Event Agenda

• What essential elements should be included in an effective OT incident response playbook?
• What actionable lessons can we draw from past cyber attacks to strengthen our incident response processes?
• What are the key points of recovery readiness that should be achieved in order to restore operations within a reasonable time frame?
.
– Moderator: David Ruzicka, OT Security Director, Clarios
– Alex Bermudez, Sr. Director, Cyber Security Operations & Design (IT/OT), Onsemi
– Massimo Nardone, VP, OT Security, SSH Communications Security
– Debbie Lay, Principal Solutions Engineer, TXOne Networks
– Ray Baeza, Sr. OT Cyber Incident Responder, Public Sector Utility
.

Open Q&A and discussion on the topics explored in the above panel.
.

The modern industrial threat landscape demands a shift from prevention-centric to consequence-focused cybersecurity, emphasizing resilience against attacks with physical and operational impacts. This session introduces four strategies to minimize the effects of breaches: all-vector cybersecurity for IT and OT integration, process safety alignment for risk mitigation, holistic system optimization to close gaps, and operational data meshing for actionable insights. Learn how to safeguard critical infrastructure through proactive, adaptive approaches.
.
– Anirban “Sunny” Ghosh, Industrial Cybersecurity Consultant, Black & Veatch
.

• What are the key considerations when designing a security program that encompasses both IT and OT? What does an ideal technology stack look like?
• What does an organizational structure look like that fosters collaboration between IT and OT domains?
• What are the best practices for transitioning from specialized OT applications to fully integrated enterprise security solutions?
.
– Moderator: John Ballentine, ICS Cybersecurity Program Lead, Port Authority of New York and New Jersey
– Michael Robb, OT/ICS Cybersecurity Lead – Principal Security Architect, Bayer
– Ellen Boehm, SVP, IoT Strategies & Operations, Keyfactor
– Erik Anderson, OT Specialist, Systems Engineering, Fortinet
– Alex Bermudez, Sr. Director, Cyber Security Operations & Design (IT/OT), Onsemi
.

Open Q&A and discussion on the topics explored in the above panel.
.

• Managing identities from enterprise and security enclaves
• Managing moves, adds, changes, and deletions
• Advancing beyond scanning to achieve full identity visibility
.
– Marc Moring, Regional Director, XONA Systems
.

IT and OT are on a collision course—unless we redefine how we secure and manage these environments together. OT sites often resist IT-led models that fail to account for legacy infrastructure, third-party workflows, or the critical need for uptime. Meanwhile, IT teams struggle to enforce security standards without overstepping or introducing new operational risks. In this session, we’ll outline a blueprint for secure IT/OT convergence that empowers both sides. Learn how to implement decentralized Secure Remote Access, identity-based access control, and policy governance that align with real-world industrial use cases—without compromising on visibility or security.
.
– Josh Martin, Senior Solutions Architect, Cyolo
.

• How can we effectively architect network infrastructures to ensure robust separation between OT and IoT environments?
• What security controls are essential at these junctures?
• What challenges have you encountered in developing resilient OT security architectures, and what lessons learned can you share from these experiences?
• In the journey towards implementing Zero Trust in OT environments, what practical steps can facilitate this process?
.
– Moderator: Ismail Saifudin, OT Security Lead, Rogers Corporation
– Dusty Brooks, OT Manager, Global Information Security, Crane Company
– Prashant Prashant, Senior Cybersecurity Advisor, Enbridge
– Cara Walls, North America ISO, BlueScope
– Ashish Agarwal , Director, IT Digital Transformation office and Program Delivery, TAKKT AG
.

Open Q&A and discussion on the topics explored in the above panel.
.

During this session, Erik Anderson will discuss the cybersecurity evolution taking place in OT, centered on a holistic approach to layered networking and security controls, and influenced by zero trust principles to achieve a defensible network architecture for legacy and modern cyber-physical environments.
.
– Erik Anderson, OT Specialist, Systems Engineering, Fortinet
.

Discover how best to use Cyber Threat Intelligence (CTI) to develop an organization’s specific OT cybersecurity threat assessment and how to leverage that assessment for better defense outcomes. Through this interactive workshop, gain insights into successfully consuming, evaluating, and operationalizing threat intelligence in your OT cybersecurity program and operations. Walk away with the processes and lessons on how to successfully perform these activities for your organization.
.
– Markus Mueller , Director of Cybersecurity, Powin
.

T1: Beyond Firewalls: Microsegmentation for Securing Critical Infrastructure
– Dana Yanch, Technical Director, Elisity
.
T2: The Secret to Proactive Cyber-Physical Systems Network Protection
– Kristy Sabio, Solutions Engineer, Claroty
.
T3: Information Sharing: Common Attack Paths and Methods Used to Access and Exploit OT Environments
– Andrew Fife, Co-Founder, Keystrike
.

The growing integration of IT and OT systems in industrial settings brings greater efficiency and connectivity—but it also introduces new vulnerabilities, especially when it comes to remote access to critical infrastructure. Traditional models often struggle to keep up with the demands of these complex environments, particularly when third parties are involved. That’s why secure, dynamic access management is becoming increasingly important, along with data protection strategies that can stand up to emerging threats. This talk will include practical examples that show how to effectively tackle these challenges and strengthen the resilience of industrial architectures.
.
– Massimo Nardone, VP, OT Security, SSH Communications Security
.

• How did your organization navigate identifying and mitigating risks tied to remote access for internal teams and third-party vendors?
• What strategies and tools did you use to achieve enhanced visibility and control over remote access, in terms of tools, policies, and workflows?
• What practical lessons, including successes, pitfalls, and actionable takeaways, can other organizations learn from your efforts to address remote access risks effectively?
.
– Moderator: Ismail Saifudin, OT Security Lead, Rogers Corporation
– Scott Clayton, Sr. Manager, Manufacturing OT Security, Lucid Motors
– Prashant Prashant, Senior Cybersecurity Advisor, Enbridge
– Markus Mueller , Director of Cybersecurity, Powin
– Duane Flinchum , Principal Automation OT Cybersecurity Specialist, Global, Vantage Data Centers
– Jeffrey Cady, Information Security Manager, Rogers Corporation
.

Open Q&A and discussion on the topics explored in the above panel.
.