Welcome and Presentation of the Congress
Samuel Linares ( Industrial Cybersecurity Center, Director )
Samuel Linares is Director at Industrial Cybersecurity Center, European Commission Independent Evaluator, ENISA (European Network and Information Security Agency) CIIP Expert and member of ISACA Cybersecurity Task Force. With 2 decades of security, system integration and multinational and multicultural projects management experience, he has been the main promoter of the “Industrial Cybersecurity” concept in Spanish, being recognized as one of the key Spanish and Latin-american experts in the area and participating as speaker, chairman and teacher in different events all over the world (including Spain, UK, USA, Belgium, Qatar, United Arab Emirates, Mexico, Cuba or Argentina, among others).
He holds various cybersecurity certifications including GICSP (Global Industrial Cyber Security Professional), CRISC (Certified in Risk and Information Systems Control), CGEIT (Certified in Governance of Enterprise IT), CISM (Certified Information Security Manager), CISA (Certified Information Security Auditor), CISSP (Certified Information Systems Security Professional), GIAC Assessing Wireless Networks (GAWN), Systems and Network Auditor (GSNA), and Google Hacking & Defense (SSP-GHD), BSI BS 25999 & BS 7799 Lead Auditor (since 2002), and several additional vendor specific technical certifications. He holds a B.S. in Computer Science from the Univ. de Oviedo and is University Specialist in Data Protection by the Colegio Universitario Escorial Maria Cristina.
Not a Target? Let me Show you Why you are Wrong
Richard Stiennon ( IT Harvest, @Cyberwar )
Richard is a technologist and industry analyst. He was an ethical hacker for PricewaterhousCoopers early in his career. Now he focuses on industry trends, global cybersecurity policy, and threatscape.
Richard Stiennon is Chief Research Analyst for IT-Harvest, the firm he founded in 2005 to cover the booming IT security industry. He is the author of Surviving Cyberwar (Government Institutes, 2010) and UP and to the RIGHT: Strategy and Tactics of Analyst Influence (IT-Harvest Press, 2012). He writes the Cyber Domain column for forbes.com and is frequently quoted as a cyber security expert in mainstream media. He advises his clients on cybersecurity strategy.
He is also the Executive Editor of securitycurrent.com and the Senior Fellow at the International Cybersecurity Dialogue. He was Chief Marketing Officer for Fortinet, Inc. and VP Threat Research at Webroot Software. Prior to that he was VP Research at Gartner, Inc. Stiennon has presented on cyber security threats and defenses in 28 countries on six continents. He is known for his iconoclastic analysis of the security industry and always challenges his audience to question accepted practices in the face of changing cyber threats. He has a B.S. in Aerospace Engineering and is writing his thesis for an MA in War in the Modern World from King’s College, London.
ICS/SCADA Security Professionals Skills and Certifications
Adrian Pauna ( ENISA, Expert in Network & Information Security- Resilience and CIIP )
Adrian Pauna is a NIS Expert at ENISA, working in the “Secure Infrastructure & Services” department. His main activity is related to the topics of ICS/SCADA security. In the previous years he managed several projects which finalized with a set of recommendations on the subject of patching, testing and ex-post analysis of SCADA systems. Previously working to ENISA, he was a member of the Romanian Governmental CERT, entity designated to prevent and respond to security incidents related to information and communications systems of the Special Telecommunications Service and its clients. He has a Master in Information Security and several certification programs followed (CISSP, CEH, ISO27001:2005 Lead Auditor).
Industrial Cyber Security in the Oil and Gas Industries: A Real Case from Colombia
Paulo Roberto Orozco Torres ( EcoPetrol, Control Systems Information Security and Telecommunications Professional )
Pablo currently works as Control Systems Information Security and Telecommunications Professional for the Transport department (VIT) of ECOPETROL. He is electrical engineer, specializes in automatic and industrial computer science and certified SCADA Security Architect.
Since 2010, he is responsible for the information security and control systems program of the VIT, where he defines and ensures compliance with control systems guidelines and implementation of controls under international standards. Additionally, he is responsible for securing the control systems communications architecture, under the principle of defense in depth.
The Dawn of Shared Situational Awareness
Chris Blask ( ICS-ISAC, Chair )
Chris Blask has a career that spans the breadth of the industrial control system cybersecurity space. From beginnings as a control system engineer he soon saw invented one of the first commercial firewall products. Joining Cisco Systems he resurrected the company’s firewall business and built it to a position of global leadership, a legacy that continues to this day. In 2006 he recognized the need for shared situational awareness to secure cyber-physical infrastructure and has been a driving force behind this effort since.
Today Mr. Blask is actively involved with a wide range of domestic and international efforts. He is Founder and CEO of ICS Cybersecurity, Inc.; Chair of the Industrial Control System Information Sharing and Analysis Center (ICS-ISAC) and adviser to several key information security firms.
Applied Cyber Defenses for Industrial Control Systems
Joel Langill ( RedHat Cyber, Industrial Cyber Security Expert )
Joel Langill is an Industrial Cyber Security Expert possessing over 30 years of field experience, and is the founder of the globally recognized website SCADAhacker.com. He brings a unique perspective to industrial security having spent over three decades deploying ICS solutions covering most major industry sectors in more than 35 countries encompassing all generations of automated control from pneumatic to cloud-based services. He has been directly involved in the specification and design of automation solutions spanning front-end engineering design, detailed design, system integration, commissioning, support and legacy system migration.
Joel currently provides a range of services to ICS end-users, system integrators, and governmental agencies worldwide. He works closely with suppliers in both consulting and R&D roles, and has developed a specialized training curriculum focused on applied ICS security. He served as co-author and technical editor for several books on industrial security. Joel serves on the Board of Directors for the Milwaukee Chapter of InfraGard, and is an ICS research focal point to numerous CERT organizations around the world.
Defending the Internet of Things
Marc Blackmer ( Cisco-Sourcefire, Industrial Security Services Director )
Marc has spent more than 15 years assisting some of the world’s top energy producers, financial institutions, and governments worldwide defend their critical assets from cyber threats.
His technical background in information technology engineering, security operations, and IT governance, risk, and compliance, brings a unique perspective to addressing the threats facing critical infrastructure today.
Panel Discussion: The Evolution of Industrial Cybersecurity
Richard Stiennon (IT Harvest), Adrian Pauna (ENISA), Chris Blask (ICS-ISAC), Joel Langill (RedHat Cyber), Marc Blackmer (Cisco-Sourcefire); Moderator: Samuel Linares (CCI)
Borrowing Security from Operations
Patrick Miller ( EnergySec, President Emeritus )
Patrick Miller has dedicated his career to the protection and defense of critical infrastructures as a trusted independent advisor. He is a Partner and Managing Principal at The Anfield Group, as well as the founder, director and president emeritus of EnergySec, a 501(c)(3) nonprofit organization focusing on information sharing, situational awareness and security workforce development. Patrick’s diverse background includes positions with regulatory agencies, private consulting firms as well as organizations in the Energy, Telecommunications and Financial Services verticals.
Protecting Ourselves Against Real Incidents with Specific Solutions for the Industrial World
David Prieto Marques / Francisco Oteiza Lacalle ( Telefónica, Project Manager / Global Product Manager in Mobile Security and Device Management )
David Prieto Marques, Project Manager, graduated as Telecommunication Engineer from Universidad Politécnica de Madrid. Security technologist specialised in cybersecurity. Ample experience in security projects from 2004, including hands-on research and development, team leadership and project management in the following topics: Cybersecurity information sharing, training and experimentation in cybersecurity, Critical information infrastructure protection, cloud security methodology and Identity and Access Control Network.
Francisco is Global Product Manager in Mobile Security and Device Management in Telefónica. Bachelor of Computer Information Systems from Zaragoza University. Most of his career has been devoted to mobile technologies, including mobile application developer, project manager, consultant and SIM/UICC technical & product specialist for M2M. It´s worth mentioning Francisco was delegate of Telefónica S.A in some Standardization Committees, such as GSMA, ETSI and oneM2M. In addition, Francisco is Bachelor Degree in History and Bachelor Degree in Anthropology from UNED.
Cyber-Physical Systems in the Industrial World
Marina Krotofil ( Hamburg University of Technology, Researcher )
Marina is a Research Assistant at Hamburg University of Technology (Germany), where she is teaching security subjects and pursuing PhD in ICS security. Marina is working on the fundamentals of the secure process control: development of process-aware risk assessment and defining process-oriented security properties. She is also modeling cyber-physical attacks on the physical processes to understand attackers’ strategies and develop detection and reaction solutions. In the course of her research career she gave talks at S4 (Digital Bond), NIST and at the industrial events.
Marina has maintained her industry-oriented research focus through collaborations with several industrial partners, participation in the EU projects and research internship at Shell in the area of process automation, control and optimization. She also worked part time an ICS Security Engineer at Compass Security AG. She holds MBA in Technology Management, MSc in Telecommunications, MSc in Information and Communication Systems.
Safety vs. Security
Evgeny Goncharov ( Kaspersky Lab, ICS Security solutions Manager )
Evgeny Goncharov was born in Voronezh, Russia, 1979, He has a Master´s degree in physics. Software development experience since 1999. 10+ years in IT Security industry. Joined Kaspersky at 2007 as a software development team lead.
Made a long journey at Kaspersky as project/service/product manager. Led Kaspersky Lab team at Sochi 2014 to protect Olympic Games infrastructure from malware and targeted attacks.
Currently responsible for ICS Security solutions at Kaspersky Lab Future Technologies.
Choose your own Adventure: The Never-Ending Race
Claudio Caracciolo ( CCI Argentina/Eleven Paths, Coordinator/ CSA )
Claudio is currently the Chief Security Ambassador for Eleven Paths in Argentina. He is founder of Root-Secure SRL, and as a consultant, he specializes in Information Security and holds various international certifications. He is the President of ISSA Argentina (2011-2013 and 2013-2015), Coordinator for the CCI in Argentina, Member of associations like ISSA International, OWASP, Usuaria, Argentina Cibersegura, Member of the academic committee of Segurinfo since 2007. Renowned speaker at multiple national and international events like TEDxUTN 2012 ( http://holename.wordpress.com/2012/07/13/tedxutn-de-las-emociones-a-las-experiencias/ ), LatinCACS 2012 and 2013, Isaca Lima Full Day, Campus Party Ec 2011, Owasp Latam Tour 2011/12 and 13, Segurinfo 2007-2013, 8dot8 (2011-2013) among other big events.
Claudio is a teacher on subjects related to Ethical Hacking, Defense Methodologies, Platform Hardering, Web security, Anti-Forensics Techniques. Passionate about Social Engineering. Together with his partners at Root-Secure he is author of “”Ethical Hacking, un enfoque metodológico”” (Ethical Hacking, a methodological approach), published by Editorial Alfaomega with ISBN-13: 978-9871609017. He co-organizes the event MS Doing Blue.
Panel Discussion: The Current Scene of Threats and Vulnerabilities in the Industrial World
Patrick Miller (EnergySec), David Prieto Marques (Telefónica), Marina Krotofil (Hamburg University of Technology), Evgeny Goncharov (Kaspersky Lab), Eric D. Knapp (Honeywell). Moderator: Ignacio Paredes (CCI)
First Day Closing Remarks
José Valiente ( CCI, Coordination and Communication )
José Valiente is manager of Coordination and Communication at the Industrial Cybersecurity Center. B.S. on Computer Science by the Universidad Pontificia of comillas, is a specialist in Security and Technology Consultancy. With more than 20 years of experience in consulting firms as Davinci Consulting and Tecnocom involved in projects related to IT and security for big companies and public enterprises he holds multiple certifications from security and IT vendors (Cisco CCNA y CCDA, System Security Mcafee, Security Specialist Juniper, Websense Certified Enginer, F5 Bigip Specialist y Radware certified security Specialist) as well as CISM from ISACA.
José is an expert in project management and has lead ISMS deployment projects for IBEX35 companies and public enterprises working with security top level teams. He has wide knowledge on ITIL and PMI and experience in providing training to industrial sectors companies and public enterprises.
Welcome and Presentation
José Valiente ( Industrial Cibersecurity Centre, Manager of Coordination and Communication )
15 in 15: 15 Real Cyber Incidents in 15 Minutes
Javier Sánchez ( OSIsoft, Senior Software Developer in Reliability and Cyber Security Champion )
Javier is a Telecommunications Engineer by the Alcalá University (Spain). He is senior developer and cyber security expert at OSIsoft, LLC. OSIsoft offers the PI System, the industry standard for business infrastructure for real time data and event management. OSIsoft´s PI System has been implemented in more than 110 countries and is being used in a wide range of sectors, such as Energy, Public Sector, Biological Science, Data Centers, Plants, and other process-based industries.
Javier leads the security aspect of software development (SDL, Security Development Lifecycle) within the access layers of the PI System, at the same time he is advisor in several os OSIsoft´s projects. He is a veteran of the Red/Blue Team in INL, CanSecWest y S4 among others and he has been developing threat modeling analysis activities, security assessments, analyzing and reducing the attack surface, fuzz testing over the past ten years. At the same time, Javier and OSIsoft´s Cyber Security team have participated and contributed to numerous R&D projects within the field of ICS.
Security Trends in the Industrial World and Solutions
María Pilar Torres Bruna ( Everis, Manager of Cybersecurity Projects )
María Pilar is currently the manager of cyber security projects at Everis Aerospace and Defense. After almost 11 years with the company, she has vast experience in large IT projects. She spent 5 years in the public sector in Spain, 3 in the public sector of the Mexican office of Everis and finally, 3 years ago, she assumed the responsibility of developing the Security division of Everis Aerospace and Defense, leveraging the services that the Everis Group already offers to small and medium-sized niche companies.
She has executed projects related to Security Master Plans, in Spain and Europe and within the company she is promoting protection campaigns against malware; privacy and personal data; the use of cyber attack simulators for training at critical infrastructures; analysis of necessary certifications for Security directors of critical infrastructures; cyber security in Smart Grids; monitoring infrastructures in networks; Finally, she is participating in several projects related to cyber security roadmaps aimed at contributing to the main European investment and innovation programs.
Treat Intelligence Applied to Industrial Control Systems
Santiago Navarro / J.Inés Gervacio ( Mnemo, Security Services Director / Industrial Cybersecurity Expert )
Santiago has more than 20 years of experience in Information Security, Cyber Security and Information Technology. During these years he has worked for important multinationals, advising leading organizations in the Financial, Administration, Telecommunications, Petrol and Energy sectors, among others, from a strategic and operational point of view.
His background covers strategy, security governance, risk and crisis management, but also the more technical side, from an operational and architecture design stand point, as well as solutions in complex environments.
He currently heads the security services division at Mnemo for EMEA, with a true vocation for innovation and high added value service development.
J. Inés is Security Researcher, holds a master´s degree in Security Engineering and Information Technologies by the National Polytechnical Institute and another one in Technology Administration by Mexico´s Universidad Nacional Autónoma.
Before joining Mnemo´s team, J. Inés Gervacio worked together with the UNAM-CERT (first CERT in Latin America). He has also participated in research projects focussed on new information security threats, security audits, development and integration of honeynets, pentesting and volnerability analysis, in both the public and the private sectors.
Currently, J. Inés is Senior Security Consultant for Mnemo, leading reasearch on Cyber Threat Intelligence and Industrial Control Systems Security.
Café / Networking
Addressing Industrial Cybersecurity in Latin America
Belisario Contreras ( OEA, Head of Cybersecurity Program )
Belisario Contreras is the Cyber Security Program Manager at the Secretariat of the Inter-American Committee against Terrorism (CICTE) of the Organization of American States (OAS). As Program Manager he provides programmatic and management support to the CICTE Secretariat in the planning, organization and execution of cyber security initiatives in the Americas including the Creation and Development of Computer Emergency Response Teams (CERTs); Provision of Technical Training; Implementation of Crisis Management Exercises; Capacity building on Industrial Control Systems (ICS), and coordinating outreach and collaboration with other international and regional organizations working on cyber issues.
Since 2007, Mr. Contreras has played a part in the growth and improvement of Computer Security Incident Response Teams (CSIRTs) in the Americas, and has worked closely with Latin American governments on the development and adoption of National Cyber Security Strategies and Policies. He has spearheaded liaison and promoted strategic partnerships between the OAS and key international actors.
Mr. Contreras is a Colombian citizen, and prior to joining the CICTE Secretariat worked at the Young American Business Trust (YABT), and he was a fellow of the Department of National Planning of Colombia in 2011. He holds a Bachelor in Business Administration from the Universidad Francisco de Paula Santander, and a Master’s Degree in Latin American Studies from the School of Foreign Service at Georgetown University.
The Security and Industrial CERT and the Protection of ICS
Miguel Rego ( INTECO, Director General )
Miguel Rego has been Director General of INTECO, the Spanish National Institute for Communications Technology, since November 2013. He holds a degree in Computer Engineering from the Pontifical University of Salamanca, and a Master’s degree in Information Systems Auditing from the Polytechnic University of Madrid. He has also undergone specialist training in Corporate Security, in Heritage Protection, and in Cryptology. He holds a Spanish Navy rank equivalent to that of Commander in English-speaking countries (NATO OF 4).
Miguel Rego’s earlier professional experiences were linked to the Spanish Ministry of Defence, where he had a long career with different roles in the area of data security. These ran from an initial post as co-ordinator and teacher in the area of management in the Spanish Navy School of Computing through to a position as head of the unit responsible for strategic planning and security policies in the area of data protection (the Inspectorate General for Computer and Telecommunication Systems).
In more recent years Miguel Rego’s professional work has been in the private sector. He has held management posts in the areas of corporate security and risk, protection of critical infrastructures, and cyber-security, among others. Specifically, prior to taking up his position as Director General of INTECO, Miguel Rego worked with major firms in the technology sector, such as Deloitte and Cableuropa (ONO).
This background has been rounded out by his active participation in academic and professional forums in the cyber-security sector.
Critical Infrastructure Protection and Industrial Cybersecurity in Spain
Fernando Sánchez ( CNPIC, Director )
Fernando is Lieutenant Colonel of the Guardia Civil (Military career) and holds a General Military Staff diploma. Previous to his current position, he performed his functions during several years in the critical infrastructure and strategic plants security area, at the Directorate General of the Guardia Civil, Operative Management Office (General Staff). He has taken various official courses at the Guardia Civil: Information Specialist , Judicial Police Specialist, etc. He holds several national decorations and speaks English, French and Italian.
He holds various MA degrees and course degrees and has been accredited as Security Director. Fernando is co-author of the book ” Marco Legal y de Gestión de la Protección de las infraestructuras Críticas en España” (Legal and Critical Infrastructure Protection Management Framework in Spain), He is also the author of several publications and articles on subject matters related to his field of expertise. He collaborates on a regular basis in courses and master´s programs on defense and security, organized by Spanish universities (UNED, Camilo José Cela, Carlos III, etc.)
In his current position, he carries out the role of coordinator of the preparation and development of the Spanish legislation on the protection of critical infrastructures (Law 8/2011, Royal Decree 704/2011 and resulting plans. He is the Spanish contact point for the European Union for everything related to the protection of critical infrastructures.
How to get Secure Remote Access to your Organization´s OT Environment
Fernando Sevillano ( Logitek, Industrial Cybersecurity Manager )
Fernando Sevillano has a degree in Economic and Business Science (1995), a Master´s degree in Business Communication Management and Research (2008) and he is a Doctor from the Superior Technical School of I.T. Engineering (ETSII) of the Rey Juan Carlos University in Madrid (2010). His thesis with a Doctoral Thesis on real time corporate management. He has also done several modules of the CPIM (Certified in Process and Inventory Management) from APICS and managerial competences courses at EADA Business School.
With almost 20 years of experience, his professional career has developed in the sphere of IT, in particular, in the area of corporate management solutions (ERP, BI, CRM) and industrial management (SCADA, MES, energy efficiency, industrial Cloud Computing, etc).
Currently, Fernando works at the Logitek´s Madrid office, as Industrial Cybersecurity Manager. As such, he is responsible for developing this business area.
Developing Cybersecurity Strategies through Operational Solutions in the Industrial World
Jorge Pasamón Hernando ( PWC, Senior Manager Tecnological Risks )
Senior Manager of the Tecnological Risks department of PWC. He has more than 14 years of experience in IT Security consulting and specializes in the energy sector, and has executed projects in different securtity environments within the main national and international companies. Jorge holds several security certifications, such as CISSP, CISM, CISA y CSSLP.
Addressing the Vulnerabilities of Industrial Systems
Colin Blou ( Waterfall, Vice President Sales US and EU )
Colin Blou is the VP Sales NA and EU at Waterfall Security Solutions. His main focus of activities is within the Critical National Infrastructure sector, with particular interests in the electric utility and the oil and gas markets. Colin was instrumental in implementing unidirectional connectivity as the primary electronic perimeter security in over 50% of the current 66 commercial nuclear operating power plants in the United States. In addition, he initiated the recent installations of Waterfall’s unidirectional connectivity platform at both off-shore and on-shore O&G facilities. Colin has a BA Economics from the University of the Witwatersrand and MA Politics from the Hebrew University.
Towards Early Detection of Advanced Threats in the Industrial World
Javier Zubieta ( GMV, Business Development Manager for Information Security )
As a 19 years of experienced information security practitioner, Javier has been leading different departments at several Spanish security services providers, heading the Business Development Management at GMV, Unitronics and SIA, performing strategic security analysis at CERN and spreading security knowledge at Universidad Camilo José Cela in Madrid. Javier is BsC in Computer Science by Universidad Politécnica de Madrid and Private Security Director by UNED and currently he is defining and leading GMV business development strategy regarding CIIP and IACS Cybersecurity.
Ongoing and Advanced Monitoring of the Cybersecurity in Industrial Infrastructures
Filippo Cassini ( Fortinet, Vice President of Systems Engineering EMEA/ APAC )
Filippo Cassini is Vice President of systems engineering for the EMEA and APAC at Fortinet. He has more than a decade of experience in the network security industry, with an extensive expertise in product development and consulting. Since 2005, Cassini has been managing Fortinet’s consulting teams dedicated to large enterprises and ISPs. He previously held various engineering positions in EMEA for Fortinet and Alasso, a formerly leading pan-European security distributor.
The Practical Approach for Protecting the Critical Infrastructures from Emerging Cyber Threats
Ayman Al-Issa ( Booz Allen Hamilton, Chief Technologist – Industrial Cyber Security (MENA) )
Ayman has over 20 years of experience in the fields of Automation, Information Technology, and Cyber Security. He has graduated with a Bachelor’s degree in Electronics Engineering and verse in different backgrounds like industrial control systems, systems engineering, and building cyber security strategies, designs and models. Ayman has a wide-ranging experience in protecting critical infrastructures, and he is an information contributor to the ISA99/IEC62443 international standard and currently the Co-Chairman of Workgroup1 .
Ayman is currently the CCI Chief Technology Advisor in the Middle East and Asia, and he is an energetic member in the Cyber Security advisory boards of a number of the top worldwide universities that are exploiting researches for improving industrial cyber security, and he is an active member in different international Security Innovation Alliances that are focused in a worldwide program for improving the security of industrial control systems by the close collaboration of the leading IT Security vendors and leading industrial automation and control system vendors. Realizing that security measures are always behind the emerging cyber risks, he developed an ICS defense-in-depth industrial cyber security model that aims to early detection of threats based on security-through-vision-and-integration.
Panel Discussion: Vulnerabilities and Protection Technologies in the Industrial World
Maria Pilar Torres (Everis), Thiber, Cesar Tascón (PWC), Javier Zubieta (GMV), Filippo Cassini (Fortinet); Moderator: Ignacio Paredes (CCI)
The Perception of the Industrial Organizations: And now? (Conclusions, Lessons Learned, Next Steps…)
Pending confirmation: EcoPetrol, Gas Natural, Iberdrola, Inditex, José Luis Vega Pardo (CAPSA), Ayman Al-Issa (Booz Allen Hamilton) Moderator: José Valiente (CCI)
Congress Closing Remarks
Samuel Linares ( Industrial Cibersecurity Centre, Director )