Loading…
Attending this event?
Identifying Priorities and Mitigating the Cyber Impact on Safety CasesRoyal Aeronautical Society London, England | November 6/7th 2018
aviationcybersec.com
View analytic

Log in to bookmark your favorites and sync them to your phone or calendar.

Tuesday, November 6
 

9:00am

Discussion Session: Advanced 3rd Party Risk Management – Developing Trust Across the Aviation Supply Chain
Recent APT attacks affecting multiple sectors through a common attack surface have driven home the lesson that no matter how well we think we have secured our perimeters, our information and systems may still be vulnerable to attack through 3rd party systems with weak security controls. Individually we may all be resilient, but collectively we are not. As the Aviation sector relies more heavily on interconnectivity to function efficiently our mindset needs to evolve to consider cyber-vulnerability not as an individual, but a collective problem. Managing 3rd party risk runs deeper than many imagine and opens fundamental questions around the way we go about the business of building security into our systems and products. We can’t have a 360 degree view of supply chain security, but how can we move towards developing the trust and mechanisms to better support a collaborative approach to security with our suppliers, partners and interrelated organisations?
  • Nothing can be achieved in isolation – What are the barriers to meaningful collaboration between regulators, asset owners, integrators and vendors on mitigating cyber risk?
  • What practical strategies do we need to develop to allow for meaningful discourse and streamline our efforts?
  • How are we faring with efforts to collaborate across the supply chain to develop fit for purpose standards regimes, audit compliance check lists and conformity assessments?

Speakers
avatar for Dr John McCarthy

Dr John McCarthy

CEO, Oxford Systems
avatar for Claudio Silvestri

Claudio Silvestri

Vice-President and Chief Information Officer, NAV CANADA
Claudio Silvestri is Vice-President and Chief Information Officer at NAV CANADA where he is responsible for providing executive leadership, direction and oversight of the Information Technology (IT) function for the Corporation including cyber security and IT governance.Mr. Silvestri... Read More →
avatar for Peter Williams

Peter Williams

Chief Information Security Officer, Manchester Airports Group (MAG)
Experienced senior security and risk professional, currently with Manchester Airport Group (MAG) as Chief Information Security Officer. MAG is the largest UK-owned airport operator, The Group owns four British airports, Bournemouth, East Midlands and Manchester Airport which is... Read More →


Tuesday November 6, 2018 9:00am - 9:30am
Royal Aeronautical Society

9:30am

How Prepared are we to Respond to the Dynamic Threat Presented by Increased Connectivity?
With the relentless drive for a more connected, seamless customer experience expanding the threat landscape at a frightening pace, we seem to have developed a dangerous combination of distinct trainsets working on disparate systems lifecycles and driving an ever-wider gap between legacy operational technology and hyper-connected customer facing systems. 
  • How can we instil a meaningful understanding of the technical considerations across business units?
  • Convincing stakeholders to put cyber resilience at the heart of decision making
  • Developing a holistic view – the skills gap and leadership

Speakers
avatar for Peter Williams

Peter Williams

Chief Information Security Officer, Manchester Airports Group (MAG)
Experienced senior security and risk professional, currently with Manchester Airport Group (MAG) as Chief Information Security Officer. MAG is the largest UK-owned airport operator, The Group owns four British airports, Bournemouth, East Midlands and Manchester Airport which is... Read More →


Tuesday November 6, 2018 9:30am - 10:00am
Royal Aeronautical Society

10:00am

Considerations and Methodologies for Securing 3rd Party Connections in Aviation Systems
Featuring case studies and guidance from the DHS and FBI, this presentation will explore cyberattacks through 3rd party connections and best practices to prevent them.

Speakers
avatar for Dennis Lanahan

Dennis Lanahan

Director World Wide Channel Partnerships & International Sales, Owl Cyber Defense Solutions, LLC.
Dennis joined Owl in the Fall of 2007, during his time at Owl he has directly influenced marketgrowth within Intelligence, DOD and critical infrastructure markets including power generation, oil& gas and growth outside the US marketplace. He joined Owl after four years as Director... Read More →


Tuesday November 6, 2018 10:00am - 10:30am
Royal Aeronautical Society

10:30am

Defending the Gates - Building an Effective Cyber Security Program
Cyber security is really about managing the business risks and mitigating the financial impacts associated with intellectual property loss, fraud or hacking, breaches responses, regulatory compliance or customer relations. While the focus is technology, the impacts are enterprise wide. In this presentation I discuss the differences in mind set between IT departments and hackers. I will introduce key factors in identifying the riskiest systems in an enterprise. I will then walk through the Center for Internet Security (CIS) 20 Critical Security Controls and how these can help an organization improve its security posture.


Speakers
avatar for Keith Turpin

Keith Turpin

Chief Information Security Officer and Head of Global Infrastructure Services, Universal Weather and Aviation
Keith is the Chief Information Security Officer (CISO) and Head of Global Infrastructure Services at Universal Weather and Aviation, an international aviation services company that operates 50 locations in 20 countries. He oversees all aspects of security strategy and global infrastructure... Read More →


Tuesday November 6, 2018 10:30am - 11:00am
Royal Aeronautical Society

11:00am

Networking Break
Tuesday November 6, 2018 11:00am - 11:30am
Royal Aeronautical Society

11:30am

Having Effective Cyber Conversations with your Board
  • Helping your Board understand Cyber Security
  • Educating the Board on how to measure and assess the risk relative to your organization
  • What a balanced conversation looks like?
  • What does cyber maturity look like and how do you measure it?
  • How to report key and relevant metrics
  • How to manage culture change within the organization to resolve the people side of this risk
  • What does a fully integrated Cyber Security Governance structure look like in the world of an ANS?

Speakers
avatar for Claudio Silvestri

Claudio Silvestri

Vice-President and Chief Information Officer, NAV CANADA
Claudio Silvestri is Vice-President and Chief Information Officer at NAV CANADA where he is responsible for providing executive leadership, direction and oversight of the Information Technology (IT) function for the Corporation including cyber security and IT governance.Mr. Silvestri... Read More →


Tuesday November 6, 2018 11:30am - 12:00pm
Royal Aeronautical Society

12:00pm

Setting Goals for Developing Improved Information Sharing Mechanisms – What are the Roadblocks and how Might we Start to Overcome them?
  • What are the latest initiatives that are making a difference?
  • Where should the balance lie between government and commercial leadership?
  • Why are many stakeholders hesitant to engage and where do we draw the lines between public and private information sharing?
  • Can we use some similar mechanisms to safety reporting to avoid unnecessary duplication of work?
  • What are the key limitations on cross-jurisdictional and cross sector information sharing and is there scope to overcome any of them?

Speakers
avatar for * Portia Lindiwe Simelane

* Portia Lindiwe Simelane

Group Manager: IT Governance & Resilience, Airports Company South Africa
* Subject to final confirmation
avatar for Michael Zaddach

Michael Zaddach

Senior Vice President and CIO, Munich Airport
Michael Zaddach has been a Senior Vice President and CIO at Flughafen München GmbH since 2000, which has repeatedly been awarded the title as Europe's best airport - most recently in 2016. His areas of responsibility cover IT-Governance, IT-Security, system development, system operation... Read More →


Tuesday November 6, 2018 12:00pm - 12:30pm
Royal Aeronautical Society

12:30pm

How the Information Security Competence Hub is Working Towards Developing a Connected Operational Workforce with Cyber Expertise

  • Introduction to the state-of-the art simulation, testing and training capabilities of the Information Security Hub
  • Addressing the need to improve cyber security "know how" in line with real operational need
  • What does a connected workforce look like in the aviation sector?

Speakers
avatar for Michael Zaddach

Michael Zaddach

Senior Vice President and CIO, Munich Airport
Michael Zaddach has been a Senior Vice President and CIO at Flughafen München GmbH since 2000, which has repeatedly been awarded the title as Europe's best airport - most recently in 2016. His areas of responsibility cover IT-Governance, IT-Security, system development, system operation... Read More →


Tuesday November 6, 2018 12:30pm - 1:00pm
Royal Aeronautical Society

1:00pm

Lunch
Tuesday November 6, 2018 1:00pm - 2:00pm
Royal Aeronautical Society

2:00pm

Understanding NIS Directive Cyber Assessment Frameworks and Implementation

•    What do Competent Authorities (CAs) require from Operators of Essential Services (OES) to assess cyber risk?
•    How are lead government departments, regulators and industry working together to develop a systematic method of assessing the extent to which an organisation is adequately managing cyber security risks in relation to the delivery of essential services?
•    Understanding Assessment methods and the Cyber Assessment Framework (CAF)


Speakers
avatar for Peter Drissell

Peter Drissell

Director Aviation Security, Civil Aviation Authority
Peter Drissell was appointed by the Civil Aviation Authority (CAA) as its first Director of Aviation Security in May 2013. Peter led the transfer of the Aviation Security function (and some 90 posts) from the Department for Transport (DfT) to the CAA, which took place as planned on... Read More →
avatar for Chris Johnson

Chris Johnson

Head of Computing, University of Glasgow
Chris Johnson is Professor and Head of Computing at the University of Glasgow. His work focuses on the intersection between cyber security and safety-critical systems, particularly in the aviation and civil nuclear domains. He has held two fellowships from NASA and two fellowships... Read More →
avatar for Dr John McCarthy

Dr John McCarthy

CEO, Oxford Systems
avatar for Stephen Williams

Stephen Williams

Senior Engineer and co-Chair of the CANSO Europe expert group on cyber security, CANSO
After graduating with a degree in Electrical and Electronic Engineering, Steve spent 7 years working for GEC Marconi Space and Defense Systems in their Electronic Warfare division where he also awarded an MSc in Computer Science.  After this he was employed by the National Air Traffic... Read More →


Tuesday November 6, 2018 2:00pm - 2:30pm
Royal Aeronautical Society

2:30pm

Strategic GDPR and Corporate Cyber Strategy Case Study
Speakers
avatar for Ram Levi

Ram Levi

Founder and CEO, Konfidas


Tuesday November 6, 2018 2:30pm - 3:00pm
Royal Aeronautical Society

3:00pm

Airservices Cyber Program & OneSky
Subject to final confirmation

Speakers
avatar for David Hyland

David Hyland

A/g Chief Information Officer, Air Services Australia
Senior Information Technology executive with 20 year’s management experience developing and executing strategies which promote organisational stability and growth.Extensive experience leading global technology, operations, applications & project teams across a diverse range of industries... Read More →


Tuesday November 6, 2018 3:00pm - 3:30pm
Royal Aeronautical Society

3:30pm

Networking Break
Tuesday November 6, 2018 3:30pm - 4:00pm
Royal Aeronautical Society

4:00pm

Providing the Foundation for Inter-operable Risk Assessments in Collaborative Environments
  • Understanding the need for trans-organisational risk management across the entire Aviation system
  • Understanding functional chains, responsibilities and how everything is linked
  • Aligning safety and security and providing interoperability in line with EASA's action plan

Speakers
avatar for Matias Krempel

Matias Krempel

Project Manager - Critical Cyber Infrastructure Protection, DFS Deutsche Flugsicherung GmbH
Setup of the company's project management organisation (deputy head of Project Office) Technical project management (Installation of new ATC towers)Concept and implementation of a project management training schemeDevelopment and operation of the compancy security management system... Read More →


Tuesday November 6, 2018 4:00pm - 4:30pm
Royal Aeronautical Society

4:30pm

Aligning the Development and Implementation of Cyber Security Strategy with Business Goals and risk Appetite
Speakers
avatar for Michele Hanson

Michele Hanson

Chief Information Security Officer, Gatwick Airport
Michele Hanson is the CISO for Gatwick Airport.  Gatwick is the busiest single runway airport in the world. She is responsible for the cyber resilience for IT and OT across the Gatwick campus. Michele was the CISO for News UK , where she was responsible for the major publishing... Read More →


Tuesday November 6, 2018 4:30pm - 5:00pm
Royal Aeronautical Society

5:00pm

Discussion Session: How can we base Decision-making on an Holistic Assessment of Safety and Business Risk?

  • Where have attempts to align security assessment with safety protocols succeeded?
  • Do we define “critical” in the same way when we talk about safety and security?
  • What are the fundamental cultural differences and are they insurmountable?
  • How can applying safety principles limit the efficacy of our approach to cyber security?
  • How does the growing cyber threat landscape affect our traditionally inward-looking approach to safety?
  • What are the practical barriers that need to be overcome to establish a bigger picture view of holistic risk and a develop a consummate strategy.

Speakers
avatar for Michele Hanson

Michele Hanson

Chief Information Security Officer, Gatwick Airport
Michele Hanson is the CISO for Gatwick Airport.  Gatwick is the busiest single runway airport in the world. She is responsible for the cyber resilience for IT and OT across the Gatwick campus. Michele was the CISO for News UK , where she was responsible for the major publishing... Read More →
avatar for Chris Johnson

Chris Johnson

Head of Computing, University of Glasgow
Chris Johnson is Professor and Head of Computing at the University of Glasgow. His work focuses on the intersection between cyber security and safety-critical systems, particularly in the aviation and civil nuclear domains. He has held two fellowships from NASA and two fellowships... Read More →
avatar for Matias Krempel

Matias Krempel

Project Manager - Critical Cyber Infrastructure Protection, DFS Deutsche Flugsicherung GmbH
Setup of the company's project management organisation (deputy head of Project Office) Technical project management (Installation of new ATC towers)Concept and implementation of a project management training schemeDevelopment and operation of the compancy security management system... Read More →


Tuesday November 6, 2018 5:00pm - 5:30pm
Royal Aeronautical Society

5:30pm

Drinks Reception and Dinner Sponsorship Available
Contact Marketing@cybersenate.com

Tuesday November 6, 2018 5:30pm - 8:30pm
TBA
 
Wednesday, November 7
 

9:00am

Session Reserved for ACSA
Speakers
avatar for * Portia Lindiwe Simelane

* Portia Lindiwe Simelane

Group Manager: IT Governance & Resilience, Airports Company South Africa
* Subject to final confirmation


Wednesday November 7, 2018 9:00am - 9:30am
Royal Aeronautical Society

9:30am

Aviation Cybersecurity Standards: Harmonising the Current Standards Landscape
Standards and guidance are proliferating in aviation cybersecurity, which can make it challenging to keep track of what is available and confusing to know which is appropriate for what purpose. Matt Shreeve will give an overview of the evolving aviation cybersecurity standards landscape and explain why a standards-led approach is ever more important.
  • Finding commonality and interoperability of standards
  • Facilitating people who use different standards to allow comparability
  • Developing trust by moving towards shared risk and assurance

Speakers
avatar for Matt Shreeve

Matt Shreeve

Principal Consultant and Aviation Cyber Expert, Helios
Matt is an expert in aviation cyber-security and a qualified ISO 27001 (Information Security Management System) Lead Auditor. Matt led the major SESAR cyber-security study in 2015 and also the SESAR airport cyber-security study last year. This builds on his past background of building... Read More →


Wednesday November 7, 2018 9:30am - 10:00am
Royal Aeronautical Society

10:00am

Panel Discussion: What key Lessons can be Learned from Comparative Industry Views
  • What lessons can be learned from the adoption of connected technologies in the automotive industry?
  • How has innovation driven efficiency and security in the maritime supply chain and what can be applied to the aviation sector?
  • Where could the convergence of military and civil aviation help to provide greater security?

Speakers
avatar for Ilgar AIiyav

Ilgar AIiyav

CISA, CISM, CRISC IT Governance and Information Security Services, Port of Baku
ILGAR ALIYEV, CISA, CISM, CGEIT, CRISC, COBIT5 ASSESSORTechnology Governance and Information Assurance, Port of BakuPartner, IT Governance and Information Security, Prima ConsultingHe managed audit and consulting projects on airport, seaport infrastructures, logistics. He engaged... Read More →
avatar for Rubi Arbel

Rubi Arbel

VP Aviation, Argus Cyber Security Ltd
Rubi Arbel is VP Aviation at Argus Cyber Security, a cyber solutions provider for the automotive and aviation industries. He has served for 28 years as an airforce pilot and since 2004 also as a cyber specialist. Rubi also co-founded and is a partner at the cyber consulting firm... Read More →


Wednesday November 7, 2018 10:00am - 10:30am
Royal Aeronautical Society

10:30am

The Strategic Importance of Data Protection - Requirements in a Connected Environment

  • Understanding data-led value creation and the critical importance of data protection 
  • GDPR requirements – Compliance from an airline perspective
  • How can databases be better protected and what are the technical challenges we face?


Speakers
avatar for Niromal Jayawardana

Niromal Jayawardana

IT Security Manager, Sri Lankan Airlines
MSc Information Systems Security BSc (Hons) Information Technology (Computer Systems &Networks) MBCS,CISM Specialties: Information Technology Security Information Security Management ISO27001 Implementation, Security Audits & Assessments


Wednesday November 7, 2018 10:30am - 11:00am
Royal Aeronautical Society

11:00am

Networking Break
Wednesday November 7, 2018 11:00am - 11:30am
Royal Aeronautical Society

11:30am

Cybersecurity Risk Evolution in Air Traffic Management
  • What does the current threat landscape look like?
  • What can we project might be around the corner?
  • How are we rising to the challenges ahead?

Speakers
avatar for John Hird

John Hird

ATM Security Specialist Directorate ATM, CMC/SEC, EUROCONTROL
John joined EUROCONTROL in 1992, and lead engineering teams in both the Karlsruhe and Maastricht ATC centres, working on the development of Flight Data Processing Systems, developing air traffic statistics tools, and modernising legacy systems processing airspace environmental data.Since... Read More →


Wednesday November 7, 2018 11:30am - 12:00pm
Royal Aeronautical Society

12:00pm

Aviation Communications Systems Vulnerability
  • What are the systems vulnerabilities in aeroplane communications systems that you need to know about?
  • How might these vulnerabilities be exploited?
  • What can we do about it?

Speakers
avatar for Prof Prashant Pillai

Prof Prashant Pillai

Director, Professor of Cyber Security, Wolverhampton Cyber Research Institute
Prof Prashant Pillai has over 15 years of research experience and specializes in the area of Communication protocols and Cyber Security. He is currently the Director of the Wolverhampton Cyber Research Institute. The Institute comprises of over 20 academic staff with research carried... Read More →


Wednesday November 7, 2018 12:00pm - 12:30pm
Royal Aeronautical Society

12:30pm

Protecting the Air-Ground Link in Aviation
  • -None of the currently used wireless communication technologies in aviation are secure from a theoretical nor a practical point of view. Their development has been overtaken by cheap consumer hard- and software.

  •  All sorts of different threat actors may exploit these technologies, for different motivations. We have many case studies, which show that pressing problems exist that impact the industry now.

  • Aircraft will need secure communication technologies based on cryptography as soon as possible but this will take a long time until widely adopted. In the meantime, we can quickly deploy anomaly detection systems that detect attacks without changes to the existing systems.

  • Carefully including the impact of potential cybersecurity incidents into the training of aviation professionals (i.e., pilots, controllers) can be a promising option, too, but this needs a lot more research.

  • Working *with* academics and other independent security researchers is important. Learn how to manage a responsible disclosure process from the software industry 

Speakers
avatar for Dr. Martin Strohmeier

Dr. Martin Strohmeier

Junior Research Fellow, University of Oxford
Martin Strohmeier (PGP key) is a post-doctoral researcher in systems security in the Department of Computer Science at the University of Oxford. His main research interests are currently in the area of network security, including wireless sensor networks and critical infrastructure protection.During his... Read More →


Wednesday November 7, 2018 12:30pm - 1:00pm
Royal Aeronautical Society

1:00pm

Lunch
Wednesday November 7, 2018 1:00pm - 2:00pm
Royal Aeronautical Society

2:00pm

Implementing AI and Machine Learning to Support Real-time Monitoring and Detection
 
In an era where OT and IT are increasingly converging, the threat to critical infrastructure is growing and the need to understand and secure complex networks has become unavoidable. Modern industrial networks are highly complex systems involving the interaction of diverse and bespoke devices – legacy products, proprietary protocols, and custom solutions often work side by side with corporate IT technologies and the new generation of Internet of Things devices. The challenge of providing full coverage of enterprise, industrial and IoT environments has never been greater, meaning innovations using machine learning and AI must be explored.
 
  • How much of a challenge has overlaying AI on legacy systems presented and what solutions were deployed to overcome it?
  • How has SCADA and ICS Cybersecurity expertise been leveraged to design a system that allows machine-learning algorithms to view and interpret data in the right way?
  • How has the use of AI driven speed, scale and accuracy in anomaly detection and response and how has this translated into tangible benefit?
  • What limitations have been identified in the capabilities of AI to provide a consistent and accurate picture of OT security and where is work needed to provide the framework for more advanced applications?

Speakers
avatar for Andrew Tsonchev

Andrew Tsonchev

Director of Technology, Darktrace Industrial
Andrew oversees Darktrace’s OT security offerings, providing cyber defense solutions for industrial environments. Andrew has worked extensively across all aspects of Darktrace's technical and commercial operations, and advises Darktrace’s strategic Fortune 500 customers on advanced... Read More →


Wednesday November 7, 2018 2:00pm - 2:30pm
Royal Aeronautical Society

2:30pm

Airport Cyber Security: Greenfield Setups & Future Innovations
• Scope & Challenges: What is Different about Cyber Security in Airports Industry?
• Cyber Security in New Airport Design: Muscat International Airport Case Study
• Airport Technology Innovations: New Threat Landscape vs. Improved Customer Experience & Operations
• Practical Approach for Implementing Airport Cyber Security Program

Speakers
avatar for Mohammed Hassan Al Lawati

Mohammed Hassan Al Lawati

ICT Development Senior Manager, Oman Airports
Mohammed has over 10 years of consultancy and implementation experience in information security, IT governance, ICT strategy & innovation in vertical industries in MENA region, out of which the last 6 years have been in aviation sector. Mohammed holds a Bachelor’s degree in Computer... Read More →


Wednesday November 7, 2018 2:30pm - 3:00pm
Royal Aeronautical Society

3:00pm

Networking Break
Wednesday November 7, 2018 3:00pm - 3:30pm
Royal Aeronautical Society

3:30pm

Leveraging Technology Transformation Programs to Improve Cyber Outcomes
With an ever growing risk profile and often vast distributed IT assets to keep secure, Airport organisations need to find ways to make quick and efficient progress in improving their Cyber security posture.   One such opportunity is to ride on the coat-tails of wider Technology Transformation projects, where often tangible and visible benefits are being delivered to passengers and internal departments. 
 
  • Where to start the conversation?
 
  • Simplify the estate = simplify the risk
 
  • Finding ways to sell Cyber as an enabler

Speakers
avatar for Russell Willans

Russell Willans

Chief Technology Officer & CISO, Heathrow IT
Russell Willans is the Chief Technology Officer and CISO for Heathrow Airport, which is the busiest Airport in Europe serving 78M Passengers in 2017.In his role he is responsible for the Technology Strategy and Roadmaps for the Airports IT and OT systems, as well as being the CISO.In... Read More →


Wednesday November 7, 2018 3:30pm - 4:00pm
Royal Aeronautical Society

4:00pm

The Impact of Next-Generation Digital Technology on Cyber Security
  • Can a zero tolerance to error approach be reconciled with a rapid drive towards greater efficiency?
  • What impacts can we expect from the implementation of ICAO ASBU digital technology plans like ADS-B, MLAT, GNSS & VHF data link (VDL) modes
  • What vulnerabilities could arise from the increased use of Artificial Intelligence to reduce delays and limit human error?


Speakers
avatar for Kibreab Kibebew Wordofa

Kibreab Kibebew Wordofa

Aviation CNS/ATM Engineer and President of Ethiopian CNS Engineering Professionals Association, Ethiopian Civil Aviation Authority


Wednesday November 7, 2018 4:00pm - 4:30pm
Royal Aeronautical Society

4:30pm

"Resilience-by-design" - Round Table Discussions
With the provision of digital services fast becoming the key battleground on which competitors are fighting for custom is there a danger of information security being little more than an afterthought?
  • Is enough being done to consider long term business risk against short term value add?
  • Are we taking cyber security into consideration in the process of digitisation?
  • Where are we seeing the implementation of intrinsically more secure technologies and how can these be further leveraged?
What more needs to be done to protect data privacy in aviation systems?
Led by Dr Martin Strohmeier

Aligning IT and Technical teams in engineering procurement?
Led by Niromal Jayawardana

How can we ensure the security of mobile devices internationally?
Led by Keith Turpin

Instilling Cyber Security by design in Agile Development
Led by Dr John McCarthy

Wednesday November 7, 2018 4:30pm - 5:30pm
Royal Aeronautical Society
 

Twitter Feed