V International Congress of Industrial Cybersecurity, 6 & 7 October 2015 Hotel Meliá Avenida de América, Madrid (Spain)

October 6 and 7, 2015

We celebrated our V International Congress of Industrial cybersecurity, and after the success achieved in the previous four (two in Madrid, one in Bogotá and one in Buenos Aires) has become the quality of its contents and speakers at the most important international conference on the subject in the Hipano-speaking world,

This conference is part of key activity Industrial Cyber ​​Security Center (ICC), as a reference event for the market as a meeting and exchange of knowledge, experiences and relationships of all stakeholders in this area.

This fifth event will be held at the Hotel Melia Avenida de América, Madrid (Spain) on 6 and 7, October  and around it a number of pre and post conference workshops that complement the topics discussed in it are organized.

During the conference there will be simultaneous translation and all the contents of the congress will be accessible later through exclusive recordings for attendees.

Link to the Congress Agenda

Agenda

Schedule

  • 06/10/2015
    Welcome and Introduction Congress
    Jose Valiente Pérez ( Center Cyber Security Industry, CCI, Director and Head of Coordination and Communication )

    Director and Head of Coordination and Communication Center Cyber Security Industry. Specialist Security Technology and consultancy. He has 20 years of experience working in large and multiple certifications consulting solutions and IT security vendors and ISACA CISM certification, and Global Industrial Cyber Security Professional (GICSP) GIAC

  • 06/10/2015
    Skills of the board of directors in Industrial Cyber Security
    Elizabeth Valentine ( Enterprise Governance Consulting, EGC., General Director )

    Elizabeth L. H. Valentine, MAICD is Managing-Director at the boutique advisory firm Enterprise Governance Consulting, EGC. She is a member of the Australian Institute of Corporate Directors and in late 2015 will graduate Dr of IT from Queensland University of Technology, QUT (Brisbane, Australia), where, in addition, she works as a guest professor in the MBA program on Corporate Governance of Information Systems & Technology. She holds an MBA from Henley (UK) and has been a successful chief executive, company director, business consultant and advisor in the use of technology, to both public and private sector enterprises. Elizabeth is also an Associate Analyst at the Spanish think tank, iTTi.

  • 06/10/2015
    Next steps in implementing the PIC Law
    Fernando Sánchez ( CNPIC, Director )

    Lieutenant Colonel of the Civil Guard and heads the National Center for Critical Infrastructure Protection (CNPIC) key to Spain cybersecurity agency.

  • 06/10/2015
    The work of INCIBE in Spain
    Alberto Hernández ( INCIBE, Director of Operations )

    Alberto Hernandez Moreno, Director of Operations INCIBE since February 2014, is Telecommunications Engineer from the Higher Technical School of Telecommunications Engineers of the Polytechnic University of Madrid. Alberto Hernandez has a long career of over 14 years in the field of cyber security and cyber defense, having worked in leading companies such as INDRA and ISDEFE. A specialized academic training certifications are added in the field of cybersecurity and the Information Technology and Communications and CISA (Certified Information System Auditor), CISSP (Certified Information System Security Professional), CSFI-DECO (Defensive Cyberspace Operations Engineer) Director of Security and the Ministry of Interior in others, as well as training in managerial skills in different business schools.

  • 06/10/2015
    Decomposing ICS cyber attacks and learning how to respond
    Robert M. Lee ( SANS Institute, Security LLC., Co-founder )

    Robert M. Lee is the co-founder of Dragos Security LLC. He is also the course author for SANS ICS 515 – Active Defense and Incident Response and co-author of SANS FOR 578 – Cyber Threat Intelligence. Robert gained his start in security in the U.S. Intelligence Community as an Air Force Cyber Warfare Operations Officer where he led an ICS intrusion analysis mission. He is also the author of “SCADA and Me”, the web comic “Little Bobby,” and is pursuing his PhD with a research focus on control system cyber security at Kings College London..

  • 06/10/2015
    Continuous monitoring of cybersecurity Critical Data Centers.
    Enrique Martín ( Security & Quality Director , ITCONIC, Director )

    Enrique has over 25 years experience in the field of information technology, many of which have been linked to safety.
    In its passage by the public administration he developed and participated in fitness plans to ENS and designed and implemented various e-government services for the energy sector.
    Since 2013 leads the Cybersecurity Industrial activity in Telvent Global Services, closely linked to plans for critical infrastructure protection and different operators own SCADALAB Telvent.Ha participated in the international project at the stage of dissemination and communication, bringing new proposals monitoring industrial control networks.

  • 06/10/2015
    A master plan to comply with the law
    Rafael Hernández ( Cepsa, CISO )

    Superior Telecommunications with experience in the development of control systems in manufacturing processes and in the areas of communications and security.
    SI responsible for security. Certifications ISO 27001 and 2001 standards.
    Specialties: Design and implentation of poryectos.
    Definition and Management Systems Managed Security Management. Certifications ISO 27001 and ISO 20001.

  • 06/10/2015
    ICS threats. A view of Kaspersky Lab, predictions and reality
    Vladimir Dashchenko ( Kaspersky Lab), Research developer )

    Vladimir is experienced in ICS and SCADA security researches, which covers penetration testing, different vulnerability researches,  incident investigations and threat intelligence. He were teaching cyber security course at the university as a Senior Lecturer. Also co-author of several CTFs.

  • 06/10/2015
    Cybersecurity in Industry 4.0
    Fernando Sevillano ( Logitek, Director de Ciberseguridad Industrial )

    Degree in Economics and Business Administration CUNEF center subscribed to the UCM (1995), Master in Management and Business Communication Research by the URJC (2008) and PhD from the School of Engineering (ETSII) of the University Rey Juan Carlos de Madrid (2010), having completed his doctoral thesis in the area of corporate management in real time. He has made several modules CPIM (Certified in Process and Inventory Management) by APICS and managerial skills courses in EADA.
    With nearly 20 years of experience, his professional career has developed in the IT sector, particularly in the area of corporate management solutions (ERP, BI, CRM) and industrial management (SCADA, MES, energy efficiency, Cloud Computing industry,

  • 06/10/2015
    A solution to threats: Close IT/OT security gap via a phased approach
    Franck Depierre ( Stormshield, Product marketing manager )

    Franck Depierre is the product marketing manager in charge of business development of new products at Stormshield like advanced malware detection service and industrial security systems.

    After 10 years as an engineer in the industrial automation field, Franck moved to the IT security domain to develop protection systems (Network, endpoint and cryptography). Today, he is leading the industrial offer composed of firewall, IDS and End point protection.

  • 07/10/2015
    Welcome and Introduction Congress
    Miguel García-Menéndez ( Industrial Cyber Security Center, CCI, Head of Government and Strategy )

    Miguel Garcia is responsible for Corporate Governance and Strategy at the Center for Industrial Cybersecurity .. initiated the aforementioned path between Synoptics (HMI) of steel processing facilities and control algorithms (MES) for the Spanish and Latin American steel industry, leading the Computer area Process engineering located in northern Spain, where he was also CIO.

  • 07/10/2015
    Virtual Patching in DCS and SCADA Systems
    José Luis Laguna ( Fortinet, Technical Director )

    Jose Luis Laguna tiene más de 15 años de experiencia en la ingeniería, ha sido director de sistemas y CISO en el Grupo Técnicas Reunidas, una de las mayores ingenierías del mundo, especializada en la construcción de plantas petrofíferas y de energía. Actualmente lidera el equipo de ingenieros de Fortinet para España.

  • 07/10/2015
    Current Status of the ISA 99 standard (IEC-62443)
    Héctor Puyosa ( Polytechnic University of Cartagena, Profesor )

    Profesional con gran experiencia en la ingeniería, ingeniería de construcción industrial , mantenimiento y fiabilidad industrial; proceso para mejorar la mejora de la productividad de la planta, la calidad y la seguridad de los procesos y excelencia operación. Participa de forma activa en uno de los comités de ISA 99. Es profesor de la Universidad Politécnica de Cartagena.

  • 07/10/2015
    Industrial Safety Control Environments: Electricity Sector. From the experience in Colombia
    Diego Andrés Zuluaga ( ISAGEN, CISO )

    Systems Engineer, Executive MBA, internationally certifies in IT risk management, information security and industrial control systems (CISM, CRISC, CGEIT, GICSP, ISO 27001 L.A.). Information security Officer at ISAGEN. He heads a group of cyber security experts in the National Committee of Operations of the Colombian electrical sector. Diego has more than 15 years of experience in information security, holding positions, among others, as international consultant at KPMG for companies in the public and private sector; he is a renowned speaker at national and international conferences and has been undergraduate and post-graduate professor at public and private universities. He collaborates with several initiatives to improve cyber security of critical infrastructures. He was awarded the “Americas Information Security Leadership Award” by (ISC)², received special mention as Outstanding Young Overachiever of Antioquia and of Colombia by the International Youth Chamber within the Program “Ten Outstanding Young Persons” and he was decorated with the Intelligence honor by the Colombian National Police

  • 07/10/2015
    Implementing Industrial Cybersecurity from Reality: Perspectives from Europe, America and the Middle East
    Samuel Linares ( CCI / Booz Allen Hamilton, Coordinador Oriente Medio y Asia / Lead Industrial Cybersecurity Expert )

    Samuel Linares es Coordinador del Centro de Ciberseguridad Industrial para la región de Oriente Medio, Experto Evaluador de la Comisión Europea y Experto CIIP (Critical Information Infrastructure Protection) de ENISA (European Network and Information Security Agency). Con casi 2 décadas de experiencia en seguridad, integración de sistemas y gestión proyectos multinacionales y multiculturales, ha sido el principal impulsor del concepto “Ciberseguridad Industrial”.

  • 07/10/2015
    Targeted cyber attacks on critical infrastructure
    Enrique Martín ( GMV, Head of Government and Strategy )

    Enrique Martin works as GMV cybersecurity expert for over 15 years and has led strategic projects in global organizations in banking, insurance and public administration. It also started the activity cybersecurity GMV in Portugal and in-depth knowledge APT-based attacks. Enrique is Excutive MBA from the IE Business School, Telecommunications Engineer and holds ISC2 CISSP certified

  • 07/10/2015
    Monitoring: a prerequisite in industrial cybersecurity
    Pablo Blanco Iñigo ( EULEN Seguridad, Unit Chief Cyber Security )

    Pablo Blanco’s Degree in Computer, is in possession of two masters Systems Audit and Management Information Security, a Diploma of Professional Expert in Management and Integrated Security, and the CISA and CISM certifications ISACA, ISO 22301 and ISO 31000 and expert risk analyst, among others. He is currently responsible for Unit Cybersecurity EULEN Security and its main functions are related to cybersecurity and Protection Critical Infrastructure.

  • 07/10/2015
    Pending title
    Marc Blackmer ( CISCO, Industrial Security Services Director )

    Marc has spent more than 15 years assisting some of the world’s top energy producers, financial institutions, and governments worldwide defend their critical assets from cyber threats. His technical background in information technology engineering, security operations, and IT governance, risk, and compliance, brings a unique perspective to addressing the threats facing critical infrastructure today.

  • 07/10/2015
    From theory to practice: Hacking in industrial world
    Gabriel González García ( IOACTIVE, Security Consultant )

    Software Engineer with more than 8 years of experience working in Embedded Systems Security and Development with a strong analytical background. Reverse engineering: Extract binaries from firmware, analysis of Network Protocols, Data Bus sniffing (SPI, i2C,…) and Vulnerability Research / Penetration testing.

  • 07/10/2015
    Barriers to better and more solid progress to protect critical infrastructure
    María Pilar Torres ( Everis, Manager of Cybersecurity Projects )

    María Pilar is currently the manager of cyber security projects at Everis Aerospace and Defense. After almost 11 years with the company, she has vast experience in large IT projects. She spent 5 years in the public sector in Spain, 3 in the public sector of the Mexican office of Everis and finally, 3 years ago, she assumed the responsibility of developing the Security division of Everis Aerospace and Defense, leveraging the services that the Everis Group already offers to small and medium-sized niche companies.

  • 07/10/2015
    The Current State of Industrial Cybersecurity in France
    Mathieu Feuillet ( ANSSI, the French Network and Information Security Agency, Member of the Networks and Protocols Security Laboratory )

    Mathieu Feuillet received an engineer degree both from Ecole Polytechnique (Paris) and Telecom ParisTech. He has also a PhD in Applied Mathematics from Ecole Polytechnique. After spending three years as a doctoral researcher at Inria, he joins the ANSSI, the French Network and Information Security Agency. There he has been particularly involved in ICS cybersecurity and critical infrastructure protection activities.

  • 07/10/2015
    TACIT - Simulation Tool for SmartGrids cyber attacks
    José Luis Díaz ( TACIT, Head of Compliance –Cybersecurity area. Everis )

    José Luis Díaz is expert in security and IT governance with advanced knowledge in regulatory compliance and auditing

  • 07/10/2015
    Ethics as key element of Cyber Security
    Federico Sauter ( Phoenix Contact, Software Engineer and Project Leader )

    It has more than fifteen years of experience professional, in most of which has been involved in developing cybersecurity systems (single-sign-on and embedded operating systems.).  He is currently directing any new versions embedded operating system for the mGuard as well as well as contributing actively to its development.

  • 07/10/2015
    Summary and Closing Congress Day
    Miguel García Menéndez ( CCI, Head of Government and Strategy )

    Miguel Garcia is responsible for Corporate Governance and Strategy at the Center for Industrial Cybersecurity .. initiated the aforementioned path between Synoptics (HMI) of steel processing facilities and control algorithms (MES) for the Spanish and Latin American steel industry, leading the Computer area Process engineering located in northern Spain, where he was also CIO.

Ponentes

Speakers

  • Marc Blackmer
    Industrial Security Services Director
    Cisco

    Marc has spent more than 15 years assisting some of the world’s top energy producers, financial institutions, and governments worldwide defend their critical assets from cyber threats. His technical background in information technology engineering, security operations, and IT governance, risk, and compliance, brings a unique perspective to addressing the threats facing critical infrastructure today.

  • Pablo Blanco Iñigo
    Unit Chief Cyber Security
    EULEN Seguridad

    Pablo Blanco’s Degree in Computer, is in possession of two masters Systems Audit and Management Information Security, a Diploma of Professional Expert in Management and Integrated Security, and the CISA and CISM certifications ISACA, ISO 22301 and ISO 31000 and expert risk analyst, among others. He is currently responsible for Unit Cybersecurity EULEN Security and its main functions are related to cybersecurity and Protection Critical Infrastructure.

  • Vladimir Dashchenko
    Research developer
    Kaspersky Lab

    Vladimir is experienced in ICS and SCADA security researches, which covers penetration testing, different vulnerability researches,  incident investigations and threat intelligence. He were teaching cyber security course at the university as a Senior Lecturer. Also co-author of several CTFs.

  • José Luis Díaz
    Head of Compliance – Cybersecurity area. Everis
    TACIT

    José Luis Díaz is expert in security and IT governance with advanced knowledge in regulatory compliance and auditing

  • Alberto Dominguez
    Security Consultant
    TACIT

    Security consultant with extensive experience in monitoring and analysis systems

  • Mathieu Feuillet
    Member of the Networks and Protocols Security Laboratory, Agencia Francesa para la Seguridad de las Redes y la Información
    ANSSI

    Mathieu Feuillet received an engineer degree both from Ecole Polytechnique (Paris) and Telecom ParisTech. He has also a PhD in Applied Mathematics from Ecole Polytechnique. After spending three years as a doctoral researcher at Inria, he joins the ANSSI, the French Network and Information Security Agency. There he has been particularly involved in ICS cybersecurity and critical infrastructure protection activities.

  • Gabriel González García
    Security Consultant
    IOACTIVE

    Software Engineer with more than 8 years of experience working in Embedded Systems Security and Development with a strong analytical background. Reverse engineering: Extract binaries from firmware, analysis of Network Protocols, Data Bus sniffing (SPI, i2C,…) and Vulnerability Research / Penetration testing.

  • Alberto Hernández
    Director of Operations
    INCIBE

    Alberto Hernandez Moreno, Director of Operations INCIBE since February 2014, is Telecommunications Engineer from the Higher Technical School of Telecommunications Engineers of the Polytechnic University of Madrid. Alberto Hernandez has a long career of over 14 years in the field of cyber security and cyber defense, having worked in leading companies such as INDRA and ISDEFE. A specialized academic training certifications are added in the field of cybersecurity and the Information Technology and Communications and CISA (Certified Information System Auditor), CISSP (Certified Information System Security Professional), CSFI-DECO (Defensive Cyberspace Operations Engineer) Director of Security and the Ministry of Interior in others, as well as training in managerial skills in different business schools.

  • Rafael Hernández
    CISO
    CEPSA

    Superior Telecommunications with experience in the development of control systems in manufacturing processes and in the areas of communications and security.
    SI responsible for security. Certifications ISO 27001 and 2001 standards.
    Specialties: Design and implentation of poryectos.
    Definition and Management Systems Managed Security Management. Certifications ISO 27001 and ISO 20001.

  • Robert M. Lee
    Fundador, SANS Institute
    Security LLC.

    Robert M. Lee is the co-founder of Dragos Security LLC. He is also the course author for SANS ICS 515 – Active Defense and Incident Response and co-author of SANS FOR 578 – Cyber Threat Intelligence. Robert gained his start in security in the U.S. Intelligence Community as an Air Force Cyber Warfare Operations Officer where he led an ICS intrusion analysis mission. He is also the author of “SCADA and Me”, the web comic “Little Bobby,” and is pursuing his PhD with a research focus on control system cyber security at Kings College London.

  • Enrique Martín
    Cybersecurity Expert
    GMV

    Enrique Martin works as GMV cybersecurity expert for over 15 years and has led strategic projects in global organizations in banking, insurance and public administration. It also started the activity cybersecurity GMV in Portugal and in-depth knowledge APT-based attacks. Enrique is Excutive MBA from the IE Business School, Telecommunications Engineer and holds ISC2 CISSP certified

  • Enrique Martín
    Director del Centro de Excelencia de Ciberseguridad
    ITCONIC

    Enrique has over 25 years experience in the field of information technologymany of which have been linked to safety.
    In its passage by the public administration he developed and participated in fitness plans to ENS and designed and implemented various e-government services for the energy sector.
    Since 2013 leads the Cybersecurity Industrial activity in Telvent Global Services, now ITCONIC, closely linked to plans for critical infrastructure protection and different operators own SCADALAB Telvent.Ha participated in the international project at the stage of dissemination and communication, bringing new proposals monitoring industrial control networks.

  • Fernando Sánchez
    Director
    CNPIC

    Lieutenant Colonel of the Civil Guard and heads the National Center for Critical Infrastructure Protection (CNPIC) key to Spain cybersecurity agency.

  • Federico Sauter
    Software Engineer and Project Leader
    Phoenix Contact

    It has more than fifteen years of experience professional, in most of which has been involved in developing cybersecurity systems (single-sign-on and embedded operating systems.).  He is currently directing any new versions embedded operating system for the mGuard as well as well as contributing actively to its development.

  • Fernando Sevillano
    Director de Soluciones
    Logitek

    Degree in Economics and Business Administration CUNEF center subscribed to the UCM (1995), Master in Management and Business Communication Research by the URJC (2008) and PhD from the School of Engineering (ETSII) of the University Rey Juan Carlos de Madrid (2010), having completed his doctoral thesis in the area of corporate management in real time. He has made several modules CPIM (Certified in Process and Inventory Management) by APICS and managerial skills courses in EADA.
    With nearly 20 years of experience, his professional career has developed in the IT sector, particularly in the area of corporate management solutions (ERP, BI, CRM) and industrial management (SCADA, MES, energy efficiency, Cloud Computing industry, etc).

  • María Pilar Torres
    Manager of Cybersecurity Projects
    Everis

    María Pilar is currently the manager of cyber security projects at Everis Aerospace and Defense. After almost 11 years with the company, she has vast experience in large IT projects. She spent 5 years in the public sector in Spain, 3 in the public sector of the Mexican office of Everis and finally, 3 years ago, she assumed the responsibility of developing the Security division of Everis Aerospace and Defense, leveraging the services that the Everis Group already offers to small and medium-sized niche companies.

  • Elizabeth Valentine
    General Director
    Enterprise Governance Consulting, EGC

    Elizabeth L. H. Valentine, MAICD is Managing-Director at the boutique advisory firm Enterprise Governance Consulting, EGC. She is a member of the Australian Institute of Corporate Directors and in late 2015 will graduate Dr of IT from Queensland University of Technology, QUT (Brisbane, Australia), where, in addition, she works as a guest professor in the MBA program on Corporate Governance of Information Systems & Technology. She holds an MBA from Henley (UK) and has been a successful chief executive, company director, business consultant and advisor in the use of technology, to both public and private sector enterprises. Elizabeth is also an Associate Analyst at the Spanish think tank, iTTi.

  • Jose Valiente Pérez
    Director
    Centro de Ciberseguridad Industrial

    Director and Head of Coordination and Communication Center Cyber Security Industry. Specialist Security Technology and consultancy. He has 20 years of experience working in large and multiple certifications consulting solutions and IT security vendors and ISACA CISM certification, and Global Industrial Cyber Security Professional (GICSP) GIAC

  • Diego Andrés Zuluaga
    Information Security Officer
    ISAGEN

    Systems Engineer, Executive MBA, internationally certifies in IT risk management, information security and industrial control systems (CISM, CRISC, CGEIT, GICSP, ISO 27001 L.A.). Information security Officer at ISAGEN. He heads a group of cyber security experts in the National Committee of Operations of the Colombian electrical sector. Diego has more than 15 years of experience in information security, holding positions, among others, as international consultant at KPMG for companies in the public and private sector; he is a renowned speaker at national and international conferences and has been undergraduate and post-graduate professor at public and private universities. He collaborates with several initiatives to improve cyber security of critical infrastructures. He was awarded the “Americas Information Security Leadership Award” by (ISC)², received special mention as Outstanding Young Overachiever of Antioquia and of Colombia by the International Youth Chamber within the Program “Ten Outstanding Young Persons” and he was decorated with the Intelligence honor by the Colombian National Police

Talleres

Main Host

  • 5 de Octubre
    Pre-Congress Workshops

    9:00 – 15:00 h Applying the SGCI to protect Industrial Infrastructure

    The lack of specific standards to address cybersecurity management in industrial control systems, and especially to manage the risks arising from the possible materialisation of cyberthreats that impact severely on those systems, has led us to develop a guide to build a SGCI (System Management Industrial Cybersecurity) based on ISA99 (IEC 62443) and ISO 27001 and 27002, and which becomes a fundamental tool to efficiently manage, continuously, and aligned with the needs the organization and third parties related to it, the risks to the availability, integrity and confidentiality of information managed by said industrial control systems.
    In this workshop a case of using an industrial facility types will be presented to implement the SGCI developed by the Industrial Cyber ​​Security Center.
    Presenters: José Valiente (CCI), Miguel García-Menéndez (CCI) ( Price: 400 € )
  • 8 de Octubre
    Post-Congress Workshop

    9:00 – 15:00h, The Effective Approach for Protecting Oil and Gas Critical Infrastructures from the Emerging Cyber Threats

    While there were heaps of talks during the last few years about the increase in emerging threats that are targeting Industrial Control Systems (ICS), the major challenge that needs more focus is how to practically improve cyber security within these heterogeneous industrial environments while maintain safe operation. The workshop will give a comprehensive overview of the practical approach for designing and implementing cyber security for the new Industrial Control Systems from Front End Engineering Design (FEED) Stage to the EPC (Engineering, Procurement and Construction). It will also discuss how to address the challenges faced for securing the existing new and legacy control systems in the brown oil fields.

    Presenter: Samuel Linares (Booz Allen Hamilton, CCI Coordinator) ( Price 450 € )

Patrocinadores

Sponsors

Gold

Silver

Bronze

October 6 and 7, 2015
Hotel Meliá Avenida de América (C/ Juan Ignacio Luca de Tena, 36)