The cyber attacks from the last week have affected entities globally, from telecommunication infrastructure to medical facilities across the UK to European utilities as well as multiple other types of industries and consumers. The WannaCry ransomware will go down in history for setting an example of how malicious software can disrupt global networks, leaving systems crippled until demands are met.
This highlights so many issues we at the Cyber Senate have been working so hard to bring to our forums. We believe there is so much work to be done to fully understand how we can better develop a culture of awareness within our organisations, and how we address the skills gap in our industry. We Tneed to have a better understanding of the risks of 3rd party applications and the supply chain, as well as better educate procurement. There is still much work to do in developing synergies between IT and OT divisions wrestling with convergence, in understanding that compliance doesn’t equal security and that just because “you’re not connected to the internet” that you’re cyber secure. That is just a few areas we need better insight. On another note, how many ICS systems are still running a unpatched version of Windows XP?
Cyber attacks that impact critical national infrastructure can ultimately cost lives. That is why these discussions are so important. These events are built to facilitate public and private information sharing, to assist you and your team in understanding how your industry counterparts are meeting the challenge, what you are doing right, wrong, and to help define “what is best practice?”
We hear a lot about vendor accountability and disclosure which is another piece of this puzzle that needs to be addressed. We, however, believe people are the most important factor in the cyber kill chain. Technology will never tick all the boxes, it can and does fail and so do humans. It is how we get up, respond, move forward and learn from these lessons that count.
We hope to meet you in 2017. If we can help you bridge the gap, do not hesitate to reach out.
The Cyber Senate are pleased to announce the IAEA will be joining us as Key Note presenters on the Industrial Control Cyber Security Nuclear conference we will be hosting in Warrington UK, May 24-25th 2016.
For further information see www.industrialcontrolsecuritynuclear.com
“In GCHQ we continue to see real threats to the UK on a daily basis, and I’m afraid the scale and rate of these attacks shows little sign of abating.”
Recent headlines (here and here) may have struck fear into those living near major energy installations due to references about the Stuxnet malware. In 2009, this particular strain of malware caused significant damage to the Nantanz nuclear facility, reportedly destroying a fifth of Iran’s nuclear centrifuges. Recent reports about Operation Dragonfly, however, appear to be focused on espionage (at least for now), and the scope of the attack appears to be considerably broader than that of Stuxnet. Read more
Key Government, Oil and Gas, Electric and Water Utilities have agreed to share professional and collective insight at two conferences, being held back to back in London, Kingdom and Sacramento California, to address security threats surrounding industrial and process automation systems, the backbone of our global energy infrastructure.
A highly anticipated “Heartbleed” demonstration will be provided by the Finnish security firm responsible for and “outing” the Heartbleed Bug, Codenomicon. The presentation will focus on “The impact and what you need to know.”
The National Institute of Standards and Technology (NIST), Chief Cyber Security Advisor, recently confirmed both conference locations and will be presenting on “The development and standardization of cyber security and processes,” as well as hosting a roundtable discussion on current developments.
Further authorities on both sides of the Atlantic have been confirmed in their respective regions, in London, United Kingdom, this Scottish and Southern Energy, Electrilivi, Alliander, Security Working Group ETSI-CEN-CENELEC, United Utilities, Stedin and Laborelec GDF Suez. In Sacramento California, contributions include NERC, , Abu Dhabi Marine Operating Company, EPRI, NCI Security, New York University, and Pacific Gas Electric.
The Industrial Control Cyber Security Conference in Europe will take place on September 29th and 30th
Further information can be found at www.industrialcontrolsecurityeurope.com
The Industrial Control Cyber Security USA conference in Sacramento California will be held on October 6th and 7th. Further information can be found at www.industrialcontrolsecurityusa.com
The Cyber Senate is an exclusive community of global Cyber Security leaders with unparalleled knowledge and , creating a common voice for the Cyber Security industry. We host events and information sharing forums to address key topics across industry sectors such as Energy, Transport, Healthcare and Medical Devices.
The Cyber Senate, a Divison of Sagacity Media
[shareaholic app=”share_buttons” id=”7044955″]
Contact James Nesbitt +44 (0) 207 096 1754 or email@example.com
All stakeholders have a new responsibility in ensuring the safety, reliability and stability of our Critical National Infrastructure. Public and Private partnerships are paramount and information sharing on an international level a priority. We will be addressing key areas of vulnerability, threat detection, mitigation, and planning for the Utilities and Oil and Gas sectors. The ICS Energy Europe conference is brought to you by the Cyber Senate. An exclusive community of authoritative global leaders with unparalleled experience and knowledge in both Cyber and Industrial Control sectors.