Loading…
This event has ended. Visit the official site or create your own event on Sched.
Welcome to the Interactive Agenda for SecurityWeek’s 2019 Singapore ICS Cyber Security Conference! (View the full conference website here)

Don’t miss the hottest ICS cyber security event in the APAC region -  Register Now

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Main Track [clear filter]
Tuesday, April 16
 

8:45am GMT+08

Welcome to SecurityWeek's 2019 ICS Cyber Security Conference | Singapore
Welcome address and conference introduction for SecurityWeek's 2019 Singapore ICS Cyber Security Conference.


Speakers
avatar for Mike Lennon

Mike Lennon

Managing Director, SecurityWeek
For more than 10 years, Mike Lennon has been closely monitoring and analyzing trends in the cyber threat landscape, and enterprise, critical infrastructure, and national security space. In his role at SecurityWeek he oversees the editorial direction of the publication and manages... Read More →


Tuesday April 16, 2019 8:45am - 9:00am GMT+08
Stamford Ballroom

9:00am GMT+08

Getting Practical On Addressing Industrial Cyber Risk
Many talks outline important but theoretical activities useful to help minimize impacts from poor industrial cyber security. This is not one of those talks. It's time to get moving, get practical and begin to admit there are big problems with industrial cyber risk.

This talk will share practical lessons from dozens of large organizations as they embarked on this journey across people, process and technology. From getting executive support, establishing clear accountability, and understanding the true extent of the exposure, this session will discuss case studies, prioritization, measures, and how to expand into OT network from real world examples.

Learning Objectives:
  • Learn practical steps to take on how to address risks in OT networks
  • Learn what type of concrete measures have worked best for other large organizations
  • Learn how to translate technical risk into business impact and communicate better with boards and C-levels.



Speakers
avatar for Vijay Vaidyanathan

Vijay Vaidyanathan

Senior ICS Consultant with Claroty, Claroty
Vijay Vaidyanathan is on the front lines of customer cybersecurity risks and challenges within industrial and critical infrastructure organizations. He has extensive technical and consulting experience across the manufacturing spectrum. A chemical engineer by profession and a Singapore... Read More →


Tuesday April 16, 2019 9:00am - 9:45am GMT+08
Stamford Ballroom

9:45am GMT+08

ICS is Everywhere: Pervasive Risks – but Defense is Doable
This session will discuss the march of digitalization in industrial automation, why it is compelling, and how associated cyber risks are perceived and treated by industry and within companies.  The perspective will span a spectrum of people, process, and technology and include results from recent SANS market studies that analyzed the State of Industrial Control System (ICS) and Industrial IoT (IIoT) Cybersecurity. Details will be shared that represent the experiences of IT, OT, and IT/OT-hybrid cybersecurity practitioners responsible for operational technology (OT) systems.

Attendees of this session will gain insight into what organizations are doing to understand, communicate, and address security risks, and how their efforts compare with industry peers. It will help highlight some of today’s risk-management trends and where added investments are still needed. This information is intended to benefit owners-operators, service providers, suppliers, consultants, and researchers who hold responsibility for managing cyber risks to industrial systems.


Speakers
avatar for Doug Wylie

Doug Wylie

Director, Industry Practice, SANS Institute
With over 25 years of experience that spans industry, Doug is a seasoned business practitioner and certified security professional who helps companies meet their objectives for safe, secure and reliable operations while they address security risks that arise as Information Technology... Read More →


Tuesday April 16, 2019 9:45am - 10:30am GMT+08
Stamford Ballroom

10:45am GMT+08

Securing the Field: a View from the Frontlines
This presentation will describe real-world, end-user experience of building a security program around the work processes, and the lessons learned. Such an approach has the considerable payoff of making the field operations more efficient as well. The IT needs of field personnel have long been neglected and, as this presentation discusses, the activities around securing the field operations has the potential to improve productivity in the field as well as ICS security.

Learning Objectives
  • What are field operations and why securing it is important?
  • What are three common weaknesses in field operations that can be exploited by an adversary?
  • What are the three main challenges in securing field operations?
  • How do you secure field operations without impacting work?

Speakers
avatar for Dr. Gowri Rajappan

Dr. Gowri Rajappan

Director of Technology and Cybersecurity, Doble Engineering Company
Dr. Gowri Rajappan is Director of Technology and Cybersecurity at Doble Engineering. He is an expert in cyber security and enterprise data technologies. He leads the cyber security activities at Doble, in which capacity he works closely with electric power utilities worldwide to help... Read More →


Tuesday April 16, 2019 10:45am - 11:20am GMT+08
Stamford Ballroom

11:20am GMT+08

Analyzing GreyEnergy Malware: From Maldoc to Backdoor
The APT group GreyEnergy has been targeting industrial networks in Ukraine and other Eastern European countries for the past several years. The advanced persistent threat (APT) group uses stealth attacks to access various elements of ICS. In this session, Andrea Carcano will tap into the latest research from Nozomi Labs to explain how GreyEnergy’s ability to avoid detection is linked to the way they program their malware. He will detail how GregyEnergy social engineers their way into ICS networks via phishing emails, how their malware is able to cause damage without detection and share a free tool designed to help facilitate further discovery and analysis within the ICS cyber security community.

Speakers
avatar for Diego Betancur

Diego Betancur

ICS Cyber Security Field Engineer, Nozomi Networks
Diego Betancur has over 12 years of experience in several aspects of cybersecurity. He has undertaken large projects including involving penetration testing, incident response and risk assessments for both IT and OT. He is particularly interested in understanding cybersecurity attacks... Read More →


Tuesday April 16, 2019 11:20am - 12:00pm GMT+08
Stamford Ballroom

12:00pm GMT+08

Discovering and Defending Against Vulnerabilities in Building Automation Systems
Forescout research recently uncovered several dangerous vulnerabilities in popular building automation devices. This is particularly alarming because these discovered vulnerabilities prove that various controllers and Building Automation Systems (BAS) used for physical access control in hospitals, schools and airports are open to coordinated attack. While malware targeting BAS has not been widely reported yet, the Forescout team strongly expects to see an uptick in attacks, and has used this research to drive our solution innovation.  In this session, Daniel will share the specifics of our research, cover the anatomy of a typical BAS cyber attack and detail what we’re doing at Forescout to ensure coordinated and scalable solutions that identify and thwart threats to BAS systems. 
 

Speakers
avatar for Daniel dos Santos

Daniel dos Santos

Researcher, ForeScout Technologies
Daniel dos Santos holds a PhD in Computer Science from the University of Trento and has more than 5 years of experience in security consulting and research.


Tuesday April 16, 2019 12:00pm - 12:30pm GMT+08
Stamford Ballroom
 
Wednesday, April 17
 

8:30am GMT+08

Opening Remarks - Day 2
Welcome remarks for Day 2 of SecurityWeek's 2019 Singapore ICS Cyber Security Conference.


Speakers
avatar for Mike Lennon

Mike Lennon

Managing Director, SecurityWeek
For more than 10 years, Mike Lennon has been closely monitoring and analyzing trends in the cyber threat landscape, and enterprise, critical infrastructure, and national security space. In his role at SecurityWeek he oversees the editorial direction of the publication and manages... Read More →


Wednesday April 17, 2019 8:30am - 8:45am GMT+08
Stamford Ballroom

8:45am GMT+08

Threat Detection and Response: What’s the Right Solution?
While many companies recognize the cybersecurity benefits of early OT threat detection, many struggle to select a suitable solution that matches their key concerns and their current industrial cybersecurity capabilities. This presentation by ARC describes the industrial threat detection and response landscape, how the solutions vary in focus, scope, and capabilities, and the importance of aligning with a company's overall cybersecurity management strategy. The information will be of benefit to owner-operators as well as to suppliers of cybersecurity solutions in the industrial sector.

Speakers
avatar for Bob Gill

Bob Gill

General Manager, Southeast Asia, ARC Advisory Group


Wednesday April 17, 2019 8:45am - 9:20am GMT+08
Stamford Ballroom

9:20am GMT+08

I Own Your Building (Management System)
Despite the rapidly growing deployment of IP-based technologies around us, the security of these deployments remains susceptible to basic cyber security attacks. What began as a small enumeration of the exposure of Security Access Control Platforms on several Internet-connected device search engines, grew into a research project covering several Building Management Systems (BMS) or Building Automation Systems (BAS) and its various sub-categories.

The execution of such attacks enables an unauthenticated attacker to access and manipulate doors, elevators, air-condition systems, windows blinds, cameras, boiler, PLCs, lights, alarm system in an entire building. In the case of this research, more than 10 million people could be affected by the findings presented.

This presentation discusses vulnerabilities found by Applied Risk research team across several BMS components and products from various vendors in the industry. Multiple vulnerabilities have been identified that could result in the total compromise of entire buildings and critical facilities (e.g. banks, hospitals, industrial facilities, government, residential…etc.).

In addition to the discovered vulnerabilities, the process we followed during our research will be discussed. Examples will be given for topics like:
  • Firmware analysis  
  • Device assessment

Speakers
avatar for Gjoko Krstic

Gjoko Krstic

Senior ICS Security Researcher, Applied Risk
Gjoko is a Senior ICS/IIoT Security Researcher at Applied Risk in Amsterdam, The Netherlands. Gjoko has been active in the “security industry” for almost 15 years, holding experience in many fields in cybersecurity including: penetration testing, malware analysis, vulnerability... Read More →


Wednesday April 17, 2019 9:20am - 9:55am GMT+08
Stamford Ballroom

9:55am GMT+08

Demystifying Machine Learning Analytics for Situational Awareness & Threat Monitoring in ICS
The ICS cybersecurity market is swirling with hot buzzwords. More than 20 startups have emerged in the ICS market in response, offering products that attempt to meet this demand. But what do  terms like “anomaly detection” and “machine learning” actually mean in the context of ICS threat monitoring? What does machine learning do and how does it work? Is it providing real value or is it yet again clever marketing? Is machine learning really even being used? If so, how can anomaly detection and machine learning enhance ICS threat monitoring? Is it really needed? What strategies, tools, and techniques can really help you with your ICS environment situational awareness and threat monitoring? Are there options for budget-constrained organizations? This session will explore how anomaly detection and machine learning work, and how they can be deployed for effective ICS situational awareness. The audience will be armed with what they need to cut through the buzzwords and confusion. Attendees will be introduced to several open source tools available that will help them learn more about passive asset identification, anomaly detection, and threat monitoring, and potentially even deploy their own “DIY” situational awareness solution.

Speakers
avatar for Clint Bodungen

Clint Bodungen

Founder & CEO, ThreatGEN
Clint is a recognized industrial cybersecurity expert, public speaker, and lead author of the book “Hacking Exposed: Industrial Control Systems”. He is a United States Air Force veteran, has been an INFOSEC (now called “cybersecurity”) professional for more than 20 years... Read More →


Wednesday April 17, 2019 9:55am - 10:30am GMT+08
Stamford Ballroom

10:45am GMT+08

TRITON Attribution: Russian Government-Owned Research Institute Built Custom Tools for Attackers
FireEye Intelligence arrived at a high confidence assessment that the TRITON attack was sponsored by a Russian Government-owned research laboratory. This talk will share  analysis to illustrate the process  followed to connect the dots. It highlights some creative research techniques and pivot points used in this analysis and will share how other organizations can use FireEye's public reporting to hunt for evidence of the same attacker.


Speakers
avatar for Yihao Lim

Yihao Lim

Senior Threat Intelligence Analyst, FireEye
Yihao Lim is a Senior Cyber Threat Intelligence Analyst at FireEye. He focuses on identifying and proactively dealing with cyber security threats for his clients in Asia Pacific. Yihao is well-versed in monitoring intelligence sources for actionable indicators/information, including... Read More →


Wednesday April 17, 2019 10:45am - 11:30am GMT+08
Stamford Ballroom

11:30am GMT+08

[Panel] ICS Incident Response or Incident Handling: A Dilemmatic Predicament
The development of an incident response strategy is often a top-down driven development process, resulting in a response strategy that is often not quickly enough to disrupt a cyber attack as much as the it would like to disrupt or destroy the ICS operations.

This panel aims to gain unbiased expertise views on the development of a pragmatic ICS incident response strategy at ground-zero; the ICS Control Room

Moderators
avatar for Thomas Quek

Thomas Quek

Principle Security Advisor, REDCON
Thomas is the MD for REDCON Pte Ltd, which is a specialist team with hybrid skillsets and experiences in both the IT & OT (Operational Technology) worlds. Thomas started out as an IT and security engineer for 8 years before joining a major industrial automation vendor for another... Read More →

Speakers
avatar for Ayman Al Issa

Ayman Al Issa

Chief Technologist | Industrial Cyber Security, Booz Allen Hamilton
Ayman Al Issa is Chief Technologist for Booz Allen Hamilton’s Industrial Cyber Security practice in the Middle East and North Africa region. Over a career which spans more than 23 years to date, Mr. Al Issa has gained vast experience in the fields of automation, information technology... Read More →
avatar for Doug Wylie

Doug Wylie

Director, Industry Practice, SANS Institute
With over 25 years of experience that spans industry, Doug is a seasoned business practitioner and certified security professional who helps companies meet their objectives for safe, secure and reliable operations while they address security risks that arise as Information Technology... Read More →
avatar for Sujith Panikkar

Sujith Panikkar

Director- Consulting (Asia Pacific), HIMA Asia Pacific
avatar for Ken Soh

Ken Soh

CIO at BH Global / CEO at Athena Dynamics, Athena Dynamics
Mr Soh has more than 28 years of working experience in the ICT industry. Prior to joining BH Global, Mr Soh held various senior positions in public and private sectors at CxO and business leader levels with Master Planning and P&L responsibilities. In BH Global, he has spearheaded... Read More →


Wednesday April 17, 2019 11:30am - 12:15pm GMT+08
Stamford Ballroom

4:50pm GMT+08

Closing Remarks
SecurityWeek's 2019 Singapore ICS Cyber Security Conference is winding down, but be sure to register for advanced training sessions on Thursday (space permitting) - See the SecurityWeek event staff to register.

Speakers
avatar for Mike Lennon

Mike Lennon

Managing Director, SecurityWeek
For more than 10 years, Mike Lennon has been closely monitoring and analyzing trends in the cyber threat landscape, and enterprise, critical infrastructure, and national security space. In his role at SecurityWeek he oversees the editorial direction of the publication and manages... Read More →


Wednesday April 17, 2019 4:50pm - 5:00pm GMT+08
Olivia Olivia (Stamford Ballroom)
 
Filter sessions
Apply filters to sessions.