1. 2015
Marriott West loop Hotel, Houston, texas, Usa
Securing against the present and future threats towards the industry
oil and gas cyber
security North america
13th & 14th
May
exPert SPeaker PaneL IncLudeS:
ā¢ James Morrison, computer scientist, Houston cyber task
Force, Federal Bureau of Investigation
ā¢ catherine cavazos, Data security Manager, nov
ā¢ Michael Lewis, Policy and Framework advisor, information
risk strategy and Management, chevron Information
technology company
ā¢ Jason Mceachin, Director, sales engineering, Lookingglass
cyber Solutions
ā¢ donna dodson, Deputy cyber security advisor, national
Institute of Standards and technology
ā¢ clifford neuman, Director, centre for computer systems
security, information sciences institute, university of
Southern california
ā¢ claudia escobar, state-wide security Programme
Manager, office of the chief information security officer,
Department of information resources, State of texas
ā¢ randy hamilton, Manager, it security and compliance,
newfield exploration company
ā¢ Mike Firstenberg, Director of industrial security, Waterfall
Security
ā¢ amy taylor, Director, Houston branch, kane russell
coleman & Logan Pc
ā¢ Glenn a Fink, cyber security researcher, secure cyber
systems group, Pacific northwest national Laboratory
BeneFItS oF attendInG:
ā¢ Understand the current key market regulations to set a
new standard across the industry
ā¢ Discover how you need to operate to create a safer
environment
ā¢ Discuss how the industry needs to develop in North
america
ā¢ evaluate live demos on how to block oncoming attacks
and minimise the clean up
ā¢ Hear about the latest technology and software available
ā¢ listen from leading case studies and understand what
lessons have be learned
www.oilandgas-cybersecurity.com
register online or fax your registration to +44 (0) 870 9090 712 or call +44 (0) 870 9090 711
PLuS an InteractIve haLF-day Pre-conFerence WorkShoP ā¢ tueSday 12th May 2015
cybersecurity Frameworks and architectures
Hosted by: the cyber Security Institute (cSI)
1:30pm - 5:30pm
Book By 27th FeBruary and Save $300 ā¢ Book By 31St March and Save $100
sMi present their 6th in the series ofā¦
Sponsored by
#oilgascybertx
2. oil and Gas cyber Security north america
day one ā Wednesday 13th May 2015 www.oilandgas-cybersecurity.com
register online at www.oilandgas-cybersecurity.com ā¢ alternatively
8.30 registration & coffee
9.00 chairman's opening remarks
catherine cavazos, Data security Manager, national oilwell
varco
FraMeWork and StandardS
oPenInG addreSS
9.10 Building resiliency into a cybersecurity Program
ā¢ overview of a cybersecurity Programo identify
- Protect
- Detect
- respond
- recover
ā¢ incident Handling
- overview of Process
- Needed capabilities
ā¢ incident Handling and information sharing
donna dodson, Deputy cyber security advisor, national
Institute of Standards and technology
9.50 cybersecurity Framework and Information Sharing Guidance
for oil and Gas
ā¢ this presentation will provide oil and gas industry specific
guidance for using/implementing the Nist cybersecurity
Framework and for sharing cybersecurity information
Michael Lewis, Policy and Framework advisor, information risk
strategy and Management, chevron Information technology
companyĀ Ā Ā
10.30 Morning coffee
11.00 are control System networks expendable?
ā¢ all software can be hacked
ā¢ all it security technology is software
ā¢ Hardware-enforced security use cases in oil & gas
ā¢ Pervasive threats drive best-practice evolution
Mike Firstenberg, Director of industrial security,
Waterfall Security
11.40 Selling the cost of Security to Management
ā¢ guiding security professionals on how to identify and
employ reference resources and metrics from well-know,
widely-accepted sources
ā¢ Quantifying the threats and risks in a context that is
consistent with the size and maturity of your company and
industry
ā¢ āsellingā why protecting information assets have a cost, and
what the trade-offs are between cost and risks
ā¢ Describing the power of having well-informed workers and
the impact he can have on the protecting corporate
information assets
ā¢ ātrainingā management to focus on protecting information
assets and reducing risks like they already foucs on reducing
business expense
randy hamilton, Manager, it security and compliance,
newfield exploration company
12.20 networking Lunch
1.40 the Power of threat Intelligence in your cybersecurity Program
ā¢Ā Harnessing the power of threat intelligence collection,
aggregation, ingestion, and automation for full threat
intelintegration into your cybersecurity defense lifecycle
ā¢Ā adding global context to internal and external threat intel
sources enables decision support both within and outside
the enterprise perimeter
ā¢Ā aggregating disperate threat information supports
improved analysis and confidence
Jason Mceachin, Director, sales engineering, Lookingglass
cyber Solutions
2.20 Strategies & tactics dealing With Insider and outsider caused
Breaches
ā¢Ā current events in breaches
ā¢Ā What the bad guys are doing and why
ā¢Ā strategies and tactics to address risks and weaknesses
ā¢Ā What to do nowĀ
danny Miller, system chief information security officer,
texas a & M university
cyBer SecurIty For GaS oPeratIonS
3.00 Security in drilling, Modeling and automation
ā¢ broadening cyber-attacks landscape effects the security of
products used
ā¢ Not only networks are vulnerable, all tools used are
susceptible
ā¢ identify security gaps within a drilling process
ā¢ avoid false environments, there are no silver bullets
catherine cavazos, Data security Manager, national oilwell
varco
3.40 afternoon tea
4.10 cybersecurity architectures ā curriculum & related issues
ā¢ Why cybersecurity architectures are critical for securing
enterprise information systems
ā¢ overview of representative cybersecurity architectures and
frameworks
ā¢ requirements of cultivating cybersecurity architects
ā¢ cybersecurity architecture curriculum
andrew yang, executive director, cyber security institute,
university of houston - clear Lake
4.50 Panel discussion- combating against a Breach
ā¢ cyber-attacks are growing concern for all organizations
that can cause severe financial and reputational damage
ā¢ in this panel, we discuss the challenges around
insider threat detection
- types of attack that may be conducted
- the behavioural characteristics of insiders
- detection systems
- securing against the unknown
- examples of approaches adopted by oil & gas companies
- the future outlook for cyber security
James Morrison, computer scientist, Houston cyber task
Force, Federal Bureau of Investigation
catherine cavazos, Data security Manager, national oilwell
varco
claudia escobar, statewide security Programme Manager,
State of texas - department of Information resources
5.30 chairman's closing remarks and close of day one
PaneL
dIScuSSIon
Lookingglass cyber Solutions is the world leader in threat intelligence management
combining global network situational awareness with automated internet intelligence to
support threat, security and risk operations. lookingglass enables security professionals to
navigate, investigate, analyze and research relevant, context-enriched threat
information through a single platform. the lookingglass scout platform provides
aggregated access to lookingglassā industry-leading, extensive and diverse threat
sources alerting organizations to impending risk. the scout platform drives effectiveness
and efficiency by replacing the manual process of management threat intelligence for
enterprise and mid-sized organizations. For more information, visit www.LGScout.com
Sponsored by
3. fax your registration to +44 (0)870 9090 712 or call +44 (0)870 9090 711
8.30 registration & coffee
9.00 chairman's opening remarks
catherine cavazos, Data security Manager, national oilwell
varco
GovernMent reGuLatIonS and SuPPort
oPenInG addreSS
9.10 current efforts that the State of texas office of the chief
Information Security officer is Working on
ā¢ establishing a statewide cybersecurity coordination and
collaboration platform
ā¢ enabling regional cybersecurity response coordination
ā¢ coordinating statewide cybersecurity exercise and
preparedness
ā¢ coordinating cybersecurity intelligence sharing among key
entities within the state
claudia escobar, statewide security Programme Manager,
State of texas - department of Information resources
9.50 cyber Insurance for the oil & Gas Industry
ā¢ Key threats/risks , for example
- scaDa systems
- Nation state hackers
ā¢ regulatory, legal and litigation trends around cyber issues
ā¢ traditional insurance response for cyber risk
ā¢ cyber insurance
robert Parisi, FiNPro cyber & technology Product lead,
Marsh, Inc.
10.30 Morning coffee
11.00 creating a cyber Fortress against all enemies
ā¢ the current culture
ā¢ lessons learned
ā¢ Dissecting the anatomy of insurance coverage
ā¢ oolkits and tourniquets
ā¢ Forecast for the Future
amy dunn taylor, Director, Houston branch, kane russell
coleman & Logan Pc
11.40 Legal aspects of cyber Security
ā¢ the role of the board of Directors, including legal duties
and potential liabilities
ā¢ Developing company policies to address todayās threats,
including data privacy policies, employee policies and
incident response policies
ā¢ Developing effective cyber clauses in vendor and client
contracts
ā¢ Understanding cyber insurance and what it will (and will
not) cover
ā¢ legal aspects of an effective incident response, including
coordination with law enforcement and complying with
notification requirements
Michael titens, Partner, thompson & knight LLP
12.20 networking Lunch
caSe StudIeS
1.40 digital ants: dynamic and resilient Infrastructures Protection
ā¢ the Need: Why oil and gas industry needs next-generation
resilient cyber security protection
ā¢ our approach: Nature-inspired Digital ants and how they
work
ā¢ the benefits: How a mobile resilient cyber defense keeps
infrastructure safe
ā¢ competing approaches: Why big-data with centralized
analytics canāt do the job alone
Glenn Fink, senior cyber security researcher, Pacific
northwest national Laboratory
2.20 understanding the International ramifications of
cyber Insecurity in energy
ā¢ targeting of energy in Warfare
ā¢ cyber and less-than-War
ā¢ the technological landscape of Vulnerability
ā¢ employing the cyber Weapon in energy
chris Bronk, assistant Professor, university of houston
3.00 afternoon tea
3.30 Situational awareness and cyber-Physical attack detection
and remediation for oil and Gas Infrastructure
ā¢ cyber-physical systems for critical infrastructure must be
understood as federated systems of systems
ā¢ the impact of cyber-threats to the operational resilience of
the physical systems requires domain specific models of
the system of system impact
ā¢ effective remediation of cyber-Physical attacks on such
systems depends on actionable situational awareness
ā¢ remediation activities must be evaluated in the context of
both organizational policy, and the physical impact on the
system of systems based on the models developed
ā¢ by combining cyber-models and domain specific physical
models we can improve the operational resiliency of
cyber-physical systems
clifford neuman, Director, Usc center for computer systems,
university of Southern california
4.10 cybersecurity and zero-day monitoring and detection in
oil and Gas installations
ā¢ challenges in detecting zero-day attacks
ā¢ cybersecurity threat situation for oil and gas
ā¢ incident handling in oil and gas and why it is challenging
ā¢ efficient and non-intrusive cybersecurity monitoring and
detection of Drilling rigs and Production Platforms
Siv hilde houmb, cto, Secure-nok
4.50 chairmanās closing remarks and close of day two
oil and Gas cyber Security north america
www.oilandgas-cybersecurity.com day two ā thursday 14th May 2015
Waterfall Security Solutions Ltd. is the leading provider of stronger-than-
firewalls protections for industrial control networks and critical
infrastructures. the companyās products are deployed in utilities and
critical national infrastructures throughout North america, europe, asia
and israel. Waterfallās technologies reduce the cost and complexity of
compliance with Nerc-ciP, Nrc, Nist, cFats and other regulations, and
include support for leading industrial applications: Frost & sullivan
describe Waterfall's solutions as ensuring "optimum security for networks
across user verticals" and awarded Waterfall the 2012 Network security
award for industrial control systems entrepreneurial company of the
year and the 2013 North america award for customer Value
enhancement. www.waterfall-security.com
Sponsored by
SPonSorShIP oPPortunItIeS
sMi offer sponsorship, exhibition,
advertising and branding packages,
uniquely tailored to complement
your company's marketing strategy.
should you wish to join the increasing
number of companies benefiting
from promoting their business at our
conferences please call:
alia Malick, Director, on
+44 (0) 207 827 6168 or
email amalick@smi-online.co.uk
4. overview:
the workshop will provide discussions of cybersecurity
frameworks/architectures, including the Nist
cybersecurity Framework, the sherwood applied
business security architecture (sabsa), and the cobit
framework.
Important questions that will be discussed include:
ā¢ What is a cybersecurity framework?
ā¢ What is its relationship to the enterprise information
framework?
ā¢ What role does a cybersecurity framework play in
securing an enterprise information system?
ā¢ What are some of the representative cybersecurity
frameworks or architectures?
Why you should attend:
Participants at this workshop will learn the basics of
cybersecurity frameworks and architectures, and get a
taste of representative frameworks commonly adopted
by organizations and cybersecurity professionals. With
the workshop format, the participants will be able to
interact with the presenters and discuss questions they
may have about cybersecurity frameworks and
architectures.
Programme:
1.30 registration and coffee
2.00 opening remarks and introductions
2.10 Session 1: the nISt Framework
andrew yang, Director,
cyber Security Institute
2.50 Session 2: SaBSa
ross Leo, associate Director,
cyber Security Institute
3.30 coffee
4.00 Session 3: coBIt
norman comstock, Director,
Berkeley research Group
4.40 Session 4: discussion and case Study
Sergio Muniz, President,
cyFor technologies
5.30 end of workshop
about the workshop leaders:
norman comstock is a veteran manager of
enterprise information systems, with specialties
in executive management and technology
consultant to private and public corporations.
ross Leo is an experienced cybersecurity
trainer and consultant, and currently serves as
the associate director of the cyber security
institute at the University of Houston-clear lake.
Sergio Muniz is a seasoned cybersecurity
professional, and the founder and president of
the cyFor technologies.
andrew yang is an experienced computer
science educator and researcher, and
currently serves as the executive director of the
cyber security institute.
about cSI
the cyber security institute (csi) was established as an
educational and research arm of the University of
Houston-clear lake (UHcl), to provide research and
education services to strengthen the Houston region's
efforts of securing the cyberspace and cyber systems.
With support from nearby governmental agencies and
organizations, the UHcl-csi has offered cybersecurity
training, conducted cybersecurity related research,
and provided free seminars and workshops to raise
cybersecurity awareness.
www.prtl.uhcl.edu/portal/page/portal/Sce/csi
haLF day Pre-conFerence WorkShoP
tuesday 12th May 2015
Marriott West Loop hotel
1.30pm - 5.30pm
cybersecurity Frameworks and
architectures
hosted by:
5. FeBruary
e&P Information & data Management
3-4 February 2015, london, UK
Floating LnG
18-19 February 2015, london, UK
telematics usage Based Insurance
18-19 February 2015, london, UK
March
Project Financing in oil and Gas
north america
9-10 March 2015, Houston, Usa
european Smart Grid cyber Security
9-10 March 2015, london, UK
Gas to Liquids north america
11-12 March 2015, Houston, Usa
oil and Gas telecommunications
25-26 March 2015, london, UK
Supported by
Want to know how you can get
involved?
Interested in promoting your
services to this market?
contact Julia rotar on
+44 (0)20 7827 6088 or email:
jrotar@smi-online.co.uk
SMi ENERGY FORWARD PLANNER 2015
6. oIL and GaS cyBer SecurIty north aMerIca
conference: 13th-14th May 2015 | Marriott West Loop hotel, houston, texas, uSa Workshop: 12th May 2015, texas, uSa
4 WayS to reGISter
Fax your booking form to +44 (0) 870 9090 712
Phone on +44 (0) 870 9090 711
www.oilandgas-cybersecurity.com
PoSt your booking form to: events team, SMi Group Ltd, 2nd Floor
South, harling house, 47-51 Great Suffolk Street, London, Se1 0BS
If you have any further queries please call the events team on tel +44 (0) 870 9090 711 or you can email them at events@smi-online.co.uk
Payment: if payment is not made at the time of booking, then an invoice will be issued and must
be paid immediately and prior to the start of the event. if payment has not been received then
credit card details will be requested and payment taken before entry to the event. bookings within
7 days of event require payment on booking. access to the Document Portal will not be given until
payment has been received.
Substitutions/name changes: if you are unable to attend you may nominate, in writing, another
delegate to take your place at any time prior to the start of the event. two or more delegates may
not āshareā a place at an event. Please make separate bookings for each delegate.
cancellation: if you wish to cancel your attendance at an event and you are unable to send a
substitute, then we will refund/credit 50% of the due fee less a Ā£50 administration charge, providing
that cancellation is made in writing and received at least 28 days prior to the start of the event.
regretfully cancellation after this time cannot be accepted. We will however provide the
conferences documentation via the Document Portal to any delegate who has paid but is unable
to attend for any reason. Due to the interactive nature of the briefings we are not normally able to
providedocumentationinthesecircumstances.Wecannotacceptcancellationsofordersplaced
forDocumentationortheDocumentPortalasthesearereproducedspecificallytoorder.ifwehave
to cancel the event for any reason, then we will make a full refund immediately, but disclaim any
further liability.
alterations: it may become necessary for us to make alterations to the content, speakers, timing,
venue or date of the event compared to the advertised programme.
data Protection: the sMi group gathers personal data in accordance with the UK Data Protection
act1998andwemayusethistocontactyoubytelephone,fax,postoremailtotellyouaboutother
products and services. Unless you tick here ā”we may also share your data with third parties offering
complementary products or services. if you have any queries or want to update any of the data
that we hold then please contact our Database Manager databasemanager@smi-online.co.uk or
visitourwebsitewww.smi-online.co.uk/updatesquotingtheUrNasdetailedaboveyouraddresson
the attached letter.
unique reference number
our reference e-060
terms and conditions of Booking
deLeGate detaILS
Please complete fully and clearly in capital letters. Please photocopy for additional delegates.
title: Forename:
Surname:
Job title:
department/division:
company/organisation:
email:
company vat number:
address:
town/city:
Post/Zip code: country:
direct tel: direct Fax:
Mobile:
Switchboard:
Signature: date:
i agree to be bound by sMi's terms and conditions of booking.
accountS dePt
title: Forename:
Surname:
email:
address (if different from above):
town/city:
Post/Zip code: country:
direct tel: direct Fax:
Payment must be made to SMi Group Ltd, and received before the event, by
one of the following methods quoting reference e-060 and the delegateās
name. Bookings made within 7 days of the event require payment on booking,
methods of payment are below. Please indicate method of payment:
ā” Wire transfer lloyds tsb bank plc, 39 threadneedle street, london, ec2r 8aU
sort code: 30-00-09 account: 11775391
swift (bic): LoydGB21013 ibaN: GB75 Loyd 3000 0911 7753 91
ā” cheque We can only accept cheques in Us Dollars
ā” credit card ā” Visa ā” Mastercard ā” american express
all credit card payments will be subject to standard credit card charges.
card No: ā”ā”ā”ā” ā”ā”ā”ā” ā”ā”ā”ā” ā”ā”ā”ā”
Valid From ā”ā”/ā”ā” expiry Date ā”ā”/ā”ā”
cVV Number ā”ā”ā”ā” 3 digit security on reverse of card, 4 digits for aMex card
cardholderās name:
Signature: date:
i agree to be bound by sMi's terms and conditions of booking.
card Billing address (if different from above):
PayMent
vat
Vat at 20% is charged on the Document portal and literature distribution for all UK customers and for
those eU customers not supplying a registration number for their own country here
conFerence PrIceS GrouP dIScountS avaILaBLe
I would like to attend: (Please tick as appropriate) Fee
ā” conference & Workshop $1898.00
ā” conference only $1299.00
ā” Workshop only $599.00
PROMOTIONAL LITERATURE DISTRIBUTION
ā” Distribution of your companyās promotional
literature to all conference attendees $1598.00 + vat $1917.60
the conference fee includes refreshments, lunch, conference papers, and access to
the Document Portal. Presentations that are available for download will be subject to
distribution rights by speakers. Please note that some presentations may not be
available for download. access information for the document portal will be sent to
the e-mail address provided during registration. Details are sent within 24 hours post
conference.
venue Marriott West Loop hotel, 1750 West Loop South Freeway, houston, tx 77027
ā” Please contact me to book my hotel
alternatively call us on +44 (0) 870 9090 711,
email: hotels@smi-online.co.uk or fax +44 (0) 870 9090 712
ā” Book by 27th February to receive $300 off the conference price
ā” Book by 31st March to receive $100 off the conference price
earLy BIrd
dIScount
docuMentatIon
I cannot attend but would like to Purchase access to the following
document Portal/Paper copy documentation. Price total
ā” access to the conference documentation
on the Document Portal $799.00 + vat $958.80
ā” the conference Presentations ā paper copy $799.00 - $799.00
(or only $600 if ordered with the Document Portal)