2015Marriott West loop Hotel, Houston, texas, Usa

Securing against the present and future threats towards the industry

oil and gas cybersecurity North america

13th & 14th

May

exPert SPeaker PaneL IncLudeS:• James Morrison, computer scientist, Houston cyber task

Force, Federal Bureau of Investigation• catherine cavazos, Data security Manager, nov• Michael Lewis, Policy and Framework advisor, information

risk strategy and Management, chevron Informationtechnology company

• Jason Mceachin, Director, sales engineering, Lookingglasscyber Solutions

• donna dodson, Deputy cyber security advisor, nationalInstitute of Standards and technology

• clifford neuman, Director, centre for computer systemssecurity, information sciences institute, university ofSouthern california

• claudia escobar, state-wide security ProgrammeManager, office of the chief information security officer,Department of information resources, State of texas

• randy hamilton, Manager, it security and compliance,newfield exploration company

• Mike Firstenberg, Director of industrial security, WaterfallSecurity

• amy taylor, Director, Houston branch, kane russellcoleman & Logan Pc

• Glenn a Fink, cyber security researcher, secure cybersystems group, Pacific northwest national Laboratory

BeneFItS oF attendInG:• Understand the current key market regulations to set a

new standard across the industry• Discover how you need to operate to create a safer

environment• Discuss how the industry needs to develop in North

america• evaluate live demos on how to block oncoming attacks

and minimise the clean up• Hear about the latest technology and software available • listen from leading case studies and understand what

lessons have be learned

www.oilandgas-cybersecurity.com register online or fax your registration to +44 (0) 870 9090 712 or call +44 (0) 870 9090 711

PLuS an InteractIve haLF-day Pre-conFerence WorkShoP • tueSday 12th May 2015

cybersecurity Frameworks and architecturesHosted by: the cyber Security Institute (cSI)

1:30pm - 5:30pm

Book By 27th FeBruary and Save $300 • Book By 31St March and Save $100

sMi present their 6th in the series of…

Sponsored by

#oilgascybertx

oil and Gas cyber Security north america day one │ Wednesday 13th May 2015 www.oilandgas-cybersecurity.com

register online at www.oilandgas-cybersecurity.com • alternatively

8.30 registration & coffee

9.00 chairman's opening remarkscatherine cavazos, Data security Manager, national oilwellvarco

FraMeWork and StandardS

oPenInG addreSS 9.10 Building resiliency into a cybersecurity Program

• overview of a cybersecurity Programo identify - Protect - Detect - respond - recover• incident Handling - overview of Process - Needed capabilities• incident Handling and information sharingdonna dodson, Deputy cyber security advisor, national Instituteof Standards and technology

9.50 cybersecurity Framework and Information Sharing Guidance for oil and Gas

• this presentation will provide oil and gas industry specificguidance for using/implementing the Nist cybersecurityFramework and for sharing cybersecurity information

Michael Lewis, Policy and Framework advisor, information riskstrategy and Management, chevron Information technologycompany   

10.30 Morning coffee

11.00 are control System networks expendable?• all software can be hacked • all it security technology is software• Hardware-enforced security use cases in oil & gas• Pervasive threats drive best-practice evolution Mike Firstenberg, Director of industrial security, Waterfall Security

11.40 Selling the cost of Security to Management• guiding security professionals on how to identify and employ

reference resources and metrics from well-know, widely-accepted sources

• Quantifying the threats and risks in a context that is consistentwith the size and maturity of your company and industry

• “selling” why protecting information assets have a cost, andwhat the trade-offs are between cost and risks

• Describing the power of having well-informed workers and theimpact he can have on the protecting corporate informationassets

• “training” management to focus on protecting informationassets and reducing risks like they already foucs on reducingbusiness expense

randy hamilton, Manager, it security and compliance, newfieldexploration company

12.20 networking Lunch

1.40 the Power of threat Intelligence in your cybersecurity Program• Harnessing the power of threat intelligence collection,

aggregation, ingestion, and automation for full threatintelintegration into your cybersecurity defense lifecycle

• adding global context to internal and external threat intelsources enables decision support both within and outside theenterprise perimeter

• aggregating disperate threat information supports improvedanalysis and confidence

Jason Mceachin, Director, sales engineering, Lookingglass cyberSolutions

2.20 Strategies & tactics dealing With Insider and outsider caused Breaches

• current events in breaches• What the bad guys are doing and why• strategies and tactics to address risks and weaknesses• What to do now danny Miller, system chief information security officer, texas a & M university

cyBer SecurIty For GaS oPeratIonS

3.00 Security in drilling, Modeling and automation• broadening cyber-attacks landscape effects the security of

products used • Not only networks are vulnerable, all tools used are susceptible• identify security gaps within a drilling process• avoid false environments, there are no silver bulletscatherine cavazos, Data security Manager, national oilwellvarco

3.40 afternoon tea

4.10 cybersecurity architectures — curriculum & related issues• Why cybersecurity architectures are critical for securing

enterprise information systems• overview of representative cybersecurity architectures and

frameworks• requirements of cultivating cybersecurity architects• cybersecurity architecture curriculumandrew yang, executive director, cyber security institute,university of houston - clear Lake

4.50 Panel discussion- combating against a Breach • cyber-attacks are growing concern for all organizations that

can cause severe financial and reputational damage• in this panel, we discuss the challenges around insider threat detection - types of attack that may be conducted - the behavioural characteristics of insiders - detection systems - securing against the unknown - examples of approaches adopted by oil & gas companies - the future outlook for cyber security James Morrison, computer scientist, Houston cyber task Force,Federal Bureau of Investigation catherine cavazos, Data security Manager, national oilwellvarco claudia escobar, statewide security Programme Manager, Stateof texas - department of Information resources

5.30 chairman's closing remarks and close of day one

PaneLdIScuSSIon

erPScan is one of the most respected and credible business application security provider. Founded in 2010, thecompany operates globally. Named as an ‘emerging vendor’ in security by crN and distinguished by more than 25other awards - erPscan is the leading saP se partner in discovering and resolving security vulnerabilities. erPscanconsultants work with saP se in Walldorf supporting in improving security of their latest solutions. We use ‘follow thesun’ principle and function in two hubs, located in the Netherlands and the Us to operate local offices and partnernetwork spanning 20+ countries around the globe. www.erpscan.com

the IGuana family of solutions protects critical networks and data assets against modern cyber-attacks. igUaNablueprovides resilient security for industrial control systems, customised specifically for the requirements of ics. tailoreddirectly to the risk and criticality of your plant function, igUaNa blue balances the need for security whilst stillmaintaining business efficiency, providing a cost-effective ‘fit and forget’ data guard solution against growing cyberthreats. based on the same architecture and security aspects of the award-winning cataPaN range of governmentgrade iP encryption solutions, igUaNagreen has been designed to provide commercial organisations the capabilityto securely send and receive sensitive information whilst harnessing the flexibility of local iP networks and protectingdata from the increasing threat of cyber-attack. www.iguanasecurity.com

Sponsored by

SPonSorShIP oPPortunItIeS: sMi offer sponsorship, exhibition, advertising and branding packages, uniquely tailored to complement your company's marketingstrategy. should you wish to join the increasing number of companies benefiting from promoting their business at our conferences please call: alia Malick, Director, on +44 (0) 207 827 6168 or email amalick@smi-online.co.uk

fax your registration to +44 (0)870 9090 712 or call +44 (0)870 9090 711

8.30 registration & coffee

9.00 chairman's opening remarkscatherine cavazos, Data security Manager, national oilwellvarco

GovernMent reGuLatIonS and SuPPort

oPenInG addreSS9.10 current efforts that the State of texas office of the chief Information Security officer is Working on

• establishing a statewide cybersecurity coordination andcollaboration platform

• enabling regional cybersecurity response coordination• coordinating statewide cybersecurity exercise and preparedness• coordinating cybersecurity intelligence sharing among key

entities within the stateclaudia escobar, statewide security Programme Manager, Stateof texas - department of Information resources

9.50 cyber Insurance for the oil & Gas Industry• Key threats/risks , for example - scaDa systems - Nation state hackers• regulatory, legal and litigation trends around cyber issues• traditional insurance response for cyber risk• cyber insurancerobert Parisi, FiNPro cyber & technology Product lead, Marsh, Inc.

10.30 Morning coffee

11.00 13 real ways to destroy business by breaking company’s SaP applications

• there are potential problems that one can’t disregard whentaking erP systems’ security issues into consideration, thus thepresentation will cover:

• real and existent risks, such as: changing bank account data,access to company’s internal resources, remote illegal updatesupload, Modification of reports, Falsification of business-criticaldata, salary data unauthorized modifications, creating defectsin products intentionally, stealing credit card data

• the ‘need to know’ things that you can’t afford to ignore afterimplementation of any business application processing critical data

• issues of the exponentially growing number of vulnerabilities inerP systems, as the saP Products alone have more than 3000+Vulnerabilities, giving an attacker a full scope for performingalmost any action to business applications

alexander Polyakov, cto, erPScan

11.40 creating a cyber Fortress against all enemies• the current culture• lessons learned • Dissecting the anatomy of insurance coverage• oolkits and tourniquets • Forecast for the Futureamy dunn taylor, Director, Houston branch, kane russellcoleman & Logan Pc

12.20 Legal aspects of cyber Security• the role of the board of Directors, including legal duties and

potential liabilities• Developing company policies to address today’s threats,

including data privacy policies, employee policies andincident response policies

• Developing effective cyber clauses in vendor and client contracts• Understanding cyber insurance and what it will (and will not) cover• legal aspects of an effective incident response, including

coordination with law enforcement and complying withnotification requirements

Michael titens, Partner, thompson & knight LLP

1.00 networking Lunch

caSe StudIeS

2.00 digital ants: dynamic and resilient Infrastructures Protection• the Need: Why oil and gas industry needs next-generation

resilient cyber security protection• our approach: Nature-inspired Digital ants and how they work• the benefits: How a mobile resilient cyber defense keeps

infrastructure safe• competing approaches: Why big-data with centralized

analytics can’t do the job aloneGlenn Fink, senior cyber security researcher, Pacific northwestnational Laboratory

2.40 understanding the International ramifications of cyber Insecurity in energy

• targeting of energy in Warfare• cyber and less-than-War• the technological landscape of Vulnerability• employing the cyber Weapon in energychris Bronk, assistant Professor, university of houston

3.20 afternoon tea

3.50 Situational awareness and cyber-Physical attack detection and remediation for oil and Gas Infrastructure

• cyber-physical systems for critical infrastructure must beunderstood as federated systems of systems

• the impact of cyber-threats to the operational resilience of thephysical systems requires domain specific models of the systemof system impact

• effective remediation of cyber-Physical attacks on suchsystems depends on actionable situational awareness

• remediation activities must be evaluated in the context ofboth organizational policy, and the physical impact on thesystem of systems based on the models developed

• by combining cyber-models and domain specific physicalmodels we can improve the operational resiliency of cyber-physical systems

clifford neuman, Director, Usc center for computer systems,university of Southern california

4.30 cybersecurity and zero-day monitoring and detection in oil and Gas installations

• challenges in detecting zero-day attacks• cybersecurity threat situation for oil and gas• incident handling in oil and gas and why it is challenging• efficient and non-intrusive cybersecurity monitoring and

detection of Drilling rigs and Production PlatformsSiv hilde houmb, cto, Secure-nok

5.10 chairman’s closing remarks and close of day two

oil and Gas cyber Security north america www.oilandgas-cybersecurity.com day two │ thursday 14th May 2015

Sponsored by

Lookingglass cyber Solutions is the world leader in threat intelligence management combining global networksituational awareness with automated internet intelligence to support threat, security and risk operations.lookingglass enables security professionals to navigate, investigate, analyze and research relevant, context-enrichedthreat information through a single platform. the lookingglass scout platform provides aggregated access tolookingglass’ industry-leading, extensive and diverse threat sources alerting organizations to impending risk. thescout platform drives effectiveness and efficiency by replacing the manual process of management threatintelligence for enterprise and mid-sized organizations. For more information, visit www.LGScout.com

Waterfall Security Solutions Ltd. is the leading provider of stronger-than-firewalls protections for industrial controlnetworks and critical infrastructures. the company’s products are deployed in utilities and critical nationalinfrastructures throughout North america, europe, asia and israel. Waterfall’s technologies reduce the cost andcomplexity of compliance with Nerc-ciP, Nrc, Nist, cFats and other regulations, and include support for leadingindustrial applications: Frost & sullivan describe Waterfall's solutions as ensuring "optimum security for networks acrossuser verticals" and awarded Waterfall the 2012 Network security award for industrial control systems entrepreneurialcompany of the year and the 2013 North america award for customer Value enhancement.www.waterfall-security.com

overview: the workshop will provide discussions of cybersecurityframeworks/architectures, including the Nistcybersecurity Framework, the sherwood appliedbusiness security architecture (sabsa), and the cobitframework.

Important questions that will be discussed include:• What is a cybersecurity framework?• What is its relationship to the enterprise information

framework?• What role does a cybersecurity framework play in

securing an enterprise information system?• What are some of the representative cybersecurity

frameworks or architectures?

Why you should attend:Participants at this workshop will learn the basics ofcybersecurity frameworks and architectures, and get ataste of representative frameworks commonly adoptedby organizations and cybersecurity professionals. Withthe workshop format, the participants will be able tointeract with the presenters and discuss questions theymay have about cybersecurity frameworks andarchitectures.

Programme:

1.30 registration and coffee2.00 opening remarks and introductions2.10 Session 1: the nISt Framework

andrew yang, Director, cyber Security Institute

2.50 Session 2: SaBSa ross Leo, associate Director, cyber Security Institute

3.30 coffee4.00 Session 3: coBIt

norman comstock, Director, Berkeley research Group

4.40 Session 4: discussion and case Study Sergio Muniz, President, cyFor technologies

5.30 end of workshop

about the workshop leaders:norman comstock is a veteran manager ofenterprise information systems, with specialtiesin executive management and technologyconsultant to private and public corporations.ross Leo is an experienced cybersecuritytrainer and consultant, and currently serves asthe associate director of the cyber securityinstitute at the University of Houston-clear lake.Sergio Muniz is a seasoned cybersecurityprofessional, and the founder and president ofthe cyFor technologies.andrew yang is an experienced computerscience educator and researcher, andcurrently serves as the executive director of thecyber security institute.

about cSIthe cyber security institute (csi) was established as aneducational and research arm of the University ofHouston-clear lake (UHcl), to provide research andeducation services to strengthen the Houston region'sefforts of securing the cyberspace and cyber systems.With support from nearby governmental agencies andorganizations, the UHcl-csi has offered cybersecuritytraining, conducted cybersecurity related research,and provided free seminars and workshops to raisecybersecurity awareness.www.prtl.uhcl.edu/portal/page/portal/Sce/csi

haLF day Pre-conFerence WorkShoPtuesday 12th May 2015Marriott West Loop hotel

1.30pm - 5.30pm

cybersecurity Frameworks andarchitectures

hosted by:

FeBruary

e&P Information & data Management

3-4 February 2015, london, UKFloating LnG

18-19 February 2015, london, UKtelematics usage Based Insurance

18-19 February 2015, london, UKMarch

Project Financing in oil and Gasnorth america

9-10 March 2015, Houston, Usa

european Smart Grid cyber Security9-10 March 2015, london, UK

Gas to Liquids north america11-12 March 2015, Houston, Usa

oil and Gas telecommunications25-26 March 2015, london, UK

June

Gas Storage and transmissions 17-18 June 2015, london, UK

Supported by

Want to know how you can get

involved?

Interested in promoting your

services to this market?

contact Julia rotar on

+44 (0)20 7827 6088 or email:

jrotar@smi-online.co.uk

SMi ENERGY FORWARD PLANNER 2015

oIL and GaS cyBer SecurIty north aMerIca conference: 13th-14th May 2015 | Marriott West Loop hotel, houston, texas, uSa Workshop: 12th May 2015, texas, uSa

4 WayS to reGISter

Fax your booking form to +44 (0) 870 9090 712

Phone on +44 (0) 870 9090 711

www.oilandgas-cybersecurity.com PoSt your booking form to: events team, SMi Group Ltd, 2nd FloorSouth, harling house, 47-51 Great Suffolk Street, London, Se1 0BS

If you have any further queries please call the events team on tel +44 (0) 870 9090 711 or you can email them at events@smi-online.co.uk

Payment: if payment is not made at the time of booking, then an invoice will be issued and mustbe paid immediately and prior to the start of the event. if payment has not been received thencredit card details will be requested and payment taken before entry to the event. bookings within7 days of event require payment on booking. access to the Document Portal will not be given untilpayment has been received.

Substitutions/name changes: if you are unable to attend you may nominate, in writing, anotherdelegate to take your place at any time prior to the start of the event. two or more delegates maynot ‘share’ a place at an event. Please make separate bookings for each delegate.

cancellation: if you wish to cancel your attendance at an event and you are unable to send asubstitute, then we will refund/credit 50% of the due fee less a £50 administration charge, providingthat cancellation is made in writing and received at least 28 days prior to the start of the event.regretfully cancellation after this time cannot be accepted. We will however provide theconferences documentation via the Document Portal to any delegate who has paid but is unableto attend for any reason. Due to the interactive nature of the briefings we are not normally able toprovide documentation in these circumstances. We cannot accept cancellations of orders placedfor Documentation or the Document Portal as these are reproduced specifically to order. if we haveto cancel the event for any reason, then we will make a full refund immediately, but disclaim anyfurther liability.

alterations: it may become necessary for us to make alterations to the content, speakers, timing,venue or date of the event compared to the advertised programme.

data Protection: the sMi group gathers personal data in accordance with the UK Data Protectionact 1998 and we may use this to contact you by telephone, fax, post or email to tell you about otherproducts and services. Unless you tick here □we may also share your data with third parties offeringcomplementary products or services. if you have any queries or want to update any of the datathat we hold then please contact our Database Manager databasemanager@smi-online.co.uk orvisit our website www.smi-online.co.uk/updates quoting the UrN as detailed above your address onthe attached letter.

unique reference number

our reference e-060

terms and conditions of Booking

deLeGate detaILSPlease complete fully and clearly in capital letters. Please photocopy for additional delegates.

title: Forename:

Surname:

Job title:

department/division:

company/organisation:

email:

company vat number:

address:

town/city:

Post/Zip code: country:

direct tel: direct Fax:

Mobile:

Switchboard:

Signature: date:i agree to be bound by sMi's terms and conditions of booking.

accountS dePt

title: Forename:

Surname:

email:

address (if different from above):

town/city:

Post/Zip code: country:

direct tel: direct Fax:

Payment must be made to SMi Group Ltd, and received before the event, byone of the following methods quoting reference e-060 and the delegate’sname. Bookings made within 7 days of the event require payment on booking,methods of payment are below. Please indicate method of payment:□ Wire transfer lloyds tsb bank plc, 39 threadneedle street, london, ec2r 8aU sort code: 30-00-09 account: 11775391 swift (bic): LoydGB21013 ibaN: GB75 Loyd 3000 0911 7753 91

□ cheque We can only accept cheques in Us Dollars

□ credit card □ Visa □ Mastercard □ american express

all credit card payments will be subject to standard credit card charges.

card No: □□□□ □□□□ □□□□ □□□□

Valid From □□/□□ expiry Date □□/□□

cVV Number □□□□ 3 digit security on reverse of card, 4 digits for aMex card

cardholder’s name:

Signature: date:i agree to be bound by sMi's terms and conditions of booking.

card Billing address (if different from above):

PayMent

vatVat at 20% is charged on the Document portal and literature distribution for all UK customers and forthose eU customers not supplying a registration number for their own country here

conFerence PrIceS GrouP dIScountS avaILaBLe

I would like to attend: (Please tick as appropriate) Fee

□ conference & Workshop $1898.00

□ conference only $1299.00

□ Workshop only $599.00

PROMOTIONAL LITERATURE DISTRIBUTION □ Distribution of your company’s promotional literature to all conference attendees $1598.00 + vat $1917.60

the conference fee includes refreshments, lunch, conference papers, and access tothe Document Portal. Presentations that are available for download will be subject todistribution rights by speakers. Please note that some presentations may not beavailable for download. access information for the document portal will be sent tothe e-mail address provided during registration. Details are sent within 24 hours postconference.

venue Marriott West Loop hotel, 1750 West Loop South Freeway, houston, tx 77027

□ Please contact me to book my hotelalternatively call us on +44 (0) 870 9090 711, email: hotels@smi-online.co.uk or fax +44 (0) 870 9090 712

□ Book by 27th February to receive $300 off the conference price

□ Book by 31st March to receive $100 off the conference priceearLy BIrddIScount

docuMentatIonI cannot attend but would like to Purchase access to the followingdocument Portal/Paper copy documentation. Price total□ access to the conference documentation

on the Document Portal $799.00 + vat $958.80□ the conference Presentations – paper copy $799.00 - $799.00

(or only $600 if ordered with the Document Portal)