Speakers & Trainers

World Class Content

CS3STHLM – the Stockholm international summit on Cyber Security in SCADA and Industrial Control Systems - is an annual summit that gather the most important stakeholders across critical processes and industries. CS3STHLM has been organized since 2014, and has quickly become the premier ICS Security Summit in Northern Europe!

presentationUS

Adam Ringwood

Presentation

Adam Ringwood

OT Security Researcher

  • Uptake Technologies
  • United States

Adam Ringwood is a OT Security Researcher US-based Data Science organization Uptake Technologies, dedicated to the philosophy that machines never have to break. Most famously known for his research around his university’s LDAP data privacy, He has also built several email phishing, and password cracking tools, and has been a longtime consultant working to build and secure cloud infrastructure.

Presentation

The Internet of Things on the Internet with Johnny Xmas
Close

moderatorSE

Anne-Marie Eklund Löwinder

moderator

Anne-Marie Eklund Löwinder

Chief Information Security Officer

  • IIS, The Internet Foundation In Sweden
  • Sweden

She is the Chief Information Security Officer at IIS, The Internet Foundation In Sweden. She also serves on the boards of internet-related organisations including the Council of European National Top Level Domain Registries (CENTR) and the Swedish Law and Informatics Research Institute. Eklund Löwinder has been appointed Trusted Community Representative by the Internet Corporation for Assigned Names and Numbers (ICANN). She is one of seven people who control the DNSSEC key generation for the internet root zone.

Close

trainingFR

Arnaud Soullié

Training

Arnaud Soullié

Cybersecurity R&D Manager

  • Wavestone
  • France

Arnaud Soullié (@arnaudsoullie) is the cybersecurity R&D manager at Wavestone. For 8 years, he has been performing security audits and pentest on all type of targets. He specializes in Industrial Control Systems and Active Directory security. He has spoken at numerous security conferences on ICS topics : BlackHat Europe, BruCon, 4SICS, BSides Las Vegas, DEFCON…He also has an interest in hardware security, and is the designer of DYODE (Do Your Own Diode): an open-source, low-cost, ICS oriented data diode.

Training

Pentesting Industrial Control Systems 22-23 October 09:00 - 17:00
Close

presentationUS

Ben Miller

PresentationTraining

Ben Miller

Director of Threat Operations

  • Dragos Inc
  • United States

Ben Miller is Director, Threat Operations Center at the industrial cyber security company Dragos, Inc. where he leads a team of analysts in performing active defense inside of ICS/SCADA networks. In this capacity, he is responsible for performing a threat hunting, incident response, and malware analysis mission for the industrial community. Previous to his role at Dragos, Inc. Ben was the Associate Director, Electricity Information Sharing & Analysis Center (Electricity ISAC) and led cyber analysis for the sector.

Presentation

Hunting and Responding in ICS with Mark Stacey

Training

Introduction to Threat Hunting in ICS 23 October 09:00 - 17:00 with Daniel Michaud-Soucy
Close

presentationCH

Cheng Lei

Presentation

Cheng Lei

ICS Security Researcher

  • NSFOCUS
  • China

Cheng Lei is an Industrial Control System Security researcher at NSFOCUS. His interest is mainly about PLC and DCS vulnerability exploitation and security enhancement. Over the years, he has released three Siemens CVE vulnerabilities.

Close

presentationUS

Dan Gunter

Presentation

Dan Gunter

Principal Threat Analyst

  • Dragos Inc
  • United States

Dan Gunter currently works as a Principal Threat Analyst at the industrial control system cyber security company Dragos. Before Dragos, he served in the US Air Force in a variety of role ranging from working in the Air Force's Computer Emergency Response Team to developing information security applications. Dan previously presented at Blackhat, Schmoocon, and s4x18.

Presentation

Stateful Protocol Hunting with Daniel Michaud-Soucy
Close

presentationUS

Daniel Michaud-Soucy

PresentationTraining

Daniel Michaud-Soucy

Principal Threat Analyst

  • Dragos Inc
  • United States

Daniel Michaud-Soucy is a Principal Threat Analyst, Threat Operations Center at the industrial cyber security company Dragos, Inc.. Daniel is focusing on threat hunting and incident response services within a variety of industrial environments. Daniel previously worked for Sempra Energy on RD&D tasks revolving around machine to machine automated threat response, data aggregation, advanced threat detection and secure system interfaces for ICS/SCADA. Daniel also worked with Red Tiger Security performing cyber vulnerability assessments and penetration tests on oil & gas, electrical power, water treatment and pharmaceutical ICS/SCADA environments.

Presentation

Stateful Protocol Hunting with Dan Gunter

Training

Introduction to Threat Hunting in ICS 23 October 09:00 - 17:00 with Ben Miller
Close

presentationBE

Dieter Sarrazyn

Presentation

Dieter Sarrazyn

Security Expert

  • Secudea
  • Belgium

Dieter is a freelance OT security expert who working extensively on industrial control system security including more than 10 years in a large electricity generation company. He performs SCADA security assessments, provides assistance in securing SCADA environments and helps customers to manage their suppliers’ security through doing security requirements management and security FAT and SAT tests. These activities are always part of a larger program, aimed at reducing business risks.

Presentation

Operator Jail breakout with Frank Lycops
Close

trainingSE

Erik Hjelmvik

Training

Erik Hjelmvik

Network Analyst

  • NETRESEC
  • Sweden

Erik is the creator of NetworkMiner and an experienced incident handler who has specialized in the field of network forensics.

Training

Network Forensics Training 22-23 October 09:00 - 17:00
Close

presentationNL

Erwin Kooi

Presentation

Erwin Kooi

Information Security Arcitect

  • Alliander
  • Netherlands

Erwin has been working in information security for fifteen years and in IT for twenty-one years. He recently switched positions and is now working on designing SCADA / ICS systems for smart grids with a strong focus on cyber security, especially when integrating ICS and IT systems. He has a solid knowledge of healthcare IT and grid operator IT, both on the office side as on the operations side, both on the strategic level as on the implementation side. He holds a BSc Electrical Engineering and Master Security in Information Technology. In his rare spare time he likes to pick locks, program microcontrollers, participate in a local political party and care for his horses and hedgehogs.

Presentation

The good, the bad and the segmented with Rik van Hees
Close

presentationBE

Frank Lycops

Presentation

Frank Lycops

Security Consultant & Researcher

  • Asvalis
  • Belgium

Frank a freelance security consultant and researcher. He has 8 years of experience in both the IT and OT environments. During his work, he performed numerous penetration tests on OT environments, helped improving the overall security of various environments and discovered several vulnerabilities in widely sold devices.

Presentation

Operator Jail breakout with Dieter Sarrazyn
Close

presentationUS

Joe Slowik

PresentationTraining

Joe Slowik

Adversary Hunter

  • Dragos Inc
  • United States

Joe Slowik currently hunts ICS adversaries for Dragos, pursuing threat activity groups through their malware, their communications, and any other observables available. Prior to his time at Dragos, Joe ran the Incident Response team at Los Alamos National Laboratory, and served as an Information Warfare Officer in the US Navy. Throughout his career in network defense, Joe has consistently worked to ‘take the fight to the adversary’ by applying forward-looking, active defense measures to constantly keep threat actors off balance. When not hunting adversaries or playing with open source security projects, Joe loves playing ice hockey and building Legos.

Close

presentationUS

Johnny Xmas

Presentation

Johnny Xmas

Security Researcher

  • Uptake Technologies
  • United States

Johnny Xmas is a Security Researcher and Lead Penetration Tester for the US-based Data Science organization Uptake Technologies, dedicated to the philosophy that machines never have to break. He’s been speaking internationally on the topics of Hacking, and Privacy for nearly 15 years, and is most well-known for his involvement with the USA / TSA Master Keys reversing of 2015-16.

Presentation

The Internet of Things on the Internet with Adam Ringwood
Close

presentationDE

Kai Thomsen

Presentation

Kai Thomsen

Lead Incident Responder

  • AUDI AG
  • Germany

Kai is the Incident Response team lead at AUDI AG and currently working on creating a modern Cyber Defence organisation at Audi. Before that he established an IT Service Continuity organization at Audi and developed and executed crisis management training exercises for top management. Prior to Audi, he worked at SMS group, an engineering company for steel manufacturing plants. There he was responsible for network security architecture, NSM, and forensics. Kai holds an M.A. in computer science and English and American Literature from the University of Siegen. He is also a SANS Instructor for Industrial Control Systems Active Defense and Incident Response (ICS515) and chairing the SANS Automotive Summit and SANS ICS Europe Summit in 2018.

Close

presentationPL

Marcin Dudek

Presentation

Marcin Dudek

IT Security Expert

  • ComCERT.PL
  • Poland

IT security expert, member of ComCERT.PL Team, the team that delivers IT incident response related services. He specializes in the security of industrial control systems. A graduate of the University of Warwick in the Great Britain. Founder of the scientist circle at the Military University of Technology, dealing with cyber security. He has been awarded twice for finding vulnerabilities in Microsoft products. Together with the team, he won the award for the best decision-making document in case of cyber conflict in the Cyber 9/12 Europe Competition, organized by the Atlantic Council. Actively tweeting on @dudekmar

Close

presentationUS

Mark Stacey

Presentation

Mark Stacey

Principal Threat Analyst

  • Dragos Inc
  • United States

Mark Stacey is currently a Principle Threat Analyst with Dragos Inc. In this role, Mark delivers holistic incident response, threat hunting, and adversary research for Industrial Control Systems worldwide. Prior to joining Dragos, Mark was a member of RSA's Incident Response team for 5 years where he provided incident response, discovery, and forensic services globally for private industry, financial institutions, law firms, foreign and domestic governments. Mark spent 7 years with the Department of Energy (DOE) performing cyber and intelligence analysis for various government clients. He has functioned in both cybersecurity operations and research within the intelligence community and frequently provides community education through outreach programs with federal agencies.

Close

presentationUS

Marty Edwards

Presentation

Marty Edwards

Cybersecurity Expert

  • The Automation Federation
  • United States

Marty Edwards, a globally recognized industrial control systems cybersecurity expert and speaker, serves as Managing Director of the Automation Federation. Prior to joining the Automation Federation in mid-2017, Edwards—a 25-year industry veteran—was the longest-serving Director of the U.S. Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). Under his leadership the ICS-CERT was awarded the 2013 SC Magazine Security Team of the Year award and was named as a finalist in the Community Awareness category in the 2015 Government Information Security Leadership Awards (GISLA).

Close

trainingDK

Mikael Vingaard

Training

Mikael Vingaard

IT Security Consultant

  • EnergiNet
  • Denmark

Mikael Vingaard leverages his 15+ years of IT-security experience to build practicalinformation security with a real-life perspective. Mikael works as IT-Security Consultant at EnergiNet.dk, the Danish national transmission system operator. In his spare time, Mikael runs several research projects, build on Open Source softwareto make a positive difference to secure critical infrastructure environments.

Training

ICS Scada Honeypot Technical Training 22-23 October 09:00 - 17:00
Close

presentationUS

Monta Elkins

Presentation

Monta Elkins

Hacker-in-Chief

  • FoxGuard Solutions
  • United States

Monta Elkins is currently "Hacker-in-Chief" for FoxGuard Solutions, an ICS patch provider. A security researcher and consultant; he was formerly Security Architect for Rackspace, and the first ISO for Radford University. He has been a speaker at DEFCON , Homeland Security’s ICSJWG (Industrial Control Systems Joint Working Group), EnergySec's Security Summit, GE Digital Energy's Annual Software Summit, Toshiba's Industrial Control Systems Conference, NERC's GridSecCon and Emerging Technology Roundtable, ICS CyberSecurity by Security Week, UTC Telecom, and other security conferences. Monta is the author and instructor of the “Defense against the Dark Arts” hands-on, hacker tools and techniques classes, guest lecturer for local colleges and universities teaching rapid prototyping techniques and information security and teaches Arduino and other classes with Let's Code Blacksburg.

Presentation

Jumping Air Gaps
Close

presentationUS

Patrick Miller

Presentation

Patrick Miller

Managing Partner

  • Archer
  • United States

Patrick Miller has dedicated his career to the protection and defense of critical infrastructures. As Managing Partner at Archer Security Group, he is a trusted independent security and regulatory advisor for industrial control systems worldwide. Mr. Miller is also the founder, director and president emeritus of EnergySec and US. Coordinator for the Industrial Cybersecurity Center. Patrick's diverse background spans the Energy, Telecommunications, Water and Financial Services verticals including key positions with regulatory agencies, private consulting firms, utility asset owners and commercial organizations.

Close

presentationNL

Rik van Hees

Presentation

Rik van Hees

ICS Security Architect

  • Alliander
  • Netherlands

Rik has been working in an ICS / SCADA environment for 10 years as an engineer, security architect and currently as a security officer for grid operator Liander. He has strong knowledge in designing and securing ICS systems on both the strategical as operational side and risk management. He holds a BSc of Electrical Engineering with a specialization in electronics. In his spare time he likes to play guitar, produce music, hike with his dogs and travel the world.

Presentation

The good, the bad and the segmented with Erwin Kooi
Close

trainingDE

Stephan Beirer

Training

Stephan Beirer

Senior Consultant

  • GAI NetConsult GmbH
  • Germany

Stephan Beirer studied and received his PhD in physics. Since 2006 Mr. Beirer has been employed with GAI NetConsult GmbH as a senior consultant and is the Head of Industrial Control Systems Security since 2012. He advises clients on the development and implementation of organizational and technical security policies and controls, on implementing an information security management system (ISMS) according to IEC 62443, ISO/IEC 27001 and ISO/IEC 27019 and on business continuity planning. His professional focus is on securing process control and automation technology, especially in the field of energy supply. He gained his experience in more than 200 ICS security projects in the field of energy, transportation and industrial manufacturing. He is an active member of several national and international standardization committees at DIN, DKE, IEC and ISO and the editor of ISO/IEC 27019.

Close

presentationNO

William Middleton

Presentation

William Middleton

Senior Engineer

  • Siemens PD Solutions
  • Norway

William works with Siemens PD Solutions in western Norway providing networking and security advice and configuration for ICS projects and LM customers. He has an MLS degree in Computer Networking and Telecommunications, and holds professional-level certifications from Cisco Systems. William has more than 25 years of experience in IT and has worked for Motorola, Adobe Systems, and Telenor in Norway before starting with Siemens in 2013. He enjoys fishing, hiking and Bikram yoga.

Close