Welcome and CCI experiences 2022
José Valiente - CCI Director
José Valiente is Director of the Industrial Cybersecurity Center. Specialist in Technology and Security consulting. He has more than 20 years of experience working in large consulting firms, in which he has developed his professional career both in the field of information technology and in the industrial automation sector. He has participated in more than a dozen publications on industrial cybersecurity, as well as in multiple congresses, events and courses specialized in cybersecurity. He currently holds multiple certifications in IT and security vendor solutions, as well as CISM professional certifications from ISACA and Global Industrial Cyber Security Professional (GICSP) from GIAC.
PANEL: Cybersecurity experiences in the supply chain of new industrial projects.
Mary Vargas (Ecuador Electric Corporation - CELEC EP), Francisco Gallego (MIGASA) and Mario Oliva (CAF)
Cybersecurity oriented to business continuity - FORTINET
Antonio Navarrete (Systems Engineer - Fortinet) and Agustín Valencia (Head of OT Security Business Development - Fortinet)
Antonio Navarrete is a technical engineer in computer systems with more than 20 years of experience. The last 15 years focused on industrial cybersecurity. At Fortinet, he currently leads the technical expertise for this area in Iberia, advising clients on best practices and related solutions.
Agustín Valencia is an Industrial Engineer from ICAI, with additional training in different areas such as Maintenance Management, BWR Nuclear Technology and more recently Director of Security, Master of Computer Security and CISM. With more than 20 years of experience, he has covered all areas of the world of energy, from Engineering to Operation and Maintenance in combined cycle and nuclear power plants to relevant sectors such as Renewables, Smartgrids or electric vehicles, and has participated in working groups of the World Economic Forum.
Since 2011, responsible for cybersecurity in the nuclear sector. Leading the development of plans and analysis of cybersecurity risks in critical infrastructures in accordance with the PIC Law. Also as Head of Engineering for instrumentation and control and cybersecurity projects, modernizing distributed control platforms and introducing cybersecurity from design or redesigning network architectures and control systems focused on hardening, network segmentation, whitelisting and SIEM-IDS on security systems of the main manufacturers (GE, Honeywell, Schneider-Electric, etc). Currently, Head of OT Security Business Development at Fortinet.
Additionally, Agustín participates in various activities as a professor at the CCI Professional School, Professor in the Cybersecurity Master at the Universidad Pontificia de Comillas, Collaborator of the ISA99 and Top 20 Secure PLC Coding Practices Committees.
Security by Design: Excuses and Reasons. Common arguments why cybersecurity is not adequately considered in the design of industrial infrastructures and how to dismantle them.
Ignacio Paredes (Iberia Cyber Physical Security Lead) - ACCENTURE
Ignacio Paredes started working in cybersecurity in the late nineties. During his career he designed and deployed, for companies in multiple industrial sectors, cybersecurity architectures including topics such as applications security, secure network design, critical infrastructure protection, ethical hacking, business continuity planning, implementation of ISO/27001 based ISMS and risk assessment and management. During the last decade, he has been focused on cybersecurity for Industrial Control Systems and has developed innovative methodologies and techniques to conduct, efficiently and securely, cybersecurity assessment in mission critical environments.
Coffee Break / Networking
Experience incorporating cybersecurity into design
Søren Egede Knudsen - CCI Coordinator for Denmark
Søren Egede Knudsen is a senior cyber security consultant with more than 25 years of experience in computer networking and cyber security. Søren began his professional work with IBM 3270 systems in 1991 and IT network and cyber security since 1993. Since 2009, Søren has worked in ICS/OT cyber security and today is considered a cyber security expert in the ICS/OT environment. OT and has been involved in many large and complex projects internationally within their fields.
In addition to working as a senior consultant and subject matter expert in ICS/OT Cybersecurity, Søren is an international public speaker at ICS/OT cybersecurity conferences.
Søren’s specialty, aside from technical areas, is leadership communication and how to present cyber security information to management. Søren has worked as chief technology officer for Ezenta, a security company in Denmark, as well as chief advisor to the Danish Energy Agency, in addition to consulting work. Søren is today CCIE and GIAC GRID certified, as well as an MBA from Henley in the UK.
IEC62443 in PLCs with open architecture
Ramón Quirós ( Phoenix Contact, Product Manager Automation Systems and Automation Infrastructure)
Ramón Quirós is a product manager in control and communications systems at Phoenix Contact. Specialized in functional safety (Safety Relays, Configurable Safety modules, Safe I/Os,…), HMIs and Industrial PCs, industrial communication technology (Industrial Ethernet, Remote Communication, Wireless…) and cybersecurity.
Experience in secure IoT solutions in the industrial plant - AXIANS
David Rodríguez Jerez - Industry and Energy Business Development Manager
Currently, David belongs to the Innovation department of Axians, specialized in industrial technologies and IoT. David has worked in the IT environment for more than 25 years in different System Integrators and manufacturers as a Field Engineer, Presales Engineer and BU Manager. Specialist in networks communications and cybersecurity solutions. He is currently Business Manager of the Industry vertical working on Hyperconnectivity, Cybersecurity and IoT solutions as fundamental bases for the development of Industrial digitalization and Industry 4.0 processes.
What would happen if...? - TREND MICRO
Raúl Nuñez (Presales Engineer at Trend Micro)
Raúl Nuñez worked as pre-sales at Arrow for 9 years for manufacturers such as Fortinet, CheckPoint, Radware, Allot, TippingPOint, Arcsight,….
For 2 years he worked at Telefónica as a SIEM service specialist managing and carrying out projects for SIEM solutions from Arcsight, McAfee and Alienvault
For 6 years he has been working as a presales engineer at Trend Micro, specializing in the last two and a half years in protecting critical environments
Introducing cybersecurity in engineering and design: keys from experience - S2GRUPO
Vicent is an Industrial Engineer from the Polytechnic University of Valencia, Valencia (Spain).
He is currently the Coordinator of the project team in the Industry area at S2 Grupo.
Previously, he has worked providing support for the entire global O&M structure. of wind technology
of Enel Green Power, S.A. as well as managing the O&M in thermal technology generation facilities
(biomass, biogas and cogeneration) owned by Enel Green Power Spain
Secure Network Architectures - CCI
Incorporating Industrial Cybersecurity in Upstream Operation Technologies - YPF
Cristian Pavesi (Head of Cybersecurity Projects OT YPF S.A.), Emanuel Godoy (Manager Cybersecurity OT Upstream - AESA – YPF S.A.) and Ing. Castillo, Javier Fernando (Manager of Industrial Cybersecurity and Critical Infrastructures, YPF S.A)
University Expert in Information Security, National Technological University of Buenos Aires
Postgraduate in Data Networks, Mendoza National Technological University
Ethical Hacking, ARPAC Institute Buenos Aires
Wireless Hacking, ARPAC Institute Buenos Aires
Computer Forensics, ARPAC Institute Buenos Aires
Linux System Administrator, Mendoza National Technological University
I currently work as Project Manager in Cybersecurity within Upstream Operation Technologies.
Mainly creating and monitoring the maturity improvement plan according to C2M2. Generation of procedures, guides and documentation to improve/implement the response to Industrial cyber risks. Education and training with best practices and information on cybersecurity for operational personnel. Coordination and execution of Cyber Risk Studies in Industrial Systems.
Specialist in Automation, Control, Telemetry and Communications with more than 20 years of experience in the Oil & Gas sector.
Electronic Engineering, UTN Mendoza
Functional Safety Engineer, TUV (IEC 61511:2016)
Currently Regional Manager of Cybersecurity OT Upstream at AESA – YPF. Mainly creating and monitoring the maturity improvement plan according to C2M2.
Generation of procedures, guides and documentation to improve/implement the response to Industrial cyber risks. Education and training with best practices and information on cybersecurity for operational personnel.
Ing. Castillo, Javier Fernando:
Professional expert in Industrial Cybersecurity with demonstrable work experience in the Oil & Gas and Electric Power industry. Skills in Business Processes, Management of Distributed Multidisciplinary Teams, Enterprise Risk Management, Internal Audit, ITIL methodology, Norms and standards ISO 27001, ISA99/IEC62443, NERC-CIP, AGA, TSA and NIST800-82. Engineering professional with multiple international certifications in industrial networks, industrial cybersecurity and risk analysis. Recognition of the trajectory and commitment to Industrial Cybersecurity Professional Category Black Level – CCI Madrid, Spain. Cisco Industrial Networking Specialist, participation in national and international organizations, Information Member of ISA99/IEC62443 Committee, President of the Cybersecurity Group of ARPEL (Regional Association of Companies in the Oil, Gas and Biofuels Sector in Latin America and the Caribbean) – November 2017; Member of the Geotechnology and Informatics Commission of the Argentine Institute of Oil and Gas, participation in events of the Cybersecurity track commission, participation in Knowledge Teams of the Industrial Cybersecurity Center – Madrid, Spain – March 2018
PANEL: Experiences managing the risk and response to industrial cybersecurity incidents
Agustín Valencia (CCI Expert), Edorta Echave (CCI Coordinator for the Basque Country) and Javier Diéguez (BCSC- Basque Cybersecurity Centre)
Experiences from the field on the protection of OT networks - STORMSHIELD
Gabriele Minniti - Cybersecurity Expert & CEO (CyberSecurity SRL)
Gabriele Minniti has wide professional experience in IT and Cybersecurity since end of 1998 (including top cybersecurity vendors). Strong technical background combined with business vision. Current mission as CEO of WhySecurity is to combine the deep knowledge of the team, the great skill set in delivery, the business vision and address that to the market in the following areas: Network Infrastructures, Network Security, Information Security, Information Data management, Managed Security Services and Intelligence.
A practical and achievable approach to managing risk and achieving goals - HEXAGON
Edgardo Moreno, Industrial Consultant at Hexagon ALI Division
Edgardo Moreno has:
Certified Information System Security Professional (ISC2)
Global Industrial Cyber Security Professional (GIAC)
Experience in industrial safety and operational technology
Experience in alarm system management and process control
Process safety experience
Industrial SOC – Incident Response - ROCKWELL AUTOMATION
Joan Rius Funes - Field Business Leader Network and Security Services EMEA
Joan has a background in industrial engineering, joining Allen-Bradley (Rockwell Automation today) in October 1989, therefore almost 32 years of experience, of which approximately half in support and technical training of products and technologies of control, communications and software and the other half as commercial manager for the services area. Specialized in modernization projects due to obsolescence, Safety machinery services and Connected Services.
A long way from the control technologies, but quickly to the communications ones, between which living different stages due to the important technological revolutions in the OT field in this long period.
Already fully incorporated into the European group of Industrial Networks and Cybersecurity specialists and working alongside the team, already fully Rockwell Automation as of October 1, 2021, from Oylo.
Industrial cybersecurity awareness
Kerry Tomlinson - Ampere News
Cyber news reporter who works to help people stay smarter and safer online. She has worked for three decades as a television news reporter, often including undercover investigating crimes; He has won multiple Emmy Awards and other local, regional and journalism nationals. Currently traveling the world in search of creative and compelling ways to make people aware of what is happening in the digital world and how it affects them. has reported since Russia, Philippines, Spain, Denmark, Turkey, Argentina, Colombia and many other countries. Kerry has put launched new news programs, initiatives and research units during his professional career and has recently launched a new online cyber news space called Ampere News.
OT&IoT Security Monitoring – From monitoring technology to service managed by the SOC - TELEFONICA
Vicente Segura (Head of OT and IoT Security at Telefónica)
Vicente Segura is Telecommunications engineer with 20 years of experience in cybersecurity, during which time he has held different positions in different departments, which has allowed him to gain experience from multiple angles, from security consulting and innovation, to product development, both for residential and business customers. He currently leads the industrial security product area and for the internet of things.
Vicente is a senior telecommunications engineer and also has a degree in Business Administration and Management and the CISSP security certification.
Industrial cyber threat landscape in Spain and LATAM - KASPERSKY
Marco Di Costanzo - Security Researcher (Kaspersky Lab ICS CERT)
Marco Di Costanzo is addicted to information security, in particular to cyberwarfare and threat intelligence. He works in Kaspersky as a security researcher in the ICS CERT, researching and studying industrial focused APT attacks. Marco previously studied computer and automation engineering and cybersecurity. He worked in the telecommunications sector focused on government attack and in the Oil & Gas sector, gaining more than 5 years of experience.
He regularly participates in cybersecurity events. Member of some multidisciplinary communities, in his free time he is carrying out activities of mentorship, networking, interviews with experts and debates to share perspectives and experiences.
Industrial cybersecurity. What does the industrial sector need? The Insud Pharma case - ENTELGY INNOTEC SECURITY
Alejandro Villar (Cybersecurity Director Entelgy Innotec) and Javier Garcia Tomillo (Cybersecurity Manager at Insud Pharma)
Alejandro Villar is an Information Systems Engineer. Among his functions, he was responsible for Systems (regional CIO), to later take on the role of global CISO of one of the most important industrial companies in the energy sector (Repsol). He led the company’s IT cybersecurity strategy and operation and launched one of the most relevant industrial cybersecurity programs in the industrial sector.
Javier Garcia Tomillo:
Javier García is a Senior Computer Engineer with more than 10 years of experience. Additionally, he has a Master’s Degree in Information and Communications Security from the European University of Madrid and CISM, CEH and NSE4 certifications. He currently leads the Cybersecurity department of Insud Pharma, a pharmaceutical company with a presence in more than 40 countries. Responsible for aligning the company’s industrial environment with the IEC 62443 standard. Previously, he worked at OHL Concesiones as Development Security Manager and Resilience & Recovery Manager.
Cyber Explorers. Experience investigating a cybersecurity incident (based on ESCIM)
Claudio Caracciolo - Head of Platforms, Innovation and Talent and General Coordinator of the Industrial Cybersecurity Center for Latam CCI
He is responsible for Platforms, Innovation and Talent.
In addition to:
General Coordinator for LATAM of the Center for Industrial Cybersecurity (CCI-Es.org).
Chief Data Officer (CDO) of Auravant.
Specialist Consultant in Information Security passionate about Social Engineering, Industrial Cyber Security and CarHacking.
Professor in the Diploma in Management and Cybersecurity Strategy at UCEMA.
Professor in the Postgraduate course in Cybercrime of the Faculty of Law of the U.B.A.
Professor at the Ekoparty HackAcademy.
Academic Chair of the 8dot8.org conference
Academic President of the Cyber Security conference organized by Forum.
He has been Team Leader of the Chief Security Ambassadors team and of the LATAM Innovation Office and Laboratory, of ElevenPaths
Diagnosis of Cybersecurity in Industrial Digitization
PANEL Experiences of Innovation in Industrial cybersecurity
Ana Ayerbe (TECNALIA), Juan Caubet (EURECAT), Søren Egede Knudsen (CCI Denmark) and Can Demirel (CCI Turkey) - CCI Moderator
Siemens Defense: Extended Managed Detection and Response - SIEMENS
OT Government: Real case of a European automotive cyber OT project - NTT DATA
Alejandro Alonso Rodriguez; - OT cybersecurity consultant at NTT DATA
Telecommunications Engineer and with a Master in cybersecurity. With experience in the field of IT and OT cybersecurity in both the Blue Team and Red Team fields. His certifications include Prince2 project manager, Nozomi Certified Engineer, ISO 27001 Lead Auditor and CCNA Cyberops. He is currently an OT cybersecurity consultant and trainer at NTT DATA where he has accumulated experience in strategic and technical consulting for critical infrastructures and the implementation and validation of security solutions.
COFFEE BREAK / Networking
Industrial Cybersecurity: Innovation in Cyberattack versus Innovation in Protection
Patrick Miller - CCI US Coordinator and CEO of Ampere Industrial Security
Patrick Miller shares more than 35 years of IT/OT experience through his consulting services as an independent security and regulatory advisor to the critical infrastructure and key resource sectors. He is currently the CEO of Ampere Industrial Security, an industrial security consultancy based in Portland, Oregon, USA. Patrick is also the founder, chairman emeritus, and currently a member of the board of directors of the Energy Sector Security Consortium, Inc. ( EnergySec), a 501(c)(3) nonprofit organization in Portland. He is CCI coordinator for the USA.
Modeling of Catastrophic Cyber Events in Industrial Environments. Impact on Portfolio Risk Accumulation - DENEXUS
Romy Rodriguez-Ravines is the Bayesian Modeling Specialist in DeNexus. She has more than 20 years of experience in Business Consulting based on Advanced Analytics. She is skilled in transforming data into actionable knowledge for decision-making. Her fields of expertise include Machine Learning, Artificial Intelligence, Business Intelligence, Econometrics, and Bayesian Statistics. Dr. Sc. in Statistics from Federal University of Rio de Janeiro (UFRJ, Brazil), author of articles in scientific journals, and lecturer at universities and Business Schools.
Evolution of Cybersecurity in an electricity company - DELOITTE
Nitin Dadlani Sadhwani (OT Cybersecurity Manager – Deloitte) & Mario Castro Fernández (Head of the Telecommunications Department / Head of Cybersecurity OT of Red Eléctrica)
Mario Castro Fernández – Head of the Telecommunications Department / Head of Cybersecurity OT of Red Eléctrica is Telecommunications Engineer from the University of Vigo, with more than 20 years of experience in the Telco and Electrical sectors. He is currently the Head of the Telecommunications Department of Red Eléctrica (TSO of Spain), a company considered critical infrastructure, where he has worked for “Teleco” and “Eléctrico”, combining the two worlds.
Throughout his professional career, he has played with cybersecurity since 2007, and in recent years, he has been the OT Cybersecurity Manager of the Red Eléctrica de Transporte.
Nitin Dadlani Sadhwani – OT Cybersecurity Manager – Deloitte is Telematics Engineer and Master in Cybersecurity from the Carlos III University of Madrid, with more than 7 years of experience in the area of infrastructure protection and focused on industrial environments. Currently, he is the manager responsible for projects for OT/IoT environments at Deloitte Spain and throughout his professional career he has focused on reviewing OT/IoT environments, defining security architectures and deploying specific protection and monitoring technology.
Homomorphic cryptography applied to the industrial context - TECNALIA
Iñaki Seco Aguirre (Blockchain and Privacy Preserving Researcher - Tecnalia)
Iñaki Seco Aguirre has studied the Degree in Engineering in Telecommunications Technologies, with a mention in Telematics, at the ESIDE faculty of the University of Deusto, and has a Master’s degree in Telecommunications Engineering from the Open University of Catalonia. In addition, he is currently developing a doctoral thesis as a student of the TICRM doctoral program at the University of the Basque Country. He is part of the team of researchers and developers of the CORE of Cybersecurity & DLTs, in the DIGITAL unit at the Tecnalia Research & Innovation research center. During his work experience, he has collaborated in various research projects, both national and international, related to cybersecurity, distributed networks, blockchain, advanced cryptography and secure data exploitation.
When intelligence is conspicuous by its absence, and other stories of [ho] errors in CTI on OT environments - CAPGEMINI
Andrés de Benito (Head of Cybersecurity at Capgemini Spain) and Adrián Crespo (Cybersecurity Manager at Capgemini)
Andrés de Benito – He is responsible for promoting market positioning and achieving business results for cybersecurity in Spain. He engages with clients in strategic discussions to provide industry-best cybersecurity and guidance to maximize the client’s long-term business goals.
Adrián Crespo – He is currently Cybersecurity Manager at Capgemini.