The first brochure for SMi Group's 3rd annual Oil & Gas Cyber Security conference & exhibition is here. Don't miss the Early Bird deadline and contact Alia Malick if you want to get involved.
With malicious software, such as BlackEnergy, and hacker groups such as Dragonfly intriguing and frightening cyber security experts in equal measure, and spreading unease throughout the community, it is evident that the integrity of the systems controlling our Critical National Infrastructure and large manufacturing plants is still very much under threat. With potential attacks on water, electricity and other features of a nation’s critical infrastructure carrying an increasingly damaging impact, security practices within private companies are becoming public business – as such practitioners must scrutinise their operations in order to minimise their exposure to such attacks.
Held under Chatham House rules, ICS Cyber Security, Europe 2015 will unite Cyber Security professionals with Control Systems managers and SMEs to address these issues and more.
The first brochure for SMi Group's 3rd annual Oil & Gas Cyber Security conference & exhibition is here. Don't miss the Early Bird deadline and contact Alia Malick if you want to get involved.
With malicious software, such as BlackEnergy, and hacker groups such as Dragonfly intriguing and frightening cyber security experts in equal measure, and spreading unease throughout the community, it is evident that the integrity of the systems controlling our Critical National Infrastructure and large manufacturing plants is still very much under threat. With potential attacks on water, electricity and other features of a nation’s critical infrastructure carrying an increasingly damaging impact, security practices within private companies are becoming public business – as such practitioners must scrutinise their operations in order to minimise their exposure to such attacks.
Held under Chatham House rules, ICS Cyber Security, Europe 2015 will unite Cyber Security professionals with Control Systems managers and SMEs to address these issues and more.
Case study on how to use Interactive Data Visualization and Predictive Modeling to find the needle in the haystack in SIEM Analytics and Cyber Security. We discuss how to create an analytical sandbox in front of your correlation systems, as well as intrusion, firewall, and virus scan / endpoint protection systems.
Our clients include Fortune 100 companies, governments and government agencies, two of the top SIEM vendors, and a variety of mid-sized companies.
What trends will 2018 bring for Business Continuity Professionals?PECB
Many business continuity practitioners are perceiving a higher level of risk than ever before in their careers. Unfortunately, these risks are more often resulting in real incidents which require emergency response and continuity of operations. Being prepared may be the most important thing an organization can do in 2018. But what should we prepare for, and how should we prepare for it? This discussion will walk through some of the emerging threats concepts, tools, and techniques that business continuity professionals can expect to see more of in 2018.
Main points covered:
- What should we prepare for in 2018?
- How should we prepare?
- The emerging threats, concepts, tools, and techniques expected in 2018
- Emerging threats creating new risks
Presenter:
David Feeney, CPP, PMP has 17 years of security industry experience assisting organizations with risk management matters specific to physical, personnel, and cyber security. He has 9 years of experience with service providers and 8 years of experience within enterprise security organizations. David has worked with industry leaders in the energy, technology, healthcare, and real estate sectors. Areas of specialization include Security Operations Center design and management, Security Systems design and implementation, and Enterprise Risk Management. David holds leadership positions in ASIS International and is also a member of the InfraGard FBI program. David holds Certification Protection Professional (CPP) and Project Management Professional (PMP) certifications.
Andrea LeStarge, MS has over ten years of experience in program management, risk analysis and curriculum development. Being specialized in Homeland Security, Andrea leverages her experience in formerly managing projects to support various Federal Government entities in identifying, detecting and responding to man-made, natural and cyber incidents. She has an established track record in recognizing security gaps and corrective risk mitigation options, while effectively communicating findings to stakeholders, private sector owners and operators, and first-responder personnel within tactical, operational and strategic levels. Overall, Andrea encompasses analytical tradecraft and demonstrates consistent, repeatable and defensible methodologies pertaining to risk and the elements of threat, vulnerability and consequence.
Organizer: Nevila Muka
Date: January 17, 2018
Link to the recorded webinar:
Symantec Intelligence Report - October 2014Symantec
The number of spear phishing attacks per day continues to trend downward over the last twelve months, coming in at 45 per day in October. Of the attachments used in such email-based attacks, the .doc attachment type comprised 62.5 percent and .exe attachments made up 14.4 percent. Of the industries attacked, the category of Finance, Insurance, and Real Estate received 28 percent of all spear phishing attempts in the month of October, followed by Manufacturing at 17 percent.
The largest data breach that was disclosed in October took place back in July. This breach had previously been reported; however, we learned this month that the breach resulted in the exposure of identities within 76 million households, plus information on an additional seven million small businesses.
In the Mac threat landscape, OSX.Okaz was the most frequently encountered OSX risk seen on OSX endpoints, making up 28.8 percent of OSX risks. OSX.Okaz is an adware program that may modify browser homepage and search settings.
Finally, ransomware as a whole continues to decline as the year progresses. However, the amount of crypto-style ransomware seen continues to increase. This particularly aggressive form of ransomware made up 55 percent of all ransomware in the month of October.
The Emergency Operations Center (EOC) is the nerve center for a community's response to a disaster. This paper discusses the technology infrastructure that we recommend for EOCs to support rapidly emerging crisis situations and respond to communities in a more effective, agile way.
Although Sony seemed to dominate the cyber-security headlines of 2014, it was just one of many corporations infiltrated by an increasingly sophisticated and driven pool of hackers. J.P. Morgan Chase, Home Depot, and Target also top the list of businesses struggling with data breaches.
The most recent major cyberattack against Anthem Healthcare shook the insurance industry. In a rare show of honesty, the insurer began alerting customers and the media to the potential of a data break just eight days after it first noted suspicious activity on Jan. 27, 2015.
Immediately upon discovering it had been attacked, Anthem jumped to address the security vulnerability, contacted the FBI, and hired leading cyber-security firm Mandiant to evaluate its systems, said president and CEO Joseph Swedish in a statement.
Noting the importance of protecting financial institutions, New York's Department of Financial Services responded to the Anthem breach by announcing its intent to integrate regular assessments of cyber-security preparedness at insurance companies as part of its examination process. It will also enforce "enhanced regulations" on insurers based in New York.
"Recent cyber security breaches should serve as a stern wake up call for insurers and other financial institutions to strengthen their cyber defenses," said Benjamin M. Lawsky, New York State's superintendent of financial services, in a statement. He continued, "Regulators and private sector companies must both redouble their efforts and move aggressively to help safeguard this consumer data.“
Most people might expect that larger insurers, given the sensitive customer information they handle, would boast robust cyber-security programs. This is not necessarily true.
As part of its investigation, the Department found that 95% of insurers already think they have sufficient staff for information security, and just 14% of CEOs receive monthly briefings on data security. Anthem, the nation's second-largest health insurer, had not even encrypted its database containing nonmedical data. It claims that the HIPAA did not require it to do so.
While experts believe that Anthem was exclusively targeted in its attack, there is no doubt that all financial institutions are at risk. Here are eight things to know as the industry enters a year of increasingly heightened cyber-vulnerability.
The Cloud is both compelling and alluring, offering benefits that entice many organizations into rapid adoption. But caution should be taken. Leveraging cloud technologies can offer tremendous opportunities, with the caveat of potentially introducing new security problems and business risks. Presented are strategic recommendations for cloud adoption to a community of application and infrastructure developers.
EY Principal and Cyber Threat Management Leader Anil Markose shows you best practices for cyber risk management and how to sense, resist, and react to cyber attacks on your company.
Using international standards to improve Asia-Pacific cyber securityIT Governance Ltd
Understand the cyber threat facing APAC organisations, current legislation and how to utilise international standards to get your business cyber secure in this informative webinar, hosted by Alan Calder.
Presentation talking about the ever increasing threat of cyber crime and how social media, mobile devices, cloud computing make an interesting point of attack. Cyber security is only getting more and more important due to the widespread of new platforms, increasingly available and simple to use exploit kits as well as attacks becoming more sophisticated and having specific targets.
Strategic Leadership for Managing Evolving Cybersecurity RisksMatthew Rosenquist
2014 NSF Cybersecurity Summit keynote presentation from Matthew Rosenquist, Cybersecurity Strategist for Intel Corp.
Cybersecurity is difficult. It is a serious endeavor which strives to find a balance in managing the security of computing capabilities to protect the technology which connects and enriches the lives of everyone. Characteristics of cyber risk have matured and expanded on the successes of technology innovation, integration, and adoption. It is no longer a game of tactics, but rather a professional discipline, continuous in nature, where to be effective strategic leadership must establish effective and efficient structures for evolving controls to sustain an optimal level of security.
This presentation will discuss the challenges, organizational opportunities, and explore best practices to align investments in security to the risk appetite of an organization.
Case study on how to use Interactive Data Visualization and Predictive Modeling to find the needle in the haystack in SIEM Analytics and Cyber Security. We discuss how to create an analytical sandbox in front of your correlation systems, as well as intrusion, firewall, and virus scan / endpoint protection systems.
Our clients include Fortune 100 companies, governments and government agencies, two of the top SIEM vendors, and a variety of mid-sized companies.
What trends will 2018 bring for Business Continuity Professionals?PECB
Many business continuity practitioners are perceiving a higher level of risk than ever before in their careers. Unfortunately, these risks are more often resulting in real incidents which require emergency response and continuity of operations. Being prepared may be the most important thing an organization can do in 2018. But what should we prepare for, and how should we prepare for it? This discussion will walk through some of the emerging threats concepts, tools, and techniques that business continuity professionals can expect to see more of in 2018.
Main points covered:
- What should we prepare for in 2018?
- How should we prepare?
- The emerging threats, concepts, tools, and techniques expected in 2018
- Emerging threats creating new risks
Presenter:
David Feeney, CPP, PMP has 17 years of security industry experience assisting organizations with risk management matters specific to physical, personnel, and cyber security. He has 9 years of experience with service providers and 8 years of experience within enterprise security organizations. David has worked with industry leaders in the energy, technology, healthcare, and real estate sectors. Areas of specialization include Security Operations Center design and management, Security Systems design and implementation, and Enterprise Risk Management. David holds leadership positions in ASIS International and is also a member of the InfraGard FBI program. David holds Certification Protection Professional (CPP) and Project Management Professional (PMP) certifications.
Andrea LeStarge, MS has over ten years of experience in program management, risk analysis and curriculum development. Being specialized in Homeland Security, Andrea leverages her experience in formerly managing projects to support various Federal Government entities in identifying, detecting and responding to man-made, natural and cyber incidents. She has an established track record in recognizing security gaps and corrective risk mitigation options, while effectively communicating findings to stakeholders, private sector owners and operators, and first-responder personnel within tactical, operational and strategic levels. Overall, Andrea encompasses analytical tradecraft and demonstrates consistent, repeatable and defensible methodologies pertaining to risk and the elements of threat, vulnerability and consequence.
Organizer: Nevila Muka
Date: January 17, 2018
Link to the recorded webinar:
Symantec Intelligence Report - October 2014Symantec
The number of spear phishing attacks per day continues to trend downward over the last twelve months, coming in at 45 per day in October. Of the attachments used in such email-based attacks, the .doc attachment type comprised 62.5 percent and .exe attachments made up 14.4 percent. Of the industries attacked, the category of Finance, Insurance, and Real Estate received 28 percent of all spear phishing attempts in the month of October, followed by Manufacturing at 17 percent.
The largest data breach that was disclosed in October took place back in July. This breach had previously been reported; however, we learned this month that the breach resulted in the exposure of identities within 76 million households, plus information on an additional seven million small businesses.
In the Mac threat landscape, OSX.Okaz was the most frequently encountered OSX risk seen on OSX endpoints, making up 28.8 percent of OSX risks. OSX.Okaz is an adware program that may modify browser homepage and search settings.
Finally, ransomware as a whole continues to decline as the year progresses. However, the amount of crypto-style ransomware seen continues to increase. This particularly aggressive form of ransomware made up 55 percent of all ransomware in the month of October.
The Emergency Operations Center (EOC) is the nerve center for a community's response to a disaster. This paper discusses the technology infrastructure that we recommend for EOCs to support rapidly emerging crisis situations and respond to communities in a more effective, agile way.
Although Sony seemed to dominate the cyber-security headlines of 2014, it was just one of many corporations infiltrated by an increasingly sophisticated and driven pool of hackers. J.P. Morgan Chase, Home Depot, and Target also top the list of businesses struggling with data breaches.
The most recent major cyberattack against Anthem Healthcare shook the insurance industry. In a rare show of honesty, the insurer began alerting customers and the media to the potential of a data break just eight days after it first noted suspicious activity on Jan. 27, 2015.
Immediately upon discovering it had been attacked, Anthem jumped to address the security vulnerability, contacted the FBI, and hired leading cyber-security firm Mandiant to evaluate its systems, said president and CEO Joseph Swedish in a statement.
Noting the importance of protecting financial institutions, New York's Department of Financial Services responded to the Anthem breach by announcing its intent to integrate regular assessments of cyber-security preparedness at insurance companies as part of its examination process. It will also enforce "enhanced regulations" on insurers based in New York.
"Recent cyber security breaches should serve as a stern wake up call for insurers and other financial institutions to strengthen their cyber defenses," said Benjamin M. Lawsky, New York State's superintendent of financial services, in a statement. He continued, "Regulators and private sector companies must both redouble their efforts and move aggressively to help safeguard this consumer data.“
Most people might expect that larger insurers, given the sensitive customer information they handle, would boast robust cyber-security programs. This is not necessarily true.
As part of its investigation, the Department found that 95% of insurers already think they have sufficient staff for information security, and just 14% of CEOs receive monthly briefings on data security. Anthem, the nation's second-largest health insurer, had not even encrypted its database containing nonmedical data. It claims that the HIPAA did not require it to do so.
While experts believe that Anthem was exclusively targeted in its attack, there is no doubt that all financial institutions are at risk. Here are eight things to know as the industry enters a year of increasingly heightened cyber-vulnerability.
The Cloud is both compelling and alluring, offering benefits that entice many organizations into rapid adoption. But caution should be taken. Leveraging cloud technologies can offer tremendous opportunities, with the caveat of potentially introducing new security problems and business risks. Presented are strategic recommendations for cloud adoption to a community of application and infrastructure developers.
EY Principal and Cyber Threat Management Leader Anil Markose shows you best practices for cyber risk management and how to sense, resist, and react to cyber attacks on your company.
Using international standards to improve Asia-Pacific cyber securityIT Governance Ltd
Understand the cyber threat facing APAC organisations, current legislation and how to utilise international standards to get your business cyber secure in this informative webinar, hosted by Alan Calder.
Presentation talking about the ever increasing threat of cyber crime and how social media, mobile devices, cloud computing make an interesting point of attack. Cyber security is only getting more and more important due to the widespread of new platforms, increasingly available and simple to use exploit kits as well as attacks becoming more sophisticated and having specific targets.
Strategic Leadership for Managing Evolving Cybersecurity RisksMatthew Rosenquist
2014 NSF Cybersecurity Summit keynote presentation from Matthew Rosenquist, Cybersecurity Strategist for Intel Corp.
Cybersecurity is difficult. It is a serious endeavor which strives to find a balance in managing the security of computing capabilities to protect the technology which connects and enriches the lives of everyone. Characteristics of cyber risk have matured and expanded on the successes of technology innovation, integration, and adoption. It is no longer a game of tactics, but rather a professional discipline, continuous in nature, where to be effective strategic leadership must establish effective and efficient structures for evolving controls to sustain an optimal level of security.
This presentation will discuss the challenges, organizational opportunities, and explore best practices to align investments in security to the risk appetite of an organization.
SMi Group's 16th annual Military Airlift and Rapid Reaction OperationsDale Butler
SMi Group's 16th annual Military Airlift and Rapid Reaction Operations conference and exhibition is returning to Seville this December. Join us at the only Military Airlift event worth attending
Industrial Control Cyber Security Europe 2015 James Nesbitt
The Industrial Control Cybersecurity conference consists of presentations and debate from some of the energy industry’s leading end users from Operational and IT backgrounds, Government influencers, leading cybersecurity authorities and some of the world’s most influential solution providers.
Key topics of discussion will pivot on convergence of operational and information technology transformation, design, implementation, integration and risks associated with enterprise facing architecture.
Further review includes the development of policy, operational and cultural considerations, maturity models, public and private information sharing and the adoption of cybersecurity controls.
2015 will provide further insight into how industry can further develop organisational priorities, effective methodologies, benchmark return on investment for cybersecurity procurement, supplier relationships and how to effectively deploy defense in-depth strategies.
We will introduce discussion on the latest attacks and hear from those who are responsible for identifying them. The conference will further address penetration testing, the art of detection and threat monitoring, incident response and recovery.
Returning to London for its sixth year next march this event is attracting significant interest. Join us at SMi Group's European Smart Grid Cyber Security 2016 conference & exhibition
Industrial Control Security USA Sacramento California Oct 6/7James Nesbitt
Industrial Control Cyber Security conference Sacramento California October 6th and 7th, Key Note speakers include DOE, NERC, NIST, SMUD, PG&E, SCE, NCi Security, Codenomicon (Heartbleed presentation).
Pre Conference workshop October 5th
“Effective methodology to protecting the oil and gas critical infrastructures from the emerging cyber threats”
Workshop Leader: Ayman AL-Issa, Digital Oil Fields Cyber Security Advisor
E 060 oil gas cyber security north americaAlia Malick
Building on 8 years developing conferences in the Cyber Security space the SMi Group are delighted to announce launch their 6th in the series Oil and Gas Cyber Security North America. This conference will provide delegates with an information packed two day agenda with representatives from across the industry, giving a comprehensive overview of the market, looking at insider threats, the latest technology, live demonstrations, current and future threats, APT and much more.
The event will present itself as the perfect platform for learning about the real issues currently being faced by the industry. Hear from leading experts who are currently facing cyber threats. This is a unique opportunity to hear about cyber security expressed from government personal and the operators as well as understanding key market challenges, regulations, human behaviour and technology available.
The Indian economy is classified into different sectors to simplify the analysis and understanding of economic activities. For Class 10, it's essential to grasp the sectors of the Indian economy, understand their characteristics, and recognize their importance. This guide will provide detailed notes on the Sectors of the Indian Economy Class 10, using specific long-tail keywords to enhance comprehension.
For more information, visit-www.vavaclasses.com
This is a presentation by Dada Robert in a Your Skill Boost masterclass organised by the Excellence Foundation for South Sudan (EFSS) on Saturday, the 25th and Sunday, the 26th of May 2024.
He discussed the concept of quality improvement, emphasizing its applicability to various aspects of life, including personal, project, and program improvements. He defined quality as doing the right thing at the right time in the right way to achieve the best possible results and discussed the concept of the "gap" between what we know and what we do, and how this gap represents the areas we need to improve. He explained the scientific approach to quality improvement, which involves systematic performance analysis, testing and learning, and implementing change ideas. He also highlighted the importance of client focus and a team approach to quality improvement.
Unit 8 - Information and Communication Technology (Paper I).pdfThiyagu K
This slides describes the basic concepts of ICT, basics of Email, Emerging Technology and Digital Initiatives in Education. This presentations aligns with the UGC Paper I syllabus.
Instructions for Submissions thorugh G- Classroom.pptxJheel Barad
This presentation provides a briefing on how to upload submissions and documents in Google Classroom. It was prepared as part of an orientation for new Sainik School in-service teacher trainees. As a training officer, my goal is to ensure that you are comfortable and proficient with this essential tool for managing assignments and fostering student engagement.
Students, digital devices and success - Andreas Schleicher - 27 May 2024..pptxEduSkills OECD
Andreas Schleicher presents at the OECD webinar ‘Digital devices in schools: detrimental distraction or secret to success?’ on 27 May 2024. The presentation was based on findings from PISA 2022 results and the webinar helped launch the PISA in Focus ‘Managing screen time: How to protect and equip students against distraction’ https://www.oecd-ilibrary.org/education/managing-screen-time_7c225af4-en and the OECD Education Policy Perspective ‘Students, digital devices and success’ can be found here - https://oe.cd/il/5yV
Operation “Blue Star” is the only event in the history of Independent India where the state went into war with its own people. Even after about 40 years it is not clear if it was culmination of states anger over people of the region, a political game of power or start of dictatorial chapter in the democratic setup.
The people of Punjab felt alienated from main stream due to denial of their just demands during a long democratic struggle since independence. As it happen all over the word, it led to militant struggle with great loss of lives of military, police and civilian personnel. Killing of Indira Gandhi and massacre of innocent Sikhs in Delhi and other India cities was also associated with this movement.
How to Create Map Views in the Odoo 17 ERPCeline George
The map views are useful for providing a geographical representation of data. They allow users to visualize and analyze the data in a more intuitive manner.
Thesis Statement for students diagnonsed withADHD.ppt
SMi Group's 4th annual Oil & Gas Cyber Security conference
1. PLUS AN INTERACTIVE HALF-DAY POST-CONFERENCE WORKSHOP
Wednesday 26th November 2014, Marriott Regents Park Hotel, London, UK
www.oilandgas-cybersecurity.co.uk
BOOK BY 31ST JULY AND SAVE £300 OR BOOK BY 30TH SEPTEMBER AND SAVE £100
Register online or fax your registration to +44 (0) 870 9090 712 or call +44 (0) 870 9090 711
WHY ATTEND THIS EVENT:
• Hear from operators including Centrica, National Grid,
ENi, Petrofac and Tullow Oil
• Understand how government organisations can
support efforts against attacks
• Watch live demonstrations to understand where
attacks are targeted
• Discuss how social engineering should be the key focus
in projecting your networks
• What are the latest developments and technology you
can use for on SCADA attacks
• Recognise new, key, regulations and legislation that
affects your operations
NEW 2014 SPEAKERS INCLUDE
Avtar Sehmbi, Head, Information Security & Risk
Management, Centrica
Graham Wright, Chief Information Security Officer & Head
of Digital Risk, National Grid
Troels Oerting, Head, European Cybercrime Centre,
Europol
Chris Gibson, Director, Computer Emergency Response
Team (CERT) UK
Mounir Kamal, Incidents Handling and Digital Forensics
Manager, Q-CERT
Faheem Siddiqui, Group Information Security Manager,
Petrofac
Alessandro Marzi, ICT Manager Security Standards &
Architecture, ENi
CHAIRMAN
Chris Hankin, Director, Institute for Security Science and
Technology, Imperial College London
Martin Smith, Chairman and Founder, The Security
Awareness Special Interest Group
REGISTER BY 31ST JULY AND RECEIVE A £300 DISCOUNT
REGISTER BY 30TH SEPTEMBER AND RECEIVE A £100 DISCOUNT
SMi present their 4th annual conference on…
24th & 25th
NOV
2014Marriott Regents Park Hotel, London, UK
Oil and Gas
Cyber Security
@SMiGroupEnergy
Sponsored by
Legal Aspects for Cyber Security
8.30am – 12.30pm
Hosted by CMS
2. Register online at: www.oilandgas-cybersecurity.co.uk • Alternatively
Oil and Gas Cyber Security
Day One | Monday 24th November 2014
8.30 Registration & Coffee
9.00 Chairman's Opening Remarks
Chris Hankin, Director, Institute for Security Science and
Technology, Imperial College
STATE OF OIL & GAS THREATS
9.10 Emerging Cyber Threats in the Oil & Gas Industry
•Today’s threat trends;
- Oil and gas business
- Social/Economic/Political
•Motivations and attack lifecycle
•Overview of recent attacks
Avtar Sehmbi, Head, Information Security & Risk
Management, Centrica
9.50 The Strategic Balance of Risk in The Energy Sector
•Managing and the balance of risk and responsibility
between Governments and the Private Sector
•Finding common threads to drive and industry view to
enable properly informed national strategies, policy and
regulation
Graham Wright, Chief Information Security Officer & Head of
Digital Risk, National Grid
10.30 Morning Coffee - Visit Exhibition Stands
INCIDENT RESPONSE MANAGEMENT
11.00 EU Response to the Increased Threat Towards Critical
Infrastructure
•The changing landscape of cybercrime versus physical
crime
•The rapid development of Internet of Everything and the
impact,
•The cybercrime threat to individuals, businesses and
governments,
•The consolidated response to cybercrime via EC3:
prevention, protection, prosecution, governance
Troels Oerting, Head, European Cybercrime Centre, Europol
11.40 ICS Security: an assessment framework
•Threat landscape
•From standards to a pragmatic approach
•Tactical vs strategic security paths
Alessandro Marzi, ICT Manager Security Standards &
Architecture, ENi
12.20 Networking Lunch - Visit Exhibition Stands
THREATS AND THE EMERGING TECHNOLOGIES
1.30 Innovation in Industrial Perimeter Security
•Real-Time SCADA protection
•Historian systems protection
•NERC / CIP Compliance
•Hardware based unidirectional Data Transfer
•Secure remote monitoring and management
Paul Charchaflian, European Sales Director, Waterfall Security
Solutions
2.10 Cybersecurity and Forever Changing Goal Posts
Hackers are following money trails. Oil, Grids and Banks are
the prime targets. Who eventually gains? Constant elevation
of security status will soon lead to ‘board fatigue’. Security
budgets needs to be transformed from linear to non-linear
curves for sheer sustainability. The presentation would cover
the following:
•Distributed - controls cost framework
•Pareto rule for ICS / SCADA protection
•Role of strategic alliances
•Role of IT governance
Faheem Siddiqui, Group Information Security Manager,
Petrofac
2.50 Afternoon Tea - Visit Exhibition Stands
3.20 Cyber-attacks have evolved in the Energy sector; Have your
security defenses?
•Learn how to prepare for an advanced attack or breach
WHEN it happens
•Respond quickly and efficiently to isolate the breach and
mitigate risk
•Define what ‘normal’ behaviour is across users, networks,
systems and applications
•Improve security intelligence using existing technologies
and enhance current security investments
Andrew Hollister, Technical Director, EMEA, LogRhythm
4.00 Defending Networks Through Simulation and Cyber Defence
Exercises
•This presentation will cover the following topics, including
demonstrations:
•Do you know what a cyber attack looks like?
•Can you defend your networks against all types of attacks?
•Do your vendor tools really protect you?
•The best way to test your controls, staff, procedures and
strategies
Emmanouil Christofis, Cyber Defence Exercises Advisor,
FOCAL POINT sprl
Nuri Fattah, Director, Defence Corp
5.00 Chairman's Closing Remarks and Close of Day One
Sponsored by The Fox DataDiode serves to protect the integrity and availability of assets in an Industrial Control Systems
(ICS) network. It provides a unique hardware-based, one-way data link that has been approved and
certified by a large number of authorities. This allows you to enjoy the benefits of business integration by
being able to send production data from an ICS network to an enterprise environment, while preventing
all cyber attacks directed at your industrial assets. www.fox-it.com
LogRhythm is the largest and fastest growing independent security intelligence company in the world.
The company’s patented and award-winning Security Intelligence Platform, unifying SIEM, log
management, file integrity monitoring, network and host forensics, empowers organisations to detect
breaches and the most sophisticated cyber threats of today, quickly and accurately.
www.logrhythm.com.
3. SPONSORSHIP OPPORTUNITIES
SMi offer sponsorship, exhibition, advertising and branding packages, uniquely tailored to complement your company's marketing
strategy. Should you wish to join the increasing number of companies benefiting from promoting their business at our conferences
please call: Alia Malick, Director, on +44 (0) 207 827 6168 or email amalick@smi-online.co.uk
fax your registration to +44 (0)870 9090 712 or call +44 (0)870 9090 711
Day Two | Tuesday 25th November 2014
8.30 Registration & Coffee
9.00 Chairman's Opening Remarks
Martin Smith, Chairman and Founder, The Security Awareness
Special Interest Group
CYBER BODIES
OPENING ADDRESS
9.10 The Evolving Cyber Landscape in the UK - CERT UK
•Role of CERT-UK
•Who and what pose a threat
•CiSP - An example of government/industry partnership in
action!
Chris Gibson, Director, Computer Emergency Response Team
(CERT) UK
9.50 Industrial Cyber Incidents Case Study
•Root cause Incidents analysis
•Panic Vs. Trust Incident analysis mode
•From deep technical analysis to business management
level
•Building Trusted computing system
Mounir Kamal, Incidents Handling and Digital Forensics
Manager, Q-CERT
10.30 Morning Coffee - Visit Exhibition Stands
11.00 Cybersecurity 2014, Impact of the latest
cyber-attacks on SCADA networks
•How cyber threats evolved
•Types of vulnerabilities
•A business case for segmenting networks
•Possible solutions
•Be prepared
Peter Geytenbeek, International Sales Director, FOX IT
SOCIAL ENGINEERING
11.40 Looking at the Present Oil and Gas Threats and Emerging
Cyber Threats in the Oil and Gas Industry
•Advance threats to the oil and gas industry and developing
a practical strategy to enable organisations to minimise the
attack
•Involving security early in the design process to guarantee
resilience
•Evaluating cyber security risks involved in process control
systems
Michael Rapley, UK Operations IT Security & Compliance,
Nexen Petroleum*
12.20 Networking Lunch - Visit Exhibition Stands
1.30 The New Exploit: Emotion
•Relying less on the Board to be the leaders in pushing
behaviour change
•Identifying with our organisational dynamics and key
influencers
•Understanding what really drives the change security needs
can be uncomfortable – are we ready for it?
•Creating and sustaining the momentum of change
Spencer Summons, Head of Information Assurance and IS
Governance, Tullow Oil
2.10 Combating Against the Insider Threat
•Insider threat is a growing concern for all organisations that
can cause severe financial and reputational damage.
•In this talk, we discuss the challenges around insider threat
detection.
•We study the types of attack that may be conducted, the
behavioural characteristics of insiders, and we discuss how
detection systems could be introduced to prevent such
attacks from taking place.
Phil Legg Research Associate, Cyber Security Centre,
Department of Computer Science, University of Oxford
2.50 Afternoon Tea - Visit Exhibition Stands
3.20 Cybercrime Is Huge and Getting Bigger - But Then Why
Wouldn't It?
•The market is moving online, the thieves are following.
•The security industry must adapt and go there too.
•Security professionals must let go of traditional methods for
protecting assets and embrace the new technology.
•The greatest danger we now face is our fear of change
Martin Smith, Chairman and Founder, The Security Awareness
Special Interest Group
4.00 Cyber Security: Risks, Regulation and Contracts - a lawyer's
perspective
•Risks – why is cyber security a critical issue?
•Regulatory update
•Supply chain & contractual issues
Juan Crosby, Partner, Technology & Sourcing, CMS Cameron
McKenna LLP
4.40 Chairman’s Closing Remarks and Close of Day Two
Waterfall Security Solutions Ltd. is the leading provider of stronger-than-firewalls protections for industrial
control networks and critical infrastructures. The company’s products are deployed in utilities and critical
national infrastructures throughout North America, Europe, Asia and Israel. Waterfall’s technologies
reduce the cost and complexity of compliance with NERC-CIP, NRC, NIST, CFATS and other regulations,
and include support for leading industrial applications: Frost & Sullivan describe Waterfall's solutions as
ensuring "optimum security for networks across user verticals" and awarded Waterfall the 2012 Network
Security Award for Industrial Control Systems Entrepreneurial Company of the Year and the 2013 North
America Award for Customer Value Enhancement. www.waterfall-security.com.
*subject to confirmation
4. Workshop overview:
The workshop will tackle the cyber security risks that
companies are exposed to and will work through ways of
reducing these risks. AIG will present the role of cyber
insurance and the workshop will discuss what companies
need to do in the event of a cyber-security breach incident.
Why attend this workshop
To learn about cyber risks, how insurance works and what you
need to do in the event of an incident
About the workshop host:
Stephen Tester
Stephen Tester is a partner at CMS Cameron
McKenna. With Tom Scourfield he leads the CMS
Cyber Network, which operates a 24/7 emergency
breach response facility providing legal support to
clients in over 35 separate jurisdictions. Independently of his
workinthecyberfieldhehasabusypracticehandlingoiland
gas insurance disputes and coverage issues.
Jamie Bouloux
At the beginning of September 2012 Jamie was
made Cyber Liability Manager for Europe. He
joined the team from New York where he was an
Executive Liability Underwriter & Cyber Product
Leader with AIG US and Canada. Prior to that Jamie worked
in the AIG International home office team as a Professional
Associate and helped develop the original international
Cyber product and strategy. Jamie holds a B.A. in Economics
and History from Franklin and Marshall College.
Juan Crosby
Juan is a partner in the CMS Technology &
Commercial team focussing on IT issues in the Oil &
Gas Sector and a leading lawyer advising on
complex technology and outsourcing projects,
including in relation to cyber security. He has undertaken
major IT projects for many clients including super-majors and
other leading oil and gas companies and has been
recognised for his work by being awarded Best Advisor of the
Year at the National Outsourcing Association’s 2013 UK
Outsourcing Professional Awards ceremony as well as being
recognised as one of Europe’s leading outsourcing advisors in
the 2013 European Outsourcing Association’s “Advisor of the
Year” Awards.
Juan recently led negotiations on a twenty year strategic
software development and licensing agreement
transforming the technology underpinning the core business
activities of one of the world’s largest energy companies.
CMS is the 6th largest law firm in the world with 58 offices
worldwide.
Tom Scourfield
Tom Scourfield is a partner and solicitor advocate in
the Commercial Technology Group at CMS in
London. He has considerable experience of the
legal, practical and regulatory issues arising from
cyber breach and data compromise events. He leads the
CMS cyber crash team in the UK and across 32 other
jurisdictions, provided 24/7 support and advice in the event of
a cyber crisis event. He has worked directly with a number of
corporates, as well as being the lead adviser on several
insurance policies offering cyber coverage.
About the workshop organisations:
CMS Cameron McKenna
CMS is one of the top ten largest law firms in the world by
number of lawyers, with 58 offices in 32 countries.
AIG
American International Group, Inc. (AIG) is a global insurance
company. The Company provides a range of property
casualty insurance, life insurance, retirement products,
mortgage insurance and other financial services to
customers in more than 130 countries. It diverse offerings
include products and services that help businesses and
individuals protect their assets, manage risks and provide for
retirement security.
HALF-DAY POST-CONFERENCE WORKSHOP
WEDNESDAY 26th NOVEMBER 2014
8.30am – 12.30pm
Marriott Regents Park Hotel, London
Legal Aspects for Cyber Security
5. SMi ENERGY
FORWARD PLANNER 2014
JULY
Big Data Analytics for E&P
9th - 10th July 2014,
London, UK
SEPTEMBER
Telecoms for Smart Grids
22nd - 23rd September 2014,
London,UK
Distribution Automation Europe
29th - 30th September 2014,
London, UK
OCTOBER
Energy from Waste
13th - 14th October 2014,
London, UK
Gas to Liquids
29th - 30th October 2014,
London, UK
NOVEMBER
Project Financing in Oil and Gas
24th - 25th November 2014,
London, UK
FEBRUARY
E&P Information and
Data Management
3rd-4th February 2015,
London UK
Floating LNG
16th-17th February 2015,
London UK
Supported by
6. PAYMENT
FAX your booking form to +44 (0) 870 9090 712
PHONE on +44 (0) 870 9090 711
POST your booking form to: Events Team, SMi Group Ltd, 2nd Floor South,
Harling House, 47-51 Great Suffolk Street, London, SE1 0BS, UK
OIL AND GAS CYBER SECURITY
Conference: 24th & 25th November 2014, Marriott Regents Park Hotel, London, UK Workshop: 26th November, London, UK
4 WAYS TO REGISTER
www.oilandgas-cybersecurity.co.uk
□ Book by 31st July to receive £300 off the conference price
□ Book by 30th September to receive £100 off the conference price
EARLY BIRD
DISCOUNT
If you have any further queries please call the Events Team on tel +44 (0) 870 9090 711 or you can email them at events@smi-online.co.uk
Payment: If payment is not made at the time of booking, then an invoice will be issued and must be
paid immediately and prior to the start of the event. If payment has not been received then credit
card details will be requested and payment taken before entry to the event. Bookings within 7 days
ofeventrequirepaymentonbooking.AccesstotheDocumentPortalwillnotbegivenuntilpayment
has been received.
Substitutions/Name Changes: If you are unable to attend you may nominate, in writing, another
delegate to take your place at any time prior to the start of the event. Two or more delegates may
not ‘share’ a place at an event. Please make separate bookings for each delegate.
Cancellation: If you wish to cancel your attendance at an event and you are unable to send a
substitute, then we will refund/credit 50% of the due fee less a £50 administration charge, providing
that cancellation is made in writing and received at least 28 days prior to the start of the event.
Regretfully cancellation after this time cannot be accepted. We will however provide the
conferences documentation via the Document Portal to any delegate who has paid but is unable
to attend for any reason. Due to the interactive nature of the Briefings we are not normally able to
provide documentation in these circumstances. We cannot accept cancellations of orders placed
for Documentation or the Document Portal as these are reproduced specifically to order. If we have
to cancel the event for any reason, then we will make a full refund immediately, but disclaim any
further liability.
Alterations: It may become necessary for us to make alterations to the content, speakers, timing,
venue or date of the event compared to the advertised programme.
Data Protection: The SMi Group gathers personal data in accordance with the UK Data Protection
Act 1998 and we may use this to contact you by telephone, fax, post or email to tell you about other
products and services. Unless you tick here □ we may also share your data with third parties offering
complementary products or services. If you have any queries or want to update any of the data that
we hold then please contact our Database Manager databasemanager@smi-online.co.uk or visit
our website www.smi-online.co.uk/updates quoting the URN as detailed above your address on the
attached letter.
Unique Reference Number
Our Reference LV E-052
Terms and Conditions of Booking
DELEGATE DETAILS
Please complete fully and clearly in capital letters. Please photocopy for additional delegates.
Title: Forename:
Surname:
Job Title:
Department/Division:
Company/Organisation:
Email:
Company VAT Number:
Address:
Town/City:
Post/Zip Code: Country:
Direct Tel: Direct Fax:
Mobile:
Switchboard:
Signature: Date:
I agree to be bound by SMi's Terms and Conditions of Booking.
ACCOUNTS DEPT
Title: Forename:
Surname:
Email:
Address (if different from above):
Town/City:
Post/Zip Code: Country:
Direct Tel: Direct Fax:
Payment must be made to SMi Group Ltd, and received before the event, by one of
the following methods quoting reference E-052 and the delegate’s name. Bookings
made within 7 days of the event require payment on booking, methods of payment
are below. Please indicate method of payment:
□ UK BACS Sort Code 300009, Account 00936418
□ Wire Transfer Lloyds TSB Bank plc, 39 Threadneedle Street, London, EC2R 8AU
Swift (BIC): LOYDGB21013, Account 00936418
IBAN GB48 LOYD 3000 0900 9364 18
□ Cheque We can only accept Sterling cheques drawn on a UK bank.
□ Credit Card □ Visa □ MasterCard □ American Express
All credit card payments will be subject to standard credit card charges.
Card No: □□□□ □□□□ □□□□ □□□□
Valid From □□/□□ Expiry Date □□/□□
CVV Number □□□□ 3 digit security on reverse of card, 4 digits for AMEX card
Cardholder’s Name:
Signature: Date:
I agree to be bound by SMi's Terms and Conditions of Booking.
Card Billing Address (If different from above):
LIVE STREAMING/ON DEMAND/ DOCUMENTATION
Unable to travel, but would like to watch the conference live, ask questions,
participate as if you were in the room. Price Total
□ Live Streaming £999.00 + VAT (UK) £1198.80
□ On demand £599.00 + VAT (UK) £718.80
(available 24 hours after the event)
□ Access to the conference documentation
on the Document Portal £499.00 + VAT £598.80
□ The Conference Presentations - paper copy £499.00 - £499.00
(or only £300 if ordered with the Document Portal)
PAYMENT
VAT
VAT at 20% is charged on the attendance fees for all delegates. VAT is also charged on live
Streaming, on Demand, Document portal and literature distribution for all UK customers and
for those EU Customers not supplying a registration number for their own country here.
______________________________________________________________________________________________
CONFERENCE PRICES
I would like to attend: (Please tick as appropriate) Fee Total
□ Conference and Workshop £2298.00 +VAT £2757.60
□ Conference only £1699.00 +VAT £2038.80
□ Workshop only £599.00 +VAT £718.80
PROMOTIONAL LITERATURE DISTRIBUTION
□ Distribution of your company’s promotional
literature to all conference attendees £999.00 + VAT £1198.80
The conference fee includes refreshments, lunch, conference papers, and access to the
Document Portal. Presentations that are available for download will be subject to
distribution rights by speakers. Please note that some presentations may not be available
for download. Access information for the document portal will be sent to the e-mail
address provided during registration. Details are sent within 24 hours post conference.
VENUE Marriott Hotel Regents Park, 128 King Henry's Road, London, NW3 3ST
□ Please contact me to book my hotel
Alternatively call us on +44 (0) 870 9090 711,
email: hotels@smi-online.co.uk or fax +44 (0) 870 9090 712