Securing Manufacturing Summit

Securing OT and OT/IT dependencies in manufacturing and process industries

25th April, 2024 • Online

The most complicated challenge in cybersecurity? Probably. A regulatory timebomb? Definitely. 

 

A critical priority for companies and governments

Industrial organizations are at a turning point in their OT cybersecurity journeys. This includes discrete manufacturing operations that assemble many small parts into larger manufactured objects, such as automobiles or laptop computers, process industries that transform raw materials into a more useable form, such as mining or refining and also many types of critical infrastructure: Industrial operations that are essential for society to function such as transportation, power, and utilities.

According to McKinsey, more than 90% of manufacturing firms have had their production or energy supply hit by some form of cyberattack and 96% of business leaders indicate the need to invest in OT cybersecurity, and approximately 70% of those who have invested in it are facing implementation challenges.

In the US, CISA has highlighted dramatic increases in OT system cyberattacks, and in Europe ENISA's findings mirror this. The World Economic Forum has also just also put out a bulletin highlighting OT risks.

But OT risk is not a single issue. Attacks on (often legacy) ICS and SCADA systems are one thing. Attacks on broader industrial systems that cause physical consequences in the real world are another. And attacks on the IT systems upon which OT systems are increasingly reliant is another (IIoT insecurity is a big issue). Only a minority of attacks are "pure" OT compromises like the 2020 EKANS ransomware attacks against Honda and Enel and recent German wind turbine attack in 2022.

Increasingly, threats exploit the growing size and diversity of IT/OT attack surfaces. Attackers can rely on industrial control systems (ICS) being connected to corporate TCP/IP networks at least periodically giving access to them via standard business networks. For example, ransomware that encrypts data on IT networks is now a significant issue in OT security. And of course, attacks on IT/OT systems at third-party suppliers can then be weaponised against downstream IT/OT systems.

For example, in February 2022, Toyota shut down 14 manufacturing plants because of a cyber-attack on Kojima Industries, a key supplier. When the company was hacked in February 2022, the world’s top-selling carmaker had to halt operations at 14 factories at a cost of about $375 million. 

The complexity of the IT/OT environment brings unique security challenges. For a start, normal tools do not work very well. In OT environments scanning-based solutions like endpoint detection and response (EDR) or endpoint protection platforms (EPPs) are not suitable. They rely on continual telemetry and cannot operate properly in an air-gapped situation.

These systems also fail to detect fileless and evasive attacks reliably as many threats don't create recognizable signatures EDR. The same applies to solutions that use similar technology in other parts of the IT environment, such as NDRs deployed to analyze network traffic. This is important because threats such as unauthorized firmware installed on OT systems or unknown, dynamic variants of malware normally found in traditional IT environments are becoming more common. 

Even where traditional solutions do detect issues, because they struggle with, the diverse range of legacy OS, hardware, and applications that exist in a typical OT environment they often create huge numbers of false positives. These would bring manufacturing processes to a halt and downtime is the single biggest issue in critical industrial processes. Revenues are at risk as, sometimes, are human lives. Replacing compromised OT is extremely costly and time-consuming and so is remediation. 

So, what are the solutions? Is Zero Trust the answer? What does layered security in an IT/OT environment look like? How do you deal with the issue of false positives? What kinds of solutions are not dependent on online updating? And how can firms stop advanced threats from cross-propagating business and OT systems. Industrial infrastructure is a prime target for well-funded attackers and complex attacks like zero-days, fileless worms, trojans and malware.

 

The e-Crime & Cybersecurity Manufacturing Summit will take place online and will look at how cybersecurity teams are tackling this new world. Join our real-life case studies and in-depth technical sessions from the security and privacy teams behind some of the world’s most admired brands.

  • Achieving visibility across ecosystems

    • From exposed initial access points such as warehouse management systems to complex machine control software, simply understanding your device and application landscape, its connection and data flows and dependencies is a huge challenge.
    • Can you help with asset tracking and endpoint visibility? And what about anomaly detection after that?

  • Defending against the latest ransomware variants

    • Ransomware is effective precisely because it can exploit whatever weaknesses exist in your security architecture and processes
    • The threat and the actors are constantly evolving, and that evolution is forcing the hand of the government and causing havoc in the insurance market
    • What can CISOs do to better defend against ransomware?

  • Why zero trust, isolation and segmentation are key

    • There has been a shift in recent attacks away form the theft of data – now threat actors are concerned with interrupting all operation activity.
    • It is now critical that business functions are separated, and that internet access to OT networks is limited.
    • Can security teams keep up with sophisticated foes? 

  • Transitioning OT to the Cloud?

    • OT traditionally was localized in particular sites and air-gapped from IT systems.
    • But connectivity with broader corporate networks and the need to manage technology more centrally (especially during COVID) has seen companies looking at managed services in the Cloud for OT.
    • Is this a way forward?

  • OT and the regulations

    • DORA, NIS2 and other regulations put more responsibility for resilience on firms deemed important or critical.
    • Many have focused on IT networks but the regulations include all resilience and so OT environments matter. 
    • What does this new emphasis from regulators mean practically for OT security?

  • Pen testing for OT / SCADA

    • Testing is key to identifying and fixing vulnerabilities before they're exploited. 
    • Regulations like NERC CIP require utilities to assess and mitigate risk. 
    • Testing checks OT security controls are functioning properly shows regulators an organization's commitment to security. 
    • Can you help?

Who attends

Job titles

Group Chief Information Security Officer
OT Security Expert
MEA Cybersecurity Officer
Chief Information Security Officer (CISO)
Senior Threat Intelligence Analyst
Information Security Program Manager
Cyber Security Architect
Chief Compliance and Business Ethics Officer
Head of Cyber Insurance Management
Information Security Governance, Risk and Compliance Lead
CISO
Service Support
Head of Cyber Programme Delivery
Director, Information Security Leader DACH
IT Security Operations Senior Analyst
CISO
Cyber Security im Lieferantennetzwerk
Head of Information Security
Information Security Manager
Penetration tester / Red Teamer
Group IT Security Manager
Manager IT Infrastructure & Operations
Group Director of Information Security
Head Of Information Technology
Solution Lead, Network & Security
Head of Industrial Cybersecurity
Global Cybersecurity Leader
Head of Cybersecurity and Telematics
Information Security Officer EMEA
Cyber Risk Manager
IT Security Manager
IT Project Manager
Data Protection Officer
Cyber Threat Intelligence
Sr.Cloud Network Security Engineer
Global Security Operations Coordinator
Cyber Threat Intel (CTI) Analyst
CISO
Head of Security Engineering & Operations
Cyber Security Specialist
Chief Product Security Officer
Cyber Security Architect
Data Protection Officer
CISO
Threat Intelligence Lead
Cyber Security Architect
Travel Security & Intelligence
Information Security Specialist
Head of Governance, Risk & Compliance in Corporate Security
Senior Project Manager Cyber Security
Cloud & Security Architect
Cloud Security
Global Cyber Programme Leader
Head of IT
Security Awareness Manager
Cyber Threat Intelligence
CISO
Security Awareness and Training
Directrice cyber défense
Principal Controls Engineer
Group CISO
Senior Cyber Security Professional - OT
IT Security Manager

Companies

Hill & Smith PLC
Airbus Defence and Space
Schneider Electric
Ahlstrom
Signify
Trivium Packaging
Fiskars Group
Saint-Gobain Group
Airbus Defence and Space
pladis Global
Renesas Electronics Corporation
Alfa Laval
Natura &Co
Procter & Gamble
Amcor
Kistler Group
BMW Group
Victorinox
Satair
Airbus Defence and Space
Oxford Instruments
Remeha
Senior Plc
Lenze Swiss AG
Meyer Turku
Siemens
Schneider Electric
Tevva Hydrogen Electric Trucks
Essilor International
Fiskars Group
Sanad Group
BMW Group
Imperial Brands Plc
Signify
3M
Signify
Signify
Siemens
Aptiv Plc
Airbus Defence and Space
Canon Production Printing
Airbus Defence and Space
Vorwerk Group
SCA Forest Products AB
Schneider Electric
Airbus Defence and Space
Signify
Meyer Turku
Signify
Natura &Co
Yokogawa Engineering
3M
Natura &Co
GF Casting Solutions
Signify
Signify
La Farga
Signify
Plastic Omnium
Coopervision
Klöckner & Co SE
Siemens
BSH

Employee size

1000-1999
10,000+
10,000+
5000-9999
10,000+
5000-9999
5000-9999
10,000+
10,000+
10,000+
10,000+
10,000+
10,000+
10,000+
10,000+
2000-2999
10,000+
1000-1999
3000-4999
10,000+
1000-1999
100-499
5000-9999
2000-2999
3000-4999
10,000+
10,000+
100-499
10,000+
5000-9999
100-499
10,000+
10,000+
10,000+
10,000+
10,000+
10,000+
10,000+
10,000+
10,000+
1000-1999
10,000+
10,000+
3000-4999
10,000+
10,000+
10,000+
3000-4999
10,000+
10,000+
100-499
10,000+
10,000+
100-499
10,000+
10,000+
100-499
10,000+
10,000+
10,000+
5000-9999
10,000+
10,000+