Event Agenda
23rd – 24th September 2026 // London, UK
Theme: Building Intelligence-Driven OT Resilience in an Era of Increasing Risk
Track A: Strategies For Overcoming The Biggest Cyber Issues of Today
Track B: Proactive Roadmaps for Overcoming Common OT Challenges
| Day 1 // 23rd September 2026 08:15 – 05:30 (BST) |
|
 |
08:00Registration & Coffee |
 |
08:35Chairman’s Opening Address by Thomas Mortsell, CSO, Aneo |
|
08:45 Keynote Address Given By Senior NCSC Representative |
 |
09:00Panel Discussion: Disaster Hits: How Should We Respond to a Cyber Attack? • What should be our first steps in the scenario of a cyber attack impacting our OT systems? What should be our priorities in both protection and response? • How can we best prevent panic in such a scenario? What can we do to ensure that downtime is limited and that impact is minimised? • How can we best communicate with our boards in the event of an attack? • What strategies should we have prepared for a disaster? How can threat hunting support in the event of an incident? • What can we do so we are best prepared to respond to a cyber attack? . – Moderator: Claudio Sangaletti, Corporate Head of Infrastructure & Communication, PERSÁN – Thomas Mortsell, CSO, Aneo – Trish McGill, Executive Subject Matter Expert – Cyber Security IT/OT, De Heus Voeders B.V – Adam Paturej, Cyber Security Director, International Centre for Chemical Safety and Security (ICCSS) . |
 |
09:40Presentation: Safeguarding Business Continuity in the Face of a Crisis - Our Journey . • Why business continuity is central to our IT and OT strategy • How continuity planning shaped our response to a cyber incident affecting operations and the supply chain • How we strengthened disaster preparedness through risk assessment and continuity planning • Lessons learned from incident response and recovery, from initial handling through to restoration . |
|
10:10 Presentation: Practical Strategies for OT Incident Response and Recovery? OT environments present unique challenges for incident response and disaster recovery, from legacy systems to high downtime costs. This session explores how to build a resilient OT recovery strategy aligned with business and IT continuity goals. Learn best practices for backups, failover, and recovery, alongside the role of automation and monitoring in reducing disruption. Real-world lessons will highlight practical approaches to improving response effectiveness and minimising operational impact. . – Senior Expert, Fortinet . |
 |
10:50Break & Networking |
| TRACK A Strategies For Overcoming The Biggest Cyber Issues of Today. Hosted by: Thomas Mortsell, CSO, Aneo |
|
|
11:30Presentation: How to Prepare for & Respond to Ransomware in Operational Technology Environments Over the past five years, ransomware targeting industrial control systems (ICS) and operational technology (OT) has risen, becoming the leading cause of compromises in the industrial sector. ICS/OT ransomware requires a different approach than IT; standard IT response plans aren’t sufficient. Effective OT incident response plans must be ICS-specific, tested, and validated. This session covers the tools and strategies for preparing, detecting, and responding to ransomware in ICS/OT environments. . – Senior Expert, Rockwell . |
|
12:00Presentation: Securing the Future of Critical Assets in a Cyber-Driven World This session explores key challenges in securing industrial control systems and OT, using real-world insights. It covers organisations under attack, investing in prevention, and navigating regulations like NIS2. Learn practical strategies to manage evolving cyber risks, support digitalisation, and protect critical infrastructure in an increasingly connected environment. . – Senior Expert, OTBase . |
 |
12:10Case Study: Securing OT Environments Against Third-Party Risk - Our Approach to Resilience . • How we are effectively identifying and quantifying third-party risk in OT, including operational, safety, and regulatory impacts • How we are strengthening supply chain security through effective vendor due diligence, contracts, and SLAs • What we have done to secure vendor and third party access despite security concerns • How we have developed organisational resilience through workforce training and cross-industry collaboration . – Donatas Vitkus, CISO, Ignitis Group . |
| TRACK B Proactive Roadmaps for Overcoming Common OT Challenges |
|
|
11:30Presentation: Optimising IT/OT Convergence Through Asset Lifecycle Management
– Senior Expert, Claroty |
|
12:00 Presentation: Securing OT from Unmanaged Remote Access As critical infrastructure operators strengthen IT/OT separation, unmanaged remote access remains a hidden risk. Vendor-installed routers, legacy VPNs, and tools like TeamViewer often create connectivity that security teams can’t see or control. This session examines why secure remote access must be a core layer of modern OT cyber security, highlighting real-world risks and practical approaches to implementing monitored, policy-driven access across industrial environments. . – Senior Expert . |
|
12:10Case Study: How We Built a Holistic OT Asset Visibility & Vulnerability Management Strategy • How we identified and prioritised vulnerabilities across complex OT environments to build an effective roadmap for OT vulnerability management • How moving from static asset inventories to dynamic, real-time visibility helped us • The importance of integrating IT and OT perspectives to create a unified risk picture • How we can overcome challenges with our legacy systems, vendor patching, and resource constraints and where we can utilise automation and threat intelligence to strengthen our OT vulnerability management . Janine Oosthuizen, Director of OT Cybersecurity, CHEP . |
| LUNCH | |
 |
12:40Lunch Hosted by Fortinet |
| TRACK A Developing Comprehensive & Human-Led Strategies To Mitigate Risk. Hosted by: Thomas Mortsell, CSO, Aneo |
|
|
13:40Presentation: Driving a Cyber Security Culture Across Society: Strategies for Awareness and Human Resilience
. |
|
14:10Case Study: How We Built a Security-First Culture to Tackle Insider Threats • Security-First Culture starts at the top • Detecting Early Signs of Insider Threats without compromising Privacy and Dignity of individuals involved • Safety = Security – Safety and Security of Individuals embedded across the business • Important Link between, IT, OT, HR and Cyber • External Assurance to Internal Knowledge – relevance of checks and intelligence . – Marcin Szczepanik, Head of Information Security, SP Electricity North West . |
|
14:40Presentation: Extending Zero Trust to Factories and OT In today’s hyperconnected operations, threats can easily move laterally from IT systems or third-party devices to critical factory assets like machines, controllers, and sensors. Traditional approaches to segmentation often increase complexity and costs, while vendor remote access exposes factories to third-party risks. This session will explore how we can utilise zero trust in OT environments and hence build a comprehensive architecture that ensures we stay secure and discuss how these tools can be utilised in environments where zero trust may be impossible. . – Senior Expert, TXOne Networks . |
| TRACK B Bridging Strategy and Execution in OT Security Operations |
|
|
13:40Presentation: Streamlining OT Security Procurement and Delivery • Discuss the challenges faced in navigating long procurement cycles and complex entry barriers • Explore strategies for SMEs and larger organisations which can help demonstrate value and gain faster adoption • Highlight ways to accelerate deployment while maintaining compliance, resilience, and ROI . – Senior Expert, Honeywell . |
|
14:10Presentation: Securing the Unpatchable: A Lifecycle Strategy to Reduce Cyber Risk from Obsolete OT Endpoint When OT endpoints pass end‑of‑support, patching is no longer a control but a risk decision. This session shares a practical, experience‑based lifecycle approach for keeping legacy endpoints in service without pretending they are patchable. We’ll cover triage by consequence and exposure, “safe‑to‑run” baselines, and layered compensating controls—segmentation, constrained remote access, allow‑listing, and monitoring—to reduce attack paths. Governance keeps exceptions explicit, reviewable, and aligned to operational realities. . Michel Harthoorn, OT Programme Manager, bp . |
|
14:40Presentation: Where Compliance Meets Visibility- OT IDS's Role in IEC 62443 Cybersecurity This session explores how an OT Intrusion Detection System (OT IDS) can actively support compliance with key IEC 62443 sections by integrating multiple cybersecurity functions—protocol-aware intrusion detection, continuous asset discovery, vulnerability management, and incident reporting—within a single solution. . Markus Westphal, Cyber Security for the Power Grid Specialist, OMICRON Energy . |
| – |
|
|
15:10Presentation: Hack the Unexpected: The Cyber Security Quiz Challenge Are you ready to uncover mind-blowing attack scenarios that blur the lines between reality and fiction? This isn’t just any session – it’s a chance to explore intriguing cyber security tales, test your knowledge and win cool prizes! Expect an engaging experience filled with unexpected twists, interactive fun and practical takeaways – all wrapped up in a light format that’s a refreshing break from the typical conference grind. . – Senior Expert, OPSWAT . |
|
15:40Break & Networking |
 |
16:10Roundtables T1: Building Comprehensive Cyber Strategies Despite Budgetary Constraint . T2: Utilising AI Through Our IT/OT Security Strategies – Tips and Techniques . T3: Keeping The Board Engaged On Ot Cyber Security: How To Deliver Progress Today While Driving Transformation For Tomorrow . T4: Developing An Effective IT-OT SOC – Lessons We Learned . T5: Adopting Effective Zero-Trust Controls to Heighten Our Security Posture . T6: Ensuring Security While Utilising Remote Access in OT . |
|
16:50Panel Discussion: How Should Organisations Embed Strong Security Leadership Into Their IT-OT Strategies? • Who should lead OT Security and what reporting lines work best? • How should we drive C-Level engagement in OT security initiatives? How do you turn OT security challenges into strategic board priorities? • Can a CISO or equivalent drive OT security across IT and operations? Should all organisations have a CISO at board-level? • What can be done to ensure strong security leadership is embedded throughout your organisation? . – Moderator: Thomas Mortsell, CSO, Aneo – Alfonso José Álvarez Calderón, Global IT/OT Lead & CIO, Exolum – Nish Sukumaran, Vice-President, Information Security, Worley – Malcolm Xavier, IT Security & Data Privacy Manager, EET Fuels . |
|
17:30 Chairman’s Closing Remarks |
 |
17:35 Drinks Reception |
|
19:00 Dinner Hosted by Nozomi Networks (Invite-Only) |
