Loading…
Attending this event?
Welcome to the Interactive Agenda for SecurityWeek’s 2020 ICS Cyber Security Conference! (View the full conference website and register for the conference here)

Back To Schedule
Tuesday, October 20 • 1:45pm - 2:15pm
Data Breaches Related to Critical Infrastructure - Analysis of Cyber Risk to U.S. Critical Infrastructure

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
In recent years, many enterprises in the world have suffered from leaks of sensitive customer or employee information due to APT attacks, malware attacks, insider leaks, or mis-configured settings. Data breaches have a considerable impact, not only harming corporate reputations and causing business to be lost, but also causing serious risk for customers. If leaked data flows into the hands of bad actors, we can easily imagine the harmful consequences. These risks equally affect the United States’ 16 critical infrastructures. If sensitive information about employees or external services leaks, hackers can easily apply it to social engineering or advanced continuous penetration attacks. However, a critical infrastructure security incident can cause more than financial loss – it can also create a threat to the safety of physical equipment or to people’s lives and property.

This research unveils publicly leaked data and shares some of the traps and fun found during the analysis. In this session, we share how we have used our unique automatic analytical process for building on the cloud to conduct big data analysis on more than 10 billion pieces of data from 200 plus datasets, with a particular focus on the analysis of data leakage and password habits of 16 critical infrastructure service providers. Based on the in-depth analysis of our data, we will try to provide predictions and warnings to high-risk CI sectors that may be invaded due to information leakage. Finally, we will advise how to perform prevention and mitigation measures.

Speakers
avatar for Mars Cheng

Mars Cheng

Cyber Threat Researcher, TXOne Networks
Mars Cheng is a threat researcher of TXOne Networks, blending a background and experience in both ICS/SCADA and Enterprise cybersecurity systems. Mars has identified more than 10 CVE-IDs, and has had work published in three Science Citation Index (SCI) applied cryptography journals... Read More →
avatar for YenTing Lee

YenTing Lee

Cyber Threat Researcher, TXOne Networks
YenTing Lee is a cyber threat researcher at TXOne Networks’ IoT/ICS Security Research Labs. Before joining TXOne, YenTing was a section head at the Taiwan National Center for Cyber Security Technology (NCCST), and has experience in both ICS/SCADA and cyber-offensive and defensive... Read More →
avatar for Max Farrell

Max Farrell

Sr. Technical Writer, TXOne Networks
Max Farrell is a senior technical writer and communication expert for TXOne Networks, working from a background of mixed technology, business, and arts. He specializes in research related to the culture, business, and technology of the United States. His background prior to TXOne... Read More →


Tuesday October 20, 2020 1:45pm - 2:15pm EDT