One of the creators of the world’s first network firewall and the author of “Firewall and Internet Security: Repelling the Wily Hacker”, Bill Cheswick, will be delivering a presentation at one of the most awaited conferences of 2014, the 3rd Edition of Cyber Security for Energy & Utilities 2014 conference, to be organized by IQPC at The Westin, Abu Dhabi from 23-26 March 2014.
The event is gathering cyber security experts from across the globe to UAE with a specific aim of preventing real-time threats and managing IT security challenges for SCADA/ICS systems.
Bill will be speaking on “Re-thinking passwords and pins: Fix our weakening security”. He comments, “Authentication is pretty clearly broken. Though, we have examples of long-standing successes, there are reports of massive password data spills all the time. How might we get out of this situation? I propose some solutions or directions which may be of interest to the attendees.”
On being asked as to how the ICT industry is coping up with the challenges, he further adds, “Badly. Though things in general are working (see, for example, the success in online banking), most institutions are vulnerable to espionage and external interference, despite best practices. Anything large enough to be called an “intranet” is probably out of control. I always find conferences like this to be a great place to learn new things and keep up with the latest problems and solutions. It is one of the great advantages of being invited, and I thank you. I expect that the attendees will have the same experience.”
The event also promises to host a variety of VIP dignitaries from major government and private organizations including oil and gas companies. Dr. Jamal Al Hosani, Official Spokesman & Director ICT, National Emergency Crisis & Disaster Management Authority, UAE will be inaugurating the event and also giving a keynote speech on the evolution of critical infrastructure protection. Lt. Col. Faisal Al Shammari, Chief Information Security Officer from Abu Dhabi Police will be delivering the second keynote speech and address the important topic of cyber defence initiatives of strategy and implementation.
Don Codling, the Former Head of the Cyber Security Division of Federal Bureau of Investigation (FBI) will be chairing the event, conducting a full-day workshop on ICS control systems and cyber intelligence as well as speaking on a very interesting topic – “Real examples of ICS security breaches from the FBI.
“My conference topics will be focused not only on real world examples of criminal cyber intrusions of ICS systems but will also remind attendee of some of the “Human Motivation’ factors involved in these types of events and to reinforce the basics of responding to both physical breaches and cyber breaches. While it is vital that attendees remember to strive to adhere to established critical controls, it is equally important to have an accurate and constantly evolving picture of the threat landscape (from cyber threat intelligence) so they can most effectively and efficiently deploy their finite resources. It also goes with out saying that the basics must be consistently done well to reduce the opportunity for an attacker to find a weak point in your defenses.”
Key penetration areas need to be identified in highly critical infrastructure since these are the most vulnerable to external threats. SCADA, DCS and ICS systems are considered highly critical in most of the oil, gas, power and aluminum companies. Real-time threats have reported a rise in the frequency of their occurrences and companies have been at the receiving end of these threats. ADCO’s Head of IT Security, Reimer Brouwer, GASCO’s Head of IT Services, Mohamed Al Sawafi, KOC’s Sr. Real-time Engineer Andrey Zolotavin, KGOC’s Sr.
IT Engineer, Abdulla Al- Akhwand and a few others will also be speaking at this event on very interesting topics. “We are addressing the core issue of managing SCADA backdoor vulnerabilities. Hardening SCADA protocols and services and ensuring protection of real-time threats remains a major challenge faced by oil, gas and power companies. My presentation will help attendees get an insight and arrive at a positive business outcome to address these challenges”, says George Jason, Vice President Comguard.
Managing risks in cloud computing will be extensively covered by ISACA UAE’s President, Gurpreet Kochar whereas big data security will be covered by Ali Rebaie, one of the world’s top 51 Big Data influences. Fertil’s IT Security Officer, Mohammed Ikrami will be touching upon a very interesting and versatile topic of embracing security intelligence for a smarter future. The topic will highlight advanced cyber analytics which is the crux of any post-mortem of reported incidents.
“Cyber security is a very important aspect of the energy business today. How much ever you do, is not going to be sufficient in this continuously evolving threat. I am looking forward to attend the 3rd Edition of Cyber Security in Abu Dhabi and see some interesting talks by fantastic experts from across the globe. I have never seen this versatility of speakers as well as attendees and this is an opportunity that I wouldn’t like to miss. This is an exciting platform where I would like to see companies and experts working towards implementing best practices and overcoming challenges in the UAE,” says His Excellency Khaled Al Mansouri, President IAEM and ICBR who is one of the VIP attendees for this prestigious event.
Don Codling comments, “The opportunity to meet with colleagues and peers across a wide range of companies and nations allows for the free exchange of ideas, lessons learned and best practices. Perhaps equally important, establishing personal relationships with colleagues during events such as this IQPC event is critical during times of crisis, it has been shown time and time again to greatly reduce response times and administrative friction during cyber intrusion events.”