Welcome and Presentation of the Congress. Lessons learned 2021
José Valiente (Director of the Industrial Cybersecurity Center)
José Valiente is Director of the Industrial Cybersecurity Center. Technological and Security consulting specialist. He has more than 20 years of experience working in large consulting firms, in which he has developed his professional career both in the field of information technology and in the industrial automation sector. He has participated in more than a dozen publications on industrial cybersecurity, as well as in multiple conferences, events and specialized courses on cybersecurity. He currently holds multiple certifications in IT and security vendor solutions, as well as CISM professional certifications from ISACA and Global Industrial Cyber Security Professional (GICSP) from GIAC.
Panel: Cybersecurity experiences in the design of industrial automation and digitization projects
Cybersecurity managers in the automotive, food and pharmaceutical sectors
Leaders who are managing cybersecurity risk in industrial environments will share their experience incorporating cybersecurity in the early planning and design stages of new industrial projects. What is the relationship with industrial automation and digitization providers? What cybersecurity standards in IT and OT integration do you have? What cybersecurity capabilities are you demanding in technologies? What professional cybersecurity certifications are requested for new projects?
Panel moderated by Susana Asensio, CCI.
Experience incorporating cybersecurity in industrial cloud architectures
Ron Brash (CCI Coordinator Canada , ICS expert in Oil & Gas sectors)
Ron Brash is a well-known technical expert in the ICS community, with a long history in the oil and gas sectors from an early age, but he is also involved in difficult-to-solve industrial solution development proposals. Today, he has more than a decade of experience with industrial networks and technologies, embedded systems, system design, risk assessment, and in different verticals ranging from aviation, energy, gas, etc. Currently, he is a director of Verve Industrial Protection, where his role includes global community engagement, product ownership, risk analysis, research, and facilitation relationships in the IT and OT organizational divisions.
Practical case in Utilities: Monitoring and protection
Susana Sanchez (Senior Security Manager - Accenture), Antonio Navarrete (Systems Engineer - Fortinet)
Susana Sánchez has a degree in higher industrial engineering. With more than 20 years of experience, her professional career has developed in the critical infrastructure sector closely linked to industrial automation projects, where she has played different roles. In the last 8 years, she has focused on the industrial cybersecurity area where he collaborates with Accenture Security to develop this practice and help clients in this regard.
Antonio Navarrete is a technical engineer in computer systems with more than 20 years of experience. The last 15 years focused on industrial cybersecurity. Currently from Fortinet he leads the technical expertise for this area in Iberia advising clients on best practices and related solutions.
Topologies and measurements in a secure OT network
Alejandro Alonso Rodriguez (OT cybersecurity consultant at Everis - NTT Data)
Telecommunications Engineer and with a Master’s Degree in Cybersecurity. Experience in the field of IT and OT cybersecurity both in the Blue Team and Red Team fields. His certifications include Prince2 project manager, Scrum Foundation Professional, ISO 27001 Lead Auditor and CCNA Cyberops. He is currently a OT cybersecurity consultant and trainer at Everis where he accumulates experience in strategic and technical consulting for critical infrastructures and the implementation and validation of security solutions.
Visibility, segmentation and inspection in OT networks
Pablo Ibañez (Systems Engineer - Palo Alto Networks)
Pablo has 15 years of experience as a Solutions Architect / Sales Engineer focused on continuous improvement and meeting customer expectations. He has a deep knowledge of IT systems, networks and cybersecurity, designing solutions and integrating multiple IT technologies for demonstrations and hands-on labs. He also has extensive experience in ICS / SCADA solutions for public services, process controls and digital factories (SANS GICSP Certification).
Cybersecurity experience following IEC-62443 in an industrial project
Ramón Quirós ( Phoenix Contact, Product Manager Automation Systems and Automation Infrastructure)
Ramón Quirós is Product Manager in control and communications systems at Phoenix Contact. Specialized in functional safety (Safety Relays, Configurable Safety modules, Safe I / Os,…), HMIs and Industrial PCs, industrial communication technology (Industrial Ethernet, Remote Communication, Wireless ..) and cybersecurity.
Cybersecurity in design against Ransomware of Things (RoT)
David Galdrán ( Check Point, ICS Security Expert )
Team leader of the Industry, Telco and Public Sector team at CheckPoint Spain. With 20 years of experience in the sector and two and a half years of experience in securing industrial environments. Holder of multiple security certifications and the black CCI credential.
The new resilience in industrial cybersecurity
Patrick Miller (CCI Coordinator USA, CEO of Ampere Industrial Security)
Patrick Miller shares more than 35 years of IT / OT experience through his consulting services as an independent security and regulatory advisor for the critical infrastructure and key resource sectors. He is currently the CEO of Ampere Industrial Security, an industrial security consultancy based in Portland, Oregon, USA Patrick is also the founder, president emeritus, and is currently a member of the board of directors of the Energy Sector Security Consortium, Inc. ( EnergySec), a 501 (c) (3) nonprofit organization in Portland. He is the CCI coordinator for the USA.
Panel: Integration of Quality, Security and Cybersecurity in the industrial operation
Responsible for quality, safety and cybersecurity of industrial organizations
Managers who are in charge of the quality process, safety risk or cybersecurity in industrial environments will share their experience when integrating cybersecurity in their processes. What is the relationship between the areas of quality, safety and cybersecurity? What interaction exists between the processes? What difficulties and what benefits does the integration of Quality, Safety and Cybersecurity have?
Panel moderated by CCI.
Experiences in managed cybersecurity services for industrial environments
Carmen Torrano Giménez (Product Manager in OT & IoT Security - Telefonica)
Carmen has a doctorate in Computer Science from the Carlos III University of Madrid. She currently works at Telefónica, linked to the Cybersecurity and Cloud area. Among her areas of expertise are Cybersecurity, Cryptography, Machine Learning, IoT and OT security. She currently leads the OT & IoT Security Monitoring product within Telefónica Tech. In the 2019-2010 period she was elected as CSE (Chief Security Envoy) of Eleven Paths (recognition of professionals in the sector). At the same time, she develops teaching work in various Spanish universities and educational centers. She is also co-author of the book «Machine Learning Applied to Cybersecurity. Techniques and examples in the detection of threats ”from the editorial 0xWord.
She has recently been appointed ambassador for Telefónica’s #Women Hacker initiative.
Carmen has published in numerous conferences, has developed patents and participates as a regular speaker at industry conferences, collaborating in the dissemination of scientific-technical content.
SOC in Industrial Environments: Monitoring at All Levels of the Purdue Model
Andrés de Benito (Cybersecurity director at Capgemin)
Andres is responsible for promoting market positioning and achieving cybersecurity business results in Spain. Engages with clients in strategic discussions to provide the best cybersecurity and guidance in the industry to maximize the client’s long-term business goals.
Talking about cybersecurity in the industrial supply chain
Robert M. Lee (Founder & CEO of Dragos, Inc.)
Robert is a recognized pioneer in the industrial security incident response and industrial security incident response community. He started in security as a US Air Force Cyber Warfare Operations Officer in charge of the National Security Agency, where he launched the first mission dedicated to identifying and analyzing national threats to industrial infrastructure. It went on to build the first dedicated industrial community incident response and monitoring class at the SANS Institute (ICS515) and the industry recognized Cyber Threat Intelligence course (FOR578).
Protecting an Industrial Cloud Scenario
Claudio Caracciolo (CCI General Coordinator Latam)
He is the Coordinator of the Center for Industrial Cybersecurity in Latin America. In addition to being a specialist consultant in Information Security, passionate about Social Engineering, Industrial Cybersecurity and CarHacking. Professor of “Computer Forensics” and “Computer Security” at the Higher Institute of Public Security (ISSP). Professor in the Cybersecurity Strategy and Management Diploma at UCEMA. Professor in the Postgraduate Course in Cybercrime at the Faculty of Law of the U.B.A. Former President of ISSA Argentina (2011-2013 and 2013-2015). Member of associations related to the environment such as: ISSA International, OWASP, Usuaria, Argentina Cibersegura, Member of the academic committee of Segurinfo from 2007 to present.
Operational integrity: safeguarding your OT systems with Cyber AI
José Badía López (Country Manager, España and Portugal at Darktrace)
Jose Badia is Country Manager for Spain and Portugal at Darktrace, a leading autonomous artificial intelligence company for cybersecurity. Jose leads client teams from a variety of industries that use artificial intelligence to defend their companies, including but not limited to banks, government entities, and energy companies. Jose has an extensive academic career that stands out for his Degree in Commerce from the Complutense University of Madrid, as well as an MBA from Cesma Business School.
Summary and closing of the conference day
Maite Carli (Communications Director, Industrial Cybersecurity Center)
Maite Carli is the Communications Manager of the Industrial Cybersecurity Center. Specialized in administration of networks and communications, critical industrial infrastructures, industry 4.0, data analysis technologies in the Health sector and industrial cybersecurity, having completed several courses and a master’s degree. She has developed her professional career in the UK for almost 9 years.
Welcome and Presentation of the third day of the Congress
Susana Asensio (CCI Director of the Industrial Cybersecurity Professional School)
Susana Asensio is Director of the Professional School of Industrial Cybersecurity, and Project Manager at the Industrial Cybersecurity Center. Graduated in Software Engineering, and Technical Engineer in Management Informatics, both from the Polytechnic University of Madrid (UPM), Susana is a specialist in research and development projects in security and technology. She has a postgraduate degree as a Specialist in Promotion and Management of International R & D & I Projects and Actions from the UPM. After working as a researcher in Information Technology (IT) at the UPM, she has been, in recent years, and prior to joining CCI, combining the management of IT security projects, and the coordination of various IT security forums in the Multisectoral Association of Electronics, Information and Communication Technologies, Telecommunications and Digital Content Companies (AMETIC).
Panel: Incident Management Roles in Large Industrial Entities
Cybersecurity experts in OT and incident management
Managers who are in charge of cybersecurity risk in industrial environments will share their experience in incident management. What is the greatest difficulty when managing incidents in large industrial entities? What roles and responsibilities are necessary? What preparation should the management team have for them?
Panel moderated by CCI.
Bridging the trillion dollar cyber risk gap: Why cyber insurance can’t help industrial asset owners – yet
Jose Seara (Founder & CEO of DeNexus)
Serial founder & CEO with 25+ years of experience building companies in the critical infrastructure space. He grew his last company, NaturEner, to $100M ARR in 6y.
He found cyber risk management was expensive, inefficient, and left the organization exposed to information gaps and inadequate insurance products.
He created DeNexus, not only to help address a problem he was experiencing first-hand, but to fill the gap which tens of thousands of companies also experience.
Experience in the internal organization of cybersecurity (roles and responsibilities)
Luciano Manfredi (CCI Coordinator United Kingdom, Head of Cyber Advisory, Competent Authority at Ofgem)
Luciano is Coordinator of the Industrial Cybersecurity Center in the United Kingdom. He works as Head of Cyber Security Advisory (Competent Authority) at Office of Gas and Electricity Markets (Ofgem), the energy regulator in the United Kingdom. His team leads the implementation of the cybersecurity regulation NISR (Network and Information Security Regulation), promoting and supporting companies to implement their cybersecurity programs throughout the sector.
He has more than 20 years of professional experience in Cybersecurity working as a consultant, architect, auditor, global leader in IoT / Operational Technology, as IT security manager and pentester in international companies such as KPMG, DXC Technology (HPEnterprise) and IBM. Luciano has extensive experience in critical infrastructure protection and extensive experience in various sectors such as Manufacturing, Utilities, Pharmaceutical, Banking and Finance among others.
Summary and closing of the congress
Maite Carli (Communications Director, Industrial Cybersecurity Center)
Maite Carli is the Communications Manager of the Industrial Cybersecurity Center. Specialized in administration of networks and communications, critical industrial infrastructures, industry 4.0, data analysis technologies in the Health sector and industrial cybersecurity, having completed several courses and a master’s degree. He has developed his professional career for the last 9 years in the UK.