XII International Congress of Industrial Cybersecurity in Latin America, celebrated on June 5 and 6, 2019

June 5-6, 2019

As a fundamental part of its activity, the Industrial Cybersecurity Center (CCI) celebrated its XII International Congress of Industrial Cybersecurity, in Latin America, one of the reference events for the European market, and a meeting point and exchange of knowledge, experiences and relationships of all the actors involved in this field.

The focus of this year’s congress was very practical, based on real application cases, aimed in particular at OT professionals, industrial manufacturers, cybersecurity, engineering, consultants, integrators, end users and critical infrastructure operators to discuss their different perceptions of the reality that today is Industrial Cybersecurity sharing knowledge and experiences.

Agenda

Schedule

  • 05/06/2019
    Welcome and Presentation of the Congress
    José Valiente ( Centro de Ciberseguridad Industrial, Director )

    José Valiente is Director and Head of Coordination and Communication of the Centro de Ciberseguridad Industrial (Industrial Cybersecurity Center). Specialist in Technological and Security consulting. He has more than 20 years of experience working in large consulting firms, where he has developed his professional career both in the field of information technology and in the industrial automation sector. He has participated in more than a dozen publications on industrial cybersecurity, as well as in multiple congresses, events and courses specialized in cybersecurity. Currently, he has multiple certifications in solutions for security and IT manufacturers, as well as the professional certifications CISM of ISACA and Global Industrial Cyber Security Professional (GICSP) of GIAC.

  • 05/06/2019
    State of Industrial Cybersecurity in Latin America
    Diego Zuluaga ( Centro de Ciberseguridad Industrial, Coordinator )

    Diego has worked for more than 15 years in information technology, 12 of them in the information security zones, since 2001, he has been working as a specialist in information security (the same tasks as CISO) in ISAGEN SAESP, where is responsible for all information security practices based on the ISO 27000 series. He is currently involved in the group that is making the regulation of cybersecurity for the electrical sector of my country based in NERC CIP and since 1999 he participates in the creation of programs for the development of courses on information security.

  • 05/06/2019
    Panel to share: Advances of Industrial Cybersecurity in Latin America, the United States and Europe
    Susana Asensio, Claudio Caracciolo, Patrick Miller ( Experts )

     

     

     

     

  • 05/06/2019
    Panel to share: Cybersecurity initiatives and protection of critical infrastructures in Colombia
    Representatives ( Government of Colombia )

     

     

     

     

  • 05/06/2019
    Experiences testing industrial environments: Red Team ICS
    Enrique Domínguez ( Entelgy Innotec Security, Strategic Director - Cybersecurity )

    Computer Engineer from the University of Zaragoza and MBA from ESADE. He currently leads the practice He has developed his career in the field of consulting, specializing in cybersecurity management in international areas and business continuity, leading reference projects in major entities and IBEX35 in Spain, Turkey or the United States. He is professionally certified as CISSP by (ISC) 2, CISM and CISA by ISACA and ISO 27001 Lead Auditor by BSI.

     

  • 05/06/2019
    Threat landscape for industrial automation systems. H2 2018
    Anton Shipulin ( Kaspersky Lab, CIP Business Development )
    Specialist in information security since 2005 with experience in the areas of architecture, integration and operation of the cyber security system, cyber security audit, consulting and project management, ICS Security Global Market and Technologies intelligence and analysis, as well as development of industrial cyber security business.
    He is currently coordinator of the Kaspersky Industrial Cyber ​​Security conference and program director. Member of the Russian National Committee of B5.2 / D2 of the CIGRE Working Group “Protection and Automation of Cybersecurity”. Co-founder of the Russian cybersecurity community ICS / SCADA RUSCADASEC.com.
    Passionate about industrial cybersecurity and the protection of critical infrastructure, the exchange of knowledge and information with multiple certifications such as SCADA Security Architect Certification (CSSA), Information Systems Security Professional Certification (CISSP), Ethical Hacker Certification (CEH), Microsoft System Engineer Certification (MCSE): Security Certification, Linux Professional Institute Level 1 (LPIC-I), CompTIA Project + Professional Certification.
  • 05/06/2019
    Panel to share: Experiences with cybersecurity technologies in industrial environments
    Industrial Organizations and Suppliers ( Cybersecurity managers )

     

     

     

     

  • 05/06/2019
    Cybersecurity, the foundation for a successful digital transformation
    Juan Carlos Cocunubo ( Everis, Cybersecurity Manager )

    Professional in systems and computer engineering (Universidad de los Andes), CISA, CISSP, ITIL. Extensive experience in issues related to information security management systems, audits in security and information systems, management of business continuity plans and DRP, IT risk management, implementation of compliance regulations of various sectors such as Financial, Oil & Gas and Real, and risk management in critical infrastructures.

     

     

  • 05/06/2019
    Experiences incorporating cybersecurity in the design of an industrial project
    José Valiente ( Centro de Ciberseguridad Industrial, Director )

    José Valiente is Director and Head of Coordination and Communication of the Industrial Cybersecurity Center. Specialist in Technological and Security Consulting. He has more than 20 years of experience working in large consultancies, where he has developed his professional career both in the field of information technology and in the industrial automation sector. He has participated in more than a dozen publications on industrial cybersecurity, as well as in multiple congresses, events and courses specialized in cybersecurity. Currently, he has multiple certifications in solutions for security and IT manufacturers, as well as the professional certifications CISM of ISACA and Global Industrial Cyber Security Professional (GICS) of GIAC.

  • 05/06/2019
    Security in convergence of IT and OT networks
    Ana María Fuentes ( Fortinet, Principal SE Industry sector )
    Electronic Engineer, with 10 years of experience in presales, consulting, implementation, support and administration of IT security solutions. Principal SE Indutria Sector in Fortinet Colombia (4 years), with experience in assurance projects in IT and OT networks of the oil, manufacturing, public service companies and in general in companies of the industry and commerce sector in Colombia.
    Certified in:
    – Certified Ethical Hacking (CEH)
    – ISO 27001 – Information Security Management Systems
    – ISO 22301 – Business Continuity Management Systems
    – Network Security Expert 4
  • 06/06/2019
    Presentation of the day
    Susana Asensio ( Centro de Ciberseguridad Industrial, Director of the CCI School )

    Susana Asensio is the General Coordinator of Europe, Member of the Board of Directors, Director of the Professional School of Industrial Cybersecurity, and Project Manager at the Industrial Cybersecurity Center. Graduated in Software Engineering, and Technical Engineer in Management Computing, both from the Polytechnic University of Madrid (UPM), Susana is a specialist in research and development projects in security and technology. He has a postgraduate degree as Specialist in Promotion and Management of Projects and International Actions of R + D + i by the UPM. After working as a researcher in Information Technology (IT) at UPM, she has been, during the last years, and prior to her incorporation to CCI, combining the management of IT security projects, and the coordination of various IT security groups in the Multisectorial Association of Companies of Electronics, Information and Communication Technologies, Telecommunications and Digital Content (AMETIC).

  • 06/06/2019
    Safety & Security
    Patrick Miller ( Centro de Ciberseguridad Industrial, Coordinator )

    Patrick Miller is one of 20 Forbes cyber policy experts to follow on Twitter and one of the 50 smart grid pioneers of smart grid in 2015. Today he is a trusted independent advisor dedicated to the protection and defense of critical infrastructure throughout the world. He is currently a managing partner of Archer Energy Solutions, as well as founder, director and president emeritus of EnergySec, a 501 (c) (3) nonprofit focused on the exchange of information, situational awareness and staff development of security for the energy industry. Patrick’s experience extends to the Government, Telecommunications, Financial and Vertical Energy Services, within the key positions with the regulatory bodies, the owners of useful assets and private consulting companies.

  • 06/06/2019
    Experience in industrial cybersecurity solutions
    Ernesto Landa ( Centro de Ciberseguridad Industrial, CCI )
    Systems Engineer Titled by the University of Lima (Peru) with more than 10 years of experience in Information Technology and Telecommunications in the Energy Sector and Hydrocarbons. Specialist in Information Security and Cybersecurity in Critical Infrastructures, he is an active member of the Industrial Cybersecurity Committee of the Regional Association of Companies in the Oil, Gas and Biofuels Sector of Latin America and the Caribbean (ARPEL). He is ISO 27001: 20013 Auditor accredited by The International Register of Certified Auditors (IRCA), and holds international certifications such as Project Manager Professional (PMI), ISO 27001: 2013 Internal Auditor and ISMS ISO27001: 2013 Implementer.
    He currently leads the Information Security Area of Compañía Operadora de Gas el Amazonas (COGA), a company specialized in the management, operation and maintenance of infrastructures in the energy sector.
  • 06/06/2019
    Industrial Cybersecurity Operations Center: lessons learned
    Enrique Fenollosa Romero ( S2 Grupo, General Manager for South America )
    Enrique Fenollosa Romero, Gerente General de S2 Grupo para Sudamérica, Ingeniero Superior de Telecomunicación y Executive MBA por el Instituto de Empresa (Madrid), ponente habitual en temáticas relacionadas con la ciberseguridad industrial, profesor de maestrías y cursos postgrado.
    Experto en Ciberseguridad, con más de 20 años de experiencia profesional gerenciando diversas empresas del ámbito de la seguridad de la información e infraestructuras críticas, con trabajos desarrollados en distintos países, tanto en el seno de multinacionales, como en el del emprendimiento personal.
  • 06/06/2019
    Risks in ICS/SCADA
    Edwin Walteros ( Leader in Indra's Cybersecurity, Minsait in Colombia )

    Systems Engineer and Network Security Specialist. He is part of the Cybersecurity team in OT as a consultant in tests for industrial networks. He has more than 10 years of experience in Information Security, Vulnerability Management, Ethical Hacking and Forensic Analysis in different IT / OT environments for national critical infrastructures. He has been certified as Certified SCADA Security Architect (CSSA), Computer Hacking Forensic Investigator (CHFI), Certified Ethical Hacker (CEH) and Internal Auditor ISO27000: 2013.

     

     

  • 06/06/2019
    Panel to share: The Industrial Cybersecurity budget
    Industrial Cybersecurity ( Responsible )

     

     

     

     

Ponentes

Speakers

  • Susana Asensio
    Director of the CCI School
    Centro de Ciberseguridad Industrial

    Susana Asensio is the General Coordinator of Europe, Member of the Board of Directors, Director of the Professional School of Industrial Cybersecurity, and Project Manager at the Industrial Cybersecurity Center. Graduated in Software Engineering, and Technical Engineer in Management Computing, both from the Polytechnic University of Madrid (UPM), Susana is a specialist in research and development projects in security and technology. He has a postgraduate degree as Specialist in Promotion and Management of Projects and International Actions of R + D + i by the UPM. After working as a researcher in Information Technology (IT) at UPM, she has been, during the last years, and prior to her incorporation to CCI, combining the management of IT security projects, and the coordination of various IT security groups in the Multisectorial Association of Companies of Electronics, Information and Communication Technologies, Telecommunications and Digital Content (AMETIC).

  • Hernando Bello
    ICS / SCADA Specialist in Indra's Cybersecurity, Minsait in Colombia
    Indra

    Telecommunications Engineer and specialist in Industrial Control and Instrumentation with more than 10 years of experience in the process automation sector in oil companies. He is part of the Cybersecurity team in OT as a consultant in tests for industrial networks. He has experience in ICS / SCADA maintenance, design and implementation of industrial networks, management of instrumentation projects and advanced control. He has participated in the development and deployment of industrial cybersecurity programs in several national critical infrastructures.

  • Claudio Caracciolo
    General Coordinator of Latin America
    Centro de Ciberseguridad Industrial

    General Coordinator of LATAM of CCI. Specialist Consultant in Information Security with international certifications. Professor of Forensic Computing at the Higher Institute of Public Security (ISSP). Member of associations related to the environment such as: ISSA International, OWASP, Usuaria, Argentina Cibersegura, Member of the academic committee of Segurinfo from 2007 to the present. Speaker in a large number of national and international events and instructor on topics related to Ethical Hacking, Defense Methodologies, Platform Harder, Web Security, Anti-Forensic Techniques.

  • Juan Carlos Cocunubo
    Cybersecurity Manager
    Everis

    Professional in systems and computer engineering (Universidad de los Andes), CISA, CISSP, ITIL. Extensive experience in issues related to information security management systems, audits in security and information systems, management of business continuity plans and DRP, IT risk management, implementation of compliance regulations of various sectors such as Financial, Oil & Gas and Real, and risk management in critical infrastructures.

  • Enrique Domínguez
    Strategic Director - Cybersecurity
    Entelgy Innotec Security

    Computer Engineer from the University of Zaragoza and MBA from ESADE. He currently leads the practice He has developed his career in the field of consulting, specializing in cybersecurity management in international areas and business continuity, leading reference projects in major entities and IBEX35 in Spain, Turkey or the United States. He is professionally certified as CISSP by (ISC) 2, CISM and CISA by ISACA and ISO 27001 Lead Auditor by BSI.

  • Enrique Fenollosa Romero
    General Manager for South America
    S2 Grupo

    Enrique Fenollosa Romero, Gerente General de S2 Grupo para Sudamérica, Ingeniero Superior de Telecomunicación y Executive MBA por el Instituto de Empresa (Madrid), ponente habitual en temáticas relacionadas con la ciberseguridad industrial, profesor de maestrías y cursos postgrado.

    Experto en Ciberseguridad, con más de 20 años de experiencia profesional gerenciando diversas empresas del ámbito de la seguridad de la información e infraestructuras críticas, con trabajos desarrollados en distintos países, tanto en el seno de multinacionales, como en el del emprendimiento personal.

  • Ana María Fuentes
    Principal SE Industry sector
    Fortinet
    Electronic Engineer, with 10 years of experience in presales, consulting, implementation, support and administration of IT security solutions. Principal SE Indutria Sector in Fortinet Colombia (4 years), with experience in assurance projects in IT and OT networks of the oil, manufacturing, public service companies and in general in companies of the industry and commerce sector in Colombia.
    Certified in:
    – Certified Ethical Hacking (CEH)
    – ISO 27001 – Information Security Management Systems
    – ISO 22301 – Business Continuity Management Systems
    – Network Security Expert 4
  • Ernesto Landa
    CISO
    COGA
    Systems Engineer Titled by the University of Lima (Peru) with more than 10 years of experience in Information Technology and Telecommunications in the Energy Sector and Hydrocarbons. Specialist in Information Security and Cybersecurity in Critical Infrastructures, he is an active member of the Industrial Cybersecurity Committee of the Regional Association of Companies in the Oil, Gas and Biofuels Sector of Latin America and the Caribbean (ARPEL). He is ISO 27001: 20013 Auditor accredited by The International Register of Certified Auditors (IRCA), and holds international certifications such as Project Manager Professional (PMI), ISO 27001: 2013 Internal Auditor and ISMS ISO27001: 2013 Implementer.
    He currently leads the Information Security Area of Compañía Operadora de Gas el Amazonas (COGA), a company specialized in the management, operation and maintenance of infrastructures in the energy sector.
  • Patrick Miller
    United States Coordinator
    Centro de Ciberseguridad Industrial

    Patrick Miller is one of 20 Forbes cyber policy experts to follow on Twitter and one of the 50 smart grid pioneers of smart grid in 2015. Today he is a trusted independent advisor dedicated to the protection and defense of critical infrastructure throughout the world. He is currently a managing partner of Archer Energy Solutions, as well as founder, director and president emeritus of EnergySec, a 501 (c) (3) nonprofit focused on the exchange of information, situational awareness and staff development of security for the energy industry. Patrick’s experience extends to the Government, Telecommunications, Financial and Vertical Energy Services, within the key positions with the regulatory bodies, the owners of useful assets and private consulting companies.

  • Anton Shipulin
    Global Presales Manager
    Kaspersky Lab
    Specialist in information security since 2005 with experience in the areas of architecture, integration and operation of the cyber security system, cyber security audit, consulting and project management, ICS Security Global Market and Technologies intelligence and analysis, as well as development of industrial cyber security business.
    He is currently coordinator of the Kaspersky Industrial Cyber ​​Security conference and program director. Member of the Russian National Committee of B5.2 / D2 of the CIGRE Working Group “Protection and Automation of Cybersecurity”. Co-founder of the Russian cybersecurity community ICS / SCADA RUSCADASEC.com.
    Passionate about industrial cybersecurity and the protection of critical infrastructure, the exchange of knowledge and information with multiple certifications such as SCADA Security Architect Certification (CSSA), Information Systems Security Professional Certification (CISSP), Ethical Hacker Certification (CEH), Microsoft System Engineer Certification (MCSE): Security Certification, Linux Professional Institute Level 1 (LPIC-I), CompTIA Project + Professional Certification.
  • José Valiente
    Director
    Centro de Ciberseguridad Industrial

    José Valiente is Director and Head of Coordination and Communication of the Centro de Ciberseguridad Industrial (Industrial Cybersecurity Center). Specialist in Technological and Security consulting. He has more than 20 years of experience working in large consulting firms, where he has developed his professional career both in the field of information technology and in the industrial automation sector. He has participated in more than a dozen publications on industrial cybersecurity, as well as in multiple congresses, events and courses specialized in cybersecurity. Currently, he has multiple certifications in solutions for security and IT manufacturers, as well as the professional certifications CISM of ISACA and Global Industrial Cyber Security Professional (GICSP) of GIAC.

  • Edwin Walteros
    Leader in Indra's Cybersecurity, Minsait in Colombia
    Indra

    Systems Engineer and Network Security Specialist. He is part of the Cybersecurity team in OT as a consultant in tests for industrial networks. He has more than 10 years of experience in Information Security, Vulnerability Management, Ethical Hacking and Forensic Analysis in different IT / OT environments for national critical infrastructures. He has been certified as Certified SCADA Security Architect (CSSA), Computer Hacking Forensic Investigator (CHFI), Certified Ethical Hacker (CEH) and Internal Auditor ISO27000: 2013.

  • Diego Zuluaga
    ISAGEN / CISO
    Centro de Ciberseguridad Industrial / Coordinator

    Diego has worked for more than 15 years in information technology, 12 of them in the information security zones, since 2001, he has been working as a specialist in information security (the same tasks as CISO) in ISAGEN SAESP, where is responsible for all information security practices based on the ISO 27000 series. He is currently involved in the group that is making the regulation of cybersecurity for the electrical sector of my country based in NERC CIP and since 1999 he participates in the creation of programs for the development of courses on information security.

Talleres

Main Host

  • June 4th
    Presential Pre-Congress Workshop (US $ 300)

    8:30 a.m. to 5:00 p.m.: Workshop on Practical Management of Industrial Cybersecurity

    The aim of this workshop is to provide the professionals of industrial organizations, engineering, IT integrators and OT with the necessary knowledge to carry out a diagnosis in terms of Cybersecurity of an industrial organization, identifying the main security breaches, as well as establishing a risk analysis and treatment plan to manage technological risks at levels of excellence.
    This workshop provides a practical guide for those responsible for managing the risks of Industrial Cybersecurity.
    Addressed to:
    Responsible for risk management of industrial cybersecurity, responsible for business continuity, responsible for information security, responsible for operational safety and responsible for industrial computing.
    Reasons to attend:
    Learn how to assess the risk of cybersecurity in an industrial organization.
    Share with other professionals the important aspects that should be considered in order to evolve risk management to levels of excellence.
    Learn to establish a cybersecurity treatment plan in an industrial automation environment.
    Main points of the workshop:
    Understand the best approach to diagnosis and risk assessment as a fundamental part of the cybersecurity process in an industry environment.
    Identify and correctly evaluate the cybersecurity capabilities of an industrial organization and how to establish a treatment plan.
    Cost of the workshop 300 US $
    Limited places 18 places

    Teacher: José Valiente (CCI)

Patrocinadores

Sponsors

Gold

June 5-6, 2019
Hotel Dann Carlton Bogotá (Carrera 15 #103-60, Bogotá, Cundinamarca, Colombia)