Loading…
Attending this event?
4th Annual Rail Cyber Security Summit
www.railcybersecurity.com
View analytic

Log in to bookmark your favorites and sync them to your phone or calendar.

Tuesday, February 19
 

9:00am

9:15am

Panel Discussion: Overcoming the Communication Challenges Around Security in an IT/OT Converged World
  • Developing a common statement of purpose 
  • Why language matters - Cutting through semantic noise
  • Collaborating to find solutions to patching that take into account the sensitivity of Operational Environments 
  • Reaching a Mutual Understanding of Acceptable Risk

Speakers
avatar for Arjen Boersma

Arjen Boersma

Manager CIO Office, Prorail
avatar for Libor Lochman

Libor Lochman

Executive Director, CER
Dr Libor Lochman has been Executive Director of the Community ofEuropean Railway and Infrastructure Companies (CER) since January 1 st2012.Libor Lochman, born in 1963 in Czechoslovakia, graduated at the TransportUniversity in Zilina and has a doctorate in electronics from the West-BohemianUniversity... Read More →
avatar for Tiago Bravo Marques

Tiago Bravo Marques

Cyber Security Lead Engineer, Bombardier
Self-driven Security Architect at Bombardier (Rail Control Solutions) with over 15 years international background in telecom and security industry. Leads industrial security processes, both internal and in projects, as: assessments against IEC62443 risk analysis, NW security, security-by-design... Read More →
avatar for Christian Schlehuber

Christian Schlehuber

Expert CyberSecurity, DB Netz AG
Christian Schlehuber studied informatics and IT-Security at the TU Darmstadt with a specialization in critical infrastructures. After receiving his master degree he started to research at the Security Engineering Group of TU Darmstadt on the topic Critical Infrastructure Protection... Read More →


Tuesday February 19, 2019 9:15am - 10:00am
Crowne Plaza Amsterdam Schiphol

10:00am

Coordinating a Harmonised Approach to Rail Security
  • RAILSEC as the instrument of the coordinated approach to the rail security
  • The tasks ahead:
    • Guidelines for passenger rail security risk assessment
    • Guidelines on mitigation of internal risk (insider threats)
    • Identification of security technologies adapted to railway environment
    • Enhancement of the provision of information to passengers
  • Member States as the coordinators of the companies’ security plans
  • Close cooperation of all parties / sharing best practices rather than developing a EU regulation

Speakers
avatar for Libor Lochman

Libor Lochman

Executive Director, CER
Dr Libor Lochman has been Executive Director of the Community ofEuropean Railway and Infrastructure Companies (CER) since January 1 st2012.Libor Lochman, born in 1963 in Czechoslovakia, graduated at the TransportUniversity in Zilina and has a doctorate in electronics from the West-BohemianUniversity... Read More →


Tuesday February 19, 2019 10:00am - 10:30am
Crowne Plaza Amsterdam Schiphol

10:30am

11:00am

Break
Tuesday February 19, 2019 11:00am - 11:30am
Crowne Plaza Amsterdam Schiphol

11:30am

Rail Signalling Cybersecurity Under the Hood
  • Review the various components of the modern signalling systems
  • Explore the connection between the design of the different systems to known and unknown cyber vulnerabilities
  • Compare between the architecture of mainline and metro systems
  • Share best practices on security measures

Speakers
avatar for Miki Shifman

Miki Shifman

Co-Founder and VP R&D, Cylus
Miki Shifman is the Vice President of R&D and a co-founder of Cylus, an Israeli company offering a solution developed specifically to meet the unique cybersecurity needs of the rail industry. Miki has led the development of complex cybersecurity projects and has over ten years' experience... Read More →


Tuesday February 19, 2019 11:30am - 12:00pm
Crowne Plaza Amsterdam Schiphol

12:00pm

OT Governance Case Study
·         Operational IT (OT) a different world
·         Securing it from the asset manager perspective
·         The Policy/regulatory perspective


Speakers
avatar for Lies Alderlieste

Lies Alderlieste

CISO, NS
CISO/Information Risk manager at Nederlandse Spoorwegen responsible for Information risk management and Security – reporting to the CIO. Leading the Information Risk team of Security experts and ensuring the security strategy is consistently followed and implemented throughout the... Read More →


Tuesday February 19, 2019 12:00pm - 12:30pm
Crowne Plaza Amsterdam Schiphol

12:30pm

Building an Integrated IT/OT SIEM SOC
  • How have major challenges around signalling systems been overcome?
  • How have we secured critical systems given increased connectivity?
  • What are the outcomes and demonstrable benefits of centralised system monitoring?

Speakers
avatar for Israel Baron

Israel Baron

Cyber Security Professional
Israel served for 9 years at the Israeli Ministry of Defense (IMOD) as a technology Security Officer at the D.S.D.E (Directorate of Security of the Defense Establishment), as the regulator of the Israeli Defense Industries, and was until recently the CISO (Chief Information Security... Read More →


Tuesday February 19, 2019 12:30pm - 1:00pm
Crowne Plaza Amsterdam Schiphol

1:00pm

Lunch
Tuesday February 19, 2019 1:00pm - 2:00pm
Crowne Plaza Amsterdam Schiphol

2:00pm

COTS Equipment and ERTMS Vulnerabilities
  • What are the risks associated with the use of third party (COTS) components and devices in rail?
  • How can these vulnerabilities be used to creep past generally good cyber security assessment measures?
  • What are the  testing methods and steps that could be used to avoid such issues in future?

Speakers
avatar for Dr Tom Chothia

Dr Tom Chothia

Senior Lecturer in Cyber Security, Birmingham University
Dr Tom Chothia is a Senior Lecturer in cyber security at the University of Birmingham. He leads research projects on industrial control systems security (including rail), analysis of COTS devices, automated firmware analysis, protocol analysis and supply chain security. His work on... Read More →


Tuesday February 19, 2019 2:00pm - 2:30pm
Crowne Plaza Amsterdam Schiphol

2:30pm

Panel Discussion: Signalling System Vulnerability Management
  • Do we have sufficient visibility of legacy signalling system vulnerability to make informed risk based decisions?
  • Where are there known CBTC vulnerabilities and what methods can we employ to harden resilience?
  • Do asset owners have enough of a holistic view of associated risk to prioritise investment?

Speakers
avatar for Dr Tom Chothia

Dr Tom Chothia

Senior Lecturer in Cyber Security, Birmingham University
Dr Tom Chothia is a Senior Lecturer in cyber security at the University of Birmingham. He leads research projects on industrial control systems security (including rail), analysis of COTS devices, automated firmware analysis, protocol analysis and supply chain security. His work on... Read More →
avatar for Geir Arild Engh-Hellesvik

Geir Arild Engh-Hellesvik

CISO, NSB Rail
Information Security and Privacy Specialist.Operational security, incident handling and related management processes. What are the critical assets, how are they vulnerable and how to deal with incidents.Analysis of operational implications/consequences of strategy, laws and regulations... Read More →
avatar for Dr. Jahanzeb Farooq

Dr. Jahanzeb Farooq

IT Security Officer, Siemens
Dr. Jahanzeb Farooq has been with Siemens Denmark since 2011 where he has been involved in the development of Siemens' Communications-Based Train Control (CBTC) system. Recently, he has been a part of the Copenhagen S-bane CBTC project which involves a total renewal of the signalling... Read More →
avatar for Sverre Kjenne

Sverre Kjenne

Executive Vice President of Digitilization and Technology, Bane NOR
Sverre Kjenne is the executive vice president of Digitalisation and technology of Bane NOR (Norwegian Rail), and the programme director of the Norwegian ERTMS programme. Digitalisation and technology comprises subjects such as signaling, telecom and ICT with 700 dedicated people... Read More →


Tuesday February 19, 2019 2:30pm - 3:15pm
Crowne Plaza Amsterdam Schiphol

3:15pm

Break
Tuesday February 19, 2019 3:15pm - 3:45pm
Crowne Plaza Amsterdam Schiphol

3:45pm

Cyber Security by Design - Implementing 62443 Standards
  • How can 62443 help to provide a clear basis for risk assessments and secure architecture design?
  • Where are there difficulties in adoption of the standard in the rail sector?
  • What is being done to implement 62443 within the product life-cycle?

Speakers
avatar for Francois Hausman

Francois Hausman

Mainline Cyberdefense Manager, Alstom
· Alstom mainline cyberdefense manager · Work package leader of Shift2Rail cybersecurity TD2.11 · Work package leader of UNISIG cybersecurity group · Member of : CENELEC WG26 & RailSecurity platform (DG Move) Francois Hausman, having an experience... Read More →
avatar for Tiago Bravo Marques

Tiago Bravo Marques

Cyber Security Lead Engineer, Bombardier
Self-driven Security Architect at Bombardier (Rail Control Solutions) with over 15 years international background in telecom and security industry. Leads industrial security processes, both internal and in projects, as: assessments against IEC62443 risk analysis, NW security, security-by-design... Read More →
avatar for David Tapia Santamaria

David Tapia Santamaria

Cyber Security Engineer, CAF
With more than 5 years’ experience in cyber security, David started his career as a consultant and penetration tester for some of the most important banking, aeronautical and insurance companies in Europe. During this stage, he has obtained different cyber security certifications... Read More →


Tuesday February 19, 2019 3:45pm - 4:30pm
Crowne Plaza Amsterdam Schiphol

4:30pm

Panel Discussion: Getting to Grips with NIS Accountability - What do we need to see from other Parties?
  • What difficulties remain for the rail sector in implementation?
  • From a supplier perspective, is there clarity on what they will need to do to meet their customers' requirements?
  • What further support is needed from competent authorities to ensure that the NIS Directive meets its objectives?
  • To what extent can a standards-led approach help provide a framework for compliance?

Speakers
avatar for Bryan Drew

Bryan Drew

Senior Technical Authority, Siemens Rail Automation
An experienced IT Software / Systems Engineer with a proven track record in consultancy,engineering management, business analysis and systems architecture, built over 20 years in thedefence and telecommunications sectors.A results focussed, quality driven, technical leader, who empowers... Read More →
avatar for Meha Shukla

Meha Shukla

Cyber Security Risk Assesment Consultant/PhD Candidate, physical & cyber security of smart street infrastructure, UCL
Meha Shukla is a senior business transformation and assurance manager with 27 years of global experience in shaping, planning, executing and reviewing technology based business change programmes across various industry sectors (Finance, Title insurance, Telecom, Manufacturing, Automotive... Read More →


Tuesday February 19, 2019 4:30pm - 5:15pm
Crowne Plaza Amsterdam Schiphol

5:15pm

Closing Remarks
Speakers

Tuesday February 19, 2019 5:15pm - 5:30pm
Crowne Plaza Amsterdam Schiphol

5:30pm

 
Wednesday, February 20
 

9:00am

Panel Discussion: Managing Supply Chain Risk - Successes, Opportunities and Vulnerabilities
  • How have we improved our ability to assess and mitigate risk across the rail supply chain?
  • What are the major vulnerabilities in the rail supply chain and where should we be focusing our efforts?
  • What opportunities are available to us to develop greater visibility of supply chain risk and work together to mitigate it?

Speakers
avatar for Israel Baron

Israel Baron

Cyber Security Professional
Israel served for 9 years at the Israeli Ministry of Defense (IMOD) as a technology Security Officer at the D.S.D.E (Directorate of Security of the Defense Establishment), as the regulator of the Israeli Defense Industries, and was until recently the CISO (Chief Information Security... Read More →
avatar for Sverre Kjenne

Sverre Kjenne

Executive Vice President of Digitilization and Technology, Bane NOR
Sverre Kjenne is the executive vice president of Digitalisation and technology of Bane NOR (Norwegian Rail), and the programme director of the Norwegian ERTMS programme. Digitalisation and technology comprises subjects such as signaling, telecom and ICT with 700 dedicated people... Read More →
avatar for David Tapia Santamaria

David Tapia Santamaria

Cyber Security Engineer, CAF
With more than 5 years’ experience in cyber security, David started his career as a consultant and penetration tester for some of the most important banking, aeronautical and insurance companies in Europe. During this stage, he has obtained different cyber security certifications... Read More →


Wednesday February 20, 2019 9:00am - 9:45am
Crowne Plaza Amsterdam Schiphol

9:45am

Defining Risk Ownership with a Consequence Driven Systems Engineering Approach
  • Necessity of a common Safety & Security consequences based design of Signalling Systems (black boxes vs. Functional white boxes vs. White boxes – Formal requirements & Formal design?...)
  • Methods of Assessment of Signalling Systems for Cyber Security (regarding the requirements formulated by the Railways in terms of unacceptable vs. acceptable consequences…)
  • Awareness and skill of Railways IM’s and RU’s, of Manufacturers – Necessity of a close respectful and transparent collaboration…

Speakers
avatar for Marc Antoni

Marc Antoni

Director of the Rail System Department, International Union of Railways
Dr Marc ANTONI [M] is Director of the Rail System Department of UIC (International Union of Railways) in Paris. Since 2007, he has been Head of Technological Innovation and Asset Management at SNCF, and from 2013-2014 has also been a signalling and system expert at UIC.He graduated... Read More →


Wednesday February 20, 2019 9:45am - 10:15am
Crowne Plaza Amsterdam Schiphol

10:15am

Panel Discussion: Addressing the Skills Gap - Who will Manage Rail 4.0 Security?
  • How serious is the skills gap and what impact could the lack of appropriately skilled entrants have on us?
  • Are we clearly defining the skill sets we need to see developed?
  • How well are key cyber skills being incorporated into parallel  university and training courses?
  • What can be done to address the current mid-career level skills gap?
  • What will the skill set of the next generation of cyber security professionals look like?

Speakers
avatar for Marc Antoni

Marc Antoni

Director of the Rail System Department, International Union of Railways
Dr Marc ANTONI [M] is Director of the Rail System Department of UIC (International Union of Railways) in Paris. Since 2007, he has been Head of Technological Innovation and Asset Management at SNCF, and from 2013-2014 has also been a signalling and system expert at UIC.He graduated... Read More →
avatar for Claudio Cassarino

Claudio Cassarino

Managing Director, Metro service Denmark
Since 2008 Claudio Cassarino has been the Managing Director of Metro Service Copenhagen, the operator and infrastructure manager of the metro in Copenhagen. Claudio Cassarino has more than 25 years of experience in the Public Transport sector in Italy and Denmark. Under his innovative... Read More →
avatar for Eddy Thesee

Eddy Thesee

Vice President Cybersecurity, Alstom
With a background in Mathematics, telecommunication and information technology, Eddy THESEE  joined the railway signaling business 20 years ago in Alstom.After several position in Information technology, methods&tools, and continuous improvement, he is leading the Cybersecurity covering... Read More →


Wednesday February 20, 2019 10:15am - 11:00am
Crowne Plaza Amsterdam Schiphol

11:00am

Break
Wednesday February 20, 2019 11:00am - 11:30am
Crowne Plaza Amsterdam Schiphol

11:30am

Security as a Business Enabler - The Journey to Building Trust and Resilience
- How can security be an enabler for more efficient processes and systems?
- What benefit can the business see from better data collection security and privacy?
- How can security by design in OT systems be presented as an enabler of efficiency? 

Speakers
avatar for Geir Arild Engh-Hellesvik

Geir Arild Engh-Hellesvik

CISO, NSB Rail
Information Security and Privacy Specialist.Operational security, incident handling and related management processes. What are the critical assets, how are they vulnerable and how to deal with incidents.Analysis of operational implications/consequences of strategy, laws and regulations... Read More →


Wednesday February 20, 2019 11:30am - 12:00pm
Crowne Plaza Amsterdam Schiphol

12:00pm

Intelligent Information Sharing - Shaping the European Railway ISAC
  • What does a fit-for-purpose Rail ISAC look like?
  • What lessons can be drawn from mature and effective information sharing mechanisms in other sectors?
  • Distinguishing between "Information Sharing" and "Intelligence Sharing" - What should be shared, why should it be shared, and with whom?

Speakers
avatar for Lies Alderlieste

Lies Alderlieste

CISO, NS
CISO/Information Risk manager at Nederlandse Spoorwegen responsible for Information risk management and Security – reporting to the CIO. Leading the Information Risk team of Security experts and ensuring the security strategy is consistently followed and implemented throughout the... Read More →
avatar for Arjen Boersma

Arjen Boersma

Manager CIO Office, Prorail
avatar for Christian Schlehuber

Christian Schlehuber

Expert CyberSecurity, DB Netz AG
Christian Schlehuber studied informatics and IT-Security at the TU Darmstadt with a specialization in critical infrastructures. After receiving his master degree he started to research at the Security Engineering Group of TU Darmstadt on the topic Critical Infrastructure Protection... Read More →
avatar for Olivier de Visscher

Olivier de Visscher

Chief Information Security Officer & Team Leader, Infrabel
Managing a team of 11 in the field of:Information security Policy management Data ProtectionSecurity Entreprise Risk ManagementSecurity controls and compliance (GDPR, EU NIS Directive, ISO 27000, ...)Cyber / Information security incident managementEthical hacking mgtIT Quality AssuranceEU... Read More →


Wednesday February 20, 2019 12:00pm - 12:45pm
Crowne Plaza Amsterdam Schiphol

12:45pm

Lunch
Wednesday February 20, 2019 12:45pm - 1:45pm
Crowne Plaza Amsterdam Schiphol

1:45pm

Supporting a European wide Common Approach to Establish a Minimum Security Baseline for the EU Railway
Speakers
avatar for Olivier de Visscher

Olivier de Visscher

Chief Information Security Officer & Team Leader, Infrabel
Managing a team of 11 in the field of:Information security Policy management Data ProtectionSecurity Entreprise Risk ManagementSecurity controls and compliance (GDPR, EU NIS Directive, ISO 27000, ...)Cyber / Information security incident managementEthical hacking mgtIT Quality AssuranceEU... Read More →


Wednesday February 20, 2019 1:45pm - 2:15pm
Crowne Plaza Amsterdam Schiphol

2:15pm

3:00pm

3:30pm

Afternoon Networking
Wednesday February 20, 2019 3:30pm - 5:30pm
Crowne Plaza Amsterdam Schiphol
 

Twitter Feed