Secure RailSessions

JUMP TO:

Wednesday's Sessions   Thursday's Sessions   Speakers

Secure Rail

2019 Schedule

We are currently compiling the 2019 schedule. Please check back regularly to view new sessions that have been added.

Wednesday May 1
8:00 AM – 9:15 AM

State of Security in the Rail Industry

Arrow

This opening panel will set the table for Secure Rail 2019. Join in on the discussion as we cover the current state of the industry as it relates to security. Let’s ask ourselves, ‘what’s working?’ and ‘what isn’t working?’… ‘what more can we do?’ We will also look toward the future of rail security and highlight trends and themes.

Presented by:

Thomas Farmer, Assistant Vice President - Security Association of American Railroads (AAR)

John Walsh, AVP Safety & Security Genesee & Wyoming Railroad Services, Inc.

Laird Pitz, Vice President & Chief Risk Officer CP

Learning Objectives:

1. Analyze the state of the industry
2. Highlight rail security trends and themes
3. Discuss future security industry trends

 Audience:

CEU:

0.1

View session: State of Security in the Rail Industry

10:00 AM – 10:30 AM

Wednesday Morning Networking Break and Exhibits

Arrow

Presented by:

TBA ,

Learning Objectives:

 Audience:

CEU:

0.1

View session: Wednesday Morning Networking Break and Exhibits

10:30 AM – 11:00 AM

Passenger Screening at LA Metro

Arrow

Threats and risks have become increasingly present in transit agencies. In an effort to combat these threats, LA Metro and TSA partnered to implement new, advanced passenger screening technology to help detect weapons and other security threats. This session will discuss the successful implementation of new screening technology in addition to best practices for undertaking such a project, considerations prior to implementation and the results.

Presented by:

Alex Wiggins, Chief, System Security & Law Enforcement Division Los Angeles County Metropolitan Transportation Authority

Learning Objectives:

1. Discuss the new, advanced passenger screening technology at LA Metro
2. Identify best practices, considerations and results of implementing and undertaking a new, security screening project
3. Review best practices for protecting passengers, employees and equipment
4. Analyze best approaches to assessing and managing risk

 Audience:

CEU:

0.1

View session: Passenger Screening at LA Metro

11:00 AM – 11:30 AM

Lessons Learned from Other Sectors

Arrow

Cyber has been a key issue across both private and public sector for many years; decades for some. With cyber attacks increasing and becoming more destructive and dramatic, no entity wants to appear to be the ‘weakest gazelle in the pack.’ Each sector has learned lessons, innovated, and deployed increasingly resilient approaches to cyber defense and cyber risk management. Drawing from their many years of experience with the US Air Force and financial sector, Jim Cummings and Paul Mee will share their perspectives on cross industry best practices, the requirements to achieve these, and the outlook for cyber resiliency.

Presented by:

James Cummings, Sr. Advisor Cyber Risk Management Oliver Wyman

Paul Mee, Head of Cyber Practice Oliver Wyman

Learning Objectives:

1. Discuss sense of urgency - cyber attacks are increasing and becoming more destructive 2. Examine customer impact - no entity wants to be perceived as a cyber risk
3. Idenitfy lessons learned - overview of mistakes and innovations across different industries
4. Highlight trends - outlook for cyber resiliency

 Audience:

CEU:

0.1

View session: Lessons Learned from Other Sectors

11:30 AM – 1:00 PM

Wednesday Lunch and Exhibits

Arrow

Presented by:

TBA ,

Learning Objectives:

 Audience:

CEU:

0.1

View session: Wednesday Lunch and Exhibits

1:00 PM – 1:30 PM

Back to Basics with Physical Security

Arrow

Today we tend to think outside the box, looking to reinvent the wheel when addressing physical security in the rail realm. However, with increased budget restrictions and decreased funding for high-tech options, there is an opportunity to look back in the box, where there are low-cost physical security options that get the job done and get it done well. This session offers examples and success stories of getting back to basics with physical security.

Presented by:

John Walsh, AVP Safety & Security Genesee & Wyoming Railroad Services, Inc.

Learning Objectives:

1. Identify effective, low-cost physical security options
2. Analyze the impact of decreased security funding on a rail organization
3. Give examples of how going back to the basics for physical security has proven to be successful
4. Present alternatives to high-cost technology options

 Audience:

CEU:

0.1

View session: Back to Basics with Physical Security

1:30 PM – 2:00 PM

Protecting Rail Industry Operations with Application Security

Arrow

Web-based applications are a prime vector of attack for malicious actors. Organizations have seen their own applications turned against them as attackers exploit vulnerabilities in custom code and commonly used open source frameworks. In 2015, a global shipping company had bills of lading exfiltrated from its homegrown Content Management System by pirates, used later to attack ocean-going vessels.

This session will explore several common web-based application attacks, review tools that scan for vulnerabilities, and discuss operational technologies that protect production applications. The session will round out its review of Railinc's defense-in-depth approach by discussing the importance of a Secure Software Development Lifecycle and risk assessments in protecting Railinc’s software as a service model.

Presented by:

Bill Dupre, Director of Security Railinc

Learning Objectives:

1. Understand the different attacks against web-based applications
2. Discuss Railinc's defense-in-depth approach to application security
3. Review technologies for scanning applications to help identify vulnerabilities — including those in open source libraries/frameworks — and operational technologies that protect production applications
4. Discuss the importance of application risk assessments in securing the software as a service model.

 Audience:

CEU:

0.1

View session: Protecting Rail Industry Operations with Application Security

2:30 PM – 3:15 PM

Wednesday Afternoon Networking Break and Exhibits

Arrow

Presented by:

TBA ,

Learning Objectives:

 Audience:

CEU:

0.1

View session: Wednesday Afternoon Networking Break and Exhibits

4:00 PM – 4:30 PM

Securing the OT Environment

Arrow

Convergence of IT into OT environments has unique challenges that make managing and securing an ICS more difficult. This is due to greater technical complexity, expanded risks and new threats. Securing these new IT devices in OT environments has become a top priority! There is an increased trend of integrating cyber intelligence and analytics across the new digitized OT environments.

Presented by:

Keith Dierkx , Global Industry Leader - Freight, Logistics and Rail IBM Industry Academy

Learning Objectives:

 Audience:

CEU:

0.1

View session: Securing the OT Environment

4:30 PM – 5:30 PM

Networking Reception

Arrow

Presented by:

TBA ,

Learning Objectives:

 Audience:

CEU:

0.1

View session: Networking Reception

Thursday May 2
8:30 AM – 9:00 AM

Transit System Vehicle Maintenance Facility (VMF) - Modern Solutions to Traditional Physical Security Challenges

Arrow

Within most transit systems the VMF represents a recognizable target that can be exploited by terrorists, insiders, criminals and vandals. Traditionally, this critical asset has been protected with combination of a security force, physical barriers, and electronic security. However, modern security practices and advanced technologies can offer enhanced protection against various threats, to include the prevention of harmful devices being placed within rail vehicle undercarriages.

Presented by:

Robert Carter, Chief of Security Transit Safety and Security Solutions

Learning Objectives:

1. Identify various physical threats to a VMF
2. Explain the value of the application of CPTED principles and a properly designed and integrated physical and electronic security system
3. Discuss the effectiveness of an “event-driven” security approach
4. List the possible benefits of introducing advanced protection measures via new technologies

 Audience:

CEU:

0.1

View session: Transit System Vehicle Maintenance Facility (VMF) - Modern Solutions to Traditional Physical Security Challenges

9:00 AM – 9:30 AM

Cyber Protection thru Rail and Port Collaboration? Yes, It Works!

Arrow

On February 13, 2015, the White House under President Obama issued an Executive Order (EO) “Promoting Private Sector Cybersecurity Information Sharing”. The government believed that private sector cybersecurity information sharing could be a game changer against well-resourced and motivated adversaries who target the private sector. This EO called for the development of Information Sharing and Analysis Organizations (ISAOs) to engage with the Department of Homeland Security National Cybersecurity and Communications Integration Center (NCCIC) for purposes of “sharing of information related to cybersecurity risks and incidents”. Fast forward to 2019, the Maritime and Port Security Information Sharing and Analysis Organization (MPS-ISAO), which was operationalized in 2017, has brought together rail, ports, and maritime stakeholders for cybersecurity collaboration. Through the MPS-ISAO, shared malicious and suspicious activity along with countermeasure solutions enable proactive defense. This presentation will provide the audience with current examples of how early situational awareness makes a difference. Case studies and technologies will be examined.

Presented by:

Christy Coffey, EVP of Member Services Maritime & Port Security Information Sharing and Analysis Organization (MPS-ISAO)

Scott Cole, Manager of Information Technology New Orleans Public Belt Railroad Corporation

Learning Objectives:

1. Define ISAO cybersecurity information sharing – What’s shared, with whom, and how?
2. List the benefits associated with early situational awareness
3. Discuss Rail and Ports adversary overlap (Why working together makes sense?)
4. Highlight technologies that makes a difference

 Audience:

CEU:

0.1

View session: Cyber Protection thru Rail and Port Collaboration? Yes, It Works!

9:30 AM – 10:00 AM

Thursday Morning Networking Break and Exhibits

Arrow

Presented by:

TBA ,

Learning Objectives:

 Audience:

CEU:

0.1

View session: Thursday Morning Networking Break and Exhibits

10:00 AM – 11:00 AM

Technology Trends in Rail Security

Arrow

Presented by:

Glen Dargy, AVP Advanced Systems Herzog Technologies

Alex Cowan, Founder Razor Secure Ltd

Learning Objectives:

 Audience:

CEU:

0.1

View session: Technology Trends in Rail Security

11:00 AM – 11:30 AM

Migrating From SONET to MPLS-TP In A Transit Environment

Arrow

This case study will detail DART's migration from a Synchronous Optical Network (SONET) topology to a Multi-Protocol Label Switching - Transport Profile (MPLS-TP) network topology. The discussion will include the rationale behind the decision to migrate, the challenges encountered, cybersecurity concerns, and lessons learned.

Presented by:

Dennis Story, Senior Manager, Communications and Control Systems Dallas Area Rapid Transit

Learning Objectives:

1. Discuss why DART migrated from SONET to MPLS-TP
2. Explain challenges that were encountered
3. Identify cybersecurity concerns
4. Summarize lessons learned and the project outcome

 Audience:

CEU:

0.1

View session: Migrating From SONET to MPLS-TP In A Transit Environment

11:30 AM – 1:00 PM

Thursday Lunch and Exhibits

Arrow

Presented by:

TBA ,

Learning Objectives:

 Audience:

CEU:

0.1

View session: Thursday Lunch and Exhibits

1:30 PM – 2:00 PM

Denver RTD Closes the Loop Between Rail Operations and Maintenance

Arrow

Issues with on-board equipment can impact vehicle performance increasing life cycle costs. Malfunctions with passenger counting technology can affect the capture of accurate ridership data. Using an object maintenance information system allowed RTD to do in-field testing of vehicle components, verify functionality and sign off via a tablet solution.

Presented by:

Andreas Rakebrandt, Director, APC North America INIT Innovations in Transportation, Inc.

Matthew Riley, Systems Engineer INIT Innovations in Transportation, Inc.

Learning Objectives:

1. Learn how RTD experiences better quality data
2. Demonstrate how RTD receives real-time vehicle issue notifications and improved communications between operations and maintenance with their rail fleet
3. Understand how RTD closed the communication loop between the operations and maintenance departments on vehicle issues
4. Gain insight on how RTD captured quality annual passenger miles traveled through improving the quality of automatic passenger counting data

 Audience:

CEU:

0.1

View session: Denver RTD Closes the Loop Between Rail Operations and Maintenance

Sponsors

SILVER

Railhead Corporation
Safety Vision
interested in becoming a sponsor?
Save $200 When You Register Today. Offer Expires March 8, 2019.
Days
Hours
Minutes
Seconds