Knowledge Sharing on NIS2 and OT Security Takes Centre Stage during ‘Cybersecurity Insights’ Event

On 17 September the HSD Campus was the stage for the ‘Cybersecurity Insights’ event hosted and organised by Security Delta (HSD) and IT Circle Nederland. A crowd of experts from the field gathered here to discuss the latest developments on the topics of NIS2 and OT Security.

The programme kicked off with a word of welcome by Saskia Noordewier (Security Delta HSD) and Karen de Ryck van der Gracht (IT Circle Nederland). They emphasised the need for collaboration within the field of security, and the roles that both organisations play in facilitating this. Both IT Circle Nederland and Security Delta (HSD) are independent, and regularly organise events to help make meaningful connections and facilitate knowledge sharing.

Security First

Following this, Vladimir Cibic (CISO KPN) provided a presentation titled ‘Security First’. He took the attendees on a deep-dive discussion on several topics, including Security Strategy & Vision, Governance, Roadmap & Reporting and Security & Compliance. The vision of KPN in terms of security was explained, as well as its four-pronged strategy when it comes to security.

Vladimir Cibic also explained the way in which implantation is handled, and the levels in process management involved. He also touched on compliance and the security policies in place to ensure security at all times. Lastly, he spoke about compliance and connecting security processes. Afterwards a lively Q&A on NIS2 and critical infrastructure took place with participants in the room.

OT Security

Martin de Vries (CISO TU Eindhoven) focused on OT Security. Key takeaways from his presentation were the clear distinction between IT Security and OT Security, and the importance in making and continuing to make this distinction. Instead of focusing on people, safety in OT has stronger availability, confidentiality and integrity requirements, he stated.

The use and development of OT Security at TU Eindhoven were also topic of discussion, and some examples and lessons learned were shared when it comes to OT Security in the workplace. Martin de Vries also zoomed in on several impactful OT outages in the past, such as the recent CrowdStrike incident, and the situation with Maersk in 2017. He ended his talk with some best practices (a.o. Zero-Trust Frameworks, risk assessments, awareness programmes), before another Q&A took place.

Breakouts and wrap-up

After a short break the group split into smaller break-out sessions to discuss the topics that were introduced during the presentations by KPN and TU Eindhoven. Jeroen van Nijnatten (IT Circle Nederland) and Willem Offerhaus (Security Delta HSD) moderated these sessions and led a group discussion to enhance knowledge sharing and to give participants the opportunity to share their lessons learned from experience.

The event wrapped up with a summary on the day’s discussion topics and ample opportunity for networking over drinks at the HSD Campus. Security Delta (HSD) and IT Circle Nederland look forward to further collaboration on these and other topics in the future to facilitate knowledge sharing and a more secure Netherlands.