- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Summit Series
- SANS Partnership Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- List of Resources
- Top 20 List
- Top 25 Programming Errors
- Top 10 Security Trends
- Top 5 Essential Log Reports
- Reading Room
- Webcasts
- WhatWorks
- Newsletters
- RSS Feeds
- Calendar Feeds
- Projects
- Security Policy Project
- Security+ Study Guide
- S.C.O.R.E.
- Awards & Recognitions
- SANS Buyers Guide
- Security Tool Demos
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
select a course
Amsterdam, Netherlands - September 8 - 11, 2008
- Event Location & Info
- General Info
- Faculty
- Vendor Expo
- Vendor Events
- Special Events
- SANS @Night
- Brochure (PDF)
SANS never fails to provide top level training that is worth every penny.
-Tyler Hudak, Yellow Roadway Tech
About
SANS WhatWorks Summit Series
The SANS WhatWorks Summit Series brings together the thought leaders of the industry...
>> Read More
The 2008 European Community SCADA and Process Control Summit
Table of Contents
- Where and When
- Key Questions to Be Addressed At the Summit
- Who Should Attend
- Organizing Committee
- Summit Agenda
- Register Today
- Post-Summit Courses
Where and When
The Summit will be held at the Renaissance Hotel in Amsterdam on September 8 and 9 with additional post-Summit courses scheduled on September 10 and 11 in the same hotel.
Key Questions to Be Addressed At the Summit
- What is the actual threat picture for control systems users today? Who are the attackers? What have they already done? What can they do?
- Exactly how do attackers penetrate the defenses that have been established by most control system users?
- What additional categories of threat (natural disasters, telecommunications failure, human error, etc.) must control systems engineers defend against? How do those threats alter requirements for defense in depth?
- What techniques are the most advanced control systems users implementing to mitigate the threats? How are they implementing defense in depth?
- What are the principal vulnerabilities in control systems and how should they be prioritized for mitigation?
- What are the most effective methods of testing security of control systems?
- What are the most promising ways to ensure top management support for cyber security improvements?
- Beyond the basics, what are the more sophisticated techniques being used to secure control systems in specific industries?
Additional Questions
- What commercial security tools are valuable for improving security of control systems? (through sponsored breakfasts and evening demonstrations)?
- Which control system vendors have made the most progress on implementing the new standards for secure configuration of their products?
- Which SCADA security research projects have shown useful results? How can asset owners put those findings to work?
- What tools have governments developed that makes security of control systems more effective and efficient?
Who Should Attend?
The Summit brings together engineers and managers from both control systems and information security and IT. Most of the audience will be from utilities, oil & gas, pipeline, water, pipeline companies, and other utilities. Those organizations will get the most out of the Summit if they bring a team composed of both control systems and information security people because then the Summit will help enable them to speak a common language, understand the other sideÕs issues and work together to protect their organizations.
A smaller fraction of the audience will be from control system vendors, security product vendors and penetration testing organizations, from government agencies that oversee critical infrastructure, and from researchers who are trying to create new technologies to improve cyber security of control systems.
The Organizing Committee
- Ciaran Osborn, Center for the Protection of National Infrastructure (CPNI) in the United Kingdom
- Ake Holmgren, Swedish Emergency Management Agency (SEMA) in Sweden
- Stefan Lueders, European Organization for Nuclear Research (CERN) in Switzerland
- Annemarie Zielstra, National Infrastructure Against Cybercrime (NICC) in the Netherlands
- Gitte Bergknut, E.ON
- Paul Dorey, BP (invited)
- Marcelo Masera, European Community
- Sheridan Morris, Center for the Protection of National Infrastructure (CPNI) in the United Kingdom
- Hans Honecker, Federal Office for Information Security (BSI) in Germany
- Marc Tritschler, KEMA
- Michael Assante, Rita Wells, and Gary Finco of Idaho National Laboratories
- Seán Paul McGurk, US Department of Homeland Security
- Hank Kenchington, US Department of Energy, US
- Will Pelgrin, New York State Cybersecurity Office and the Multi-State Information Sharing and Analysis Center
- Alan Paller, SANS Institute
Post-Summit Courses
- Control Systems Cyber Security Training
- Introduction to Control Systems Security for the IT Professional
- a one-day class offered on both September 10 and September 11 - Intermediate Control Systems Security
- a one-day class offered on both September 10 and September 11 - September 10-11, 2008
- Pre-registration required
How Good Are SANS Summits?
Here's more from people who attended the last Summit:
Great Summit! It gave the Who, the What, the Hows and the Nots from real-life experiences.
- Rolo Guzman, HessThis Summit provides an excellent means to stay informed on what is available today; and what the current and emerging issues are.
- Yong Choe, SAICExcellent presentations of practical experiences.
- Rich Lansing, Bloomberg