Join us at the 17th Annual API Cybersecurity Conference & Expo and discover methods for thwarting the bad guys, what the scene looks like over the horizon and how the latest technologies can help you counter cyber espionage, address cyber warfare, and make your cyber efforts secure.
The API Cybersecurity Conference has been an annual event since 2006.
For 17 years it has been the only cybersecurity conference dedicated to the oil and natural gas industry and has a loyal and dedicated attendee base. It is also volunteer-driven, both at the planning committee and speaker level. We consistently produce a compelling conference program, with a focus on safety, best practices, and innovation. In addition, the conference provides an opportunity for attendees to earn CPEs (Continuing Professional Education), maintaining their certifications and required hours. Finally, the conference provides the opportunity for networking and idea exchange, with our dedicated sponsors and exhibitors sharing their latest products and services.
Managing Emerging Regulatory Requirements Such as TSA for Pipelines
Speaker: Rick Kaun
Shifting regulatory requirements can cause significant challenges if not managed effectively. New cyber security standards (such as TSA for pipelines) try to apply IT-like cyber security into the OT realm. Many will argue this is not possible or practical, but the reality is that the trend is headed in this direction. Industrial organizations need to find ways to apply these IT-like security functions in a way that is safe and practical for OT while still satisfying the requirements.
We have seen the challenges of addressing these more “prescriptive” cyber security requirements and understand how easy it is to become overwhelmed by the processes, complexity, and inefficiencies of this change. However, we remain confident and encouraged in managing cyber security regulations by the many organizations that successfully adapt and create efficient means to secure their environments and achieve effective compliance with regulatory requirements.
This session shares how to manage prescriptive and auditable regulations in OT environments based on 25+ years of experience. During this session you will gain:
- Learnings from the NA power industry on how to improve cyber security while addressing regulatory prescriptions (as seen with NERC CIP)
- An understanding of how to build a clear roadmap and programmatic approach with an end goal or state in mind
- Create a “think global; act local” approach by automating endpoint actions without causing OT risk