SecureWorld Manufacturing & Retail Virtual Conference 2024

Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

Threat methods and controls utilized for the corporate workforce that now expands beyond the office building and into remote locations is not as comprehensive and effective for those who are typically in the office. The intent of employees may not be malicious but rather inherent to poor practices; however, there are those who happen to begin unintentional but gradually become the intentional insider threat.

This presentation is designed to help individuals identify how seemingly “innocent” activity can make them an insider threat, and how to identify behavioral elements utilizing a number of security solutions. Through live demonstrations, we will show how “everyday activities” can result in higher risk to the company.

Objectives:

• Learn the methodologies utilized by individuals within the organization that would be considered insider threat activity.
• Learn how to identify system and user-based behavioral indicators.
• Learn which existing or enhanced security layer can provide insider threat profile data.

Take-Aways:

• How to identify business processes which can contribute to intentional or unintentional insider threats.
• Enhance procedures required to identify insider threat exposures.
• Enhance awareness training to include additional methods of insider threat.
• Enhance existing physical and digital security layers to better identify specific insider threat activity.

Business transformation and drive for smart factory initiatives has placed demands on business leaders to leverage relevant technologies to achieve the desire end goal of operational excellence. The technologies such as industrial internet of things (IIoT) are being layered on top of manufacturing floor machinery to provide that needed insight into business operations and productivity. These improvement and perceived operational excellence have come with cyber security risks which were not a common place in manufacturing space previously. It for this reason that there is now a convergence between operation technology (OT), Industrial internet of things (IIoT) and IT. This intersection is becoming very evident in manufactural, supply chain and traditional production organization or companies.

Most of these manufacturing machineries were never directly connected to the ethernet networks and as such the risk was very minimal. In some cases, these organizations had organized security based on perimeter controls such as data center firewalls, site firewalls, floor firewalls that provide segmentation or microsegment between corporate IT and manufacturing operation technology (OT space). However, if the individual devices that are connected on the OT side become compromised and the threat has access to that communication link, a hacker can push malicious data, cause denial of service (DoS), or introduce malware or viruses to the entire network — even if there is a secure communication link. There are many ways to run into problems on the OT/IoT front if companies are not careful in their network design security implementation. These increase the risk and a re-thinking of how to architect security appropriately to meet the ever-evolving threat landscape with relevant implications to OT/IIoT and larger enterprise network.
Presentation Level:
GENERAL (InfoSec best practices, trends, solutions, etc.)

Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

Building control systems have been around since the late 1970s. These systems were digitally controlled and proprietary. The building staff could run the building, but the logic/programming required the system service provider’s knowledge to maintain. Over time, the building staff’s reliance on the service provider grew to the point that the service provider not only has unrestricted local access but also unrestricted remote access. And in most cases, the service provider provides and controls remote access. When you take this into account and multiply it by the number of building control systems per building, the number of service provider technicians that currently have access, and former employees that possibly have access, and then multiply this by the number of buildings owned, this number can be huge. Now take into consideration that most of the service providers are not bound to cybersecurity service provider agreements. These buildings are a high degree of risk exposure for building owners.

Learning Objectives:

• Participants will be exposed to the current state of the building control system cybersecurity.
• Participants will be walked through some real-world examples of results when service provider management does not exist and/or breaks down.
• Participants will learn the basic concepts of managing service providers using ISA 62443.

CISA recently released their paper on “Secure by Design, Secure by Default” software that has support from seven major governments. It is meant to make significant, achievable improvements in software security. We will discuss the Secure by Default concept, why it is important, and what customers and vendors can do about it today.

With a marked increase RaaS, APT, and nation-state sponsored attacks in the industrial cybersecurity sector over the last 18 months, it is more critical than ever for organizations to build effective incident response capabilities for their Operational Technology (OT) and Industrial Control Systems (ICS) environments.

Often when the OT process is down, so is the revenue stream. The pressure to get back operational is high. Having a solid practiced plan, the right tools in place, and an effective decision-making process are critical to restoring production.

Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

Session description to come.

Identity management is crucial for securing user access across an organization’s IT infrastructure. A comprehensive identity management platform provides a unified view of user identities and access rights, allowing administrators to easily manage user access, detect and remediate identity-related threats, and enforce access policies. This presentation will provide an overview of the key features and benefits of a modern identity management platform and demonstrate how it can help organizations to enhance their security posture and protect against the latest identity-based threats

Attendees will walk away with a practical understanding of how to involve key stakeholders at various points in the compliance program development process and the importance of third-party risk management concerning the overall data security and compliance culture within an organization.

Businesses are increasingly built on a complex spiderweb of third-party providers that access a business’s systems, data, and other critical operations. This includes all manufacturing companies that rely on third parties—such as service providers, SAAS vendors, or contractors—to manage data and sensitive operations. Organizations typically have limited control over third parties, limited transparency into their security practices, and limited availability or resources to track third-party security upgrades. As owners and managers of portions of critical infrastructure, it is important for these companies to evaluate the current threat landscape and shift perspective on cyber threats from “if” to “when” as they examine preparedness, protocols, and employee education throughout upstream, midstream, and downstream operations.

Mitigating data privacy, cybersecurity, and technology risk throughout the supply chain should be a priority for organizations, and our presentation will touch on key considerations for third-party management, including due diligence, contractual terms, and ongoing compliance.

Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

Third-party cyber risk is a pressing concern for manufacturers. 70% have experienced breaches stemming from overprivileged vendor access, making them ripe targets for ransomware. This session will explore the brand, operational, and legal dangers of poor vendor management. It will provide best practices for securing third parties, including thorough vetting, access controls, and monitoring of privileged sessions. With third-party reliance increasing, manufacturers must make securing vendor access a top priority to minimize cyber risk.

An overview of the Cybersecurity vulnerabilities commonly seen within OT or Industrial Control System (ICS) networks, as well as the techniques that can be used to mitigate risk. The vulnerability focused topics include the common infiltration/disruption methods (attack vectors) and the common targets within OT environments (attack surfaces). Remediation topics include discussions on RMF processes, cyber threat modeling, and secure network design from an OT perspective. This presentation prioritizes explaining the common attack vectors and surfaces that WSP USA sees in industry, as well as the typical recommendations to harder OT networks against intrusion.

The need for cybersecurity in critical infrastructure environments (e.g., energy pipelines, power plants, nuclear facilities, petrochemical sites, water treatment plants) is at critical levels. In this discussion, we’ll be looking at the current state of cybersecurity in these types of ICS/OT environments.

Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

Session description to come.

Embark on an exploration of the business and financial aftermath of a ransomware attack, guided by a real-world case. This session is designed to empower attendees with invaluable insights into the dynamic and evolving threat landscape, providing an understanding of both the immediate and enduring consequences of ransomware incidents. Moreover, participants will be equipped with best practices for prevention, mitigation, and recovery. Elevating the experience, the session will also encapsulate a summary of recent ransomware research, offering a strategic compass for navigating the ever-evolving ransomware threat landscape in 2024 and beyond.