CyberX and the SIGS SCADA Forum cordially invite you to a seminar about

Emerging ICS/SCADA Security Threats — and How to Maximize Operational Resilience

  • Continuous monitoring of cyber and operational incidents in the ICS network – Swissgrid AG
  • 3 things to remember when presenting ICS cyber risk to the board – Reto Francioni
  • The top challenges a CISO faces when becoming responsible for OT security – Lonza Group
  • Why the increase in cyber threats to critical infrastructures convinced us to shift our security strategy – EWZ Energy

Tuesday, March 13 at 13:30

Hilton Zurich Airport Hotel, Opfikon-Glattbrugg

Register now, seating is limited and all attendees must be pre-approved


CyberX and the Security Interest Group Switzerland (SIGS) cordially invite you to an educational ½-day seminar about “Emerging ICS/SCADA Security Threats — and How to Maximize Operational Resilience.”

A new class of targeted ICS malware such as TRITON and Industroyer/CrashOverride, as well as WannaCry and NotPetya, have shown that the cyber risk to production uptime is real. Boards of directors now understand that sophisticated malware can indeed be used to hijack industrial devices, lock down production facilities, and impact financial results.

Other potential impacts of a successful ICS cyberattack include catastrophic safety failures, environmental release of hazardous materials, and theft of corporate trade secrets.

But what can be done to mitigate ICS risks? OT environments are quite different than IT environments, with longer patch cycles, legacy devices, weak authentication, undocumented network topologies, and specialized non-IT protocols.

This event is an opportunity for participants to network with their peers and share best practices for protecting ICS/SCADA networks from these new and emerging threats.

Designed for both executives and hands-on professionals, this seminar is sponsored by CyberX and organized by the SCADA Forum and SIGS, a peer-to-peer organization for information security, IT risk management, and compliance professionals.

Register for this event


13:30 – 14:00 Registration & Coffee
14:00-14:30 Welcome and Introduction
Nir Giller, Co-Founder & CTO CyberX
14:30-15:00 Case Study: Continuous Monitoring of Cyber and Operational Incidents in the ICS Network
Markus Lenzin, Head of Substation Automation Technology and Michael Knuchel, Project Manager – Swissgrid AG
In 2017, there has been a surge of cyberattacks on industrial networks, emphasizing the need for better controls — beyond perimeter security — to ensure timely detection and mitigation of ICS threats. Mr. Lenzin and Mr. Knuchel will describe how Swissgrid has adapted to the new reality of converged IT and OT networks, and how the organization has implemented continuous monitoring with behavioral anomaly detection — integrated with the corporate SOC — to reduce the risk of both cyber and operational incidents.
15:00-15:45 Executive Corner: 3 Things to Remember When Presenting ICS Cyber Risk to the Board
Reto Francioni, Chairman of the Board of Directors – Swiss International Airlines and former CEO of Deutsche Börse AG
In this session, Mr. Francioni will share optimal ways to communicate with the board about ICS cyber risk, how your team is addressing it, and how to measure progress.
15:45-16:15 Break
16:15-16:45 Case Study: The top challenges a CISO faces when becoming responsible for OT security
Joe Lai-Tan, Global IT Security Officer – Lonza Group
As more and more CISOs become responsible for OT security, there are multiple issues they need to address in order to ensure a smooth and harmonized IT/OT security environment. In his session, Mr. Lai-Tan will talk about his journey as Lonza’s Global IT Security Officer and how he addressed business, technological, and organizational challenges along the way.
16:45-17:15 Case Study: Why the Increase in Cyber Threats to Critical Infrastructures Convinced us to Shift our Security Strategy
Gregor Nyffeler, Head of IT – EWZ Energy
Until recently, EWZ’s security strategy was based on physical and logical network zoning, yet recent incidents have proven that this is no longer enough to protect against emerging cyber threats. In this session, Mr. Nyffeler will share the process that EWZ went through to shift their security strategy and address the challenges of the new cyber threat landscape.
17:15-18:15 Track 1 – Strategic Workshop: Who Owns ICS Security? Enabling a Unified Approach to IT and OT Security
Phil Neray, VP Industrial Cybersecurity – CyberX
During this workshop, you’ll learn best practices for fusing IT and OT security in the corporate SOC. We’ll discuss how to:
1. Remove silos between IT and OT
2. Address the OT security skills gap
3. Leverage existing SOC tools to provide analysts with deep visibility into specialized OT devices, protocols, and threats

Track 2 – Technical Workshop: ICS Security — 3 Key Use Cases (Technical Demo)
Nir Giller, Co-Founder & CTO – CyberX
1. ICS asset discovery & network topology
2. Continuous ICS network monitoring, threat detection, and incident response
3. ICS risk assessment, vulnerability management, and automated threat modeling

18:15-Open Apéro and Networking

About CyberX

Founded by military cyber experts with nation-state expertise defending critical infrastructure, CyberX provides the most widely-deployed industrial cybersecurity platform for continuously reducing ICS risk. The CyberX platform combines an embedded understanding of industrial devices, protocols, and applications with ICS-specific continuous monitoring and anomaly detection, asset and network topology discovery, risk and vulnerability management, automated threat modeling, and threat intelligence.

To see CyberX’s OT security platform in action, request a demo here.