“Lets make visible the invisible and assume that we are going to be attacked…” This sentence by expert Ayman Al-Issa summarizes the work held during the third Ibero-American Industrial Cybersecurity Congress; a very intense week full of hard work, information exchange, novelties and interesting discussions.
To join in a single congress information from international sources that can be used on the everyday operations as well as strategic recommendations and the new solutions available in the market is only possible with a commited ecosystem as the one that was present during these last day
“Lets make visible the invisible and assume that we are going to be attacked…”
This sentence by expert Ayman Al-Issa summarizes the work held during the third Ibero-American Industrial Cybersecurity Congress; a very intense week full of hard work, information exchange, novelties and interesting discussions.
With the presence of renowned experts as Joel Langill who spoke about hacking SCADA devices, Marina Krotofil and the defense of cyber-physical systems, Richard Stiennon who stated that everyone is a potential objective, Chris Blask who spoke about the secure exchange of information related to cybersecurity incidentes.
Paulo Orozco from Ecopetrol presented the evolution of its strategic plan to protect industrial systems in the company, explaining key issues such as defense in depth, minimum privilege and training.
Patrick Miller from Energysec, exposed very important issues that have to be taken into account for the protection of industrial control systems and Marc Blackmer from Cisco showed the huge lack of cyber security professionals, specially related to the Internet of Things.
David Prieto and Francisco Oteiza from Telefónica made a demo of the SINFONIER project and its capabilities of interchanging information related to industrial processes in real time
Evgeny Goncharov from the Kaspersky Lab remarked that the main issue in this sector is to know the nature of the assets to be protected, even sacrificing important functionalities in exchange for cybersecurity.
Claudio Caracciolo, CCI coordinator for Argentina explained common issues that have to be dealt with regarding cybersecurity in industrial facilities.
Adrian Pauna from ENISA said that one of the main worries of the industry is to acquire experienced professionals able to deal with cyber security risks in industrial companies, and that certifications can be a very valuable tool for achieving this.
Miguel Rego introduced the activities that INTECO has performed during the last months with the objective of improving industrial cybersecurity in spanish companies.
Fernando Sánchez from The National Center for Critical Infrastructure Protection stated that there are no isolated sectors in the industry due to its heavy interdependencies.
Fernando Sevillano, from Logitek showed 10 recommendations regarding the remote access to indsutrial control systems.
Jorge Pasamón from PWC, talked about strategy and its relation with operations and the industrial cybersecurity lifecycle.
David Grout from Intel Security exposed one of the most important issues that were discussed: The need of a secure design.
Waterfall, represented by Colin Blou talked about the main threats: nation states actions and internal attacks.
Filippo Cassani from Fortinet showed the trends on cyber attacks detected by its network of systems deployed worldwide.
Javier Sánchez from OSISOFT made a presentation about 15 cybersecurity incidents in different industries and parts of the world, explaining how the company dealt with them.
Las consultoras igualmente tuvieron un papel primordial. Everis, GMV, Logitek , MNEMO y PWC presentaron desde sus diversos punto de vista el peso que esta disciplina está teniendo en sus organizaciones y en sus clientes.
Maria Pilar Torres from Everis Aerospace and Defense presented two projects: CAMINO focused on dealing with cyber risks towards 2020 and TACIT on the simulation of cyber attacks on industrial environments.
Santiago Navarro from MNEMO explained how the company have included industrial cybersecurity as an integral component of its governance service.
The key point of the presentiation by Javier Zubieta, from GMV, was integral security, presenting Faro Corporativo a cyber security management system where every piece of information regarding cybersecurity incidents is logged and analyzed.
Ayman Al-Issa from Booze Allen Hamiltion made an outstanding presentation about his experience deploying cybersecurity in oil and gas facilities.