Loading…
Attending this event?
Welcome to the Interactive Agenda for SecurityWeek’s 2020 ICS Cyber Security Conference! (View the full conference website and register for the conference here)

Back To Schedule
Thursday, October 22 • 9:00am - 5:00pm
ICS Red vs. Blue Training Workshop ($)

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Premium Conference Registration Required ($495)


Created and taught by world-renowned ICS cybersecurity expert, Clint Bodungen (Lead author of “Hacking Exposed: Industrial Control Systems” and co-creator of the Red vs. Blue cybersecurity gamification platform)
 
WHAT’S IN VERSION 3.0?
Updated and more detailed curriculum. Updated and expanded gamification using ThreatGEN’s Red vs. Blue platform. New technical labs using ThreatGEN’s ICS simulation technology.

Workshop Overview
This workshop, held virtually, will help attendees gain a better, and more detailed, understanding of industrial control systems, along with their vulnerabilities, attack surface, adversarial tactics, and the most efficient risk management strategies. Attendees will exercise what they learn in Red Team vs. Blue Team exercises and labs. Defending ICS networks and assets requires more than any single solution and it is not a just matter of deploying “best practices” and “layered defense”. A necessary combination of proactive and reactive strategies such as vulnerability assessments, network segmentation, system hardening and threat monitoring, just to name a few, are needed. However, most organizations are often limited in their ability to deploy even the most basic security controls due to lack of required skills. This workshop starts from a strategic perspective, helping attendees “get their head around” the big picture. It starts with a deep dive into industrial control systems components and architecture, and then introduces beginner to intermediate topics including ICS vulnerabilities, “hacker” methodologies, and security controls at a comfortable and easy to follow pace. These topics are then exercised and reinforced using ThreatGEN’s Red vs. Blue cybersecurity gamification platform as well as other, more technical, hands-on labs and simulations for those that want to go a bit deeper.

What is Red vs. Blue Training?
Training is one of the most essential components of your risk mitigation strategy and overall cybersecurity program. However, without learning cybersecurity from the “hacker’s” perspective and gaining a true understanding of how adversaries attack and compromise ICS networks and assets, you’re only getting half of the picture. Without that other half, you’re essentially blindly deploying generic security controls and “best practices”. Layered defense is a great concept, but few organizations have the resources to deploy every layer effectively, and in most case, it still ends up being a waste of resources. In order to have an efficient and cost-effective risk mitigation strategy, you must understand not only where your vulnerabilities are, but also the tactics that attackers will use to exploit these vulnerabilities. Red vs. Blue Training provides the opportunity to learn these adversarial tactics in conjunction with the defensive methods; and then students get to apply the skills they learn as they face off in a head-to-head competition, Blue Team (the defenders) against Red Team (the attackers). ThreatGEN® Red vs. Blue cybersecurity gamification platform uses cutting-edge computer gaming technology developed by experienced industry professionals and authors of “Hacking Exposed: Industrial Control Systems”, to offer all the most valuable aspects of red team/blue team training, but in a fraction of the time and without a technical learning curve. Students of all levels can even play the part of the red team, regardless of experience or skill level.

EXPERIENCE LEVEL: All experience levels will gain from this workshop

What you will get out of this workshop:
• A comprehensive, “big picture” understanding of how all the cybersecurity pieces work together
• An understanding of the concepts, function, and components of industrial control systems, equipment, and technology
• Learn vulnerabilities and attack vectors specific to ICS
• Learn about the methods and strategies hackers use to attack industrial control systems as well as traditional IT systems (Introductory level. This is not a technical hands-on, “hacking” course)
• Learn and apply practical industrial cybersecurity and risk management concepts
• Learn how to deploy efficient and cost-effective mitigation strategies and security controls
• Learn how to build a complete ICS cyber security program
• Apply what you’ve learned against a live adversary using the cutting-edge, turn-based computer training
• Learn how to respond to, adapt, and defend against active attacks (Introductory level, this is not an incident response or threat hunting class)
• Participate as the blue team and the red team, regardless of experience or technical skill level

Intended Audience:
• Anyone interested in gaining beginner to intermediate knowledge of ICS/OT cybersecurity
• Anyone interested in or tasked with ICS/OT risk assessment and management
• Anyone interested in gaining a better understanding over the overall cybersecurity “big picture”
• Cybersecurity managers
• Upper management concerned with IT/OT cybersecurity
• Plant managers and asset owners
• IT cybersecurity staff tasked with ICS/OT cybersecurity
• Engineers tasked with ICS/OT cybersecurity
• End users looking for a more effective (and entertaining) cybersecurity awareness training

What attendees need to get the most out of this workshop:
• Since this is an online virtual event, a computer will be needed.

Register for a Premium Conference Pass to Secure a Spot in the Workshop

Thursday October 22, 2020 9:00am - 5:00pm EDT