27 de marzo – 16:30-17:30
Sala Valle Inclán
Reducing and monetizing cybersecurity risk in industry: Equalizing cybersecurity with safety functional failures in MES systems
The session will focus on the impact on industrial KPIs the lack of cybersecurity mechanisms might produce, by matching the following security attributes with the following categories:
Integrity: impacting on performance and quality categories (this implies both industrial machine and manufacturing network integrity)
Availability: impacting on availability category (this implies both machine inherent availability and PRM (Plant Resource Management))
Confidentiality: impacting on espionage and industrial/intellectual property
The conclusion of the idea is to establish a direct impact relation by defining cost losses, mitigation strategies for KPI (i.e OEE) cybersecurity impact, and different interpretations of the KPI’s. The other conclusion is to understand how we need to equalize cybersecurity with safety functional failures, traditionally been considered for MES systems excluding cybersecurity from these failures origins.
Iñaki Eguia is has been the first director of a private Industrial SOC/CERT in Spain. He is a great connoisseur of providing SOC services to critical infrastructures and large industry. He is also GCISP certified (profession in industrial cybersecurity) and has audited dozens of industrial organizations and critical infrastructures in the last 15 years.
Iñaki Eguia was one of the first smartgrid specific cybersecurity training provider in Europe in 2013. He has been professor of the master’s degree in cybersecurity at the University of Deusto; active member of the cybersecurity standardization group for smartgrid cybersecurity at ETSI/CENELEC and advisor to INCIBE/CNPIC (Spanish Government) in the area of industrial cybersecurity.
Iñaki is currently developing the cybersecurity business in RKL, developing specific methodologies and tools for convergent risk analysis (ISO31000) that bring together cybersecurity in the most efficient way that can be used in Critical Infrastructures and industrial companies.