2015Marriott West loop Hotel, Houston, texas, Usa
Securing against the present and future threats towards the industry
oil and gas cybersecurity North america
13th & 14th
May
exPert SPeaker PaneL IncLudeS:• James Morrison, computer scientist, Houston cyber task
Force, Federal Bureau of Investigation• catherine cavazos, Data security Manager, nov• Michael Lewis, Policy and Framework advisor, information
risk strategy and Management, chevron Informationtechnology company
• Jason Mceachin, Director, sales engineering, Lookingglasscyber Solutions
• donna dodson, Deputy cyber security advisor, nationalInstitute of Standards and technology
• clifford neuman, Director, centre for computer systemssecurity, information sciences institute, university ofSouthern california
• claudia escobar, state-wide security ProgrammeManager, office of the chief information security officer,Department of information resources, State of texas
• randy hamilton, Manager, it security and compliance,newfield exploration company
• Mike Firstenberg, Director of industrial security, WaterfallSecurity
• amy taylor, Director, Houston branch, kane russellcoleman & Logan Pc
• Glenn a Fink, cyber security researcher, secure cybersystems group, Pacific northwest national Laboratory
BeneFItS oF attendInG:• Understand the current key market regulations to set a
new standard across the industry• Discover how you need to operate to create a safer
environment• Discuss how the industry needs to develop in North
america• evaluate live demos on how to block oncoming attacks
and minimise the clean up• Hear about the latest technology and software available • listen from leading case studies and understand what
lessons have be learned
www.oilandgas-cybersecurity.com register online or fax your registration to +44 (0) 870 9090 712 or call +44 (0) 870 9090 711
PLuS an InteractIve haLF-day Pre-conFerence WorkShoP • tueSday 12th May 2015
cybersecurity Frameworks and architecturesHosted by: the cyber Security Institute (cSI)
1:30pm - 5:30pm
Book By 27th FeBruary and Save $300 • Book By 31St March and Save $100
sMi present their 6th in the series of…
Sponsored by
#oilgascybertx
oil and Gas cyber Security north america day one │ Wednesday 13th May 2015 www.oilandgas-cybersecurity.com
register online at www.oilandgas-cybersecurity.com • alternatively
8.30 registration & coffee
9.00 chairman's opening remarkscatherine cavazos, Data security Manager, national oilwellvarco
FraMeWork and StandardS
oPenInG addreSS 9.10 Building resiliency into a cybersecurity Program
• overview of a cybersecurity Programo identify - Protect - Detect - respond - recover• incident Handling - overview of Process - Needed capabilities• incident Handling and information sharingdonna dodson, Deputy cyber security advisor, national Instituteof Standards and technology
9.50 cybersecurity Framework and Information Sharing Guidance for oil and Gas
• this presentation will provide oil and gas industry specificguidance for using/implementing the Nist cybersecurityFramework and for sharing cybersecurity information
Michael Lewis, Policy and Framework advisor, information riskstrategy and Management, chevron Information technologycompany
10.30 Morning coffee
11.00 are control System networks expendable?• all software can be hacked • all it security technology is software• Hardware-enforced security use cases in oil & gas• Pervasive threats drive best-practice evolution Mike Firstenberg, Director of industrial security, Waterfall Security
11.40 Selling the cost of Security to Management• guiding security professionals on how to identify and employ
reference resources and metrics from well-know, widely-accepted sources
• Quantifying the threats and risks in a context that is consistentwith the size and maturity of your company and industry
• “selling” why protecting information assets have a cost, andwhat the trade-offs are between cost and risks
• Describing the power of having well-informed workers and theimpact he can have on the protecting corporate informationassets
• “training” management to focus on protecting informationassets and reducing risks like they already foucs on reducingbusiness expense
randy hamilton, Manager, it security and compliance, newfieldexploration company
12.20 networking Lunch
1.40 the Power of threat Intelligence in your cybersecurity Program• Harnessing the power of threat intelligence collection,
aggregation, ingestion, and automation for full threatintelintegration into your cybersecurity defense lifecycle
• adding global context to internal and external threat intelsources enables decision support both within and outside theenterprise perimeter
• aggregating disperate threat information supports improvedanalysis and confidence
Jason Mceachin, Director, sales engineering, Lookingglass cyberSolutions
2.20 Strategies & tactics dealing With Insider and outsider caused Breaches
• current events in breaches• What the bad guys are doing and why• strategies and tactics to address risks and weaknesses• What to do now danny Miller, system chief information security officer, texas a & M university
cyBer SecurIty For GaS oPeratIonS
3.00 Security in drilling, Modeling and automation• broadening cyber-attacks landscape effects the security of
products used • Not only networks are vulnerable, all tools used are susceptible• identify security gaps within a drilling process• avoid false environments, there are no silver bulletscatherine cavazos, Data security Manager, national oilwellvarco
3.40 afternoon tea
4.10 cybersecurity architectures — curriculum & related issues• Why cybersecurity architectures are critical for securing
enterprise information systems• overview of representative cybersecurity architectures and
frameworks• requirements of cultivating cybersecurity architects• cybersecurity architecture curriculumandrew yang, executive director, cyber security institute,university of houston - clear Lake
4.50 Panel discussion- combating against a Breach • cyber-attacks are growing concern for all organizations that
can cause severe financial and reputational damage• in this panel, we discuss the challenges around insider threat detection - types of attack that may be conducted - the behavioural characteristics of insiders - detection systems - securing against the unknown - examples of approaches adopted by oil & gas companies - the future outlook for cyber security James Morrison, computer scientist, Houston cyber task Force,Federal Bureau of Investigation catherine cavazos, Data security Manager, national oilwellvarco claudia escobar, statewide security Programme Manager, Stateof texas - department of Information resources
5.30 chairman's closing remarks and close of day one
PaneLdIScuSSIon
erPScan is one of the most respected and credible business application security provider. Founded in 2010, thecompany operates globally. Named as an ‘emerging vendor’ in security by crN and distinguished by more than 25other awards - erPscan is the leading saP se partner in discovering and resolving security vulnerabilities. erPscanconsultants work with saP se in Walldorf supporting in improving security of their latest solutions. We use ‘follow thesun’ principle and function in two hubs, located in the Netherlands and the Us to operate local offices and partnernetwork spanning 20+ countries around the globe. www.erpscan.com
the IGuana family of solutions protects critical networks and data assets against modern cyber-attacks. igUaNablueprovides resilient security for industrial control systems, customised specifically for the requirements of ics. tailoreddirectly to the risk and criticality of your plant function, igUaNa blue balances the need for security whilst stillmaintaining business efficiency, providing a cost-effective ‘fit and forget’ data guard solution against growing cyberthreats. based on the same architecture and security aspects of the award-winning cataPaN range of governmentgrade iP encryption solutions, igUaNagreen has been designed to provide commercial organisations the capabilityto securely send and receive sensitive information whilst harnessing the flexibility of local iP networks and protectingdata from the increasing threat of cyber-attack. www.iguanasecurity.com
Sponsored by
SPonSorShIP oPPortunItIeS: sMi offer sponsorship, exhibition, advertising and branding packages, uniquely tailored to complement your company's marketingstrategy. should you wish to join the increasing number of companies benefiting from promoting their business at our conferences please call: alia Malick, Director, on +44 (0) 207 827 6168 or email [email protected]
fax your registration to +44 (0)870 9090 712 or call +44 (0)870 9090 711
8.30 registration & coffee
9.00 chairman's opening remarkscatherine cavazos, Data security Manager, national oilwellvarco
GovernMent reGuLatIonS and SuPPort
oPenInG addreSS9.10 current efforts that the State of texas office of the chief Information Security officer is Working on
• establishing a statewide cybersecurity coordination andcollaboration platform
• enabling regional cybersecurity response coordination• coordinating statewide cybersecurity exercise and preparedness• coordinating cybersecurity intelligence sharing among key
entities within the stateclaudia escobar, statewide security Programme Manager, Stateof texas - department of Information resources
9.50 cyber Insurance for the oil & Gas Industry• Key threats/risks , for example - scaDa systems - Nation state hackers• regulatory, legal and litigation trends around cyber issues• traditional insurance response for cyber risk• cyber insurancerobert Parisi, FiNPro cyber & technology Product lead, Marsh, Inc.
10.30 Morning coffee
11.00 13 real ways to destroy business by breaking company’s SaP applications
• there are potential problems that one can’t disregard whentaking erP systems’ security issues into consideration, thus thepresentation will cover:
• real and existent risks, such as: changing bank account data,access to company’s internal resources, remote illegal updatesupload, Modification of reports, Falsification of business-criticaldata, salary data unauthorized modifications, creating defectsin products intentionally, stealing credit card data
• the ‘need to know’ things that you can’t afford to ignore afterimplementation of any business application processing critical data
• issues of the exponentially growing number of vulnerabilities inerP systems, as the saP Products alone have more than 3000+Vulnerabilities, giving an attacker a full scope for performingalmost any action to business applications
alexander Polyakov, cto, erPScan
11.40 creating a cyber Fortress against all enemies• the current culture• lessons learned • Dissecting the anatomy of insurance coverage• oolkits and tourniquets • Forecast for the Futureamy dunn taylor, Director, Houston branch, kane russellcoleman & Logan Pc
12.20 Legal aspects of cyber Security• the role of the board of Directors, including legal duties and
potential liabilities• Developing company policies to address today’s threats,
including data privacy policies, employee policies andincident response policies
• Developing effective cyber clauses in vendor and client contracts• Understanding cyber insurance and what it will (and will not) cover• legal aspects of an effective incident response, including
coordination with law enforcement and complying withnotification requirements
Michael titens, Partner, thompson & knight LLP
1.00 networking Lunch
caSe StudIeS
2.00 digital ants: dynamic and resilient Infrastructures Protection• the Need: Why oil and gas industry needs next-generation
resilient cyber security protection• our approach: Nature-inspired Digital ants and how they work• the benefits: How a mobile resilient cyber defense keeps
infrastructure safe• competing approaches: Why big-data with centralized
analytics can’t do the job aloneGlenn Fink, senior cyber security researcher, Pacific northwestnational Laboratory
2.40 understanding the International ramifications of cyber Insecurity in energy
• targeting of energy in Warfare• cyber and less-than-War• the technological landscape of Vulnerability• employing the cyber Weapon in energychris Bronk, assistant Professor, university of houston
3.20 afternoon tea
3.50 Situational awareness and cyber-Physical attack detection and remediation for oil and Gas Infrastructure
• cyber-physical systems for critical infrastructure must beunderstood as federated systems of systems
• the impact of cyber-threats to the operational resilience of thephysical systems requires domain specific models of the systemof system impact
• effective remediation of cyber-Physical attacks on suchsystems depends on actionable situational awareness
• remediation activities must be evaluated in the context ofboth organizational policy, and the physical impact on thesystem of systems based on the models developed
• by combining cyber-models and domain specific physicalmodels we can improve the operational resiliency of cyber-physical systems
clifford neuman, Director, Usc center for computer systems,university of Southern california
4.30 cybersecurity and zero-day monitoring and detection in oil and Gas installations
• challenges in detecting zero-day attacks• cybersecurity threat situation for oil and gas• incident handling in oil and gas and why it is challenging• efficient and non-intrusive cybersecurity monitoring and
detection of Drilling rigs and Production PlatformsSiv hilde houmb, cto, Secure-nok
5.10 chairman’s closing remarks and close of day two
oil and Gas cyber Security north america www.oilandgas-cybersecurity.com day two │ thursday 14th May 2015
Sponsored by
Lookingglass cyber Solutions is the world leader in threat intelligence management combining global networksituational awareness with automated internet intelligence to support threat, security and risk operations.lookingglass enables security professionals to navigate, investigate, analyze and research relevant, context-enrichedthreat information through a single platform. the lookingglass scout platform provides aggregated access tolookingglass’ industry-leading, extensive and diverse threat sources alerting organizations to impending risk. thescout platform drives effectiveness and efficiency by replacing the manual process of management threatintelligence for enterprise and mid-sized organizations. For more information, visit www.LGScout.com
Waterfall Security Solutions Ltd. is the leading provider of stronger-than-firewalls protections for industrial controlnetworks and critical infrastructures. the company’s products are deployed in utilities and critical nationalinfrastructures throughout North america, europe, asia and israel. Waterfall’s technologies reduce the cost andcomplexity of compliance with Nerc-ciP, Nrc, Nist, cFats and other regulations, and include support for leadingindustrial applications: Frost & sullivan describe Waterfall's solutions as ensuring "optimum security for networks acrossuser verticals" and awarded Waterfall the 2012 Network security award for industrial control systems entrepreneurialcompany of the year and the 2013 North america award for customer Value enhancement.www.waterfall-security.com
overview: the workshop will provide discussions of cybersecurityframeworks/architectures, including the Nistcybersecurity Framework, the sherwood appliedbusiness security architecture (sabsa), and the cobitframework.
Important questions that will be discussed include:• What is a cybersecurity framework?• What is its relationship to the enterprise information
framework?• What role does a cybersecurity framework play in
securing an enterprise information system?• What are some of the representative cybersecurity
frameworks or architectures?
Why you should attend:Participants at this workshop will learn the basics ofcybersecurity frameworks and architectures, and get ataste of representative frameworks commonly adoptedby organizations and cybersecurity professionals. Withthe workshop format, the participants will be able tointeract with the presenters and discuss questions theymay have about cybersecurity frameworks andarchitectures.
Programme:
1.30 registration and coffee2.00 opening remarks and introductions2.10 Session 1: the nISt Framework
andrew yang, Director, cyber Security Institute
2.50 Session 2: SaBSa ross Leo, associate Director, cyber Security Institute
3.30 coffee4.00 Session 3: coBIt
norman comstock, Director, Berkeley research Group
4.40 Session 4: discussion and case Study Sergio Muniz, President, cyFor technologies
5.30 end of workshop
about the workshop leaders:norman comstock is a veteran manager ofenterprise information systems, with specialtiesin executive management and technologyconsultant to private and public corporations.ross Leo is an experienced cybersecuritytrainer and consultant, and currently serves asthe associate director of the cyber securityinstitute at the University of Houston-clear lake.Sergio Muniz is a seasoned cybersecurityprofessional, and the founder and president ofthe cyFor technologies.andrew yang is an experienced computerscience educator and researcher, andcurrently serves as the executive director of thecyber security institute.
about cSIthe cyber security institute (csi) was established as aneducational and research arm of the University ofHouston-clear lake (UHcl), to provide research andeducation services to strengthen the Houston region'sefforts of securing the cyberspace and cyber systems.With support from nearby governmental agencies andorganizations, the UHcl-csi has offered cybersecuritytraining, conducted cybersecurity related research,and provided free seminars and workshops to raisecybersecurity awareness.www.prtl.uhcl.edu/portal/page/portal/Sce/csi
haLF day Pre-conFerence WorkShoPtuesday 12th May 2015Marriott West Loop hotel
1.30pm - 5.30pm
cybersecurity Frameworks andarchitectures
hosted by:
FeBruary
e&P Information & data Management
3-4 February 2015, london, UKFloating LnG
18-19 February 2015, london, UKtelematics usage Based Insurance
18-19 February 2015, london, UKMarch
Project Financing in oil and Gasnorth america
9-10 March 2015, Houston, Usa
european Smart Grid cyber Security9-10 March 2015, london, UK
Gas to Liquids north america11-12 March 2015, Houston, Usa
oil and Gas telecommunications25-26 March 2015, london, UK
June
Gas Storage and transmissions 17-18 June 2015, london, UK
Supported by
Want to know how you can get
involved?
Interested in promoting your
services to this market?
contact Julia rotar on
+44 (0)20 7827 6088 or email:
SMi ENERGY FORWARD PLANNER 2015
oIL and GaS cyBer SecurIty north aMerIca conference: 13th-14th May 2015 | Marriott West Loop hotel, houston, texas, uSa Workshop: 12th May 2015, texas, uSa
4 WayS to reGISter
Fax your booking form to +44 (0) 870 9090 712
Phone on +44 (0) 870 9090 711
www.oilandgas-cybersecurity.com PoSt your booking form to: events team, SMi Group Ltd, 2nd FloorSouth, harling house, 47-51 Great Suffolk Street, London, Se1 0BS
If you have any further queries please call the events team on tel +44 (0) 870 9090 711 or you can email them at [email protected]
Payment: if payment is not made at the time of booking, then an invoice will be issued and mustbe paid immediately and prior to the start of the event. if payment has not been received thencredit card details will be requested and payment taken before entry to the event. bookings within7 days of event require payment on booking. access to the Document Portal will not be given untilpayment has been received.
Substitutions/name changes: if you are unable to attend you may nominate, in writing, anotherdelegate to take your place at any time prior to the start of the event. two or more delegates maynot ‘share’ a place at an event. Please make separate bookings for each delegate.
cancellation: if you wish to cancel your attendance at an event and you are unable to send asubstitute, then we will refund/credit 50% of the due fee less a £50 administration charge, providingthat cancellation is made in writing and received at least 28 days prior to the start of the event.regretfully cancellation after this time cannot be accepted. We will however provide theconferences documentation via the Document Portal to any delegate who has paid but is unableto attend for any reason. Due to the interactive nature of the briefings we are not normally able toprovide documentation in these circumstances. We cannot accept cancellations of orders placedfor Documentation or the Document Portal as these are reproduced specifically to order. if we haveto cancel the event for any reason, then we will make a full refund immediately, but disclaim anyfurther liability.
alterations: it may become necessary for us to make alterations to the content, speakers, timing,venue or date of the event compared to the advertised programme.
data Protection: the sMi group gathers personal data in accordance with the UK Data Protectionact 1998 and we may use this to contact you by telephone, fax, post or email to tell you about otherproducts and services. Unless you tick here □we may also share your data with third parties offeringcomplementary products or services. if you have any queries or want to update any of the datathat we hold then please contact our Database Manager [email protected] orvisit our website www.smi-online.co.uk/updates quoting the UrN as detailed above your address onthe attached letter.
unique reference number
our reference e-060
terms and conditions of Booking
deLeGate detaILSPlease complete fully and clearly in capital letters. Please photocopy for additional delegates.
title: Forename:
Surname:
Job title:
department/division:
company/organisation:
email:
company vat number:
address:
town/city:
Post/Zip code: country:
direct tel: direct Fax:
Mobile:
Switchboard:
Signature: date:i agree to be bound by sMi's terms and conditions of booking.
accountS dePt
title: Forename:
Surname:
email:
address (if different from above):
town/city:
Post/Zip code: country:
direct tel: direct Fax:
Payment must be made to SMi Group Ltd, and received before the event, byone of the following methods quoting reference e-060 and the delegate’sname. Bookings made within 7 days of the event require payment on booking,methods of payment are below. Please indicate method of payment:□ Wire transfer lloyds tsb bank plc, 39 threadneedle street, london, ec2r 8aU sort code: 30-00-09 account: 11775391 swift (bic): LoydGB21013 ibaN: GB75 Loyd 3000 0911 7753 91
□ cheque We can only accept cheques in Us Dollars
□ credit card □ Visa □ Mastercard □ american express
all credit card payments will be subject to standard credit card charges.
card No: □□□□ □□□□ □□□□ □□□□
Valid From □□/□□ expiry Date □□/□□
cVV Number □□□□ 3 digit security on reverse of card, 4 digits for aMex card
cardholder’s name:
Signature: date:i agree to be bound by sMi's terms and conditions of booking.
card Billing address (if different from above):
PayMent
vatVat at 20% is charged on the Document portal and literature distribution for all UK customers and forthose eU customers not supplying a registration number for their own country here
conFerence PrIceS GrouP dIScountS avaILaBLe
I would like to attend: (Please tick as appropriate) Fee
□ conference & Workshop $1898.00
□ conference only $1299.00
□ Workshop only $599.00
PROMOTIONAL LITERATURE DISTRIBUTION □ Distribution of your company’s promotional literature to all conference attendees $1598.00 + vat $1917.60
the conference fee includes refreshments, lunch, conference papers, and access tothe Document Portal. Presentations that are available for download will be subject todistribution rights by speakers. Please note that some presentations may not beavailable for download. access information for the document portal will be sent tothe e-mail address provided during registration. Details are sent within 24 hours postconference.
venue Marriott West Loop hotel, 1750 West Loop South Freeway, houston, tx 77027
□ Please contact me to book my hotelalternatively call us on +44 (0) 870 9090 711, email: [email protected] or fax +44 (0) 870 9090 712
□ Book by 27th February to receive $300 off the conference price
□ Book by 31st March to receive $100 off the conference priceearLy BIrddIScount
docuMentatIonI cannot attend but would like to Purchase access to the followingdocument Portal/Paper copy documentation. Price total□ access to the conference documentation
on the Document Portal $799.00 + vat $958.80□ the conference Presentations – paper copy $799.00 - $799.00
(or only $600 if ordered with the Document Portal)
Top Related