manager OT Cybersecurity, Ingevity
.
T3. Building the business case in today’s economy: how do we get buy-in from executive leadership?
– Peter Zwieryznski, Director of Information Security, Koppers
.
T4. Secure Perspectives: Discussion on Key Findings of the 2023 (CS)2AI-KPMG Control System Cybersecurity Report
– Derek Harp, Founder & Chairman, Control System Cyber Security Association International
.
T5. Breach & Attack Simulation: Adopting a Threat-Informed Approach to Defense
– Bri Rolston, Senior Cybersecurity Researcher, Control Idaho National Laboratory

.

• The characteristics of a winning security culture
• Recognising the centrality of humans in the security fight is essential. How can this vision be enabled?
• Tools to equip staff with the skills they need to protect themselves
• Different trainings for different departments

– Moderator: Cathy Olsen, CISO, Packsize