Cyber-Security Seminar Programme

Seminar - Thursday 1st February 2018


Registration and refreshments


Welcome back from the Chair


Threat Landscape

Understanding evolving hacker trends and the implications for new and more sophisticated forms of cyber-attack on the SCADA infrastructure

  • Identifying trends in the type, volume and severity of utility cyber-attacks to determine the implications for next generation security policies and procedures
  • Investigating the implications of ransomware attacks on SCADA systems, the evolving grid and the utility business as a whole
  • Identifying efficient ways of uncovering DDoS attacks to limit remote damage to valuable parts of SCADA systems
  • Applying reverse engineering techniques to fully stress test security concepts and guard against the whole spectrum of future attacks
  • Appropriately accumulating and sharing knowledge of recent cyber-security incidents to develop new and more effective cyber defence strategies


SCADA System Vulnerabilities

Identifying the most critical points of vulnerability in high functionality SCADA systems and how these can be addressed with state of the art cyber-security approaches

  • Carrying out robust vulnerability analyses to pinpoint key system weaknesses across the SCADA infrastructure
  • Implementing SCADA security solutions that support high levels of system functionality
  • Identifying the threat level of sniffing software attack and implementing a range of solutions to combat this
  • Extending the security of SCADA into connected IT/OT systems to limit the external points of system entry
  • Striking the balance between functionality and security to ensure grid efficiency and development


Smart Meters to SCADA

Determining the extent to which smart meter infrastructure can pose a security threat to SCADA systems and identifying robust and cost-effective security measures to combat this

  • Examining the nature of recent cyber-attacks on smart meter AMI infrastructure and the impact on SCADA systems
  • Evaluating a range of prevention and detection approaches to effectively secure data exchange between smart meters and SCADA infrastructure
  • Identifying robust and cost-effective ways of securing wireless communication networks used to transfer data from smart meters to AMI and SCADA infrastructure
  • Determining cost effective measures for the continuous upgrading of smart meter security to minimise the risk of attack as the volumes of smart meter deployment go up
  • Quantifying the return on investment in cyber security taking into account detected and potential threats


Morning refreshments & exhibition


Technology Innovation Panel

During this session leading power grid cyber-security solution providers will present their advanced approaches to prevention, detection, response and post-event recovery, for both internal SCADA systems and SCADA in the Cloud solutions.


Lunch, networking & exhibition


Substations to SCADA Information Security

Evaluating how substation security can be compromised and adversely impact SCADA infrastructure, and identifying ways in which advanced cyber-security solutions can combat this

  • Identifying the key entry points for cyber-attacks as digital substation automation becomes prevalent in TSO and DSO environments
  • Effectively securing key end points such as RTUs for both legacy and new substation devices, components and systems
  • Mitigating the risk of cyber-attacks via IP/Ethernet based communication networks to enable secure data transfer
  • Implementing continuous monitoring systems to rapidly detect and mitigate perceived risks
  • Implementing the behavioural analytics and anomaly detection algorithms in remote and geographically distributed substations
  • Mitigating the cyber-security risks of a mobile maintenance workforce to enable more secure access to the system


Identification and Detection: Cybersecurity & Loss of EMS/SCADA Risk

Optimising the speed and accuracy of detection techniques to safeguard SCADA systems before unforeseen intrusions take root

  • Evaluating the state of the art intrusion detection systems and identifying optimal solutions to achieve advanced situational awareness
  • Balancing the need for intrusion detection with allocating SCADA system resources to support this
  • Ensuring effective configuration of detection tools both at the outset and ongoing as new threats arrive
  • Seamlessly interworking detection systems with prevention and response approaches
  • Improving the accuracy of detection interpretation and response and recovery techniques to create a robust feedback mechanism and continuously finetune your organisational strategy


Response & Recovery

Establishing and communicating a robust framework for responding to cyber-attacks to ensure effective incident containment and recovery

  • Creating operational response and recovery guidelines taking into account:
    • Internal cyber attacks
    • External cyber attacks
    • Regulatory guidelines
    • Changing threat landscape
    • Roles and responsibilities of internal departments
  • Using cyber threat intelligence to determine attacker motives, capabilities and likely actions to more easily disrupt and degrade their efforts
  • Conducting exercises and tests that address real-world recovery building, train organizational “muscle memory” and identify areas for improvement
  • Identifying improvements from lessons learned during actual cyber-attack recovery actions
  • Implementing effective measurement and monitoring techniques to calculate recovery performance over time
  • Mitigating the likelihood and impact of future incidents based on the lessons learned from the incident as well as from other organizations and industry practices


Afternoon refreshments & exhibition


SCADA Security & Regulatory Landscape

Discussing the core components of Operators of Essential Services and understanding the implications of the EU NIS directive for the European utilities

  • Breaking down the guidelines and rules set-out by NIS Directive, and its implications for SCADA system security
  • Analysing new requirements on data protection as outlined by the GDPR and assessing the extent to which they will affect utilities data protection procedures
  • Accurately interpreting and validating regulatory guidelines for ease of implementation and maintenance
  • Effectively interworking EU and national guidelines to ensure a robust regulatory compliance
  • Driving utility objectives within the context of regulatory demands


Training & Development

Developing a cyber security training programme to bring IT and OT staff onto the same knowledge platform and empower them to work together effectively in combatting cyber attacks

  • Managing cultural change by understanding the background, interests and drivers of IT and OT teams
  • Managing training by bringing IT and OT training programmes together under the umbrella of the ISO 27001 framework
  • Developing cyber security governance by assigning roles and responsibilities in a security organization to support collaboration and exchange of know-how
  • Raising awareness through introducing the human firewall campaign


Closing Remarks from the Chair and End of Conference