Secure RailSessions

JUMP TO:

Wednesday's Sessions   Thursday's Sessions   Speakers

Secure Rail

2019 Schedule

We are currently compiling the 2019 schedule. Please check back regularly to view new sessions that have been added.

Wednesday May 1
8:30 AM – 9:45 AM

State of Security in the Rail Industry

Arrow

This opening panel will set the table for Secure Rail 2019. Join in on the discussion as we cover the current state of the industry as it relates to security. Let’s ask ourselves, ‘what’s working?’ and ‘what isn’t working?’… ‘what more can we do?’ We will also look toward the future of rail security and highlight trends and themes.

Presented by:

John Walsh, AVP Safety & Security Genesee & Wyoming Railroad Services, Inc.

Thomas Farmer, Assistant Vice President - Security Association of American Railroads (AAR)

Jonathan Lamb, Freight Rail Industry Engagement Manager TSA - Policy, Plans, and Engagement

Learning Objectives:

1. Analyze the state of the industry
2. Highlight rail security trends and themes
3. Discuss future security industry trends

 Audience:

CEU:

0.1

View session: State of Security in the Rail Industry

9:45 AM – 10:30 AM

Wednesday Morning Networking Break and Exhibits

Arrow

Presented by:

TBA ,

Learning Objectives:

 Audience:

CEU:

0.1

View session: Wednesday Morning Networking Break and Exhibits

10:30 AM – 11:00 AM

Passenger Screening at LA Metro

Arrow

Threats and risks have become increasingly present in transit agencies. In an effort to combat these threats, LA Metro and TSA partnered to implement new, advanced passenger screening technology to help detect weapons and other security threats. This session will discuss the successful implementation of new screening technology in addition to best practices for undertaking such a project, considerations prior to implementation and the results.

Presented by:

Aston Greene, Deputy Chief System Security & Law Enforcement Officer LA Metro

Learning Objectives:

1. Discuss the new, advanced passenger screening technology at LA Metro
2. Identify best practices, considerations and results of implementing and undertaking a new, security screening project
3. Review best practices for protecting passengers, employees and equipment
4. Analyze best approaches to assessing and managing risk

 Audience:

CEU:

0.1

View session: Passenger Screening at LA Metro

11:00 AM – 11:30 AM

Lessons Learned from Other Sectors

Arrow

Cyber has been a key issue across both private and public sector for many years; decades for some. With cyber attacks increasing and becoming more destructive and dramatic, no entity wants to appear to be the ‘weakest gazelle in the pack.’ Each sector has learned lessons, innovated, and deployed increasingly resilient approaches to cyber defense and cyber risk management. Drawing from their many years of experience with the US Air Force and financial sector, Jim Cummings and Paul Mee will share their perspectives on cross industry best practices, the requirements to achieve these, and the outlook for cyber resiliency.

Presented by:

James Cummings, Sr. Advisor Cyber Risk Management Oliver Wyman

Paul Mee, Head of Cyber Practice Oliver Wyman

Learning Objectives:

1. Discuss sense of urgency - cyber attacks are increasing and becoming more destructive 2. Examine customer impact - no entity wants to be perceived as a cyber risk
3. Idenitfy lessons learned - overview of mistakes and innovations across different industries
4. Highlight trends - outlook for cyber resiliency

 Audience:

CEU:

0.1

View session: Lessons Learned from Other Sectors

11:30 AM – 1:00 PM

Wednesday Lunch and Exhibits

Arrow

Presented by:

TBA ,

Learning Objectives:

 Audience:

CEU:

0.1

View session: Wednesday Lunch and Exhibits

1:00 PM – 1:30 PM

Back to Basics with Physical Security

Arrow

Today we tend to think outside the box, looking to reinvent the wheel when addressing physical security in the rail realm. However, with increased budget restrictions and decreased funding for high-tech options, there is an opportunity to look back in the box, where there are low-cost physical security options that get the job done and get it done well. This session offers examples and success stories of getting back to basics with physical security.

Presented by:

John Walsh, AVP Safety & Security Genesee & Wyoming Railroad Services, Inc.

Learning Objectives:

1. Identify effective, low-cost physical security options
2. Analyze the impact of decreased security funding on a rail organization
3. Give examples of how going back to the basics for physical security has proven to be successful
4. Present alternatives to high-cost technology options

 Audience:

CEU:

0.1

View session: Back to Basics with Physical Security

1:30 PM – 2:00 PM

Protecting Rail Industry Operations with Application Security

Arrow

Web-based applications are a prime vector of attack for malicious actors. Organizations have seen their own applications turned against them as attackers exploit vulnerabilities in custom code and commonly used open source frameworks. In 2015, a global shipping company had bills of lading exfiltrated from its homegrown Content Management System by pirates, used later to attack ocean-going vessels.

This session will explore several common web-based application attacks, review tools that scan for vulnerabilities, and discuss operational technologies that protect production applications. The session will round out its review of Railinc's defense-in-depth approach by discussing the importance of a Secure Software Development Lifecycle and risk assessments in protecting Railinc’s software as a service model.

Presented by:

Bill Dupre, Director of Security Railinc

Learning Objectives:

1. Understand the different attacks against web-based applications
2. Discuss Railinc's defense-in-depth approach to application security
3. Review technologies for scanning applications to help identify vulnerabilities — including those in open source libraries/frameworks — and operational technologies that protect production applications
4. Discuss the importance of application risk assessments in securing the software as a service model.

 Audience:

CEU:

0.1

View session: Protecting Rail Industry Operations with Application Security

2:00 PM – 2:30 PM

The Rail Industry’s Growing Attack Surface

Arrow

The World Economic Forum now rates a large-scale cybersecurity breach as one of the five most serious risks facing the world today. By 2021, the forum has predicted the global cost of cybersecurity breaches is expected to reach $6 trillion. Cyber threats are evolving and escalating at an alarming rate in asset-intensive industries like rail. As locomotives, railcars, and wayside monitoring devices are brought online as part of digital transformation, the rail industry’s attack surface is being extended past legacy DMZs, VPNs, firewalls, and other technologies that have been used to secure traditional enterprise applications. These technologies weren’t designed for rail’s widely dispersed and moving assets and the industry must rethink how it approaches cybersecurity. This session is an interactive discussion between cybersecurity experts Stephan Hundley, Director of Digital Risk & Security at TTX, and Rohit Pasam, CEO at Xaptum, to think through a hacker’s mindset and how rail companies can protect themselves by designing security systems based on field-proven counterintelligence tactics, situational awareness, and proactive attack surface monitoring. From this discussion, the audience will gain a better understanding of the cat-and-mouse game of hacking in this emerging world of connected assets.

Presented by:

Stephan Hundley, Director of Digital Risk & Security TTX

Rohit Pasam, CEO Xaptum

Learning Objectives:

1. Gain a better understanding of hacking in the world of connected assets.
2. Discuss a “Patch” Attack: Example of hacking patterns from a Tesla incident.
3. Identify a “Sleeper” Attack: Example of information snooping patterns (SuperMicro/Apple incident).
4. Analyze the “EMP” Attack: Example of GPS spoofing patterns (USS John S. McCain incident).

 Audience:

CEU:

0.1

View session: The Rail Industry’s Growing Attack Surface

2:30 PM – 3:15 PM

Wednesday Afternoon Networking Break and Exhibits

Arrow

Presented by:

TBA ,

Learning Objectives:

 Audience:

CEU:

0.1

View session: Wednesday Afternoon Networking Break and Exhibits

3:15 PM – 3:45 PM

Deconstructing Software Influenced Safety Control Processes: A View on 737 MAX 8 MCAS Failures and Lessons for the Rail Industry

Arrow

Jim Mckenney will speak on how software-integration into control processes is introducing uncertainty into traditional functional safety analysis techniques by promoting new failure modes into vital systems such as propulsion, power, navigation, steering, braking, doors and operator displays. He will use the recent failures of the 737 MAX 8 which killed 346 people as a common reference point to discuss hazards to vehicles including; airplanes, vessels, freight and passenger rail and heavy industry vehicles. He will discuss new methods to better identify functional failure modes that take into account cyber threats and vulnerabilities.

Presented by:

Jim McKenney, Technical Director NCC Group

Learning Objectives:

 Audience:

CEU:

0.1

View session: Deconstructing Software Influenced Safety Control Processes: A View on 737 MAX 8 MCAS Failures and Lessons for the Rail Industry

3:45 PM – 4:15 PM

Securing the OT Environment

Arrow

Convergence of IT into OT environments has unique challenges that make managing and securing an ICS more difficult. This is due to greater technical complexity, expanded risks and new threats. Securing these new IT devices in OT environments has become a top priority! There is an increased trend of integrating cyber intelligence and analytics across the new digitized OT environments.

Presented by:

Keith Dierkx , Global Industry Leader - Freight, Logistics and Rail IBM Industry Academy

Learning Objectives:

 Audience:

CEU:

0.1

View session: Securing the OT Environment

4:30 PM – 5:30 PM

Networking Reception

Arrow

Presented by:

TBA ,

Learning Objectives:

 Audience:

CEU:

0.1

View session: Networking Reception

Thursday May 2
8:00 AM – 8:30 AM

Cybersecurity for Surface Transportation Stakeholders

Arrow

This brief presentation will provide awareness of the issue and tools and techniques in protecting the information technology systems of surface transportation stakeholders. Cybersecurity has become a significant challenge for surface transportation operators. Tools and resources will be discussed relating to improving operational resilience and ability to manage cyber risk.

Presented by:

Jonathan Lamb, Freight Rail Industry Engagement Manager TSA - Policy, Plans, and Engagement

Learning Objectives:

 Audience:

CEU:

0.1

View session: Cybersecurity for Surface Transportation Stakeholders

8:30 AM – 9:00 AM

Transit System Vehicle Maintenance Facility (VMF) - Modern Solutions to Traditional Physical Security Challenges

Arrow

Within most transit systems the VMF represents a recognizable target that can be exploited by terrorists, insiders, criminals and vandals. Traditionally, this critical asset has been protected with combination of a security force, physical barriers, and electronic security. However, modern security practices and advanced technologies can offer enhanced protection against various threats, to include the prevention of harmful devices being placed within rail vehicle undercarriages.

Presented by:

Robert Carter, Chief of Security Transit Safety and Security Solutions

Learning Objectives:

1. Identify various physical threats to a VMF
2. Explain the value of the application of CPTED principles and a properly designed and integrated physical and electronic security system
3. Discuss the effectiveness of an “event-driven” security approach
4. List the possible benefits of introducing advanced protection measures via new technologies

 Audience:

CEU:

0.1

View session: Transit System Vehicle Maintenance Facility (VMF) - Modern Solutions to Traditional Physical Security Challenges

9:00 AM – 9:30 AM

Cyber Protection thru Rail and Port Collaboration? Yes, It Works!

Arrow

On February 13, 2015, the White House under President Obama issued an Executive Order (EO) “Promoting Private Sector Cybersecurity Information Sharing”. The government believed that private sector cybersecurity information sharing could be a game changer against well-resourced and motivated adversaries who target the private sector. This EO called for the development of Information Sharing and Analysis Organizations (ISAOs) to engage with the Department of Homeland Security National Cybersecurity and Communications Integration Center (NCCIC) for purposes of “sharing of information related to cybersecurity risks and incidents”. Fast forward to 2019, the Maritime and Port Security Information Sharing and Analysis Organization (MPS-ISAO), which was operationalized in 2017, has brought together rail, ports, and maritime stakeholders for cybersecurity collaboration. Through the MPS-ISAO, shared malicious and suspicious activity along with countermeasure solutions enable proactive defense. This presentation will provide the audience with current examples of how early situational awareness makes a difference. Case studies and technologies will be examined.

Presented by:

Christy Coffey, EVP of Member Services Maritime & Port Security Information Sharing and Analysis Organization (MPS-ISAO)

David Cordell, Chief Information Officer and Local Agency Security Officer Port of New Orleans

Learning Objectives:

1. Define ISAO cybersecurity information sharing – What’s shared, with whom, and how?
2. List the benefits associated with early situational awareness
3. Discuss Rail and Ports adversary overlap (Why working together makes sense?)
4. Highlight technologies that makes a difference

 Audience:

CEU:

0.1

View session: Cyber Protection thru Rail and Port Collaboration? Yes, It Works!

9:30 AM – 10:00 AM

Thursday Morning Networking Break and Exhibits

Arrow

Presented by:

TBA ,

Learning Objectives:

 Audience:

CEU:

0.1

View session: Thursday Morning Networking Break and Exhibits

10:00 AM – 11:00 AM

Technology Trends in Rail Security

Arrow

The rail industry continues to see the emergence of new technologies, and we also continue to rely on technology to better operations. This discussion will touch on types of frequently used technologies in the industry and our panelists will discuss if or how these technologies pose security risks. We will also touch on future trends and applications - what developments can we expect to see in this industry in the next five or ten years?

Presented by:

Glen Dargy, AVP Advanced Systems Herzog Technologies

Alex Cowan, Founder RazorSecure Ltd

Jeff McCormack, Associate Vice President, Technical Leader Transit & Rail Systems Engineering AECOM

Learning Objectives:

 Audience:

CEU:

0.1

View session: Technology Trends in Rail Security

11:00 AM – 11:30 AM

Migrating From SONET to MPLS-TP In A Transit Environment

Arrow

This case study will detail DART's migration from a Synchronous Optical Network (SONET) topology to a Multi-Protocol Label Switching - Transport Profile (MPLS-TP) network topology. The discussion will include the rationale behind the decision to migrate, the challenges encountered, cybersecurity concerns, and lessons learned.

Presented by:

Dennis Story, Senior Manager, Communications and Control Systems Dallas Area Rapid Transit

Learning Objectives:

1. Discuss why DART migrated from SONET to MPLS-TP
2. Explain challenges that were encountered
3. Identify cybersecurity concerns
4. Summarize lessons learned and the project outcome

 Audience:

CEU:

0.1

View session: Migrating From SONET to MPLS-TP In A Transit Environment

11:30 AM – 1:00 PM

Thursday Lunch and Exhibits

Arrow

Presented by:

TBA ,

Learning Objectives:

 Audience:

CEU:

0.1

View session: Thursday Lunch and Exhibits

1:00 PM – 1:30 PM

Consequence Informed Cyber Security

Arrow

The advent of complex communication networks has revolutionized operational architecture in industrial environments over the last 20-30 years. The availability of real-time operational data has proven to effectively compress decision cycles, increase productivity, and has freed organizations of many resource constraints in their operational environments. However, the fact remains that the reliance on real-time operational data and asset connectivity and communication within industrial environments has also opened the way for attackers to potentially compromise asset functions through the very communication networks that are now depended upon for control of physical processes and safety. Additionally, the steady worldwide increase of industrial cyber-attacks has motivated security professionals to develop a plethora of assessment frameworks to help identify weak points in network defense and lower risk. This includes assessment frameworks specifically designed to identify threats and mitigate vulnerabilities within industrial control systems (ICS). However, no single IT or OT analytic framework allows industrial asset owners to scope and prioritize the most critical network assets (crown jewels) as they relate to the most functionally dependent processes within an operational environment. This paper will attempt to introduce an easily applied and repeatable analytic process that will help identify and prioritize network asset criticality by aligning to already known risk metrics within industrial environments. We describe this scoping process by laying out a foundational analytic framework that starts by identifying completed Process Hazard Analysis, or PHA, within your industrial environment . Next we use the results of these analyses and assessments to steer and identify control network dependency of critical processes to systematically determine crown jewels within deployed operational networks. Once identified, crown jewels become the basis for scoping and planning cyber threat hunts, incident response plans, penetration / vulnerability assessments, and can better inform cybersecurity strategies by aligning security needs with assets that are most critical to operations.

Presented by:

Caleb Mathis, Senior Threat Analyst Dragos

Learning Objectives:

1. Understand ICS attacker mindset and objectives
2. Apply a model to merge traditional IT and OT risk assessment methodologies
3. Identify crown jewels through functional dependency analysis
4. Increase defendable position based on model output

 Audience:

CEU:

0.1

View session: Consequence Informed Cyber Security

1:30 PM – 2:00 PM

Denver RTD Closes the Loop Between Rail Operations and Maintenance

Arrow

Issues with on-board equipment can impact vehicle performance increasing life cycle costs. Malfunctions with passenger counting technology can affect the capture of accurate ridership data. Using an object maintenance information system allowed RTD to do in-field testing of vehicle components, verify functionality and sign off via a tablet solution.

Presented by:

Al Burger, Project Manager, APC INIT Inc.

Matthew Riley, Systems Engineer INIT Innovations in Transportation, Inc.

Learning Objectives:

1. Learn how RTD experiences better quality data
2. Demonstrate how RTD receives real-time vehicle issue notifications and improved communications between operations and maintenance with their rail fleet
3. Understand how RTD closed the communication loop between the operations and maintenance departments on vehicle issues
4. Gain insight on how RTD captured quality annual passenger miles traveled through improving the quality of automatic passenger counting data

 Audience:

CEU:

0.1

View session: Denver RTD Closes the Loop Between Rail Operations and Maintenance

Sponsors

PLATINUM

Dragos
Xaptum


SILVER

ABLOY Security
Cepton
OTN Systems
Railhead Corporation
Safety Vision
interested in becoming a sponsor?