🔐 Practical Industrial Security: Real-World Lessons from Complex HVDC Projects

We’re excited to announce that our colleague Jan Grotelüschen (GAI NetConsult GmbH) will be speaking at the Industrial Security Conference 2025 in Copenhagen, alongside Simon Gustafson (Amprion GmbH) and co-author Stephan Beirer (GAI NetConsult GmbH).

🎤 Topic of the presentation:
Staying on course in a volatile environment: OT security in complex large-scale HVDC projects – a real-life example

https://insightevents.dk/isc-cph/sessions/staying-on-course-in-a-volatile-environment-ot-security-in-complex-large-scale-hvdc-projects-a-real-life-example/

⚡ At a glance:

Amprion is currently implementing massive offshore grid connection projects such as BorWin4/DolWin4 and BalWin1/BalWin2. These high-voltage direct current (HVDC) lines span up to 380 km and deliver 5.8 GW of power per project – enough to supply electricity to nearly 6 million people.
In this presentation, the speakers, who are largely responsible for the specification and monitoring of the implementation of OT security for this HVDC project, will present the projects itself and report on the cyber security challenges and lessons learnt.

🔍 Key OT Security Challenges Covered:
• Dynamic regulation: Adapting to evolving frameworks like NIS-2, RCE, CRA – even mid-project
• Technology vs. longevity: IT/OT convergence meets decades-long system life cycles
• Managing uncertainty: Constant change in technologies, requirements, and stakeholders

📌 This session provides real-world insights into securing critical infrastructure under real conditions – including what worked, what didn’t, and how lessons learned are shaping better security strategies.

🔗 More about the industrial security conference: https://www.linkedin.com/company/industrial-security-conference-cph/posts/?feedView=all

#OTSecurity #CriticalInfrastructure #HVDC #CyberSecurity #EnergyTransition #ICSCPH #GAINetConsult #Amprion #NIS2 #CRA #IndustrialSecurity

Me, when I realize at the end of the conference that the hashtag is #ISCCPH and not #ICSCPH :blobawkward: :blobfacepalm:

@kodefupanda wants us to go back to analog logic for *critical* automation & control application. While I understand his point I fear it's not gonna happen, e.g. because we don't have the know how anymore #ICSCPH

#ICSCPH @jfslowik on stage

Casper Bladt and Jens Nielsen popping shells on a Moxa UC-8100 at #ICSCPH

Casper Bladt quoting this historical Phrack 49 article from @aleph_one at #ICSCPH - buffer overflows are still a topic in the ICS/OT domain. I feel young again 😋

7 steps for your security awareness program #icscph

My favourite Nation State Actor @sjhilt is talking at #ICSCPH about IoT malware Cyclops Blink

@tinu talking about IR exercises in substations at #ICSCPH. Great news - the new Wireshark release will have an improved IEC 60870-5-104 dissector

IoG's Indicators of Garbage
-Ron Brash
#ICSCPH

Not only protect your process and products but can you do so for 3rd party data processing? #icscph @patrickcmiller

Bad news for the old school 'OT vs IT' people by @patrickcmiller at #ICSCPH

OT external connectivity numbers - the regulator in the room was quite shocked 😉 #ICSCPH

@egeltje @jerry We miss you here in Copenhagen, Erwin! #ICSCPH When & where is your next talk?

Getting ready for #ICSCPH conference

workshop is free, but slots are limited. Register now at https://bit.ly/BikerMapping

The event is made possible by collaborators and friends from: #MNLmoves #ICSCph #OSMph #PUPSJ #MapaTime #Mapillary - 2/2