Operational Technology Cybersecurity Expert Panel Forum 2023
ABOUT OTCEP FORUM | PROGRAMME | SPEAKERS | 2023 OTCEP MEMBERS
The establishment of an Operational Technology Cybersecurity Expert Panel (OTCEP) was first announced at the Singapore International Cyber Week 2020. The OTCEP forum augments efforts under the OT Cybersecurity Masterplan which was developed to enhance the security and resilience of Singapore’s critical sectors, improve cross-sector response to mitigate cyber threats in the OT environment and strengthen partnerships with stakeholders.
Cyber threats to OT, especially Industrial Control Systems (ICS), are increasing in frequency and sophistication. It is therefore imperative to strengthen local cybersecurity capabilities and competencies in the OT sector.
The OTCEP forum will allow Singapore’s OT cybersecurity practitioners, operators, Industry, researchers, and policy makers from the Government, Critical Information Infrastructure (CII) sectors, academia and other OT industries to engage internationally renowned experts. Drawing from appointed members’ respective experience in OT domains in engineering, operations and governance, the OTCEP forum will discuss key global OT technologies, emerging cyber threats, share insights from their experience in handling global cybersecurity incidents, and recommend practices to address cybersecurity challenges and gaps for the OT sector.
DAY 1, 22 AUGUST 2023
GUEST-OF-HONOUR
Mrs Teo was the Minister for Manpower from May 2018 till May 2021. She previously served in the Prime Minister’s Office and the Finance, Transport and Foreign Affairs ministries.
A member of Parliament since 2006, Mrs Teo was formerly Chairman of the Government Parliamentary Committee for Education and Assistant Secretary – General of the National Trades Union Congress (NTUC). Mrs Teo was concurrently Chief Executive Officer of the not-for-profit organisation Business China.
An alumna of Dunman High School and Raffles Junior College, Mrs Teo graduated from the National University of Singapore, winning several honours including the Rachel Meyer Book Prize for being the Best Woman Student. She obtained a Master of Science in Economics from the London School of Economics on scholarship from the Economic Development Board.
She is married and has three grown-up children. She enjoys creating memorable experiences for family and friends.
WELCOME REMARKS
As Commissioner, he has the legal authority to investigate cyber threats and incidents to ensure that essential services are not disrupted in the event of a cyber-attack. As Chief Executive of CSA, he leads Singapore’s efforts to provide dedicated and centralised oversight of national cyber security functions. These include enforcing the cybersecurity legislation; strategy and policy development; cyber security operations; ecosystem, R&D and capability development, public outreach and international engagement. Concurrently, as Chief (Digital Security & Technology), he oversees digital security policy and technology capability development in the Ministry of Communications and Information.
Mr Koh also sits on the Boards of the Government Technology Agency (GovTech), the Monetary Authority of Singapore (MAS) Cyber Security Advisory Panel and the Healthcare Cybersecurity Advisory Panel (HCAP).
Prior to his current appointments, Mr Koh served in the Singapore Armed Forces and held various command and staff appointments in the Ministry of Defence and the SAF. He previously held the positions of Defence Cyber Chief; Deputy Secretary (Technology); Director Military Security and Chief Signals Officer.
Mr Koh is the recipient of the first Billington CyberSecurity International Leadership Award. He has also been awarded the Public Administration Medal – Gold, the Public Administration Medal – Silver (Military), the Public Administration Medal – Bronze (Military), and the Commendation Medal (Military).
Mr Koh has a Master’s degree in Public Administration from Harvard University, USA; and a Bachelor’s degree in Electrical and Electronics Engineering from King’s College, London, UK.
He and his wife, Marlene, have three children, Daniel, Rachel, and Michael.
Robert is a recognised authority in the industrial cybersecurity community. He is CEO and co-founder of Dragos, a global technology leader in cybersecurity for industrial controls systems (ICS)/operational technology (OT) environments. In addition, Robert serves on the Department of Energy's Electricity Advisory Committee as the Vice Chair of the Department of Energy's Grid Resilience for National Security Subcommittee, and is a member of the World Economic Forum's subcommittees on Cyber Resilience for the Oil & Gas and Electricity communities.
Robert is routinely sought after for advice and input on cybersecurity for industrial infrastructure and is regularly asked to brief national leaders. He testified to the U.S. House of Representatives Committee on Energy and Commerce--Subcommittee on Oversight and Investigations, and to the U.S. Senate Energy and Natural Resources Committee, to advise on policy issues related to critical infrastructure cyber threats. He has also presented at the World Economic Forum Annual Meeting in Davos, and industry leading conferences such as RSA, SANS, BlackHat, and DefCon on the topic of industrial cybersecurity and threats. He serves on the board of the National Cryptologic Foundation.
Robert began his pioneering work in ICS/OT cybersecurity as a U.S. Air Force Cyber Warfare Operations Officer tasked to the National Security Agency, where he built a first-of-its-kind mission identifying and analysing national threats to industrial infrastructure. He went on to build the industrial community's first dedicated monitoring and incident response class at the SANS Institute (ICS515) and the industry recognised cyber threat intelligence course (FOR578).
SC Media named Robert the Security Executive of the Year for 2022. A business leader but also technical practitioner, he helped lead the investigation into the 2015 attack on Ukraine's power grid, the first time an electric system was taken down due to a cyberattack. With his team at Dragos he has been involved in the most significant cyberattacks on industrial infrastructure, including the investigation and analysis of the 2016 attack on Ukraine’s electric system, the 2017 TRISIS attack on a Saudi Arabian petrochemical facility in the first attempt to try to kill people through malicious software, and the 2021 Colonial Pipeline ransomware attack. In 2022, his team at Dragos uncovered PIPEDREAM, a highly flexible framework to attack industrial infrastructure globally. Robert’s work has been featured in the book Sandworm and on 60 Minutes.
For over 20 years, Dale Peterson has been on the leading/bleeding edge helping security- conscious asset owners effectively and efficiently manage risk to their critical assets. He has pioneered numerous Industrial Control Systems (ICS) security tools and techniques, such as the first intrusion detection signatures for ICS that are now in every commercial product. In 2007, he created S4 Events to showcase the best offensive and defensive work in ICS security and build a community. S4 is now the largest and most advanced ICS event in the world.
Sarah Fluchs is the CTO of admeritia, which specialises in security consulting for the process industry, manufacturing, and critical infrastructures. Prior to her current role, Sarah has developed cybersecurity guidance for the water sector at the German Federal Office for Information Security (BSI).
A process and automation engineer herself, Sarah is convinced that creating solid engineering methods that speak the language of automation engineers is key for OT Security. Her main research interests include security engineering, security by design, security for safety, and security diagrams and information models.
She currently leads a government-funded research project on security by design for ICS in cooperation with industry partners INEOS and HIMA, two German universities, and NAMUR (User Association of Automation Technology in Process Industries).
Marco (Marc) Ayala has over 25 years of experience where he designed, implemented, and maintained process instrumentation, automation systems, safety systems, and process control networks. He is the Global Director and IACS cybersecurity sector lead with 1898 & Co. the consulting arm of Burns & McDonnell Engineering Company. With around two decades focused specifically on industrial cybersecurity, he has led efforts to secure the oil and gas (all streams), maritime port, offshore facilities, and chemical sectors, supporting federal, local, and state entities for securing the private sector.
Marco is highly active in ISA and is a longtime member. He is a Senior member and a certified cyber instructor for ISA (62443) and a volunteer member contributor of the AMSC Gulf of Mexico (GOM) cybersecurity committee as Chair of Threat Intelligence and Cybersecurity for the outer continental shelf (OCS) , InfraGard member, Chief of the Maritime Cross Sector Council for ports and terminals and AMSC chair for cybersecurity for Houston. He sits on the Safety and Security Division (SAFESEC) committee and is their liaison to the ISA Global Cybersecurity Alliance.
Zachary (Zach) Tudor is responsible for INL’s Nuclear Nonproliferation, Critical Infrastructure Protection and Defense Systems missions. Previously, Tudor served as a Program Director in the Computer Science Laboratory at SRI International, where he supported cyber security and critical infrastructure programs such as DHS Cyber Security Division’s Linking the Oil and Gas Industry to Improve Cybersecurity (LOGIIC) consortium, and the Industrial Control System Joint Working Group R&D working group. He has served as a member of (ISC)2’s Application Security Advisory Board and the NRC’s Nuclear Cyber Security Working Group, as well as the Vice Chair of the Institute for Information Infrastructure Protection at George Washington University. He is a Professor of Practice in the Computer Science Departments of the University of Idaho and Idaho State University, is the Chair of the Board of Directors of the International Information Systems Security Certification Consortium (ISC)2, and a member of the Commonwealth Cyber Initiative advisory board (Virginia).
Eric Byres is an expert and visionary in the field of SCADA/ICS and IIoT security. Experienced in controls engineering, cyber security research and corporate management, he offers a unique blend of deep technical knowledge and practical business experience.
Eric is best known for inventing and successfully commercialising the Tofino Firewall, the world’s most widely deployed ICS security appliance. Tofino technology has received numerous industry awards and is licensed by industry giants such as Honeywell, Schneider Electric and Caterpillar. Eric was also the inventor of GE’s Achilles Security Platform and was the founder of two successful consultancies in the industrial field.
Before starting Tofino Security, Eric founded the British Columbia Institute of Technology’s Critical Infrastructure Security Center. He shaped it into one of North America's leading academic facilities in the field of ICS security, culminating in a SANS Institute Security Leadership Award in 2006.
Eric is also widely respected for his leadership in international standards for industrial environments. This included chairing the ISA99 Security Technologies Working Group (2004 to 2011). He also served as the chair of ISA99 Task Group 2, conducting an analysis of ISA/IEC-62443 standards with respect to Stuxnet.
Eric’s achievements include testifying to the US Congress and receiving awards from numerous international organisations, such as the “IEEE Outstanding Industry Applications Article Prize” in 2000 and the “ISA Donald P. Eckman Education Award” in 2004. Eric was made an ISA fellow in 2009 and given the ISA’s highest honour, “ISA Excellence in Leadership”, in 2013.
Today Eric is the CTO of aDolus Technology Inc, a cybersecurity research and development company focusing on improving the security of the software supply chain for OT. He is member of the NTIA SBOM Awareness & Adoption Committee and has authored numerous articles of Software Bill of Materials. Eric is also the Senior Partner at ICS Secure, advising investors and IT companies entering the ICS and “Internet of Things” security markets.
Dr Lim Woo Lip is currently the Chief Technology Officer (Cyber) of ST Engineering, overseeing the research and advanced solution development in cybersecurity. Woo Lip is also a member of the Board of Governors and Chairman of the School of Infocomm Advisory Committee at Republic Polytechnic (RP). He is also the Joseph K. TWANMOH Chair Professor at Soochow University, Taiwan, and he chairs the Advisory Committee of Soochow University’s Cyber Security Centre of Excellence. Woo Lip is also a member of the Coordinating Committee for Cybersecurity in Singapore.
Prior to joining ST Engineering, Woo Lip was the Executive Vice President (Technology and Capability) of Ensign Infosecurity and the Vice President Data Analytics and Cyber Security of StarHub from 2013 to 2020. During this period, he helped StarHub to build up the big data analytics capability and establish StarHub’s Cyber Security Centre of Excellence (CS-COE) that was subsequently merged with two other entities to form Ensign Infosecurity in Oct 2018. Woo Lip also worked in the Ministry of Defence (MINDEF), Centre for Strategic Infocomm Technologies (CSIT) and the Singapore Armed Forces (SAF) on technologies related to national security for 25 years before joining StarHub.
Woo Lip is also a technical reviewer for various professional journals and conferences. He was also a member of Cybersecurity Advisory Group (CAG) to Minister-in-Charge of Cybersecurity in Singapore from 2019 to 2022. Woo Lip was conferred the Singapore Computer Society IT Leader Professional of The Year Award in 2017 and the Leader Award at the Inaugural Cyber Security Awards in 2018 by the Association of Information Security Professionals.
Saltanat Mashirova is an Advanced Cybersecurity Architect at the Honeywell Centre of Excellence. She has extensive on-site experience primarily on the oil and gas sector and has been actively involved in SAT (Site Acceptance Testing), FAT (Factory Acceptance Testing), integration of brownfield and greenfield assets, cybersecurity assessment, ISA/IEC 62443 compliance, project engineering, network installation and configuration, commissioning and start-up supervising, and cybersecurity vulnerability assessments.
In her current role, Saltanat provides training for global Honeywell cybersecurity engineers and asset owners with executing various cybersecurity-related activities on new projects and at mature assets. Saltanat develops implementation procedures and guides field-deployed cybersecurity engineers. She also performs global cyber-physical risk assessments, vulnerability assessments, and OT (Operational Technology) penetration testing. Furthermore, Saltanat conducts workshops with asset owners to discuss the challenges and provides a platform to build mature cybersecurity plans collaboratively. Ultimately, Saltanat desires to empower asset owners by providing guidance and strategies to enhance their cybersecurity posture.
Saltanat is actively involved in the cybersecurity community and is the President of ISACA Astana Chapter, the founder of Women in Cybersecurity Kazakhstan, and the Presidential Scholarship awardee (Kazakhstan) for the University of California's master's program focusing on networked systems, certified in CISSP, GICSP, GRID, CISM, CISA, TOGAF, ISA 62443, ISO 27001, etc.
Prior to TXOne Networks, Terence was the Vice President of Trend Micro. He led Trend Micro‘s Network Threat Defense Technology Group to expand the company’s footprint into the telecommunication network, extending protection for IoT devices and services from on-premises to the edge and the core.
Before joining Trend Micro, Terence was the CEO of Broadweb. He defined and created its Deep Packet Inspection products and business, winning numerous leading networking and security vendors as customers. BroadWeb was finally acquired by Trend Micro in October of 2013.
Terence earned his PhD and M.S. degree in Computer Science from National Tsing-Hua University, and holds several patents and IEEE/ACM publications.
Justin Searle is the Director of ICS Security at InGuardians, specialising in ICS security architecture design and penetration testing. He led the Smart Grid Security Architecture group in the creation of NIST Interagency Report 7628 and has played key roles in the Advanced Security Acceleration Project for the Smart Grid (ASAP-SG), National Electric Sector Cybersecurity Organization Resources (NESCOR), and Smart Grid Interoperability Panel (SGIP).
Justin has taught courses in hacking techniques, forensics, networking, and intrusion detection for multiple universities, corporations, and security conferences. He is currently a Senior Instructor for the SANS Institute and a faculty member at IANS. In addition to electric power industry conferences, Justin frequently presents at top international security conferences such as Black Hat, DEFCON, OWASP, Nullcon, and AusCERT.
Justin leads prominent open source projects including the ControlThings Platform, Samurai Web Testing Framework (SamuraiWTF), Samurai Security Testing Framework for Utilities (SamuraiSTFU). He has an MBA in International Technology and is a CISSP and SANS GIAC certified Incident Handler (GCIH), Intrusion Analyst (GCIA), Web Application Penetration Tester (GWAPT), and GIAC Industrial Control Security Professional (GICSP).
