Industrial Automation Security Belgium 2015, Initiative of Egemin, Phoenix Contact, Siemens and LSEC
IAS was established for companies that are involved in industrial- based process automation and control. Due to the constant evolution of control processes and automation systems, as well as their underlying platforms on which they operate, each day new possibilities are discovered that could pose serious security risks to those systems. IAS aims to inform them about the necessity to secure their systems, and to provide them with best practices and practical and actionable guidelines.
The possibilities offered to manage the systems easier and better, by evolving into modern capabilities ,by equipping them with new functionalities or by having multiple systems interconnect and work together, poses new challenges in terms of security. Legacy systems , or underlying IT systems already no longer be maintained for a long period of time can be a major threat . Only fully insulated systems can probably continue to exist , but they also will be subjected to external administration or changes eventually. The further automation within the sector (smart factories, internet of things, industrial internet,...) has lead to an increase of targeted attacks on industrial systems. For the proper functioning of the business, and to ensure the continuity of the activities it is important to evaluate the potential risks, assess them against your systems, and take proper counter measures.
IAS will present various models, methods, solutions and security best practices that can be used. This year's edition will include a special attention to the Industrial Internet and the Internet of Things, their impact on Industrial Automation, opportunities that it brings and risks that must be mitigated.
Use case Oleon: Safeguarding the availability of your plant, now and for the future - Yves Vandorpe, Business Development Manager at Siemens
Factory of the Future - Walter Auwers, Program Manager Smart Production & Factory of the Future, SIRRIS
Protecting industrial networks and connected devices, Dr.-Ing. Lutz Jänicke, CTO, Innominate Security Technologies (Germany)
Dr. Lutz Jänicke joined Innominate in February 2002 and leads Innominate's development efforts. He brings over 25 years of experience in electrical engineering and in the design and implementation of large software projects to the Innominate team. He is a recognized expert in security technologies and has been involved in many OpenSource projects. He developed the Postfix/TLS encrypted mail transport protocol (RFC 2487), among others. He is also a member of the "OpenSSL" development team. Lutz Jänicke is active on various committees overseeing IT security for automation applications. He is head of the "Security in Networked Systems" commission of the "Industrie 4.0" platform.
The TETRA Project: Supporting industry developing, installing and maintaining secure industrial networks - Jan Vossaert, Postdoctoral Researcher at KU Leuven
Most people know by now that industrial control system security is not as good as IT security. The top 10 of most observed security weaknesses and excuses is a proof for this situation. Nevertheless, ICS environments can be secured but needs a pragmatic approach which is tailored to the environment (taking into account assessments, pentests, "things that worked" ...). In this session Dieter Sarrazyn who has worked in both areas will outline how he has used this approach help in assessing and securing ICS environments.
About Dieter: Dieter has built his career in industrial environments and has gained excellent knowledge on strategic, tactical and operational level regarding security related subjects. He has worked extensively on the security within the industrial control system area including more than 6 years in a large electricity generation company. Within Toreon, he is the assessments team leader as well as the driver for the ICS security solutions Toreon offers. His main focus exists in performing penetration tests (as well external as internal), performing security audits, creating and evaluating security architectures, teaching Hacking Inside Out™, creating and setting up vulnerability management frameworks & tools. He deploys this expertise primarily in an Operational Technology (OT) environment, performing SCADA security assessments and securing SCADA environments. These activities are always part of a larger programme, aimed at reducing business risks. He has extensive knowledge concerning penetration testing, social engineering, infrastructure security and has the following certifications: CISSP, GCIH, GSEC, GXPN, GCIH, GSNA, CIRM and Scada Security Architect. He is also SANS Local Mentor and SANS Community Teacher.
IAS 2015 - Industrial Automation & Security BE
Thursday 28 May 2015, from 1pm till 5.30pm, De Hoorn, Leuven, Belgium
Attendance to this event is free upon prior registration
Registration via: http://ias2015.eventbrite.com