REGISTration closed

OT-ISAC Summit 2022

Date: September 7 - 8, 2022

Venue: VOCO Orchard Singapore, an IHG hotel

Bringing together OT cybersecurity practitioners, asset owners and operators from Critical Information Infrastructure sectors, OT Industries and Government for a two-day focused environment.

Practitioners will be able to share best practices and lessons learned that encourage stakeholders to adapt and achieve mutual defence in critical assets.

Thank you all for attending OT-ISAC Summit 2022, see you next year!

Not yet an OT-ISAC Member? OT-ISAC is offering a free 30-Day Trial Membership.

Join the Community

OT-ISAC Summit Highlights

OT-ISAC aims to achieve deeper cooperation and enable stakeholders to strengthen OT cyber resiliency key topics areas like:

ICS4ICS Exercise (First Exercise to be held in Asia)

The ISA Global Cybersecurity Alliance has joined forces with DHS Cybersecurity and Infrastructure Security Agency (CISA) and cybersecurity response teams from more than 50 participating companies to adopt FEMA's Incident Command System framework for response structure, roles, and interoperability. This is the system used by First Responders globally when responding to hurricanes, floods, earthquakes, industrial accidents, and other high impact situations. The ICS4ICS program is designed to improve cybersecurity capabilities related to incidents that impact industrial control systems and critical infrastructure supporting countries throughout the world.

This exercise will provide a brief overview of the Incident Command System for Industrial Control Systems processes. We will walk through example of how the Incident Command System and Computer Incident Response capabilities were combined to improve management of cybersecurity incidents that impact Industrial Control Systems.

Key Takeaways:

Understand how you can improve organization capabilities and processes to reduce the impact of cyber incidents.
Present the business-case to get executive level support for ICS4ICS deployment at your company.
Prepare a plan to begin the journey of deploying ICS4ICS at your company.

ICS Visibility, Detection, and Response

Using a threat-intel basis, understanding networked ICS environment, understanding adversary activities in order to counter with strong architecture, passive, and active controls to ensure the right balance of preventative/proactive security with detect/respond/reactive security measures. Frameworks such as the ICS Cyber Kill Chain, Collection Management Framework, and Active Cyber Defense Cycle will be introduced to give conference participants frameworks and models to leverage post conference.

Key Takeaways:

Defence is doable
ICS networks are the most defensible networks on the planet
Once you add OT practitioners, you can make the most defended networks

Aviation cyber threat landscape by EUROCONTROL/EATM-CERT

The talk will present the 2022 aviation cyber threat landscape as reported by EUROCONTROL/EATM-CERT.

It will unveil how various aviation stakeholders (Airports, airlines, air navigation service providers, manufacturers, civil aviation authorities) are hit by cyber attacks.

The presentation will also address how cyber-resilience can be enhanced illustrated with by practical examples.

Key Takeaways:

Aviation is losing globally billions of euros per year worldwide due to cyber attacks but no impact on the safety of flights.
Ransomware hitting aviation went from 1 occurrence/week in 2020 to 2.5/week in 2021.
Phishing and basic cyber attacks unfortunately are still very popular and effective: investing in human is KEY.

Impact of Recent Incidents Affecting Critical Information Infrastructure Sectors & OT Industries and Lessons Learned
OT Cyber Security Governance
Risk Management
ICS Threat Hunting
SBOM/ Asset Inventory