For many companies, the IT system that controls their operation/process has been bought from external vendors and is often maintained by external consultants. Few companies have sufficient expertise in-house, yet serious IT malfunctions can cause more than just lost time. There may be serious safety issues if a high hazard process can be distorted and controlled by malignant software or, if data is lost to competitors, serious security issues. In the UK the first computer virus (STUXNET) known to target a process control application was identified in July 2010. Its purpose seems to have been to collect data rather than to cause damage – which raises the question, who would spend so much time to gather this data, and why?
It is difficult for non-specialists to assess how serious the threat is, or the level of precautions to take against it. The user company is often left wondering uneasily where to draw the line between cost-effectiveness and security.
This workshop is aimed at safety and generalist managers, rather than IT experts. Delegates will have the opportunity to hear what the risks are and what basic steps they need to take to protect their systems. Government and industry will explain how self-help groups can help to assess the threats and will provide realistic guidance on what to do about them. Speakers will focus on the management of these systems, rather than the technical intricacies.