Cyber Defence and Security 12 October 2016, IET London: Savoy Place

Cyber Defence and Security seminar will address key cyber challenges for the military and defence industry as well as consider mitigation against cyber-attacks on the Critical National Infrastructure.

Go to the profile of Veronica Kopec
Sep 30, 2016
7
4
Upvote 7 Comment

Key industry experts will discuss evolution of threats to the UK Critical National Infrastructure in context of UK’s cyber security strategy and international co-operation (EU, NATO etc.).

Hear from NCSC/ GCHQ, EDF Energy, Ukrainian Security Service, MoD, KPMG and more.

Register here

Tuesday 11 October - Tutorials

Tutorial 1

A Roadmap for Improving the Cyber-security of Safety-Critical Systems

Chris Johnson, Professor and Head of Computing at the University of Glasgow

Tutorial 2

Kaspersky Interactive Protection Simulation

Andrey Nikishin, Kaspersky Lab

Tutorial 3

Integrating cyber security: IT, OT and safety

Richard Piggin, Security Consultant, Atkins; Mike St.John Green, Independent Security consultant

Wednesday 12 October - Seminar

08:30

Registration and refreshments

09:00

Chairman’s welcome and introduction

Chris Johnson, Professor and Head of Computing, University of Glasgow

09:10

Keynote addresses

Strategic national cyber security

Martyn Thomas CBE FREng, Livery Company Professor of IT, Gresham College (Director of the UK Health and Safety Executive, a former Director of the Serious Organised Crime Agency and a member of the Defence Science Advisory Council)

The National Cyber Security Centre (NCSC) objectives and challenges

Dr Ian Levy, Technical Director, NCSC

10:30

Refreshments and networking

11:00

Session 2

Securing the supply chain: how to ensure cyber security across the chain and eliminate risks posed by subcontractors?

  • The Defence Cyber Protection Partnership (DCPP): a joint Government-industry response addressing the cyber threat to the defence supply chain
  • How to reduce adversaries’ window of opportunity through timely sharing of threat information and raising awareness across the supply chain
  • Developing a cyber security model to embed necessary, proportionate cyber security measures into the normal contractual process
  • How to measure corporate cyber maturity across people, process, and technology

Supply chain assurance – why it matters and how defence is addressing the challenge

Daniel Selman, Cyber Industry and Information Security Deputy Head, UK Ministry of Defence

The Niteworks case study: Risk in software acquisition and How to mitigate it

John Eriksen, Security Architect, The Niteworks Partnerships
Andy German, Chief Engineer, Atkins Global
Mark Usher, Software Training Specialist, Ministry of Defence

Progress in model-based development and challenges in secure communication: how to secure transmissions over short messaging systems

Richard Myers, Senior Software Engineer, Altran UK

12:30

Lunch and networking

13:30

Keynote address: Verified trustworthy software systems

Philippa Gardner, Professor at Imperial College London, Director of the Research Institute in Automatic Program Analysis and Verification

14:30



Session 3

Counter attacking cyber-crime with disruptive technologies and innovative strategies

  • Investing in disruptive technologies to reduce cyber risks
  • Micro-segmentation as technique that can bring quadruple benefit of: higher security; lower costs, quicker deliver and simpler compliance
  • How to build trust in communities of interest and collaborate towards a unified cyber defence through partnerships
  • The industrialisation of cyber-crime and proliferation of hacking technologies on Dark Web market
  • How to develop and facilitate the exchange of cyber security information between public and private bodies
  • Best practices in policing cyber space: annual overview of most disruptive cyber-attacks and how could they be prevented in the near future
  • How cyber security should be considered throughout a building’s lifecycle and explains good practice, focusing on building-related systems and all connections to the wider cyber environment

Threat actors – motivations and capabilities overview

Henrik Kiertzner, Principal Business Solutions Manager, SAS

Taking the offensive – Working together to disrupt digital crime

David Ferbrache, Technical Director Cybersecurity, KPMG

Cyber security and the European Air Traffic Management (ATM): taking proactive approach

15:30

Refreshments and networking

16:00

Session 4

Evolution of threats to the UK Critical National Infrastructure

  • Analysis of the rapidly diversifying threat to the UK Critical National Infrastructure
  • Outline of the key elements of basic cyber security best practice and why it is not being fully implemented leaving the UK vulnerable to attack
  • CESG (the National Technical Authority for Information Security) progress under the National Cyber Security Programme to assist in hardening the Critical National Infrastructure
  • What CERT-UK is doing to ensure the UK’s critical national infrastructure is as secure as possible
  • The importance of working with partners across government and industry to share threat information and jointly respond to incidents

Industrial and national infrastructure cyber threats: The Kaspersky Lab View

Andrey Nikishin, Special Projects Director & Head of Future Technologies, Kaspersky Lab

Case study: Cyber security provisions for the Hinkley Point nuclear plant project

Phil Litherland, Head of Electrical, Control & Instrumentation Systems, Nuclear New Build Design Authority, EDF Energy

Case study: APT attacks on Critical National Infrastructure in context of Russia's hybrid war against Ukraine

Oleh Starodubov, Digital Forensic Investigator, Department of Information Security, the Security Service of Ukraine

Information security standards for critical infrastructures: a cost-benefit model for policymakers

Alessandro Guarino, CEO, StudioAG / CENCENELEC Cybersecurity Coordination Group

17:00

The next five years: what could the UK's 2016-2021 cyber-security strategy look like?

  • Strategies in place for securing UK’s cyber security: working in collaboration with international organisations, government, military and critical infrastructure
  • Mitigating implications of the EU referendum in Britain on the UK cyber security industry
  • How to run a decision making exercise building on concepts and methodologies used to manage cyber security crisis
  • How to facilitate user participation to minimise the impact of Phishing and Ransomware attacks
  • Training cyber users against the threat of breaches

Bryan Lillie, Chief Technology Officer, Cyber-Security, QinetiQ
Martyn Thomas CBE FREng, Livery Company Professor of IT, Gresham College
Dr Ian Levy, Technical Director, NCSC
Daniel Selman, Cyber Industry and Information Security Deputy Head, UK Ministry of Defence

17:45

Chairman’s final remarks and close

18:00 -
19:00

Networking drinks reception

Go to the profile of Veronica Kopec

Veronica Kopec

Sponsorship Manager/ Cyber Security Sector, The IET

I look after sponsorship of events and activities centered around topics of cyber security with particular interest in defense, ICS, Critical National Infrastructure, government, transport and nuclear sectors.

4 Comments

Go to the profile of Veronica Kopec
Veronica Kopec 9 months ago

Only two days left! If you cannot join us but have questions to our speakers: post them here and three most voted for queries (please indicate speaker) will be asked at the event and answers included in the Hub!

Go to the profile of Veronica Kopec
Veronica Kopec 9 months ago

Here's our first question to Phil (EDF Energy): In light of the government's "significant new safeguards for future foreign investment in critical infrastructure", do you have any indication as yet what those measures might be in terms of cyber security?

Go to the profile of Cevn Vibert
Cevn Vibert 9 months ago

This was a refreshing event in the floods of Industrial Cyber or Cyber-Physical events as it was aimed at crossing Cyber Security and Safety divide together with defence, automotive and gov involvement.
I enjoyed Chairing many interesting papers and presentations and we stirred up some really good Q&As and debates in the audiences.
Many congratulations to all the team for running such a diverse event successfully. I suspect it was a LOT of work. I look forward to helping out again.
Roll on the next event!!

Go to the profile of Veronica Kopec
Veronica Kopec 6 months ago

Thank you Cevn for your kind comment. Indeed it has been a great event - number of people staying late into the evening discussing everything they have learnt and heard was a credit to all involved.

I like this quote from Dr Ian Levy (Technical Director/ NCSC) on the mission of NCSC with his particular reflection on combining safety and security topics as this is what was covered as our System Safety and Cyber Security conference which we held at the same time:

"We want to change the narrative around cybersecurity to remove the fear and base all our advice on data and evidence that we can, in general, publish. We need to get the safety and security communities talking a common language and bring real engineering rigour to the join-up of the disciplines. We should accept that vulnerabilities in software are axiomatic and work to build safe systems that are tolerant to both faults and exploitation."

With this in mind we are looking at topics and areas of interest for the 2017 edition of Cyber Security for NCI and Defence. We cannot be relevant if we do not hear from you, therefore please do let us know what is it you'd like to hear about, whom would you like to hear from, are there particular areas which should be covered in more depth?

We are looking forward to hear from you!