Attacks and Vulnerabilities
Critical infrastructure
Events
IT/OT Collaboration
News
Threat Landscape
Vulnerabilities

CS4CA APAC Summit 2024: Uniting IT and OT cybersecurity leaders in Singapore for enhanced cyber resilience

February 16, 2024
CS4CA APAC Summit 2024: Uniting IT and OT cybersecurity leaders in Singapore for enhanced cyber resilience

The fifth annual CS4CA APAC – Cyber Security for Critical Assets APAC Summit is scheduled to be held in Singapore on 3rd – 4th April. This time it will be co-located with the APAC Cyber Summit, to help cybersecurity leaders from both IT and OT (operational technology) security environments to strengthen their organizations’ defenses against malicious actors.

Organized by QG Media, the CS4CA APAC aims to unite over 100 security leaders from various critical infrastructure sectors across the Asia Pacific region, including energy, agriculture, oil and gas, manufacturing, aviation, and transport. In parallel, the APAC Cyber Summit will focus on addressing the specific cybersecurity challenges encountered by industries such as banking and finance, FMCG, insurance, logistics, engineering, automotive, utilities, and food and beverage. Both events are designed to facilitate networking, learning, and collaboration among senior IT and OT stakeholders, to enhance cyber resilience.

The 2024 CS4CA APAC Summit is set to feature dynamic presentations, case studies, panel discussions, and roundtables hosted by major cybersecurity players within the region’s critical industries. A-list speakers provide insights based on first-hand lessons learned, assess best practices and industry frameworks, and analyze current trends and predictions for the cybersecurity landscape in the region.

The topics to be addressed at this year’s summits include:  

  • How to Make OT Security an Integral Component of Your Company’s Value Proposition
  • Public & Private Sector – Working Together to Ensure the Cyber Security Resilience of Critical Information Infrastructure
  • Cyber Resilience Strategy and Board Reporting in Healthcare
  • How Should We Present Risk to the Board?
  • Is More Regulation the Way Forward?
  • Utilizing Artificial Intelligence for Detection and Protection

Expectations for 2024 CS4CA APAC Summit

Industrial Cyber connected with some of the attendees of the CS4CA APAC summit, gaining insights into their expectations and objectives for participating in the 2024 CS4CA APAC Summit.

“The opportunity to meet like-minded IT Security professionals and exchange lessons learned, interesting initiatives, opportunities, and challenges,” Francesco Ferri, OT security deployment and operations lead at GSK, told Industrial Cyber. “I am always interested in learning something new and sharing opinions, views, thoughts with other SMEs to improve my knowledge, get to know new technologies, new approaches and be aware of current threats and what could be future trends.” 

Francesco Ferri, OT security deployment and operations, GSK
Francesco Ferri, OT security deployment and operations, GSK

He added, “We need to stay relevant and follow the changes in such fast evolving environment and make sure we do what we can to protect our infrastructure.” 

“I am hoping to gain knowledge, insights, and information I can use in my daily activities,” according to Ferri. “I hope to meet new people and expand our network because information sharing is key to protecting our OT systems. I am also hoping to share some experience about new risks that could come along with digitalization and the push for smart manufacturing.”

Osmar Couto, senior principal consultant for OT Cyber Security at NeXT Autonomous (APAC/EMEA), Worley Consulting, told Industrial Cyber that two things come to mind – “First, I have the chance to meet like-minded professionals with diverse experience and from other fields of OT Cyber Security. APAC is a very condensed area of different OT infrastructure, sometimes due to the natural resources of each country but sometimes due to the local regulations and laws.”

CS4CA APAC Osmar Couto, senior principal consultant for OT Cyber Security at NeXT Autonomous (APAC/EMEA), Worley Consulting CS4CA APAC
Osmar Couto, senior principal consultant for OT Cyber Security at NeXT Autonomous (APAC/EMEA), Worley Consulting

Secondly, Couto added that “exposure and the chance to submit my views and interpretation of OT Cyber Security practical ideas to a qualified audience. As a professional and researcher, it is important to me to share my knowledge so others can give feedback on their perspective on my way to analyzing and understanding the challenges of our industry.”

CS4CA APAC Justin Nga, a cybersecurity manager at CitiPower/Powercor/United Energy
Justin Nga, a cybersecurity manager at CitiPower/Powercor/United Energy

“I used to attend these events regularly throughout APAC pre-covid lockdown,” according to Justin Nga, a cybersecurity manager at CitiPower/Powercor/United Energy. “ I am looking forward to reconnecting with my peers throughout the region and sharing our experiences after a hiatus of several years.”

Dive into a key OT/ICS sector aspect for 2024

Addressing one aspect or trend within the OT/ICS sector that the executives find particularly intriguing this year, Ferri pointed to the cloud. “There is a strong push to move from on-prem and datacentre to the cloud and I have seen Vendors already proposing SCADA and virtual PLCs that could be deployed on the cloud. I believe we need to embrace new technologies, improve and evolve, but we also need to be careful in evaluating the right strategy for the manufacturing environment and mission-critical assets.” 

He added that data management and regulatory requirements (especially in the pharmaceutical world) are some of the key aspects to take into consideration as well as the potential additional cyber security risks of establishing connections between OT assets and third-party clouds.

Couto raised IIoT devices connected to cloud providers.

“Most, if not all, of the IIoT devices used in OT infrastructures are for sensor purposes, which means they should be identified as Level 0 if you place them in the Purdue model. Further, the sensor signal should be delivered to Level 1 for treatment by PLCs/RTUs/DCSs,” Couto detailed. “Therefore, how will information from external clouds traverse all the IT/OT infrastructure to reach the bottom level and not leave a massive threat landscape?” 

“I say this because you can disrupt the OT infrastructure operations if you get hold of such an IIoT device and change its behavior. Further, traffic should be only from OT to IT, and IIoT in clouds force the other way around,” according to Couto. “I am intrigued and keen to learn the best, not to say the secure way to get this sorted. IIoT devices are connected to clouds and reach Level 0 of OT infrastructures.”

Nga told Industrial Cyber that OT/ICS vendors are increasingly being targeted in cyber attacks, “an indicator that threat actors have started to focus on these targets with the end in mind of impacting users via supply chain attack vectors.”

Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
MITRE's CREF Navigator aligns with DoD's CMMC to boost cyber resilience in defense industrial base
MITRE’s CREF Navigator aligns with DoD’s CMMC to boost cyber resilience in defense industrial base
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
ASIS Foundation reports on impact of autonomous vehicles on security and technology
ASIS Foundation reports on impact of autonomous vehicles on security and technology
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
RMC
Risk Mitigation Consulting acquires Securicon, boosting cybersecurity and mission assurance offerings
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation