Davide Lenzarini, IoT Architect at u-blox AG

Enabling features control and local data notarisation with a GNSS chip
Local data notarisation:

• Why it is necessary to have a proof of origin and integrity for locally collected or generated data.
• How to deal with location and time spoofing now becoming a standard technique used by fraudsters.

-> The solution:

• Authenticate locally collected data with trusted position and time.
• Allow the trusted and independent verification of when and where the data was collected without disclosing it.

Features control:

• Why it is necessary to have mass customization of tracking devices after their production
• How to activate or deactivate features on tracking devices without having physical access to them and also when they are not connected to the Internet.

->The solution:

• A GNSS chip with a robust Root Of Trust able to process end-to-end protected data provided by a paired system.
• A GNSS chip able to receive in L-band broadcast end-to-end protected data and able to securely manage the control of some features on the basis of the data received.

Breakout Session No. 1: Martin Buess, OT Security Officer Division Hydro at Axpo Group

How to Handle Security Events in Critical Infrastructure (OT-Infrastructure)
The reporting requirement for cyberattacks on critical infrastructures has been in effect since April 1st. Therefore let's discuss the following aspects:

• To what extent is your company affected by the reporting requirement?
• How are security events in your OT infrastructures detected, monitored, and further processed?
  - Do you use passive (traffic monitoring) or active methods (active scanning)? And for what reason?
  - Do you use EDR solutions in OT?
  - How did you approach modelling OT-specific use cases?
  - What are your experiences?
  - Have you already had cybersecurity incidents in your OT infrastructures?
• Do you have support from external MSSPs?
  

Breakout Session No. 2: Florian Goutaudier, Global OT SME Leader at CrowdStrike

EDR in OT: Navigating the Trade-Off Between Availability and Security 
In OT environments, maintaining availability and determinism limits the applicability of traditional IT-centric security controls. Yet as targeted attacks against industrial systems increase, the case for endpoint visibility has never been stronger. This session explores how Endpoint Detection and Response (EDR) can be purpose-fit for OT networks without compromising operational integrity.

This includes the careful adaptation to accommodate legacy systems, non-standard protocols, and strict uptime requirements. We will discuss deployment best practices that preserve operational stability while enhancing security and outline how EDR can improve visibility and asset management across OT networks, and how advanced capabilities like integrated threat intelligence and anomaly detection can strengthen defences without disrupting critical processes.

Breakout Session No. 3: Nils Haza, Sales Engineer at Cyolo

Securing the Unseen: Managing Decentralized OT Access
Join Nils Haza from Cyolo for an interactive breakout session that dives into the challenges of secure access in decentralized OT environments. Through real-world examples, group discussions, and live collaboration, you'll explore how to enable secure, agentless access to PLCs, HMIs, and SCADA systems—without VPNs or infrastructure changes.

This session is hands-on and highly engaging, designed for participants to share experiences, brainstorm solutions, and walk away with actionable insights. It's also a great opportunity to influence the future of OT security by sharing your needs and challenges.

Key Takeaways:

• Understand the limitations of traditional OT access methods in decentralized setups
• Explore just-in-time, infrastructure-free access strategies using real examples
• Collaborate with peers to solve OT access challenges in small breakout groups
• Gather ideas to improve your own environment and influence industry direction