Home
overview

Positions now strictly limited, act now to get involved. Countries represented already include the UK, Netherlands, Qatar, USA, Germany, Belgium and Switzerland

Present and future SCADA and Smart Grid technologies have the capability of increasing reliability and optimising efficiency for Utilities, as they move from pilot projects to large scale implementations.

Technical advancements, interconnections, and the proliferation of access points increase complexity, and heighten security risks surrounding our most critical infrastructures – Electricity and Water.
 

Cyber criminals with very little systems knowledge are able to infiltrate industrial control operations, and help is freely available on the internet with a variety of hacker tools, videos and operational manuals accessible.

Inadequate protection of network-enabled assets carries far-reaching implications for public infrastructure, with the number of control-system cyber-security incidents industry escalating daily.

This year we will dive deeper into both enterprise strategy and engineering superiority to identify potential weaknesses, what countermeasure we take to strengthen those areas, and how we share information collectively to raise our defences against an ever evolving stealth threat.

 

New utility speakers have been announced for 2014 and new case studies!

  • Understand European Governments "Minimum Security measures for Smart Grids"
  • Gain insight into internal and external challenges to cyber security approaches
  • Hear how automating the distribution network increases threats and how utilities are incorporating new compliance standards
  • Learn how hostile behaviour aimed at the Smart Grid can be detected early and what protective countermeasures can be put in place
  • Security by validation -How can "White box testing" be more effectively utilised?
  • Experience new approaches to predictive forecasting models and process monitoring
  • Understand the complexities and security implications of bringing domains together
  • Hear it hear first: How is the Oil and Gas industry responding, mitigating and identifying threat vectors?
  • What is the cost of security? Can we measure ROI?
  • Debate? IP will be the dominant protocol - is that good or bad?
  • Learn what are insurable and uninsurable risks in cyber security first hand
  • Develop insight into how to help your firm create a Integrated Security Operation Center

• Chief Technology Officer

• Chief Information and
Security
• Chief Risk and Finance
• Chief Marketing
• Chief Security
• Head of Future Networks
• TNO Director
• Leading Architecture
• Business Analysis
• DNO Director
• Director of Strategy
Information Security
 
• Risk and Business
Continuity
• Information Technology
and Services
• Head of Engineering
Regulatory Strategy
• Head of Forward Planning
• IT Operations
• Head of Strategy
• Head of Governance
• Head of Business
Development
• CEO
• Head of Utilities
• Managing Director
• Marketing
• Sales
• Head of Architecture
• Head of Security
• Director of Innovation
and Strategy
• Director of Strategy
• Director Distribution
Automation Engineering
• R&D
• Vertical Market Leader

A B I Research; ABB Group; Accenture Nederland B.V. ; Advantech Europe BV; Alert Enterprise Europe; Alliander; Bae Systems Detica; British Gas; California Water and Power company; Cardiff University; Cassidian; Centrica; Chronos Technology Ltd; CNA Insurance; Con Edison of New York, Inc.; CRISALIS; Cy3 Computing; Cyber Ark ; Cyber defense institute Incident Response Team; Cylance; Department of Energy and Climate Change; DNV Kema; DoD USDELMC; Dwr Cymru Welsh Water; EDF Energy; Electric Power Research Institute; Enel Distribuzione S.p.A.; ENEL Engineering and Research; Energinet.dk; Energy and Utilities Alliance (EUA); EnergySec; Enexis; ENISA - European Network and Information Security Agency; Entrust (Europe) Ltd; EON Sverige AB ; EVN AG; Fortum Ltd; Fox I T; Fox IT; FRAZER-NASH CONSULTANCY; Gas Natural; Germazin ; Gridmerge ltd; Havelsan A S; House of Commons; Iberdrola Generation; IFM Cambridge University ; Infrastructure Security Labs; Kaspersky Lab Ltd; Mott Macdonald; National Grid; Norman; Norwegian Centre for Information Security; NUI Galway; NXP Semiconductors; Omicron Electronics Gmb H; Owl Computing Tech Inc; Pike Research; Price Waterhouse Coopers; Security Matters; Semigator AG; SES; Siemens; Siemens AG; Siemens AG; Smart Defence Ltd; South West Water; Spirent Communications Plc; swissgrid AG; Symantec Deutschland Gmbh; Thales Nederland B.V.; UK Power Networks ; US Embassy; Vattenfall A B; Vattenfall Europe Netzservice Gmbh; Verizon Business; Via Sat Inc; Viasat; Waterfall Security Solutions; Waternet; Wipro Technologies; Wipro Technology; XGS Technologies;

Conference programme

8:30 Registration & Coffee

9:00 Chairman's Opening Remarks

Dieter Sarrazyn

Dieter Sarrazyn, Senior Manager, PwC / PricewaterhouseCoopers

9:05 Address From Parliamentary Office of Science and Technology

Aaron Goater

Aaron Goater, Energy Adviser, Parliamentary Office of Science and Technology

9:10 Minimum security measures for smart grids

Konstantinos Moulinos

Konstantinos Moulinos, Expert in Network & Information Security, ENISA - European Network and Information Security Agency

  • Study methodology and working methods
  • Minimum security measures
  • EG2 consultations on minimum security measures
  • Recommendation to European Commission
  • Next steps

     

  • 9:50 Cyber Security risk based assessment approach

    Henrik Magnusson

    Henrik Magnusson, Technical Strategy Manager for the Future Networks team , SSE

  • Internal and External Challenges to Cyber Security approaches 
  • Using formal methods and modelling to assess risk and model controls 
  • The need for a holistic view in developing projects 
  • Verification methods used
  • 10:30 Morning Coffee

    11:00 Cybersecurity for Smart Grid and Control Systems Assets and Networks

    Brett Luedde

    Brett Luedde, Director Critical Infrastructure Security, Secure Network Systems, Via Sat Inc

    ·        Challenges in securing critical infrastructure control system assets while maintaining real-time control and minimizing system downtime.
    ·        Automation of the distribution system increases the need for comprehensive security and cybersecurity capabilities.
    ·        Cyber-intrusions are certain to increase as infrastructure transitions to more distributed common platforms
    ·        Case study of how a major utility company addressed these issues and is executing a plan to incorporate new compliance standards in their systems.

    11:30 Situational Awareness; 2.0 Monitoring incidents, behaviour, rational response

    Johan  Rambi

    Johan Rambi , Privacy & Security Officer , Alliander N.V.

  • Detect hostile behavior aimed at the smart grid
  • Monitoring the physical and cyber infrastructures 
  • Once hostile behavior is detected 
  • Protective countermeasures 
  • How Alliander will build and operate
  • 12:00 How to effectively modernize security in ICS/SCADA Networks to stay ahead of cyber criminals

    Isabelle  Dumont

    Isabelle Dumont , Director, Vertical Solutions, Palo Alto Networks

    •      Best practices to deploy next-generation security concepts to strengthen security in SCADA Networks
    •      Why it’s become critical to apply a consistent security model from the core of your network to the edge
    •      Network segmentation: the benefit of a zero trust model applied to critical infrastructure
     

    12:40 Networking Lunch

    13:50 Cyber security white box testing

    Robin Massink

    Robin Massink, Engineer, DNV KEMA

  • Security guiding principles
  • Relevant cyber security standards for the smart grid
  • Smart grid security requirements
  • Security by validation
  • Cyber security testing methodologies
  •  In depth security testing of smart grid devices; challenges and solutions
  • 14:30 The Topsectoren project: Monitoring, Privacy technologies, Testing and Standards

     

    Monitoring:
    ·         IDS optimal sensor placement
    ·         Sensors for encrypted and un-encrypted data
    ·         Monitoring Solution for ICS SCADA

    Privacy enhancing technologies:
    ·         Development and test of a  privacy preserving protocol for smart metering

    Testing:
    ·         Framework for End-to-End security testing of Smart Grid systems

    Standards:
    ·         Which standards are applicable to ICS SCADA?
    ·         Risk and security assessments
     

    Frans Campfens

    Frans Campfens, Senior Innovation Manager, Alliander N.V.

    Fred Streefland

    Fred Streefland, Director Education Training & Knowledge Center, ENCS

    15:10 Afternoon Tea

    15:40 Cybersecurity as a mean to gain control and achieve operational excellence

    Damiano  Bolzoni

    Damiano Bolzoni, COO, Security Matters

  • New approaches to identify potential security issues
  • Monitoring and Prediction through data analytics
  • Getting quantifiable value out of the data sets and mapping
  • Value for situational awareness
  • 16:20 Secure Power Supply, Market, Renewables and Smart Grids, all depending on Cyber Security

    Rudolf Baumann

    Rudolf Baumann , Chairman of the Transmission Security Cooperation, Senior Advisor Operations , Swissgrid AG

  • Evolution of the TSC Security Initiative in Central Europe
  • Importance of international Standards
  • Impact of European Network Codes
  • Seamless Communication as a condition
  • 17:00 Smart grid SCADA security

    Patricia  Robison

    Patricia Robison, Professor , New York University

  • Smart Grid Cyber Security SCADA systems and DERs
  • Industrial Control Systems Security from other industries
  • Securely integrating Distributed Energy Resources – into the grid
  • Incenting vendors IEC ISO ISA
  • Business case for securing smart grid SCADA systems
  •  

    17:30 Chairman’s Closing Remarks and Close of Day One

    8:30 Registration & Coffee

    9:00 Chairman's Opening Remarks

    Dieter Sarrazyn

    Dieter Sarrazyn, Senior Manager, PwC / PricewaterhouseCoopers

    9:10 Modern SCADA and Control systems Security

    Steve Brunasso

    Steve Brunasso , Manager of Security and Networking, California Water and Power company

  • Legacy and New Control in a secure model
  • VMWare SCADA and invisible networks in virtual environments
  • Secure remote access by Vendors into development and production systems. Lifecycle controls to ensure security and reliability.
  • Instrumenting network with packet brokers for operations and secuirty
  • Secure design to improve operations reliability and avoid user errors.
  • Complete isolation of ICS systems with data diodes.
  • Network whitelisting for control systems to
  • Secure, reliable deterministic networks for protection
  • 9:50 ICS Cyber Security in Power Generation and Electric Grids

    Daniela Pestonesi

    Daniela Pestonesi, Automation and Diagnostics , Enel Engineering & Research SpA

               CI owner requirements for ICS protection
               The electric grid protection: new frontiers
               Enel Cyber Security Laboratory and main results
               EU FP7 - CRISALIS project: advanced tools development

    10:30 Morning Coffee

    11:00 Security governance within Enexis; bringing security domains together

  • Experiences in bringing fragmented security domains within Enexis together
  • The information security related domains (IT, outsourced operations, SCADA/DMS, Assets, Smartmeters etc.) - Challenges of integration
  • Ongoing work, barriers, challenges
  • Philip Westbroek

    Philip Westbroek, Telecommunications and security advisor, Enexis

    Mauriche Kroos

    Mauriche Kroos, Security Officer, Enexis

    11:40 Waternet perspective to Cyber threats, Challenges and Countermeasures(C3)

    Martin Visser

    Martin Visser, Security Officer Process Automation, Waternet

  • Keep track on data integrity
  • The added value of information sharing working groups
  • Application code review, reality or a bridge to far
  • IDS in SCADA, nice to have or must
  • Security by design
  • Security awareness, top-down approach
  • IACS exercising program
  • 12:20 Securing Power and Industrial Control Systems - From Theory to Practice

    Oded  Gonda

    Oded Gonda, Vice President of Network Security Products, Check Point Software Technologies Ltd

  • Attack vectors you may have not considered (live demo)
  • First measures to take to make it difficult for the bad guys
  • How to apply granular SCADA Protocols controls to deal with the Unknown
  • How to provide Remote Access bases on roles
  • Situational Visibility as key for identifying suspicious behaviours
  • 13:00 Networking Lunch

    14:00 Privacy and security by design

    Howard Porter

    Howard Porter, International Alliances Director, E S M I G

  • Cost of security
  • Delivering Innovation, with security as architecture
  • The sign for Privacy and Security
  • Case studies
  • 14:40 Smart Grid Communications Security

    Bob Lockhart

    Bob Lockhart, Research Director, Navigant Research

    ·         Securing Smart Grid comms is not like securing enterprise IT comms
    ·         IP will be the dominant protocol, replacing proprietary protocols.  Is that good or bad?
    ·         Legacy devices are not going away anytime soon.  So where does that leave us?
    ·         Security spending is still driven by compliance. 
    ·         Utilities are deploying mobile technologies to their field forces – ToughPads, etc.
    ·         AMI and DA are being integrated at the hardware layer – who should worry more, IT or OT?
    ·         Public comms infrastructures are here to stay in Smart Grids – as the Telefónica UK awards by DECC demonstrate

    15:20 Afternoon Tea

    15:50 How can cyber security insurance mitigate the effect of attacks and encourage best practice in operational security

    Rick Welsh

    Rick Welsh, Head of Cyber Insurance at Aegis at Lloyds, Aegis London

    • What are insurable and uninsurable risks?
    • What is cyber insurance and how is it tailored for SMART Grid and SCADA coverage?
    • Insurance is not just about Risk Transfer: Vetting Incident Response and Operational Risk Management practices
    • AEGIS BAE White Paper on Operational Technology; an Overview on Breach and Vulnerability Analysis
     

    16:30 Building an Integrated Security Operations Center (ISOC): Challenges, Pitfalls, and Lessons Learned

    Galen Rasche

    Galen Rasche, Technical Executive, Electric Power Research Institute

    • Correlating logs, alarms, and attack information from corporate systems, operational technology (OT) systems, physical security, and external sources remains a difficult challenge for many utilities
    • An ISOC is designed to collect, integrate, and analyze alarms and logs from these traditionally siloed domains
    • This approach can provide much greater situational awareness to a utility’s security team
    • This presentation will describe the planning process for an ISOC, discuss challenges and trade-offs with various design choices, and provide guidelines for utilities seeking to develop an ISOC
    • The results are based on current research and an examination of existing ISOC implementations in the electric sector
     

    17:10 Chairman’s Closing Remarks and Close of Day Two

    +

    FEATURED SPEAKERS

    Daniela Pestonesi

    Daniela Pestonesi

    Automation and Diagnostics , Enel Engineering & Research SpA
    Frans Campfens

    Frans Campfens

    Senior Innovation Manager, Alliander N.V.
    Galen Rasche

    Galen Rasche

    Technical Executive, Electric Power Research Institute
    Henrik Magnusson

    Henrik Magnusson

    Technical Strategy Manager for the Future Networks team , SSE
    Johan  Rambi

    Johan Rambi

    Privacy & Security Officer , Alliander N.V.
    Konstantinos Moulinos

    Konstantinos Moulinos

    Expert in Network & Information Security, ENISA - European Network and Information Security Agency
    Rick Welsh

    Rick Welsh

    Head of Cyber Insurance at Aegis at Lloyds, Aegis London
    Robin Massink

    Robin Massink

    Engineer, DNV KEMA
    Rudolf Baumann

    Rudolf Baumann

    Chairman of the Transmission Security Cooperation, Senior Advisor Operations , Swissgrid AG
    Steve Brunasso

    Steve Brunasso

    Manager of Security and Networking, California Water and Power company

    Aaron Goater

    Energy Adviser, Parliamentary Office of Science and Technology
    Aaron Goater

    Bob Lockhart

    Research Director, Navigant Research
    Bob Lockhart

    Brett Luedde

    Director Critical Infrastructure Security, Secure Network Systems, Via Sat Inc
    Brett Luedde

    Damiano Bolzoni

    COO, Security Matters
    Damiano  Bolzoni

    Daniela Pestonesi

    Automation and Diagnostics , Enel Engineering & Research SpA
    Daniela Pestonesi

    Dieter Sarrazyn

    Senior Manager, PwC / PricewaterhouseCoopers
    Dieter Sarrazyn

    Frans Campfens

    Senior Innovation Manager, Alliander N.V.
    Frans Campfens

    Fred Streefland

    Director Education Training & Knowledge Center, ENCS
    Fred Streefland

    Galen Rasche

    Technical Executive, Electric Power Research Institute
    Galen Rasche

    Henrik Magnusson

    Technical Strategy Manager for the Future Networks team , SSE
    Henrik Magnusson

    Howard Porter

    International Alliances Director, E S M I G
    Howard Porter

    Isabelle Dumont

    Director, Vertical Solutions, Palo Alto Networks
    Isabelle  Dumont

    Johan Rambi

    Privacy & Security Officer , Alliander N.V.
    Johan  Rambi

    Konstantinos Moulinos

    Expert in Network & Information Security, ENISA - European Network and Information Security Agency
    Konstantinos Moulinos

    Mark Ossel

    Board Member ESNA OSGP VP Echelon Energy & Utility, ESNA
    Mark  Ossel

    Martin Visser

    Security Officer Process Automation, Waternet
    Martin Visser

    Mauriche Kroos

    Security Officer, Enexis
    Mauriche Kroos

    Oded Gonda

    Vice President of Network Security Products, Check Point Software Technologies Ltd
    Oded  Gonda

    Patricia Robison

    Professor , New York University
    Patricia  Robison

    Philip Westbroek

    Telecommunications and security advisor, Enexis
    Philip Westbroek

    Rick Welsh

    Head of Cyber Insurance at Aegis at Lloyds, Aegis London
    Rick Welsh

    Robin Massink

    Engineer, DNV KEMA
    Robin Massink

    Rudolf Baumann

    Chairman of the Transmission Security Cooperation, Senior Advisor Operations , Swissgrid AG
    Rudolf Baumann

    Steve Brunasso

    Manager of Security and Networking, California Water and Power company
    Steve Brunasso

    Workshops

    Data analytics and predictive models for ICS/SCADA cyber security
    Workshop

    Data analytics and predictive models for ICS/SCADA cyber security

    Marriott Regents Park
    12th March 2014
    London, United Kingdom

    Marriott Regents Park

    128 King Henry's Road
    London NW3 3ST
    United Kingdom

    Marriott Regents Park

    This 4 star north London hotel in zone 2 is the perfect destination for the astute business traveler as well as the leisure guest that knows how convenient north London hotels are, as a base from which to explore the city .Bond Street is just 3 stops from Swiss Cottage underground station on the Jubilee Line, so you can be shopping, exploring the sights and taking in one of London’s world-renowned West End shows in less than 15 minutes when you stay at this hotel near central London. At the same time, the hive of activity that is Camden Town, the chic shops, cafes and restaurants of Primrose Hill and ZSL’s London Zoo in Regents Park are all just a short walk from this hotel in north London.

    HOTEL BOOKING FORM

    Title

    SubTitle
    speaker image

    Content


    Title


    Description

    Download


    WHAT IS CPD?

    CPD stands for Continuing Professional Development’. It is essentially a philosophy, which maintains that in order to be effective, learning should be organised and structured. The most common definition is:

    ‘A commitment to structured skills and knowledge enhancement for Personal or Professional competence’

    CPD is a common requirement of individual membership with professional bodies and Institutes. Increasingly, employers also expect their staff to undertake regular CPD activities.

    Undertaken over a period of time, CPD ensures that educational qualifications do not become obsolete, and allows for best practice and professional standards to be upheld.

    CPD can be undertaken through a variety of learning activities including instructor led training courses, seminars and conferences, e:learning modules or structured reading.

    CPD AND PROFESSIONAL INSTITUTES

    There are approximately 470 institutes in the UK across all industry sectors, with a collective membership of circa 4 million professionals, and they all expect their members to undertake CPD.

    For some institutes undertaking CPD is mandatory e.g. accountancy and law, and linked to a licence to practice, for others it’s obligatory. By ensuring that their members undertake CPD, the professional bodies seek to ensure that professional standards, legislative awareness and ethical practices are maintained.

    CPD Schemes often run over the period of a year and the institutes generally provide online tools for their members to record and reflect on their CPD activities.

    TYPICAL CPD SCHEMES AND RECORDING OF CPD (CPD points and hours)

    Professional bodies and Institutes CPD schemes are either structured as ‘Input’ or ‘Output’ based.

    ‘Input’ based schemes list a precise number of CPD hours that individuals must achieve within a given time period. These schemes can also use different ‘currencies’ such as points, merits, units or credits, where an individual must accumulate the number required. These currencies are usually based on time i.e. 1 CPD point = 1 hour of learning.

    ‘Output’ based schemes are learner centred. They require individuals to set learning goals that align to professional competencies, or personal development objectives. These schemes also list different ways to achieve the learning goals e.g. training courses, seminars or e:learning, which enables an individual to complete their CPD through their preferred mode of learning.

    The majority of Input and Output based schemes actively encourage individuals to seek appropriate CPD activities independently.

    As a formal provider of CPD certified activities, SMI Group can provide an indication of the learning benefit gained and the typical completion. However, it is ultimately the responsibility of the delegate to evaluate their learning, and record it correctly in line with their professional body’s or employers requirements.

    GLOBAL CPD

    Increasingly, international and emerging markets are ‘professionalising’ their workforces and looking to the UK to benchmark educational standards. The undertaking of CPD is now increasingly expected of any individual employed within today’s global marketplace.

    CPD Certificates

    We can provide a certificate for all our accredited events. To request a CPD certificate for a conference , workshop, master classes you have attended please email events@smi-online.co.uk

    Event Title

    Headline

    Text
    Read More

    I would like to speak at an event

    I would like to attend an event

    I would like to sponsor/exhibit at an event

    SIGN UP OR LOGIN

    Sign up
    Forgotten Password?

    Contact SMi GROUP LTD

    UK Office
    Opening Hours: 9.00 - 17.30 (local time)
    SMi Group Ltd, 1 Westminster Bridge Road, London, SE1 7XW, United Kingdom
    Tel: +44 (0) 20 7827 6000 Fax: +44 (0) 20 7827 6001
    Website: http://www.smi-online.co.uk Email: events@smi-online.co.uk
    Registered in England No: 3779287 VAT No: GB 976 2951 71




    Forgotten Password

    Please enter the email address you registered with. We will email you a new password.