This event has ended. Visit the official site or create your own event on Sched.
Welcome to the Interactive Agenda for SecurityWeek’s 2021 APAC ICS Cyber Security Conference! (View the full conference website and register for the conference here)   -- LOGIN TO VIRTUAL EVENT HERE

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Strategy Track [clear filter]
Tuesday, June 22

10:30am GMT+08

Mapping Security Frameworks to Critical Assets - Focus on South East Asia Guidelines
There are a plethora of different security frameworks available that help organisations manage and reduce cybersecurity risk to critical infrastructure and industrial control systems. Judiciously applying the correct framework will make your journey towards a secure CII environment more effective and less costly and streamlined.

Securing critical infrastructure really boils down to:
a) discovering and maintaining an accurate asset inventory
b) establishing baseline communications activities between assets, and
c) detecting deviations from these baselines along with potentially malicious activities.

This session will guide you in the use of key frameworks by leveraging recommendations from the National Institute of Standards and Technology Framework (NIST) Framework for OT, the Singapore CSA OT Masterplan and key elements from the Singapore Cybersecurity Code of Practice for CII.

avatar for Richard Bussiere

Richard Bussiere

Director, Product Management, Asia Pacific, Tenable
Mr. Dick Bussiere is Tenable Network Security’s Product Management Director for the Asia Pacific Region. In this multifaceted role, Mr. Bussiere is responsible for evangelizing the criticality of vulnerability assessment, vulnerability management, and comprehensive security monitoring... Read More →

Tuesday June 22, 2021 10:30am - 11:00am GMT+08

1:00pm GMT+08

Incorporating Cyber Risk into Industrial Risk Management Processes
Never have industrial plants been so highly networked as they are today. At the same time, the risk of cyberattacks is rising. A successful attacker can manipulate plants, control them remotely, and even cause physical harm to plant and personnel. Consequently, in order to protect people, the environment, and industrial facilities, a safety system must be designed with cybersecurity in mind. Are you prepared?

The session will cover:
  • Recent Attacks- Industrial cyber attacks
  • Cyber Community reaction: Government and Standards bodies
  • Designing secure safety systems
Sponsored by: HIMA

avatar for Daniel Sutherland

Daniel Sutherland

Functional Safety and Security Consultant, HIMA
Daniel Sutherland is a Functional Safety and Security Consultant, working in our HIMAConsulting group. He has a Bachelor of Engineering in Computer Systems Engineering, and has spent most of his career working on oil & gas and mining sites as a control systems engineer. He specialises... Read More →

Tuesday June 22, 2021 1:00pm - 1:30pm GMT+08

1:30pm GMT+08

Targeted Ransomware requires New Approaches to OT Cyber Risk Management
Targeted ransomware has emerged as a major threat to industrial operations / OT systems. The Colonial Pipeline and JBS shutdowns are only the latest incident - in 2020, 53 industrial sites were shut down by targeted ransomware. The trend is likely to worsen - today's targeted attacks use tools and techniques comparable to those used exclusively by nation states only a half decade ago.
Operational Technology (OT) cyber risk manages cyber threats to physical operations. Some enterprise security mechanisms are very costly to apply in OT systems because of extended safety, equipment protection and other OT risk management programs. We see emergency risk avoidance mechanisms which are unique to the OT space, but are under-utilized by enterprise risk management and security practitioners.
This presentation highlights three such innovative cyber risk management approaches and examines their effectiveness against the pervasive threat of targeted ransomware with particular attention on the operations risk. The presentation will outline a simple and robust approach to managing OT cyber risks, including Security PHA Review (SPR), Consequence-Driven, Cyber-Informed Engineering (CCE), and Secure Operations Technology (SEC-OT). Secure sites in the industry are improving protection for their operations by cherry-picking techniques from these new methodologies. Join us for a whirlwind tour of trends in OT and industrial operations attacks and defenses.

avatar for Michael Firstenberg

Michael Firstenberg

Director of Industrial Security, Waterfall Security Solutions
Mike Firstenberg is the Director of Industrial Security for Waterfall Security. Mike brings two decades of experience in Process Control Security, specializing in Control System Cyber Security. The former chair of the American Water SCADA Council, Mike studied Computer Science, Chemical... Read More →

Tuesday June 22, 2021 1:30pm - 2:00pm GMT+08

2:00pm GMT+08

Applied Cyber Resiliency in ICS/OT
In the new era where undeniably and unconsciously that the IT and OT are merging, while the defenders are restlessly playing “whack-a-mole” games with the everyday emerging and advanced persistent threats in both IT and ICS/OT; the business leaders and stakeholders are paranoid and distrustful of their cybersecurity defense barriers. So, the result is spending their budget unwisely and ending with overlapping security solutions.

The main objective of this presentation is to help organizations strategize their defense in depth with a practical approach to achieve cyber resiliency instead of just cybersecurity where the organization could stop the “mouse-and-cat” chasing with the unprecedented and sophisticated attacks coming from different directions – both insider and external threats.

1. Re-align the overall ICS/OT cybersecurity strategy to the business.
2. Utilize the fundamental pillars of ICT – people, process, and free or inexpensive technology.
3. Achieve cyber resiliency efficiently with lesser expenditures.
4. Gain a deeper understanding of cyber resiliency versus cybersecurity.
5. Consume the people to more productive exercises instead of burning them out as “blind defenders” due to paranoia of getting breach.

avatar for Mike

Mike "Art" Rebultan

Principal Digital Forensics & Incident Response (AIoT-IIoT-ICS-OT-Edge-Cloud), Envision Digital
Mike "Art" Rebultan has more than 18 years of experience combined as an IT and OT professional with a background in PCI-DSS audit management, Unix/Linux security and systems administration, R&D, VAPT, TVM, Risk Management, Counterintelligence, and currently managing the global Digital... Read More →

Tuesday June 22, 2021 2:00pm - 2:30pm GMT+08

2:45pm GMT+08

Understanding ICS Vulnerabilities to Reduce Operational Risk
How often have we been asked, “What are we doing about Cybersecurity? Have we got anything to protect our operational technology(OT) assets from threats?” Measuring the current businesses operational technology risk and identifying the areas that need focus is not simple. Furthermore, to truly reduce risk across the OT business we need to consider not only the "What" but also the "How”.

The importance of how our OT assets are being accessed is often underestimated and some times overlooked completely. Once we understand the breadth and depth of the problems that we have the more likely we are to implement effective control measures to address the risks. The journey of reducing cyber risk starts with understanding the underlying vulnerabilities that reside across multiple layers of the Operational Technology business.

Join this session to learn:
  • How to identify vulnerabilities within an ICS network
  • What impact could these vulnerabilities have on your business
  • How to effectively integrate remediation into existing process
  • How to measure risk reduction using compliance and existing tools 

avatar for Michael Lagana

Michael Lagana

Principle Solution Engineer, APJ, Claroty
Michael Lagana is an IT/OT professional with over 15 years of experience in IT and OT operations, infrastructure, cybersecurity, data networking and management. Michael’s extensive experience in design and implementation of cybersecurity controls for ICS networks has established... Read More →

Tuesday June 22, 2021 2:45pm - 3:15pm GMT+08
Wednesday, June 23

9:00am GMT+08

Discovering RedEcho: Rooting a Chinese APT Out of the Indian Power Grid
In an unprecedented move against a neighboring country, China successfully infiltrated India's power grid and other critical infrastructure in 2020 as kinetic warfare escalated on the border. Did China use their foothold to cause power outages across India? What implications are there for other nations? Charity Wright, former NSA Analyst and current Threat Intelligence Expert at Recorded Future, will reveal how her team discovered the intrusions, methodology behind identifying and naming a new APT, what serious implications result from this campaign, and practical tips for defending against RedEcho.


avatar for Charity Wright

Charity Wright

Threat Intelligence Expert, Recorded Future
Charity Wright is a Cyber Threat Intelligence Analyst with over 15 years of experience at the US Army and the National Security Agency, where she translated Mandarin Chinese. Charity now specializes in dark web cyber threat intelligence, counter-disinformation, and strategic intelligence... Read More →

Wednesday June 23, 2021 9:00am - 9:45am GMT+08

10:15am GMT+08

Think Global but Act Local – A Practical Approach to Solving Common OT Security Maintenance Problems
The current OT security landscape is typified by common trends such as increased cyber risk, growing pressure from corporate and regulatory bodies to implement security programs and an influx of IT teams ‘muscling’ their way into OT in OT cyber security practice.  These trends continue to put pressure on OT practitioners to both accelerate their use of technology as well as find innovative and creative ways to scale those solutions across multiple assets and sites but managed by a scarce, often remote support team all while balancing the need to use IT tools but to apply OT safe practices and processes.

This combination of factors has led a number of operational entities to employ what we call a ‘Think Global but Act Local’ approach to security. In essence, a central team of skilled security people centrally monitor and identify all OT assets in scope across multiple operational facilities. Security actions or trends that require execution or remediation are identified. This team, in conjunction with OT specific representation at site, then plan, schedule and execute the tasks through automated technology with on site, OT oversight. This approach provides multiple benefits to the operating company such as:
a.            The importance of man and machine – combining people, process and technology
b.            Injection of and oversight by key OT staff to ensure safe operations
c.             Automation allows for granular insight PLUS granular control in the identification and application of compensating controls when patching not possible
d.            Bridges and leverages the best of both IT skills and OT insight
e. Provides operators with a way to take action as opposed to just alerting

avatar for Rick Kaun

Rick Kaun

VP of Solutions, Verve Industrial Protection
Rick Kaun is the VP of Solutions for Verve Industrial Protection: An OT cyber security solution provider. For over 16 years he has worked with all manner of industries on all sizes of projects around the word from front end scoping to large scale design and deployment of end to end... Read More →

Wednesday June 23, 2021 10:15am - 10:45am GMT+08

11:00am GMT+08

Securing Critical Infrastructure: Lessons Learned from the Colonial Pipeline Ransomware Attack
A recent cyber-attack on one company, Colonial Pipeline, shut down nearly half of the U.S. East Coast’s fuel supply for five days. This shutdown, initiated by the cybercriminal group DarkSide, has brought the reality of the fast-worsening ransomware situation back into the limelight. In this session you will learn:
  •  Background information on the DarkSide organization
  •   An overview of the current OT/ICS threat landscape
  •   Lessons from the Colonial Pipeline attack


Steven Hsu

Product Marketing Director, TXOne Networks
Steven Hsu has worked as a software development and quality management consultant in the cybersecurity industry for over 20 years, and previously directed global consumer business development for Trend Micro. His specialization is in researching, developing, and sharing cybersecurity... Read More →

Wednesday June 23, 2021 11:00am - 11:30am GMT+08

1:15pm GMT+08

Improving Transportation System Operational Visibility and Security
The number of assets used in Intelligent Transportation System (ITS) and logistics systems is growing rapidly, and they’re more connected than ever before. Unfortunately, this high level of digitization and network complexity has created an expanded attack surface with many vulnerabilities.

Join this session to learn about:
  • Security challenges faced by metro systems, maritime transportation and logistics
  • Gaining deeper operational visibility and preventing downtime
  • Identifying system vulnerabilities and detecting cyber threats

avatar for Malcolm Bailie

Malcolm Bailie

Delivery Manager, APJ, Nozomi Networks
Malcolm Bailie (GICSP) has over 21 years’ practical experience in the ICS/SCADA industry operating in the field helping asset owners maximize value from technology solutions. Over his career, Malcolm has gained a broad SME knowledge and skill set gained in managing operational critical... Read More →

Wednesday June 23, 2021 1:15pm - 1:45pm GMT+08

1:45pm GMT+08

Ransomware in ICS Environments: Initial Infection Vectors and Mitigation Techniques
Join this session as we review the accelerating attack trends of ransomware against ICS organizations, then delve into the most common initial infection vectors for ransomware attacks against ICS organizations, particularly vulnerability exploitation, stolen credentials, Remote Desktop protocol, and phishing. The session will use several case studies to illustrate how these infection vectors are employed by threat actors in practice, discussing some of the intricacies of attackers' techniques and methodologies. The presentation will end with an in-depth discussion of actions ICS organizations can implement now to defend against these techniques and decrease their risk exposure for ransomware attacks.

avatar for Camille Singleton

Camille Singleton

Senior Strategic Cyber Threat Lead, IBM
Camille Singleton brings fifteen years of professional experience to cybersecurity topics, both in the US government and as an analyst at IBM. While specializing in threats to operational technology, she is conversant on a range of topics affecting the cyber threat landscape, including... Read More →

Wednesday June 23, 2021 1:45pm - 2:15pm GMT+08

2:15pm GMT+08

Breaking Entrypoint: An In-depth Data Breaches Analysis to the Critical Infrastructure of the Asia Pacific
Recently, many enterprises globally have suffered from leaks of sensitive customer or employee information due to APT attacks, malware attacks, insider leaks, or mis-configured settings. Data breaches have a considerable impact: harming corporate reputations, causing business to be lost, and causing risk for customers. If bad actors acquire leaked data , we can easily imagine the harmful consequences. The critical infrastructures of Asia Pacific countries such as Taiwan, Japan, and Singapore are equally affected by these risks. If sensitive information about employees or external services leaks, hackers can easily apply it to social engineering or advanced continuous penetration attacks. Furthermore, a critical infrastructure security incident can cause more than financial loss – it can also create a threat to the safety of physical equipment or to people’s lives and property.

This is a series of research including data gathered from the USA, Asia Pacific, and global ICS vendors. This part will collect publicly leaked data and share some of the traps and fun that we found during the analysis and focus on Asia Pacific. We will also share how we have used our unique automatic analytical process for building on the cloud to conduct big data analysis on more than 10 billion pieces of data from 200 plus datasets, with a particular focus on the analysis of data leakage, password habits, follow-up effect, and cross-country analysis of Asia’s critical infrastructure service providers. Based on the in-depth analysis of our data, we will try to provide predictions and warnings to high-risk CI sectors that may be invaded due to information leakage. Finally, we will advise how to perform prevention and mitigation measures.

avatar for Mars Cheng

Mars Cheng

Threat Researcher, TXOne Networks
Mars Cheng is a threat researcher for TXOne Networks, blending background and experience in both ICS/SCADA and Enterprise cybersecurity systems. Mars has directly contributed to more than 10 CVE-IDs, and has had work published in three Science Citation Index (SCI) applied cryptography... Read More →
avatar for YenTing Lee

YenTing Lee

Cyber Threat Researcher, TXOne Networks
YenTing Lee is a Cyber Threat Researcher at the TXOne Networks IoT/ICS Security Research Labs. Before joining TXOne, YenTing was a Section Head at the Taiwan National Center for Cyber Security Technology (NCCST). He has experience in both ICS/SCADA and Cyber Offensive and Defensive... Read More →

Wednesday June 23, 2021 2:15pm - 3:00pm GMT+08
Filter sessions
Apply filters to sessions.