Connect with us

Hi, what are you looking for?


Cyber Insurance

2014 ICS Cyber Security Conference Agenda Update

Our team is busy putting together the best ICS Cyber Security Conference to date.

Our team is busy putting together the best ICS Cyber Security Conference to date. As always, the conference will address real world problems and discuss actual ICS cyber incidents, many of which have never been told before.

The 14th ICS Cyber Security Conference will have 5 major themes: Actual ICS cyber incidents; ICS cyber security standards; ICS cyber security solutions; ICS cyber security demonstrations; and ICS policy issues.

ICS Cyber Security Conference

The Conference focuses on what has really happened and what is being done that affects the control systems.


While we sift through the many great speaker submissions and build the agenda, we can share a bit about some select sessions that we have planned, including:


– A case history of a very significant control system cyber incident and what has happened since. A broadcast storm resulted in complete and simultaneous failure of two interconnected power plant units (over 200 DCS processors with complete loss of logic with the plants at power). The discussion will provide details of the utility’s response to the incident including improving the robustness of the upgraded processor firmware and hardening its network against overloads or broadcast storms.

Advertisement. Scroll to continue reading.

– A real case history of a recent cyber attack of an off-shore oil platform. The presentation will discuss how big data was used to identify a cyber attack that caused the tilting and resultant shutdown of the platform.

– Details of a vulnerability that may actually be more significant than Stuxnet as it affects any controller and may not be detectable. It is possible to sniff and inject packets into field device networks such as Modbus over RS-485, HART, Profibus, etc. Devices and applications residing on this control network can be vulnerable to specially crafted packets and instructions (the developers didn’t expect that packets could have correct CRC and incorrect content.)Moreover, some of the data that is collected at the field device level is passed to the higher levels. This “feature” can be used to attack not only the lower layers of network and/or industrial processes, but also corporate networks. Imagine hacking one small transmitter to gain remote command execution on the SAP system.

– Aurora is still not well understood and affects every electric substation and substation customer. This presentation will include a detailed discussion of what is Aurora, why it is a gap in protection, and what can it affect. It will also discuss the first sets of Aurora hardware mitigation data from two utilities.

 – There is minimal guidance on how to identify the potential consequence from cyber vulnerability disclosures. An end-user control system cyber security expert will provide a general methodology for determining the potential consequence of vulnerabilities. That is, what you have to do and when.

 – A utility has been acting as a test bed for evaluating control system cyber security solutions for reliability. The utility is monitoring their control system network and using this information to improve reliability and reduce maintenance costs. The utility will provide a status of the efforts including the close integration of IT, OT, and Operations.

 – Recent studies such as the Unisys Ponemon report have attempted to indicate the state of critical infrastructure security without significant input from the ICS community. Consequently, the results and conclusions may be suspect. This presentation and associated survey will be the start of an assessment of the state of ICS cyber security based on input from the ICS community.

 – Cyber insurance is becoming an important consideration in IT. However, providing cyber insurance to the ICS community where business continuity and personal safety are critical is a more difficult problem. A major international insurance carrier will provide their perspectives on the carrot and stick approach necessary to provide cyber insurance for ICS operators.

 As with previous ICS Cyber Security Conferences, the agenda will not be complete until shortly before the conference to accommodate the most current issues and findings.

 Much More to Come! This Event Sold out Last Year,  Register Now and Hold Your Spot.

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Cyber Insurance

Cyberinsurance and protection firm Boxx Insurance raises $14.4 million in a Series B funding round led by Zurich Insurance.

CISO Strategy

The question for 2023 and beyond is whether the cyberinsurance industry can make a profit without destroying its market.

Management & Strategy

Hundreds of companies are showcasing their products and services this week at the 2023 edition of the RSA Conference in San Francisco.

Security Infrastructure

Comcast jumps into the enterprise cybersecurity business, betting that its internal security tools and inventions can find traction in an expanding marketplace.

Cyber Insurance

All-in-one cybersecurity platform Guardz today emerged from stealth mode with $10 million in seed funding.

Cyber Insurance

SecurityWeek spoke to Chris Storer, head of the cyber center of excellence at reinsurance giant Munich Re, for the cyber insurers’ view of cyberinsurance.

Cyber Insurance

Third-party administrator of insurance products Bay Bridge Administrators (BBA) is informing roughly 250,000 individuals that their personal information might have been compromised in a...