Conference Programme

08:00 - 09:00
Registration
09:00 - 09:10
Welcome Address
09:10 - 09:25
Keynote Address: Regional collaboration and its impact on oil and gas infrastructure security
  • Essential to the industry’s security and resilience is the ability to quickly disseminate accurate information to help in the fight to combat the most complex cyber and critical infrastructure security threats in a more comprehensive and effective manner.

    Key topics and take aways

    •     Spotlight on critical infrastructure threats and front line protection strategies across the Middle East
    •     Insights into monitoring high levels of vigilance and implementing active defence mechanisms to protect against infrastructure attacks
    •     The benefits of collaboration to identify cyber vulnerabilities and fight against and prevent repeat cyber attacks
    •     Initiatives with technology assessed against the rapidly changing threat landscape  
09:25 - 10:25
Panel Discussion: Proactive defence and offensive security measures for the protection of oil and gas critical infrastructure
  • The continuous protection of oil and gas critical infrastructure from pipelines, offshore rigs, oil tankers and gas fields are crucial to the continuous day to day operations and performance of the sector.

    Key topics and take aways

    •     Learn what security and resilience mean from an oil and gas critical infrastructure perspective, plus coordinated approaches, key resource roles and responsibilities for NOC, IOC, federal and private sector security       partners
    •     Protecting against piracy - the disruption and physical threat of vessel hijack attacks and the importance of improving security of strategic maritime trade routes through the Suez Canal and beyond
    •     Strengthening security at high risk oil, gas, refining and petrochemical facilities – understanding vulnerability assessments and implementing risk based protection programmes designed to deter and mitigate against     attacks
    •     Can a security framework and policy for public private-partnerships deliver security to the oil and gas sector?
10:25 - 11:00
Coffee Break
11:00 - 11:45
Panel Discussion: Assessing the global cost of oil and gas cyber crimes, policy and legislation effects on the industry 2017-2020
  • Costing the world hundreds of millions of dollars every year, cyber crime is on the increase, making it imperative that oil and gas operators take the threat seriously and understand the potential costs to their business.

    Key topics and take aways

    •     What is the monetary impact of a cyber crime in the oil and gas sector and how do you put a financial value to a cyber crime on your business?  And why does it matter?
    •     Implementing strategies, IT processes and  high-tech defences to reduce the cost of oil and gas cyber crime 
11:45 - 12:30
Panel Discussion: Evaluating Insider threat solutions from technology and intelligence
  • Major cyber security threats across a business are mostly through internal human negligence or carelessness making it vital that companies make the appropriate investments in human capital, processes and technologies in order to improve their cyber readiness.

    Key topics and take aways

    •     Insider threats pose the most serious risks to critical operations; assessments, vulnerabilities and consequences
    •     Managing human factors in information security, human transformation and employee upskilling
12:30 - 13:30
Lunch Break
13:30 - 14:30
Addressing advanced ransomware attacks and what the recent outbreaks mean for the oil and gas industry
  • Key Take aways

    • Developing a risk mitigation strategy and measuring risk management approaches within the business to combat and manage the ever increasing dynamic and adaptive ransomware attacks
    • How to design and implement standards that reduce exploitable conflicts in IT systems across the oil and gas industry
    • Strengthening modern information security departments to prepare them for potential oil and gas ransomware attacks
    • Securing the electronic messaging infrastructure in your organisation as a first step in avoiding ransomware attacks
    • Evaluating intelligent analyses on what is happening on your system in order to fight back offenders
14:30 - 15:30
Case studies: Delving in on new security designs and the retrofitting of existing Industrial Control Systems (ICS) to secure facilities
  • Malware and cyber attacks are posing new threats across the oil and gas industry and are exposing weaknesses in Industrial Control System (ICS) designs.  Safeguarding this critical area requires a unique mix of technical and operating procedures into how threat actors (hostile nation-states, terrorist and hacktivist organisations) can compromise industrial controls that operate and manage industrial processes.

    Key topics and take aways

    •     Analysing security design architecture and evaluating lost control events to date in ICS
    •     What are the mistakes made in automation when designing control systems?
    •     Learn what is normal vs abnormal activity relative to standard protocols in ICS
    •     The biggest vulnerability to organisations is the outdated and ageing control systems in facilities - how can the industry protect their existing control systems?
15:30
Panel discussion: The future of IOT and the oil and gas industry – Where are we headed?
  • Identifying the latest trends of IOT connectivity and IOT solutions for the oil and gas sector to fulfill their needs as security becomes a serious consideration. 

    Key topics and take aways

    •     Deploying, securing, managing and monitoring IOT infrastructure for the oil and gas sector
    •     Overcoming challenges to keep the Internet of Things ecosystem connected and safe
    •     Discover how Internet of Things (IoT) technology applies to the future of the oil and gas industry from the perspectives of exploration and production
    •     Cyber security and the Internet of Things - how should oil and gas operators stay ahead?
08:00 - 09:00
Registration
09:00 - 09:10
Welcome Address
09:10 - 09:25
Keynote Address: The state of cyber security across the oil and gas industry -Worth Investing in or worth risking?
  • The deployment of cyber security measures in the oil and gas industry are not keeping pace with the growth of digitalisation in oil and gas operations. Most of the oil and gas companies in the Middle East and GCC region have low to medium cyber security readiness causing security compromises that are resulting in loss of data and therefore need to understand the cyber security matrix in order to be able to fight against malicious attacks.

    Key topics and take aways

    •     Ensuring appropriate levels of sector participation (IOC’s and NOC’s) to increase cyber security awareness
    •     Recognising the importance of defence mechanismsagainst cyber threats in the oil and gas sector
    •     Analysing organisational challenges for cyber security readiness in oil and gas
09:25 - 10:25
Panel Discussion: Convergence of Operational Technology (OT) and Information Technology (IT) and addressing the security landscape
  • IT/OT convergence will provide better transparency with regards to cost and structures and therefore lead to efficiencies in oil and gas. This session will discuss specific attacks and vulnerabilities related to oil and gas companies as well as guidelines and processes on how to avoid them. Experts say there is greater risk in the OT than the IT environment. An average of 46% of all cyber attacks in the OT environment go undetected, suggesting the need for investments in technologies that detect cyber threats to oil and gas operations.

     

    Key topics and take aways

    •     Understanding the risks connected to oil and gas companies infrastructure from both IT and OT perspectives
    •     Applying standards and governance principals for IT and OT to ensure cost reductions
    •     Enhancing performance through the integration of IT and OT
10:25 - 10:55
Coffee Break
10:55 -11:55
Panel discussion: Security and compliance risks in cloud computing
  • Cloud based services should be engineered and operated with security in mind, and the operational processes should be integrated into the organisations security management.

     

    Key topics and take aways

    •  Insights into cloud visibilty assessment in the oil and gas industry
    •  Achieving operational excellence through cloud adaption of interdependent application deployments in oil and gas
    •  Security and compliance awareness in cloud computing - what are the various cloud models and services available and how should the oil and gas sector assess which ones are the most effective for your organisation?  
11:55 - 12:30
Panel Discussion: Assurance and risk management methods for oil and gas supply chain security and business continuity
  • Oil and gas supply chain management involves configuration, coordination and improvement in security measures across Exploration → Production → Refining → Marketing → Consumer.  Cyber risks, especially across the supply chain, are difficult to address.

     

    Key topics and take aways

    •     Developing security solutions and strategies for acute supply chain management issues
    •     Identifying the seamless technologies that run throughout the entire supply chain cycle in the oil and gas sector
    •     Exploratory information is most vulnerable to a cyber attack in the oil and gas value chain. What types of cyber attacks should you watch out for throughout the supply chain cycle?
12:30 - 13:30
Lunch Break
13:30 - 14:30
Technology woes for the oil and gas industry
  • Cyber security is an ever increasing concern for the energy sector as cyber crimes become bolder and more viscious. Innovations have assured technological evolution, with these rapid advancements it is imperative the energy sector stays vigilant of emerging technological trends to make certain their systems are protected from new attacks at all times.

     

    Key topics and take aways

    •     Assessing the latest security technologies available to ascertain which specific technologies are vital to securing oil and gas infrastructure
    •     How much technology is needed to improve security in the oil and gas sector?
    •     How can oil and gas companies adopt proactive solutions rather than reactive solutions to establish appropriate cyber defences?
14:30 - 15:30
Offensive protection with big data and analytics in the oil and gas sector
  • Oil and gas companies are increasingly analysing their data, but what happens when we bring big data into the equation?  Eliminating ineffiencies and harnessing the power of big data analytics to drive excellence in oil and gas and secure data.

     

    Key topics and take aways

    •     Implementing successful information management strategies for the protection of big data analytics in the oil and gas sector
    •     Increasing productivity and efficiency across all major business units through best practices for data harmonisation and security and safety measures
    •     Determining where to place investment in technology R&D for securing data analytics tools and applications
15:30 - 16:30
Improving cyber security of Supervisory Control and Data Acquisition (SCADA) networks, process, protection and protocol
  • Supervisory control and data acquisition (SCADA) networks are considered to be the nervous system in the oil and gas industry and its secure protection is imperative.

     

    Key topics and take aways

    •     As most current SCADA (critical) components operate in a context that is completely different from what they were initially designed for, what system upgrades and protection measures have been taken to improve     the obvious security risks in current SCADA systems?
    •     How can government and private sector work together diligently to ensure protection for these critical components in all corporate cyber strategies?
    •     The importance of developing human competency and security skills sets to effectively manage scada system components
    •     Navigating through the perspective of cyber security as applied to process safety