The UK Energy Cyber Security Executive Forum brochure
Thursday 5th February 2015 A One-Day Conference The UK Energy Cyber Security Executive Forum Organised by Addressing the cyber security risks at the board level The new realities of cybercrime in the energy sector Sponsored by City & Financial Global CCT Venues Plus – South Quay, London E14 Ciaran Martin, Director General for Government and Industry Cyber Security, GCHQ Graham Wright, Group CISO and Digital Risk Officer, National Grid Steve Purser, Head of Core Operations Department, ENISA Dr Gal Luft, Senior Advisor, The United States Energy Security Council & Chairman, Nation-E Avtar Sehmbi, Head of Information Security & IT Risk Management, Centrica Stephanie Daman, CEO, Cyber Security Challenge UK Troels Oerting, Head of European Cyber Security Centre, Europol Raj Roy, Legal Director, British Gas Chris Gibson, Director, CERT-UK Supported by Attend this forum to understand: What the UK Government is doing to improve security skills and awareness within the energy sector How to educate your employees to deal with the new realities of cybercrime in the oil & gas industry Why energy companies fail to effectively manage data security breach incidents and how you can enhance your incident management detection and response capabilities What coverage cyber risk insurers provide for business interruption and how to deal with the ‘cyber risk gap’ in the energy sector You will also learn about: EU response to the increased cyber threat in the energy sector. How does the United States currently manage cyber security? Recent cyber security incidents that have the most profound impact on the oil & gas industry. Step by step analysis and the lessons learned Effectively responding to real-time operational security concerns of SCADA devices and networks for power and utilities. Retesting vulnerabilities to eliminate threats The trends in the type, volume and calibre of cyber security attacks in the energy sector. The most effective risk mitigation strategies and commercially viable cyber security policies QR Code www.cityandfinancialconferences.com/CyberEnergy2015 The UK Energy Cyber Security Executive Forum Addressing the cyber security risks at the board level The new realities of cybercrime in the energy sector CCT Venues Plus – South Quay, London E14 The energy sector is increasingly becoming a prime target for organised cyber security crime. Globally, it is estimated that cyber security breaches in oil & gas and power will cost owners $1.87billion by 2018. Cyber-attacks on industrial control systems reported to ICS-CERT jumped from 34 in 2010 to 257 in 2013. The European Union’s adoption of new data protection rules and a new cyber security network by 2015 increases the challenge faced by energy companies in Europe. With energy companies in the UK already losing approximately £400 million every year, the sanctions for security breaches will increase the maximum fines from 2% to 5% of a company’s global annual turnover. Despite all the evidence and with such high costs at stakes, many companies do not fully appreciate the risk posed by cybercrime. Their existing security measures often prove to be inadequate and energy firms are routinely refused insurance cover for business interruption. Additionally, the current mainstream cyber insurance market neither fully addresses the needs of the energy sector, nor provides coverage for physical loss or damage. Furthermore, the waiting periods for cyber security coverage can be significant in terms of energy networks. With significant numbers of employees having insufficient knowledge of corporate cyber threats, such as SpyEye, Zeus, Stuxnet and Flame, the nation’s critical energy infrastructure remains extremely vulnerable. Energy companies, while struggling with the complexity and size of the networks they manage, need to meet the challenge of surviving and growing in the current cyber security climate now. City & Financial Global’s Energy Cyber Security Executive Forum is a strategic and practice-driven summit, which will give you an excellent opportunity to network with the best of the energy cyber security sector and learn how to actively engage with the cyber security issues. This timely conference will offer you guidance to minimise the risks, avoid cyber security breaches through internal controls and proper adherence to standards, develop resilience, and protect and strengthen your business in the UK and globally. THIS EVENT WILL BE OF PARTICULAR INTEREST TO CISOs, Heads of Digital Risk, CIOs, Data Protection Officers, Cyber Security Managers, Cyber Security Architects, Heads of Legal/Privacy/Cyber Threat/ Resilience/IT, Chief Risk Officers/Risk Managers, SCADA Control Operators COMPANIES ALREADY ATTENDING INCLUDE: GCHQ BP NATIONAL GRID CENTRICA ENISA EUROPOL TOKIO MARINE KILN CERT-UK GAZPROM CYBER SECURITY CHALLENGE UK THE UNITED STATES ENERGY SECURITY COUNCIL This already highly-regarded executive Forum is an in-depth follow-up to the cyber security panel at our City Week 2014 event, at which the Rt Hon Francis Maude, Minister for the Cabinet Office spoke. There was enormous interest in the cross industries cyber security session, much of which was from board directors of national and international firms who were keen to get a better understanding of the threat posed to their institutions by cybercrime, how they should identify their vulnerabilities, what they should be protecting, how they should protect it and the role of the board in establishing a cyber security strategy. A transcript of Francis Maude’s speech at City Week 2014 is below: https://www.gov.uk/government/speeches/cyber-security-city-week-2014 BRITISH GAS CODENOMICON THE DUTCH MINISTRY OF SECURITY AND JUSTICE PERENCO GAS INFORMATION SECURITY FORUM JERSEY ELECTRICITY WOOD GROUP and many, many others… www.cityandfinancialconferences.com/CyberEnergy2015 The UK Energy Cyber Security Executive Forum The Programme 08:00 Registration, networking and morning coffee 09:00 Chairman’s opening remarks Graham Wright, Group CISO and Digital Risk Officer, National Grid 09:10 Keynote address I - Enhancing the UK’s cyber resilience Chris Gibson, Director, CERT-UK • The role of the Cyber-security Information Sharing partnership (CiSP) • Why you need to exercise • What we are seeing 09:30 Panel I - An in-depth look at the latest European and international cyber security policies for oil & gas and power • The role of the regulatory bodies in relation to cyber security. The differences between the regulatory bodies in the UK, Europe and the US • How are international security policies and standards changing to meet cyber challenges? • The EU Cyber Security Strategy. The NIS Directive. The role of ENISA • Smart Grid mandates across the EU. Smart Grid security measures • How does the United States currently manage cyber security? Analysing the US’s NIST and Department of Homeland Security’s initiatives • How do we share best practice to address the issues and challenges Moderated by Steve Purser, Head of Core Operations Department, European Union Agency for Network and Information Security (ENISA) Panellists Dr Gal Luft, Senior Adviser, The United States Energy Security Council & Chairman, Nation-E 10:30 Patrick Curry OBE, Director, British Business Federation Authority Chris Gibson, Director, CERT-UK Panel II - Rethinking cyber security: Making your business more secure and resilient • What are the new realities of cyber threats in the energy sector? • Which cyber risks and exposures your organisation is facing by simply running your business on a daily basis? • Best practices of dealing with cyber threats and vulnerabilities. Improving response time and enhancing overall system robustness • Ensuring a skilled workforce. How to educate your employees to deal with the new realities of cybercrime in the energy sector? Moderated by Graham Wright, Group CISO and Digital Risk Officer, National Grid Panellists Avtar Sehmbi, Head of Information Security & IT Risk Management, Centrica Manu Sharma, Director, Grant Thornton www.cityandfinancialconferences.com/CyberEnergy2015 Iowa Carels, Senior Cyber Security Advisor, The National Cyber Security Centre, The Dutch Ministry of Security and Justice The UK Energy Cyber Security Executive Forum 11:10 Keynote address II - Cyber security and the energy sector. A GCHQ perspective Ciaran Martin, Director General for Government and Industry Cyber Security, GCHQ • Government’s focus on cyber security and the nature of the threat • Cross-government initiatives and cyber security guidance and standards • Routes to seek IA support, advice, training and professionalisation • How cyber security risk affects the energy sector • Future options for defence through collaboration 11:30 Networking and morning coffee 11:50 Case-study I Senior Representative, QinetiQ 12:10 Case-study II - Cyber threats to critical energy systems and risk mitigation strategies • Reviewing recent cyber security incidents that have the most profound impact on the energy sector • Understanding trends in the type, volume and calibre of those attacks • Recommendations for risk mitigation and commercially viable cyber security policies 12:30 Case-study III - Building a comprehensive IT risk management system • Technology changes in the energy companies. Reviewing different systems of IT protection • What are key external penetration areas of critical infrastructure? • Unifying IT protection methods and policies and maximising standards of IT protection by adhering to short- and long-term security plans Scott Baron, • Suggestions for an effective end-to-end IT management Director Digital Risk & programmes Security Governance, National Grid • Looking at the existing outsourcing models 13:00 Dr Gal Luft, Senior Adviser, The United States Energy Security Council & Chairman, Nation-E Ameet Patel, Group IT&S Director – Information Security, Wood Group Keynote address III - The race for skills in the energy sector • The implications of not properly addressing the cyber security skills gap • Barriers that need to be addressed and overcome if we are going to be successful • Matching the solutions to the topic - why traditional approaches have limited success 13:20 Networking and lunch 14:20 Keynote address IV – International perspective Stephanie Daman, CEO, Cyber Security Challenge UK Troels Oerting, Head of European Cyber Security Centre, Europol 14:40 Case-study IV Daniel Barriuso, CISO, BP www.cityandfinancialconferences.com/CyberEnergy2015 Richard Mackintosh, Cyber Intelligence Advisor, BP The UK Energy Cyber Security Executive Forum 15:10 Moderated by Panel III - Protection of privacy data for energy • The impact of the new European Data Protection regulation on the energy sector • What are the main energy data protection challenges? • Enforcing data protection polices and enabling open and confident communication throughout your business and with external parties John Bowman, Senior Principal, Data Protection and Privacy, Promontory Financial Group Panellists Raj Roy, Legal Director, British Gas 15:50 Afternoon tea 16:10 Case-study V - Heartbleed: lessons learned – or did we learn? Ari Knuuti, Co-founder and Vice President of EMEA, Codenomicon • What can the energy sector learn about cyber security from other industries • Security build in or add on? 16:30 Panel IV - Cyber insurance: How to deal with the ‘cyber risk gap’ in the energy sector? • Cyber insurance as a service – data breach response • What coverage does cyber risk insurance provide? • Policy details: what is covered, and what isn’t? • What separates competitive insurers? • UK market vs the rest of the world • How legislation and regulatory change drive the need and demand for insurance • Systemic risk and risk management • The future of the cyber insurance market 17:10 Ashley Roughton, Barrister, Hogarth Chambers Moderated by Damian Beeley, Partner, Haggie Partners Panellists Laila Khudairi, Global Underwriter for International Cyber Risk, Tokio Marine Kiln Andrew Barratt, Managing Director Europe, Coalfire Panel V - Why energy companies fail to effectively manage data security breach incidents and how you can enhance your incident management detection and response capabilities • Understanding the threats, vulnerabilities and consequences of a cyber security breach within an organisation and its supply chain • Identifying, protecting, detecting and responding • Learning how to improve your resiliency and recovery to minimise your downtime if the system fails Moderated by Ari Knuuti, Co-founder and Vice President of EMEA, Codenomicon 17:50 Panellists Richard Mackintosh, Cyber Intelligence Advisor, BP Close of proceedings www.cityandfinancialconferences.com/CyberEnergy2015 Chris North, Head of Information Security, Gazprom Marketing and Trading Steve Armstrong, Technical Security Director and Owner, Logically Secure; Certified Instructor, SANS institute The UK Energy Cyber Security Executive Forum About our sponsors Tokio Marine Kiln is a leading international provider of specialist and corporate insurance for clients within the Lloyd’s and Company markets. Formed in 2014 through the integration of Kiln and Tokio Marine Europe, Tokio Marine Kiln has been founded on empowered expertise and the strength of its relationships. As part of one of the world’s largest insurance groups, Tokio Marine, we empower more than 700 employees in 22 cities to protect customers against complex and ever changing risks. We have seven underwriting teams focused on Specialist Property, Liability & Motor; Corporate Property & Liability, Construction; Marine & Enterprise Risk; Aviation & Space, Accident, Health & Life; and Reinsurance products, which are complemented by a first class claims team and an expert risk engineering service. Tokio Marine Kiln benefits from exceptional financial strength with Standard & Poor’s ratings of AA- attributed to its Company platform and A+ for its four managed syndicates at Lloyd’s. www.tokiomarinekiln.com Codenomicon provides a suite of next-generation solutions that reveal a better path to total defense. These solutions provide new layers of testing, robustness, intelligence, collaboration and security to deliver strength in visibility to the very Core of today’s critical systems, networks and devices. From automated testing solutions to amplify security by bringing the unknown into view, to patent-pending verification and validation solutions that leaves no stone unturned and no library or application unchecked, Codenomicon answers the call for new levels of security, safety and transparency to the world’s connected and critical systems. Founded in 2001 in Oulu, Finland, the global company works with leading telecommunications, networking, manufacturing, healthcare, financial services, defense, government, CERT and cyber authorities to strengthen systems and proactively secure customers and connections. www.codenomicon.com QinetiQ provides best-in-class Cyber Security solutions, services and advice. Our holistic solutions cover people, processes and technology; they help customers to maintain security, manage risk, enhance corporate resilience and maintain competitive advantage. We specialise in advice, strategic Penetration Testing and Managed Security Services across different sectors. About City & Financial Global City & Financial Global run around forty high level conferences each year, covering a wide variety City & Financial Global of topics held throughout the world. C&F Conferences have four distinguishing features. First, they are often held under joint ventures with governments and government agencies. Second, our speakers are always of the highest calibre, and include heads of government, senior government ministers, policy makers, and regulators and chief executives and main board directors of some of the world’s leading companies, as well as experts from top advisory firms. Third, our events focus on the impact of key change drivers such as government policy, regulation, product innovation, technology, supply and demand side factors and specific developments in different markets. Fourth, we aim to produce the most authoritative conference on any given topic. As a result, our events attract large audiences comprising senior decision-makers from both the public and private sectors, as well as sponsorship from some of the world’s leading companies and financial institutions. For more information please visit www.cityandfinancial.com www.cityandfinancialconferences.com/CyberEnergy2015 Thursday 5th February 2015 The UK Energy Cyber Security Executive Forum FOUR EASY WAYS TO REGISTER Please do not cover this address, even if incorrect – it contains your customer code CYBER SECURITY CHALLENGE 20% SUPPORTER DISCOUNT USE CODE: CYSEN1CSC FAX: +44 (0) 1483 479 409 Provisional bookings can be made by completing the registration form and faxing it to us. Your place will be confirmed on receipt of payment. EMAIL: [email protected] WEBSITE: www.cityandfinancialconferences.com/CyberEnergy2015 POST: Send the completed registration form, along with payment to the address below: City & Financial Global Ltd, 1st Floor, Swift House, Walnut Tree Place, Send, Woking GU23 7HL United Kingdom ENQUIRIES: +44 (0) 1483 479 331 Delegates One Two Three Save 20% when you book 3 or more places First Name Mr/Mrs/Ms: Family Name: Position: Email: This will be used to send you conference documentation. My special dietary requirements are: Contact Payment Details Organisation: Total: Address: Cheque: Payable to: City & Financial *Bank Transfer: IBAN: GB51 BARC 2097 5893 8408 91 Credit Card: VISA Telephone: Mobile: Fax: Card No: Email: Expiry Date: City & Financial Premier Venue SAVE 5% City & Financial invite you to join City & Financial Premier. Membership of City & Financial Premier will entitle you to a 5% discount off all City & Financial conferences & publications. To join you must provide City & Financial with your email address and agree to allow us to send you details about relevant conferences and publications by email. Your email address will not be released to third parties, except to those organisations sponsoring or exhibiting at a conference that you attend. Please tick this box to join [ ] (Joining is free of charge) Please indicate which of the following subject areas interest you: Infrastructure/PPP [ ] Public Policy/General Business [ ] Energy [ ] Financial Regulation [ ] Corporate Finance [ ] The discount is available for as long as you are a member of City & Financial Premier. You may unsubscribe after three months’ membership. The 5% discount will be applied to your current order. Please tick this box if you already are a City & Financial Premier member [ ] CONFIRMATION If you have not received confirmation of your booking prior to the conference, please call City & Financial on +44 (0) 1483 479 331. Your delegate place is not confirmed until payment is received. Payment must be received before the conference date. If payment has not been received before the conference date City & Financial reserves the right to ask for a credit or debit card guarantee of payment when you register at the conference. PRIVATE SECTOR FEE: £595.00 plus VAT (£714.00) The fee for this conference as shown above includes refreshments, luncheon, and written documentation for one delegate. Additional conference documentation packs are available on request at £199 + VAT. These can be ordered by fax or email. *BANK TRANSFER PAYMENTS Please tick to receive an invoice in advance of payment CYSEN1 AMEX MASTERCARD 3 digit security code Issue Date: Accommodation CCT Venues Plus – South Quay Details of nearby Isis Building – Thames Quay accommodation may be 193 Marsh Wall found on the venue’s website London E14 9SG Tel: 0207 537 6545 Website: http://www.cctvenues.co.uk/venues/canary-wharf/how-to-find-us must be received in writing (an email or fax is acceptable). Non-attendance, or non-payment does not constitute cancellation. If payment has not been made prior to the event, a full charge will still apply. ORDER CONFERENCE DOCUMENTATION I cannot attend the conference but wish to buy the event documentation pack, which includes the speakers presentations Full documentation costs £199 + VAT To order, complete the registration form and method of payment. Payment must be received before the documentation and password can be despatched All conference presentations will be available from the City & Financial website: www.cityandfinancial.com When paying by Bank Transfers quote this reference: (Please ensure ALL bank charges are met by your organisation) PROGRAMME CHANGES CANCELLATIONS/SUBSTITUTIONS Delegates cancelling 15 days or more before the event will Personal Data is gathered in accordance with the Data Protection Act 1998. If you do not wish to receive promotional material from City & Financial, please tick here If you do not wish to receive promotional material from the Conference Sponsor, please tick here If you do not wish to receive promotional material from any other 3rd party, please tick here Please return this form with the address and customer code, clearly visible if you wish us to remove your records from our database. City & Financial Conferences reserves the right to make any necessary alterations/changes to the programme. receive a refund less a 10% administration fee (waived if you elect to buy the conference documentation). Cancellations received between 14 and 7 days before the event will be entitled to a 50% refund of the conference fee, and will receive a copy of all conference documentation. Cancellations received 6 days or less before the event will receive no refund but will receive a copy of all conference documentation. Delegates can be substituted at any time prior to the event; notification of cancellations or substitutions www.cityandfinancialconferences.com/CyberEnergy2015
© Copyright 2024