Agenda

In recent years, several Middle Eastern nations, most notably the UAE and Saudi Arabia, have made substantial progress on their paths towards digital transformation. These nations are now placing a high priority on cybersecurity as an enabler for a digital revolution. Nevertheless, with further innovations for our OT/ ICS Systems – new challenges are brought to securing them. Meanwhile, the threat of ransomware and other forms of digital attack are ever-present. This session will explore how we can effectively defend against these threats. It will ask:
.
● What Threats Do Our OT/ICS Systems face now and moving forward?
● How can we build a good cyber strategy to defend against these threats? How can we execute it in the right way?
● Where can we increase awareness internally to mitigate the known risks and new cyber threats?
● What should be necessities in our plans to ensure cyber resilience moving forward?
● What new technologies can we implement to mitigate against cyber threats? Are new technologies necessary?
● How can we ensure our people are trained, processes are in place and technology is secured to mitigate against threats?
.
– Moderator: Yaser Aljohani, Cybersecurity Defense Center Manager, Jeddah Airport
– Faisal Humaid, CISO, ACWA Power
– Asma Habeeb, Cyber Defense Specialist, Petroleum Development Oman
– Osamah Al-Farden, Senior Regional Cybersecurity Engineer, Nozomi Networks
– Dr. Anurag Thantharate, Product GTM & Strategy – IoT/OT and 5G, Palo Alto Networks

As operational technology converges with IT, cybersecurity leaders face escalating threats. Legacy OT devices lack security, while remote access and 5G introduce new attack surfaces. Securing converged environments requires cyber strategies tailored specifically for IT/OT. Asset visibility, micro-segmentation, least privilege access, and AI-powered Zero Trust provide the adaptive security needed. By continually validating connections, Zero Trust eliminates implicit trust gaps across users, devices, and networks. Integrated with segmentation and advanced threat prevention, Zero Trust enables secure operations for converged IT/OT and 5G. Join this discussion to equip your organisation with leading practices to secure critical infrastructure despite increased connectivity and complexity.
.
– Dr. Anurag Thantharate, Product GTM & Strategy – IoT/OT and 5G, Palo Alto Networks

When ensuring our systems remain secure, humans are considered to be the weakest link in the security chain. Historically, organisations provided computer-based training and certifications to employees – nevertheless, this has proven inadequate to deal with today’s threat landscape. In Saudi Arabia, to address such the NCA is working on encouraging entrepreneurship and an aim of training more employees of national authorities. Nevertheless, a talent shortage remains, which is necessary to address moving forward. This session will therefore explore:
.
● How can we best improve training internally and education externally in order to protect the future of our critical assets?
● Where can Academia and Industry work together in order to close gaps between education and the issues facing our OT Systems today?
● How can we reduce the risk of human error through appropriate training programmes?
● Should we be training IT professionals into adapting to OT Systems; or OT Professionals in new IT Skills? Or Both?
● Where can training and education help us internally to increase awareness and ensure our systems remain secure?
.
– Adeel Agha, Senior Analyst, Cyber Security & Compliance, Al Ittefaq Steel Production Co.

In this session, OPSWAT will delve into the vital role of Critical Infrastructure Protection (CIP) in fortifying the Kingdom of Saudi Arabia against the relentless evolution of cyber warfare threats. Attendees will gain insights into the challenges and strategies for defending against cyberattacks and securing vital infrastructure while discovering the means to ensure national security in this digital age. This session emphasizes the ever-shifting cyber threat landscape and the critical significance of robust CIP measures.Moreover, OPSWAT will spotlight its unified platform, offering a cohesive defense against cyber-attacks, further enhancing the kingdom’s cybersecurity posture. This integration aligns with the vision set forth in Saudi Vision 2030, ensuring the nation’s digital resilience and security as it progresses into the future.
.
– Sertan Selcuk, Vice President of METAP & CIS, OPSWAT

The topic is a concise exploration of the persistent hurdles and solutions within Operational Technology (OT) security. It delves into the unique obstacles faced in safeguarding critical industrial infrastructure. The session provides a valuable perspective for professionals seeking to conquer the challenges inherent in OT security, offering pragmatic guidance for success in this ever-evolving field.
.
– Khaled Aljaber, Regional Sales Engineer, TXOne Networks

Discover the strategic steps to cultivate a cybersecurity culture within OT environments. Examine the nuances of OT workforce understanding, the leadership’s role in fostering culture, and the development of targeted training programs. Uncover ways to promote continuous improvement, measure and monitor progress, and establish a robust cybersecurity culture. Elevate your organisation’s security posture by embedding a culture of cyber resilience into your OT operations.
.
– Kunal Shah, Founder, Beacon Security

The National Cybersecurity Authority (NCA) in Saudi Arabia are responsible for developing cybersecurity policies, governance mechanisms, frameworks, standards, and guidelines for Critical Infrastructure. They monitor compliance and address cybersecurity risks in the rapidly evolving Industrial Control Systems (ICS) environment. The Operational Technology Cybersecurity Controls (OTCC-1:2022) has been developed to enhance protection and readiness for cybersecurity risks. This session will explore:
.
● How a company has adapted its processes to ensure good cyber hygiene through their business processes
● The significance of these controls in ensuring our critical infrastructure remains protected
● What lessons can be learned throughout the Middle East based on these Saudi-centric controls
.
– Mohammed Abdulrahman Alfadli​, Manager, OT Cybersecurity, Saudi Arabian Mining Company (Maaden)

Industrial control systems (ICS) are critical to the operation of many essential services, including power grids, water treatment plants, and transportation systems. These systems are often connected to the enterprise, which opens the door for potential cyber-attacks. In ICS environments, access equals control, with exposed remote services being one of the most common attack vectors. Remote services are software applications that allow users to connect to an ICS from a remote location. These services can be used for various purposes, such as troubleshooting, maintenance, and updates. However, if these services are not properly understood or secured, attackers can use them to gain unauthorised access to ICS systems. In this presentation, we will explore with the audience a deeper understanding of the attack surface challenge for industrial environments, how to identify remote services exposures, and recommendations on how to gain control of your remote logical access.
.
– Adam Gurney, Systems Engineer, Xona Systems

Cyber attacks have been named as one of the top risks faced to Saudi Arabia’s economy, on a par with natural disasters and physical attacks. Last year, 54 percent of companies in the Kingdom experienced a security event that impacted business. New Research suggests that corporate boards are waking up to the realisation that cyber risk is business risk. Nevertheless, often with ensuring the safety of our systems, a strategy to make the business case to our CEO’s is required. This session will explore how we can best ensure cyber security on the business side through prioritising risk management and awareness. It will explore:
.
● What can be done to implement a good cyber security culture from board level down throughout our organisation
● How we can best communicate our cyber security programmes with board level executives to gain the investment required
● The significance of us making the ‘business case’ in ensuring our assets remain secure
.
–Mohammed Alabbadi, Global CISO, Fertiglobe

Embark on a captivating exploration of the intricate and dynamic world of cyber security in this presentation. We delve into the transformative journey undertaken to build an award winning Security Operations Capability We will unravel the key strategies, challenges, innovative approaches, and lessons learned from the front lines.
.
• Discover the key challenges of developing a large national Security Operations Capability and how those challenges were overcome
• Uncover the importance of building the correct team structure and building a process for continuous improvement
• Understand the path to achieving the gold standard of Security Operations
.
– Mustafa Sadiq, Head Of Security Operations, Health New Zealand

As the relationship between IT and OT has become ever-closer – new challenges have opened up in the cyber realm. This session will discuss how we can overcome these issues opened up due to the convergence of enterprise and OT systems. It will also explore what we can do to overcome these challenges facing our businesses. This session will ultimately answer:
.
● How we can manage increased risk caused due convergence through a robust security strategy.
● How new standards and regulations support our cyber strategies through convergence.
● Where we can overcome cultural differences between IT-OT professionals to ensure our systems remain secure.
● How we can ensure effective communication internally to beat significant challenges within our strategies
.
– Abdullah Alshahrani, Cybersecurity Risk Manager, MoT
– Mohammed Alabbadi, Global CISO, Fertiglobe

As 2023 comes to a close, this year has seen senior management through the Middle East prioritise cybersecurity through allocating more budget and resources to address the growing cyber risks. A key approach to address these risks is through applying regulatory frameworks and cyber security standards to our OT Cyber strategies, whilst enforcing penalties for non-compliance, to enforce positive cybersecurity behaviours. This session will explore the increasing threat landscape facing organisations throughout the Middle East and how standards and regulations can be utilised to create appropriate Cybersecurity Frameworks. It will also ask:
.
● What controls and standards can be implemented internally to both mitigate against risk and ensure compliance to our cyber security strategies?
● Where can we internally implement change to overcome challenges experienced through our IT-OT convergence?
● How can we adapt to new regulations throughout the region, such as the new OTCC requirements? Will this help or hinder our cyber strategies?
● Since the adoption of AI and ChatGPT, how is this disrupting our internal processes? Are standards and regulations necessary here?
● Where can NIST cyber security frameworks such as NIST CSF, ISO27001 and standards like ISA IEC62443 and ISO27001 be best applied to our cyber security strategies to ensure our assets remain secure?
● What are the security Threats or Challenges to IT / OT Convergence?
● Can We Still Use the Purdue Model to build defendable architectures?
.
– Moderator: Sue McCauley, Internal Audit – Technology & Data Director, Cyber & Resilience, NEOM
– Abdul Hafeez, Head IT & CyberSecurity, Confidential
– Christy Thomas, Senior Cyber Security Engineer & Advisor, Kuwait Integrated Petrochemical Industries Company
– Mohamed Abdur Rahman, Associate Professor, University of Prince Mugrin
– Ahmed Al Saleh, OT Cybersecurity Lead, Saudi Aramco

As the end of 2023 approaches, the rising incidence of supply chain issues will become critical to our infrastructure’s security. Currently, 62% of system intrusion incidents stem from an organization’s supply chain – emphasising the risk cyber threats to our businesses have for our supply chains. Meanwhile, an increase in cyber attacks will likely come in the form of supply chain attacks as malicious actors seek to do their worst before they get caught. This session will:
.
● How can we best assess risk to mitigate against cyber threats to our OT Systems?
● Why are supply chains becoming an increasingly prominent vector of attack?
● How can standardising a third-party risk management program across all supply chain participants can help protect against risk?
● What can be done to strengthen the regulatory framework in order to protect our supply chains?
● Where can we implement provocative policies to protect our supply chains from cyber attacks in 2024 and beyond?
.
– Paul Barnes, Head of Operations & Engagement, Confidential

Cyber resilience is the ability of an organisation to protect itself from, detect, respond to and recover from cyber attacks. During this session, we will explore whether your organisation is prepared for a cyber attack through looking at what a good Incident Response programme looks like. It will explore how a critical infrastructure business has ensured resilience through planning against cyber security challenges to ensure their systems remain secure. It will also look at what internal procedures can be implemented to ensure we are ready for an attack. This session will therefore discuss:
.
● What can be done on the road ahead to ensure our infrastructure remains secure? Where can backups and recovery, Forensic testing and other techniques be utilised?
● How to implement a good incident response plan to ensure readiness for a potential cyber attack?
● What policies and standards can be implemented to ensure we are best prepared for an attack?
● How can we measure and assess success in securing our OT/ICS Systems to ensure that we are prepared for a future cyber attack?
.
– Sue McCauley, Internal Audit – Technology & Data Director, Cyber & Resilience, NEOM

The functions of Security Operations Centres (SOCs) can vary greatly, although the majority of them are tasked with identifying and retaliating against cyberattacks. However, more and more businesses are utilising a converged SOC for their IT and OT Systems. Although preventing assaults is the main objective of cyber security, this is not always possible. A SOC’s job is to stop cyberattacks that successfully get past your preventative security measures by identifying them and taking appropriate action. This session will look at an End User’s example to explore how we can build a fully functional SOC within our organisation. It will explore:
.
● How can we implement an Operating Mode that should be taken into account while creating a SOC?
● Where can we utilise threat intelligence within a SOC and overcome challenges associated with it
● Where can Incident Response and Management be utilised within a SOC to ensure our systems remain safe?
● What benefits a SOC has brought in fighting of cyber attacks from an end user perspective
.
– Yaser Aljohani, Cybersecurity Defense Center Manager, Jeddah Airport

Operation Technology “OT” & Industrial Control Systems “ICS” which are the core of industrial facilities depend heavily on Common of the shelve “COTS” hardware and Software normally used in IT domain which makes them more exposed to common cybersecurity risks that might hinder their cybersecurity and safety. This presentation/paper explores cybersecurity challenges in using COTS Operating system “OS” in OT/ICS and reviews several solutions suggested by other researchers. The presentation also recommends customising a secure OS specific for OT/ICS applications to mitigate the cybersecurity challenges of COTS OS. Finally, the paper/presentation evaluates the proposed OS and sets the future plan to proceed with OS customization proposal.
.
– Ahmed Al Saleh, OT Cybersecurity Lead, Saudi Aramco

Legacy Systems are critical to day-to-day operations nevertheless are often based on outdated technologies. Nevertheless, since the Covid-19 Pandemic, the need to upgrade these systems so we can access them remotely has increased, often to significant cost to our businesses. When upgrading these systems, it is imperative that cyber risk is at the forefront of our strategies. Subsequently, this session will discuss:
.
● How third party risk management can be utilised when upgrading our legacy systems
● How we can ensure value for our investments and manage against risk
● What can be done to ensure staff are trained to mitigate against risks with legacy systems being moved online.
● Why good governance is necessary when upgrading our legacy systems
.
– Mohamed Abdur Rahman, Associate Professor, University of Prince Mugrin

When handling incident response, eDiscovery, employee misconduct, and other enterprise investigations, you need to be able to simplify the process and ensure that you’re able to act in a timely manner. Find out how you can make it easier to perform remote acquisitions as well as collect & analyse evidence from computers, the Cloud, and mobile devices in this special presentation.
.
– Rhys Tooby, Director, Solutions Consultants, Magnet Forensics

The battle against cyber-attacks has reached a critical turning point, as AI vulnerabilities emerge as a looming threat within the supply chain, and to our organisations in general. Despite this, 64% of respondents in Saudi Arabia have cited threat prevention as the top benefit of increasing investment in new innovations such as AI, machine learning, cloud computing, IoT, drones and intelligent robots. This session will consequently explore whether these new technologies will do more to help our cyber security strategies, or hinder them. It will ask:
.
● Are new AI-based technologies a necessity for our cyber security strategies? Or do we need to focus on improving our approaches more on the managerial side?
● Will AI be beneficial for our cyber security strategies? Or will it rather hinder our approaches? How helpful will AI be for automation?
● Should we be focusing on protecting our assets through existing technologies rather than investing in new shiny ‘toys’ on the market?
● How will learning language models like GPT-4 and others can be implemented to improve cyber security in the OT space? Or will they rather create more challenges than solutions?
● Where can other new technologies such as quantum computing be used to protect our assets moving forward? Or will this be a hindrance?
.
– Abdul Hafeez, Head IT & Cybersecurity, Confidential

As we invest into our digital transformation efforts, the relationship between IT and OT has become ever-closer. Like any infrastructure expansion however, benefits come with risk, meanwhile, significant gaps have opened up through communication challenges and cultural differences. This session will delve deeper into how, despite this convergence, what problems still remain and what we can do to overcome these challenges facing our businesses. This session will also analyse:
.
● The importance of cyber security in OT environments
● How we can manage increased risk caused due to convergence through a robust security strategy
● What can be done to ensure awareness of threats in both IT & OT environments?
● Explore what values these best practices can add to overcome mindset differences in your organisation
● The differences in necessary processes compared to conventional IT systems, and where OT systems require a specific security approach
.
– Gopinath Kishorekumar, Senior Information Security Officer, Petroleum Development Oman

As public networks become increasingly interconnected with the Industrial Internet of Things (IIoT), which plays a vital role in our critical infrastructure, it creates new opportunities for cybercriminals and state-sponsored Advanced Persistent Threat (APT) actors. The vast number of Internet-connected IIoT devices, such as those monitoring and controlling pipelines, turbines, smart grids, smart transport systems, and more, results in a large and complex attack surface that requires continuous monitoring and protection. It is imperative to swiftly detect and address any incidents with minimal service disruption. However, since 90% of IIoT vulnerabilities do not increase organisational risk, identifying and focusing on the 10% of vulnerabilities that render our critical infrastructure vulnerable is critical. This presentation will explore why conventional cyber security defence mechanisms such as patching and password management are ineffective in safeguarding IoT systems and why cyber threat hunting is the most effective detection and deterrence strategy.
.
– Dr. Ali Dehghantanha, Canada Research Chair in Cyber Security and Threat Intelligence, University of Guelph