This event has ended. Visit the official site or create your own event on Sched.
This is the AGENDA FOR 2022 -- Please visit the main website for the latest conference information. 
Strategy Track [clear filter]
Tuesday, October 25

8:00am EDT

Breakfast Session: The Checks and Balances for Cybersecurity Readiness
Large or small, cyberattacks are making headlines and elevating executive attention toward cyber resiliency. Preparing for, responding to and recovering from cyberattacks should be a strategic part of any business continuity plan. As recent cyberattacks have demonstrated increased risk to both IT and operational technology (OT) environments, readiness equates to enforcement of rules and policies that provide the visibility, control and situational awareness to respond at the speed of business. Cybercriminals are maximizing their opportunity by exploiting older vulnerabilities and an expanding attack surface. Strategic readiness should be underpinned with the notion that eventually an attack will happen, and when it occurs, you are proactively ready to respond. During this session, we will explore security considerations for developing cyber resilience covering security fundamentals and readiness planning to protect your IT and OT environments.

avatar for Nate Dann

Nate Dann

Director, Operational Technology Southeast, Fortinet
Nathan brings more than 10 years of experience in industrial networking and factory automation. He has worked directly with teams implementing and automating Industrial Control Systems (ICS) across a variety of critical infrastructure environments including Manufacturing, Transportation... Read More →

Tuesday October 25, 2022 8:00am - 8:45am EDT

10:45am EDT

Why Endpoint Management is Key to Securing OT Environments
ICS (or more broadly OT/Cyber Physical systems) security is now a critical issue for senior management and boards of directors. The increase in ransomware, the spiraling costs of insurance and the necessary reporting requirements to even access coverage, as well as growing regulatory burdens require a change in mindset when it comes to protecting these systems. No longer can organizations “check the box” and say “oh, I have a basic inventory” or “at least I have some network monitoring occurring”. CISOs (driven by their boards, insurers, and regulators) now need to achieve the same level of security in ICS as they have achieved in IT. They need to demonstrate how they are practically improving security….going from red to green on key metrics and security controls. This requires the focus to go beyond the network (firewalls, monitoring, etc.) and get to the endpoint. They need to find a way of protecting and managing those endpoints to improve the overall protection of the control systems.

Join this session to learn how you can practically, efficiently, and safely manage and protect OT endpoints:
• How to gather accurate visibility into all assets across all sites in one place
• Prioritizing remediation based on asset and risk context
• Enabling response, not just detection, in an OT-safe way
• Demonstrating true security progress

avatar for John Livingston

John Livingston

CEO, Verve Industrial Security
John leads Verve's mission to protect the world’s infrastructure. He brings 20+ years of experience from McKinsey & Co. advising large companies in strategy and operations. John's committed to helping clients find the lowest cost and simplest solutions for controls, data and ICS... Read More →

Tuesday October 25, 2022 10:45am - 11:15am EDT

1:45pm EDT

Everyone. Everything. Everywhere. Securely Bridging the Last Mile in Digital Transformation
How to securely access and bring together People, Process or Technology is one of the biggest challenges in today’s technology world. With the need to access technology beyond your secure perimeter or in the cloud, how do organizations bridge that last mile to resources such as wind turbines,  ships, remote storage facilities, or drilling platforms? Join this session as we discuss how organizations can connect people and process to those resources in a safe, secure and regulated manner without causing disruptions or safety concerns to these remote OT assets.

avatar for Kevin Kumpf

Kevin Kumpf

Chief OT / ICS Security Strategist, Cyolo
Kevin Kumpf has more than 20 years of IT security and compliance experience, including over 10 years of cybersecurity, governance and critical infrastructure experience working in the energy, medical, manufacturing, transportation and FedRAMP realms.Kevin’s past roles include Director... Read More →

Tuesday October 25, 2022 1:45pm - 2:15pm EDT
Windsor C
Wednesday, October 26

8:00am EDT

Breakfast Session: Network Engineering for Deterministic Protection
Security engineering eliminates entire classes of cyber risk to operations, while cyber security only reduces those risks. This makes security engineering and the network engineering sub-discipline essential for industrial operations that must carry the Internet's threat load predictably, affordably, and for decades. In this presentation we take a deep dive into four powerful techniques for network engineering: hard segregation for safe cloud connections, unidirectional networks, hard wiring for safe access to safety systems and the Internet, and the (few) places it still makes sense to use real air gaps. These and other engineering-grade solutions are a blind spot in many cybersecurity programs - for example: where do buckling relief valves fit in the NIST Framework? We must expand our cyber risk programs beyond cybersecurity if we want those programs to be effective in addressing today's steadily-increasing threat loads.

avatar for Andrew Ginter

Andrew Ginter

VP Industrial Security, Waterfall Security Solutions
At Waterfall, Andrew leads a team of experts who work with the world's most secure industrial enterprises. Before Waterfall, Andrew led the development of high-end industrial control system products at Hewlett-Packard, of IT/OT middleware products at Agilent Technologies, and of the... Read More →

Wednesday October 26, 2022 8:00am - 8:45am EDT

12:15pm EDT

Lunch Workshop: Life After Segmentation: What Comes Next in Your OT Security Strategy
ICS networks have traditionally been segmented from the rest of the enterprise network with most cyber threats stemming from human error, accidents, and acts of physical sabotage. The increasing integration of OT with business networks and internet-based applications has vastly increased the prevalence and complexity of cyber threats to ICS networks. As a result, segmentation/air gapping is is no longer the finish line for a good security strategy. To defend against a diverse set of cyber threats, you need a comprehensive ICS security strategy.

Join our lunch and learn session to learn how to go beyond segmentation and bring your OT security strategy to the next level. We’ll cover:
  • How to get a clear understanding of all the assets in on your networks and how to identify blindspots
  • Advanced threat detection and vulnerability assessment to identify and prioritizes security risks
  • How to predict and detect OT process and stability issues giving you early warning signs of possible downtime

avatar for Gehron (Ronny) Fredericks

Gehron (Ronny) Fredericks

Field CTO, Nozomi Networks
Gehron “Ronny” Fredericks is Field CTO at Nozomi Networks. He holds a Master’s degree in Digital Forensics & Cyber Investigation and an additional MBA from UMUC. Ronny has unique OT experience from his time at leading energy provider, Exelon Corporation, as a Senior Security... Read More →

Wednesday October 26, 2022 12:15pm - 1:00pm EDT
Filter sessions
Apply filters to sessions.