MONDAY, 27-OCT-25 22:58
MONDAY, 27-OCT-25 22:58
MIDDLE EAST ENERGY INDUSTRY CYBER SECURITY WEBINAR:
"Revisiting Cyber Resilience in the shadow of PIPEDREAM"
WEDNESDAY 25 MAY 2022, 10:30 GST (UTC+4)
With almost half of the world’s known oil and gas reserves, and much of the capacity to process or utilise them, the Middle East and North Africa (MENA) region is a cornerstone of today’s global energy and industrial system. As the region’s energy and utilities industries continue to digitalise their assets, they have increasingy become targets of cyber threats. In fact, the region has been and continues to be a strategic target of cyber attacks and 50% of these attacks are on the energy industry.
Effectively protecting and securing data and systems through the supply chain is now a business imperative for every company. This CySSIG webinar will demonstrate how to do this effectively, bearing in mind that modern day operations often span complex IT (information technology) and OT (operational technology) infrastructures.
A feature of the webinar will be the presentation on the potential effects that the dangerous, new malware called PIPEDREAM could cause and how to address them.
This webinar by the Cyber Security Special Interest Group (CySSIG) will bring together a group of experts in the field who will present firsthand accounts of the challenges faced, such as PIPEDREAM, and the value of modern solutions. The presentations will be followed by a moderated panel session where attendees will have the opportunity to question the speakers individually and as a group.
REGISTRATION IS CLOSED.
The recordings are not available to you since you didn't register for the webinar.
BIO: Eric Byres
Eric Byres, Chief Technology Officer at aDolus Technology Inc., is one of the world’s leading experts in the field of Operational Technology (OT) cybersecurity.
He is the inventor of the Tofino Security technology – the most widely deployed OT-specific firewall in the world – licensed by industry leaders like Honeywell, Schneider Electric, and Caterpillar.
Eric now focuses on improving the security of the software supply chain for OT. He is member of the NTIA SBOM Awareness & Adoption Committee and has authored numerous articles of Software Bill of Materials.
Eric's many accomplishments include chairing the initial ISA SP-99 Security Technologies Working Group (now known as IEC-62443) and testifying to the US Congress. He has received numerous awards from international organizations and was made an ISA Fellow in 2009.
In 2013 he received ISA’s highest honor: Excellence in Leadership.
SUMMARY:
The late 2020 SolarWinds hack introduced the world to the extreme risk posed by supply chain attacks to critical systems. By penetrating the software development process of the SolarWinds company, the attackers managed to infiltrate multiple branches of the US government, the US military, and most of the Fortune 500 companies. A year later the Log4j crisis showed how even accidental security flaws can have a global impact on the Information Technology (IT) and Operational Technology (OT) supply chain.
This talk will dive into some of the technical details of the SolarWinds and Log4j incidents. We will compare these events with previous supply chain attacks and show why the high Return on Investment (RoI) for attackers means the OT supply chain will face many more attacks in the future.
We’ll review research on the current exploitability of the OT software supply chain as well as specific recommendations from the Atlantic Council on how to guard against these kinds of attacks. We’ll outline why vulnerabilities like Log4j can be very challenging to find when deeply embedded in OT software. Then we’ll explore how Software Bill of Materials (SBOMs) can help both vendors and operators assess the validity and safety of all the components of any given software package. We’ll talk about why advanced AI techniques are essential to stay ahead of these well-funded, sophisticated attacks. We’ll close with examples of vendors in the Oil & Gas sector that provide SBOMs and how their customers can use them to secure their software supply chain.
BIO: Andrew Dennant
Andrew Dennant is a Chemical Engineer who has spent more than 25 years in the Process Automation industry with focus on safety and understanding customers’ applications.
Originally from the UK, he attended the University of Bath and came to Abu Dhabi in 2001. Since then he has lived and worked in the Middle East and the USA with a mix of Consulting, Product Management, Industry and Leadership roles of increasing seniority.
He is married with two children.
SUMMARY:
Any organisation with an Operational Technology (OT) component knows that they need to review their cybersecurity stance and ensure that they have taken the right measures to protect themselves from attack now and into the future. However, the vast majority of cybersecurity organisations come from an Information Technology (IT) background and the cybersecurity needs of IT and OT, while related, are not the same. HIMA has identified four key areas where understanding the difference between a potential consultant’s IT and OT cybersecurity expertise can have a dramatic impact on the effectiveness of the implementation.
The first is domain expertise in the OT space. Many legacy OT systems were seen as practically separate from the IT infrastructure and designed in a fundamentally different way from those in IT. A review of an OT network by an IT expert is often more time-consuming than it should be. Understanding OT allows the right consultant to ensure that necessary connections are hardened and boundaries enforced.
The second is standards compliance. ISA/IEC 62443 and NIST’s SP 800-82 are relatively new and complex, so experience is rare and key. Knowing the current standard and its future iterations optimises engineering to ensure a cost-effective, future-proofed implementation with no security gaps, thus yielding the greatest return. HIMA will explore ways to validate how reliable claims of expertise are.
Thirdly, a lack of training will compromise the implementation of the system(s). Defining role-based competencies and certified training programs to ensure that staff do the right thing for the right reasons and keep constantly current throughout the life of the plant is critical to the implementation of OT Cybersecurity.
Finally, the real world is different from the theoretical world, and the better OT Cybersecurity organisations give End Users the opportunity to test their knowledge, skills and theories in an offline lab.
BIO: Thomas Königstein
Thomas studied Information Technology in Germany and started his career in the area of Digital/IT Forensic in the early 2000s. During his career, he worked as a Freelancer, Consultant, and CISO (Chief Information Security Officer) on projects related to Information Security Management System (ISO 27001), Risk Assessment (ISO 27001 and Industrial IT/OT-Norms), Penetration Testing and others.
With his vast experience and in-depth knowledge on the subject, Thomas is HIMA’s Cybersecurity expert.
SUMMARY:
It is true that there can be no real process safety without ensured digital security, as witnessed, for example, by the Triton attacks. These attacks were further evidence of how cybercrime over the years is always increasing in terms of motive, sophistication and scale. The very recent announcement of what is believed to be the seventh known Industrial Control Systems (ICS)-specific malware, PIPEDREAM, is ringing global alarm bells, particularly in the energy sector. PIPEDREAM malware is capable of disruption, degradation, and potential destruction of industrial environments. It can impact a wide variety of Programmable Logic Controllers (PLCs) and industrial software, including specific Omron and Schneider Electric PLCs, and Open Platform Communications Unified Architecture (OPC UA) servers. In this presentation you will learn what will be the effects if you were attacked by this new malware, how to counter these effects, and specifically what steps you need to take to reduce vulnerability both from management and technical viewpoints.
BIO: Gopal Krishnan
Gopal has over ten years experience working in the Middle East Telecoms and Networking sector. For the past five years Gopal, in his role as Account Manager, has been leading 3W Networks OT Cybersecurity growth working with end users across the region, primarily the Power & Water and transportation sectors.
SUMMARY:
Gopal will discuss how to go about understanding your current CyberSecurity Posture, how to identify and assess the risks you face and then how to mitigate those risks, through a 3 phase process, touching on the current threat landscape, attack surfaces and the key fundamentals of protecting Operational Technology.
BIO: David Brown
In addition to over 20 years of OT and cyber security experience, David is well-versed in rapidly advancing companies on a global scale. Originally a chemist designing the control systems for the same refineries Verve now protects, his experience also includes design and delivery of Cyber Security systems that protect Several Nation States as well as large manufacturing.
David is responsible for sales leadership and global operations of Verve Industrial.
SUMMARY:
IEC 62443 is growing in usage and provides comprehensive, risk-based security for industrial control systems with a well-structured approach.
However, practical realities (and the level of depth and complexity) make implementation difficult and time-consuming. You can make progress more rapidly through the application of technology as well as a walk-run approach to increasing security levels over time.
Findings from the experience of deploying systems for others to meet these challenges.
