Loading…
Attending this event?
Welcome to the Interactive Agenda for SecurityWeek’s 2020 ICS Cyber Security Conference! (View the full conference website and register for the conference here)

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Monday, October 19
 

10:00am EDT

The ICS Risk & Vulnerability Landscape: What You Need to Know
This session will examine the global state of the ICS risk & vulnerability landscape.

Topics covered will include:
  • An overview of all industrial control system (ICS) vulnerabilities disclosed during the first half of the year (1H 2020), as well as a closer look at those that pose the greatest risk to the availability, reliability, and/or safety of industrial systems
  • Key trends regarding the sectors, regions, vendors, and products affected by ICS vulnerabilities disclosed during 1H 2020
  • The most prevalent criticality scores, attack vectors, and potential impacts of these vulnerabilities and their implications for risk within industrial environments
  • Guidance for security practitioners on how to best interpret and action these findings in the context of their organization
   

Speakers
avatar for Rotem Mesika

Rotem Mesika

Security Research Team Lead, Claroty
Rotem Mesika is the Security Research Team Lead at Claroty with over 9 years of experience researching ICS and IT network security. Rotem specializes in designing network security systems, penetration testing, and threat intelligence. As the Security Research Team leader, she is one... Read More →
avatar for Chen Fradkin

Chen Fradkin

Security Researcher, Claroty
Chen Fradkin is a security researcher at Claroty with over six years of experience researching ICS and IT network security. Chen specializes in analyzing all components of network security, from protocols and topology to connected devices, as well as developing security systems. As... Read More →


Monday October 19, 2020 10:00am - 10:30am EDT
Main Stage

10:30am EDT

Assessment Done, Now What? How to Prioritize Remediation Activities and Identify Quick Wins
With recent emerging cybersecurity threats and increased regulatory compliance requirements, many organizations are shifting their focus from OT security hygiene initiatives to a more structured and sustainable program. Unfortunately, a lot of these initiatives are not achieving their goals and failing to provide business value and protect mission critical assets. An assessment in itself does not provide guidance for top priorities and/or milestones, it is difficult to prioritize efforts and select the most practical and effective countermeasures. If done incorrectly this will have an impact on project schedules and costs whilst also not significantly reducing the operational risk. In this presentation attendants will navigate through a multi-faceted approach to develop a priority order which an organization can use to address its risks.

This session will discuss how a pragmatic approach allows for “quick wins” in:
  • achieving milestone and compliance targets
  • supporting financial and operational planning
  • Ensuring objective and measurable progress towards finalizing outstanding activities
Ultimately, the prioritized approach helps to promote security best practices consistency within the organization. 

Speakers
avatar for Jalal Bouhdada

Jalal Bouhdada

Applied Risk
Jalal Bouhdada has over 20 years’ experience in Industrial Control Systems (ICS) security assessment, design and deployment with a focus on Process Control Domain and Industrial IT Security. He has led many complex ICS cyber security projects for major global clients, including... Read More →


Monday October 19, 2020 10:30am - 11:00am EDT
Main Stage

11:00am EDT

[Panel] Stories from the Edge
Innovation and disruption often play out at the boundary, or edge, of established and well-understood industries. The electric power grid is no exception. The grid edge includes cyber-physical devices, solutions, and business models that are advancing grid modernization and transitioning it toward a more decentralized, distributed, and transactive electric grid. In this panel discussion, hear stories of challenge and progress in securing grid edge devices, and the cybersecurity solutions available today and in the near-future that can help identify anomalies and potential threats to a modern grid.

Pete Tseronis, current chairman of the Utility SuperCluster, will moderate a discussion on cybersecurity for distributed energy resources that will feature different perspectives, opinions, and solutions.

Moderators
avatar for Pete Tseronis

Pete Tseronis

Founder and CEO, Dots and Bridges
Pete Tseronis is the Founder and CEO of Dots and Bridges, LLC. He is an accomplished entrepreneur, business executive, and cybersecurity strategist with over 30 years of leading Cabinet-level and commercial entities. He maintains several Advisory Board roles in which companies leverage... Read More →

Speakers
avatar for Jim McCarthy

Jim McCarthy

Senior Security Engineer, NIST | National Cybersecurity Center of Excellence
Jim McCarthy is a senior security engineer at the National Institute of Standards and Technology’s (NIST) National Cybersecurity Center of Excellence (NCCoE). He currently serves as the lead for NCCoE energy sector projects where his work is focused on security data analytics, secure... Read More →
avatar for Shanna Ramirez

Shanna Ramirez

VP and Chief Integrated Security Officer, CPS Energy
Shanna Ramirez, J.D., CISM, is Vice President and Chief Integrated Security Officer (CISO) at CPS Energy where she oversees cybersecurity, physical and data security, incident response, and business continuity. CPS Energy is the nation’s largest municipally-owned energy utility... Read More →
avatar for John Walsh

John Walsh

SVP, BedRock Systems
John Walsh is Senior Vice President of Business Development and Strategy at BedRock Systems Inc. and is a globally recognized leader and contributor in the areas of zero trust, IIoT, critical infrastructure security, and smart cities. Prior to joining BedRock Systems, he was the Chief... Read More →
avatar for Jonathan White

Jonathan White

Manager, Secure Cyber-Energy Systems, National Renewable Energy Laboratory (NREL)
Jonathan White, Ph.D., is the manager for the Secure Cyber-Energy Systems group within the Energy Security and Resilience Center at the National Renewable Energy Laboratory. NREL’s Energy Security and Resilience Center focuses on the identification and mitigation of cyber and physical... Read More →


Monday October 19, 2020 11:00am - 11:45am EDT
Main Stage

11:45am EDT

12:00pm EDT

Using Attack Path Mapping to Reduce Risk and Cost in ICS Environments (F-Secure)
Attack Path Mapping (APM) is an innovative approach that some companies have found to be a pragmatic way to reduce cyber risk quickly and cost-effectively. APM focuses on the attack paths that real-life attackers are most likely to use, and then identifying how those attack paths can be better controlled or closed altogether.
Conventional approaches such as penetration testing and red teaming, while valuable, can be of limited usefulness to companies seeking to reduce cyber risk. This is particularly true in Operational Technology (OT) and Industrial Control System (ICS) environments where conventional approaches sometimes yield ever-growing lists of technical vulnerabilities which are difficult or impossible to fix.

For example: Attackers are likely to try and compromise the corporate network as a precursor to 'jumping the air-gap' to reach ICS systems. Understanding how they would do that, and strengthening the controls needed to frustrate those attack paths, can often be achieved much more quickly and cost-effectively than seeking to upgrade the ICS environment itself.

This talk will present recent APM case studies in energy CNI organizations, illustrating how cyber risk was reduced in this way and demonstrating how this approach can be of benefit to Incident Readiness and Response within CNI organizations. Attendees will gain a practical understanding of how this approach can be applied in their own organizations, and an appreciation of where APM is - and is not - likely to be helpful.

Sponsored by: F-Secure

Speakers
avatar for Sean Raffetto

Sean Raffetto

Strategic Business Manager, F-Secure
Sean Raffetto is responsible for strategic business growth in North America for F-Secure Consulting. With almost a decade of experience working with enterprise level solutions, Sean specializes in implementing cyber defense programs across finance, industry and critical national infrastructure. Sean... Read More →


Monday October 19, 2020 12:00pm - 12:45pm EDT
Main Stage

12:45pm EDT

SAE G-32 Cyber-Physical System Security Standard and impact on ICS
Traditionally, cybersecurity has been defined (Merriam Webster) as "measures taken to protect a computer or computer system (as on the internet) against unauthorized access or attack. Cyber physical systems security concentrates on the new cyber RISKS that come from threats that can exploit weaknesses and vulnerabilities in cyber physical systems with the integration of complex hardware, software, and firmware. These vulnerabilities drive establishment of the area of cyber physical systems security. The focus will be about cyber physical threats in aviation, medical devices, automotive, and industrial and how G-32 plans to address the sources of these vulnerabilities through security systems engineering and practices. An overview will provide the domains of consideration G-32 is addressing around cyber physical systems security, make-up of the committee members, and the conceptual framework G-32's to-be-released standard (JA7496) provides.

Learning Objectives:
  • Understand what the G-32 Cyber - Physical System Security standard is
  • Domains of consideration that G-32 addresses from a cyber-physical systems perspective
  • Impact on Industrial Control System vendors, system integrators, and end customers


Speakers
avatar for Chris Sundberg

Chris Sundberg

Product Cybersecurity Engineer, Woodward
Chris Sundberg is a Product Cybersecurity Engineer at Woodward, where he helps business units (Industrial and Aerospace) architect and develop security into the products that go into critical infrastructure, airplanes, orautomotive applications. He is currently co-lead for the SAE... Read More →


Monday October 19, 2020 12:45pm - 1:15pm EDT
Main Stage

1:15pm EDT

Break - Visit Expo Hall and Networking Lounge
Visit the expo hall to learn more about innovative OT specific solutions and quality for a chance to win great prizes, including a New MacBook Air!

Monday October 19, 2020 1:15pm - 1:30pm EDT
Virtual Exhibit Hall

1:30pm EDT

What Does a Complete OT Security Program Look Like? What Are We Missing?
Many organizations have started building out their OT security programs, but what does a good or even great program look like? With finite resources however, we can’t implement everything at once, so where should we focus first and what should we ensure does not get left out? Join us to discuss where many organizations have been successful, but also where they have not.

Sponsored by IBM

Speakers
avatar for Rob Dyson

Rob Dyson

Partner, IBM Global Security Services, IBM
With more than 25 years of experience, Rob has held technical & leadership positions while providing IT services for many companies within multiple industries. Rob is currently the Global OT Security Services Leader for Industrials and Energy & Utility Industries within IBM’s global... Read More →


Monday October 19, 2020 1:30pm - 2:00pm EDT
Main Stage

2:00pm EDT

Improving Cybersecurity Posture of Industrial Control Systems ("ICS") with Purple Teaming
Securing digital transformation of ICS through the eyes of hackers. Since the ICS is becoming more connected, cybersecurity is becoming more critical. In this talk, we will give the audience an overview and the lessons learned of Purple Teaming. Additionally, this talk will also highlight how Purple Teaming as a practical approach can improve cybersecurity posture for protecting the ICS from ever-evolving threats and attacks.
Key Take-Aways:
1) What is Purple Teaming?
2) Case study on Purple Teaming in the ICS environment
3) Purple Teaming as a practical approach to improving the cybersecurity posture of ICS

Speakers
avatar for Pak Ho CHAN

Pak Ho CHAN

Cybersecurity Practice Lead, APAC, Thales
Pak Ho is an experienced cybersecurity professional with substantial cybersecurity domain experience, including adversary emulation, cyber-physical system security, data security, digital forensics and incident response, enterprise risk management, and operational technology (OT... Read More →
avatar for Nicole Wong

Nicole Wong

Principal Consultant, Thales
Nicole is the Principal Consultant at THALES. With years of experience in the cybersecurity industry, she specialized in performing attack simulation red team exercises integrated with threat intelligence, forensic investigation, and purple team exercise in both IT and OT environment... Read More →


Monday October 19, 2020 2:00pm - 2:30pm EDT

2:30pm EDT

2:45pm EDT

Bringing OT & IT Together for Stronger Integrated Security [Panel]
What the OT security neglects to address is the number of challenges faced by OT security practitioners in achieving and, more importantly, maintaining a robust and sustainable security program.  While technology plays a large role in the equation, the well-known IT approach of creating silos of deep topic knowledge does not translate well to adaptation in an OT environment.  

In fact, there is a large skills gap of OT security practitioners, and the only true way to determine success is by developing a single corporate view across all OT assets. This aggregated visibility drives significant gains in the management and evolution of security programs across multiple sub-disciplines.

Join the panel discussion to hear from industry leaders as they share their insights and achievements on:
  • The power of global visibility into OT assets for vulnerability and risk management
  • Greater collaboration between IT and OT through a global asset view
  • "Think Global, Act Local" execution of tasks that leverages scarce OT security resources
  • How technology and organizational structure are shaping the future of OT security management

Speakers
avatar for John Livingston

John Livingston

CEO, Verve Industrial
avatar for Rick Kaun

Rick Kaun

VP Solutions, Verve Industrial
avatar for Jon Shadduck

Jon Shadduck

Director of Critical Infrastructure Security, Ameren
avatar for Jorre Walker

Jorre Walker

Control System Support Lead, CNRL


Monday October 19, 2020 2:45pm - 3:30pm EDT
Main Stage

3:30pm EDT

Cybersecurity of Distributed Industrial Control Systems
As legacy ICS systems evolve and new systems are deployed, their topology and connectivity can change. Applications that require remote connectivity between ICS devices are becoming more common.  For example, a solar array controller may request information from a remote weather station to optimize energy production. The weather station may be in a remote location and require a secure communications link to ensure false weather data is not used by the solar array controller.  To provide the communications link, it may not be practical to use wired, traditional short-range ICS wireless transports (e.g. Zigbee, IEEE 802.15.4), or proprietary radio networks for transport due to availability, cost, and/or time to deploy.  With the emergence of Internet of Things specific cellular protocols available from multiple cellular providers, these cellular systems can be used for ICS applications.  These services will continue to improve during the transition to 5G.However, the security of the transport providers cannot be guaranteed.  This presentation will discuss the use of cellular connectivity to deploy secure distributed ICS systems. The discussion will include threats to distributed control systems and specific concerns with using cellular networks along with possible mitigations.

Learning Objectives:
  • Understand cybersecurity concerns when connecting a distributed ICS to control systems enclave.
  • Understand how to use cellular connectivity securely to facilitate distributed control systems
  • Understand data protection requirements on ICS data used in regulated applications

Speakers
avatar for Hal Aldridge

Hal Aldridge

CEO, Secmation
Dr. Hal Aldridge founded Secmation, a cybersecurity systems engineering company specializing in applications including Defense, Internet of Things, and Industrial Control Systems.  Prior to founding Secmation, Dr. Aldridge served as CTO at Sypris Electronics, an information security... Read More →


Monday October 19, 2020 3:30pm - 4:00pm EDT

3:30pm EDT

Lost in Translation: When Industrial Protocol Translation Goes Wrong
Protocol gateways are embedded devices used in industrial facilities to integrate legacy equipment such as serial PLCs with modern control networks. Given the importance that these devices play in the operation of manufacturing plants, we conducted a vendor agnostic  analysis of the technology behind protocol translation, by identifying  new unexplored weaknesses and vulnerabilities. We evaluated five popular gateway products and discovered translation problems that enable potential adversaries to conduct stealthy and difficult-to-detect
attacks, for example to arbitrarily disable, or enable a targeted machinery by mean of innocent-looking packets that bypass common ICS firewalls. In this presentation, we share the results of our findings and discuss the impact to the problems that we identified and their potential countermeasures.

Speakers
avatar for Dr. Marco Balduzzi

Dr. Marco Balduzzi

Senior Research Scientist, Trend Micro
Dr. Marco Balduzzi holds a PhD in applied security from Télécom ParisTech and a M.Sc. in computer engineering from University of Bergamo. His interests concern all aspects of computer security, with particular emphasis on real problems that affect systems and networks. Some topics... Read More →


Monday October 19, 2020 3:30pm - 4:00pm EDT
 
Tuesday, October 20
 

10:00am EDT

Managing Your Risk Through Situational Awareness
An ever-changing threat landscape has highlighted the importance for organizations to be Situation Aware when evaluating their risk exposure to existing and emerging threats.

From a cyber-security perspective, Situation Awareness fundamentally rests on three pillars:
  1. Understanding of the environment: for example, internal networks, their perimeters and interconnections, network infrastructure, on-premise and cloud hosting, servers, clients and also all of the centralized services that may be consumed (e.g. AD, DNS, DHCP, NTP, AV etc…)
  2. Understanding of potential vulnerabilities: for example, legacy operating systems, unpatched industrial control systems, external connectivity, insecure communication protocols etc.
  3. Threat Intelligence: including knowledge of both internal and external threats in order to model, predict and react to cyber threats.
In this presentation, attendees will learn about such combination of environment and threat intel, and how this ultimately helps organizations to predict and respond to potential problems that may occur under different threat scenarios. Chris Sandford will elaborate on building this overarching capability into risk management, which yields preventative decisions and actions to be taken in order to secure operations.

Speakers
avatar for Chris Sandford

Chris Sandford

Applied Risk
Based in the Middle East, Chris Sandford is a subject expert with 20 years of experience as an ICS security professional covering diverse platforms and security issues. His expertise is mostly focused around security assurance and risk management in OT environments, and how cyber... Read More →


Tuesday October 20, 2020 10:00am - 10:30am EDT
Main Stage

10:20am EDT

Making Threat Modeling Work Across Industrial Product Verticals
This session talks about the different requirements and styles of threat modeling across the businesses (power vs. healthcare vs. aviation  vs. digital) and talks about the inadequacies of existing threat modeling software for industrial products space (e.g., controllers, turbines, energy management software, avionics platforms, healthcare imaging).

This session will address:
  • Product security and secure development frameworks for industrial products
  • How threat modeling is typically done for software - and specific examples of why it doesn’t work for industrial systems, such as controllers
  • An overview of principles that GE Global Research learned from making threat modeling in various verticals (power, aviation, healthcare, renewables, digital).

Speakers
avatar for Dr. Kenneth G. Crowther

Dr. Kenneth G. Crowther

Product Security Leader, Xylem
Dr. Kenneth G. Crowther is the Product Security Leader for Xylem. He was previously Product Security Leader for GE Global Research.He teaches applied quantitative risk management at the University of Virginia and Georgetown University, served as the Chair of Attack and Disaster Preparedness... Read More →


Tuesday October 20, 2020 10:20am - 10:50am EDT
Main Stage
  Main Track
  • about Dr. Kenneth G. Crowther is the Product Security Leader for GE Global Research and manager for the corporate product security program. He teaches applied quantitative risk management at the University of Virginia and Georgetown University, served as the Chair of Attack and Disaster Preparedness Track of the IEEE Homeland Security Technology Conference, as the Assistant Engineering Area Editor for the journal Risk Analysis, as Chair of the Engineering and Infrastructure and the Security and Defense Specialty Groups of the Society for Risk Analysis, and on the Board of Directors of the Security Analysis and Risk Management Association. Dr. Crowther holds a PhD in Systems and Information Engineering from the University of Virginia and a BS in Chemical Engineering from Brigham Young University.

11:00am EDT

Open Security – From Patchwork to Platform
As organization adopt new technologies and utilize the cloud for business innovation and growth, security teams are challenged with ensuring that those initiatives and missions are successful. To do that they are faced with creating an effective security program from a fragmented patchwork of solutions and data sources that really don’t interoperate very well without a great deal of development work.

Join us to hear how a number of leading vendors are coming together with the intent of creating an open source platform to allow security solutions to communicate over a standard fabric during the entire threat management life cycle, from threat hunting, analytics and detection through to incident response and orchestration.

Sponsored by IBM

Speakers
avatar for Patrick Vowles

Patrick Vowles

Team Lead North America Marketing, IBM
Patrick has over 25 years of hands-on IT, product management and marketing experience, gained from developing and deploying innovative networking, security and compliance solutions. After several years in support and technical sales in the UK for key LAN/WAN vendors, he moved to the... Read More →


Tuesday October 20, 2020 11:00am - 11:30am EDT
Main Stage

11:30am EDT

What Your ICS/DCS/SCADA Vendor Doesn’t Want You to Know
You’re a CIO, CISO or IT Security Manager - and you wake up in the middle of the night to a call from your Security Operations Center (SOC) analyst. And suddenly you find that your organization is in the headlines of national newspapers because their core business - operational technology (OT) (a plant) - was breached and you are at the risk of causing environmental disaster and perhaps an explosion. The recent growth of data in Operation Technology (OT) presents a massive opportunity for companies to use this data in many meaningful ways for SOC/NOC/OT. This session will SPELL out the plan, share the secret ingredient, and show case you how the largest OT implementation of cyber security monitoring in the world happened, enabling us to be ready for any breach in OT.

Speakers
avatar for Anas Falodah

Anas Falodah

Senior SOC Analyst, Saudi Aramco
Anas Falodah is a Senior SOC Analyst for Saudi Aramco. He has worked on several projects on both the IT and OT domains and is currently overseeing the integration of OT monitoring into traditional SOC. Anas holds a masters degree in Information Security from RMIT University in Au... Read More →
avatar for Anas Faruqui

Anas Faruqui

ICS Cyber Security Consultant, Saudi Aramco
Anas Faruqui is a Cyber Security Consultant specializing in Industrial Control System for Saudi Aramco, a leading Energy and Oil Company in the world based in Dhrahan, Saudi Arabia. He is also co-founded Zypher Company based in United States dedicated for consulting IT services projects... Read More →
avatar for Abdulatif Alrushaid

Abdulatif Alrushaid

Cyber Security Officer, Engie
Abdulatif Alrushaid is a Cyber Security Officer at Engie, overseeing IT/OT operations and ensuring compliance of facilities to national and international regulations. He holds a master degree in Information Security from Georgia Tech University.


Tuesday October 20, 2020 11:30am - 12:15pm EDT
Main Stage

12:15pm EDT

12:30pm EDT

Defining the Next-Generation of Security as IT and OT Converge
The convergence of information technology (IT) and operational technology (OT) environments is creating new opportunities for organizations of all types. Rapid adoption of Cloud, 5G and related technologies have paved the way for Industrial IoT (IIot) as a fixture for future business.  With this modernization, however, comes undesired vulnerabilities and other attack vectors, which are increasingly being exploited by malicious actors.
 
The OT threat landscape has escalated such that legacy technologies are no longer effective at stopping modern cyberthreats. As the lines of distinction between IT and OT continue to fade, today’s requirements call for a security platform that not only updates capabilities but also unifies resources and spans the needs of both domains. 
 
Join us for this presentation while we explore the core capabilities that define such a security platform for IT and OT.  Learn about considerations for the consolidation of both core security as well as advanced OT applications, and how to apply advanced AI/ML techniques across the organization to ensure the safe implementation of IT and OT operations. 

Sponsored by Palo Alto Networks

Speakers
avatar for Del Rodillas

Del Rodillas

Director, Industry Solutions, Critical Infrastructure and Industrial Markets, Palo Alto Networks
Del is currently responsible for the Global ICS/IIoT Solutions initiative at Palo Alto Networks. He leads a team of Cybersecurity Architects focused on helping OT end-users learn about and implement ICS/Security best practices and architectures across different industrial sectors... Read More →


Tuesday October 20, 2020 12:30pm - 1:15pm EDT
Main Stage

1:15pm EDT

OT Penetration Testing Framework Reconsidered
Penetration testing in OT environments is a developing concept. Yet while organizations understand the importance of validating their security measures and controls, most still push back on PT, fearing that the test might cause disruption or damage.  In this session, we will share with the audience a new approach to industrial pen-testing. Using this impact-first framework, pen-testers are able to plan, perform and measure industrial pen-testing. The framework involves logically analyzing the different attack routes towards the goal and balancing pen-tests, lab tests and other security assessments into one package. The presentation will include several use-cases and examples along with actionable recommendations.

Speakers
avatar for Matan Rudis

Matan Rudis

Threat Intelligence & Penetration Testing Team Leader, OTORIO
Matan Rudis is the Threat Intelligence & Penetration Testing Team Leader at OTORIO. A veteran of an elite IDF intelligence unit, Matan brings over a decade of experience innation-state cybersecurity analysis, R&D and project management.


Tuesday October 20, 2020 1:15pm - 1:45pm EDT

1:15pm EDT

Identifying Process Structure and Parameters Using Side-channel Information
When securing a cyber-physical system (CPS), the most commonly used methods focus CPS itself, including both the information technology (IT) and operation technology (OT) domains. While such domains are most tightly associated with the underlying systems and thus can block most of the active and passive attack vectors, physical side channel has inevitably become an important source of information leakage, which can be a form of passive attack or even a pre-sequel of an active and orchestrated attack. The use of physical side channels to infer information about a (presumably secure) system has been demonstrated to be effective in many areas, such as reconstructing the object being printed with 3D printers through the sound emitted, or detect the leaking information about the underlying cryptographic computation in a CMOS from its electromagnetic emanations. In this research, audio channel information is leveraged as side channel information of an operating CPS to study the feasibility of identifying the process parameters using the side channel information. More specifically, the types of devices, their operation status and their locations in space are inferred from the audio recorded using microphones. Convolutional neural network (CNN) is employed to learn and predict these parameters based on the transformed audio data. The result demonstrates that with only a small amount of training data, CNN can correctly predict the operation status of individual devices in a realistic water treatment testbed with approximately 100% accuracy.

Speakers
QG

Qinchen Gu

Software Engineer, Google
Qinchen Gu is currently working as a software engineer at Google. He obtained his PhD degree in ECE at Georgia Institute of Technology in 2020. His research focuses on Cyber-Physical System security, specifically in the area of industrial control systems. His work entails exploiting... Read More →
RB

Raheem Beyah

Georgia Institute of Technology
Raheem Beyah, a native of Atlanta, Ga., is a Professor in the School of Electrical and Computer Engineering at Georgia Tech where he leads the Communications Assurance and Performance Group (CAP) and is a member of the Institute for Information Security & Privacy (IISP) and the Communications... Read More →
CM

Chuadhry Mujeeb Ahmed

Singapore University of Technology and Design (SUTD)


Tuesday October 20, 2020 1:15pm - 1:45pm EDT
TBA

1:45pm EDT

Data Breaches Related to Critical Infrastructure - Analysis of Cyber Risk to U.S. Critical Infrastructure
In recent years, many enterprises in the world have suffered from leaks of sensitive customer or employee information due to APT attacks, malware attacks, insider leaks, or mis-configured settings. Data breaches have a considerable impact, not only harming corporate reputations and causing business to be lost, but also causing serious risk for customers. If leaked data flows into the hands of bad actors, we can easily imagine the harmful consequences. These risks equally affect the United States’ 16 critical infrastructures. If sensitive information about employees or external services leaks, hackers can easily apply it to social engineering or advanced continuous penetration attacks. However, a critical infrastructure security incident can cause more than financial loss – it can also create a threat to the safety of physical equipment or to people’s lives and property.

This research unveils publicly leaked data and shares some of the traps and fun found during the analysis. In this session, we share how we have used our unique automatic analytical process for building on the cloud to conduct big data analysis on more than 10 billion pieces of data from 200 plus datasets, with a particular focus on the analysis of data leakage and password habits of 16 critical infrastructure service providers. Based on the in-depth analysis of our data, we will try to provide predictions and warnings to high-risk CI sectors that may be invaded due to information leakage. Finally, we will advise how to perform prevention and mitigation measures.

Speakers
avatar for Mars Cheng

Mars Cheng

Cyber Threat Researcher, TXOne Networks
Mars Cheng is a threat researcher of TXOne Networks, blending a background and experience in both ICS/SCADA and Enterprise cybersecurity systems. Mars has identified more than 10 CVE-IDs, and has had work published in three Science Citation Index (SCI) applied cryptography journals... Read More →
avatar for YenTing Lee

YenTing Lee

Cyber Threat Researcher, TXOne Networks
YenTing Lee is a cyber threat researcher at TXOne Networks’ IoT/ICS Security Research Labs. Before joining TXOne, YenTing was a section head at the Taiwan National Center for Cyber Security Technology (NCCST), and has experience in both ICS/SCADA and cyber-offensive and defensive... Read More →
avatar for Max Farrell

Max Farrell

Sr. Technical Writer, TXOne Networks
Max Farrell is a senior technical writer and communication expert for TXOne Networks, working from a background of mixed technology, business, and arts. He specializes in research related to the culture, business, and technology of the United States. His background prior to TXOne... Read More →


Tuesday October 20, 2020 1:45pm - 2:15pm EDT

1:45pm EDT

Discovering and Exploiting New Vulnerabilities in Remote Connection Solutions
Industrial remote connection solutions, such as IIoT connectors and industrial VPNs are one of the weakest links in the industrial security chain. Yet even today, when the importance of remote connectivity becomes ever more evident in lew of COVID-19, not much has been researched or discussed regarding the security issues of remote connectivity. OTORIO's researchers have recently completed a study of some of the world's most commonly used remote connectivity solutions used for internet access to OT/ICS. The findings include multiple exploitable and vulnerabilities along with actionable suggestions for remediation.
In this presentation, we will discuss the rising importance of remote connectivity in industrial settings; We will present our research and its findings, including vivid examples of how researchers were able to hack and access into industrial devices using remote access solutions; Lastly, we will list the risks and potential damages and suggests ways in which organizations can harden their remote access capabilities.

Speakers
avatar for Yoav Flint Rosenfeld

Yoav Flint Rosenfeld

Head of Services Group, OTORIO
Yoav Flint Rosenfeld heads OTORIO's Services group. He has Over 20 years of experience in cybersecurity as a pen-tester, security consultant, SOC manager and threat intelligence manager. Yoav is a frequent speaker in cybersecurity and industrial security events.


Tuesday October 20, 2020 1:45pm - 2:15pm EDT

2:15pm EDT

2:30pm EDT

Developing a Critical Infrastructure Ransomware Dataset From the Ground Up
This talk presents the efforts of a team of criminologists to develop a critical infrastructure ransomware dataset. It addresses how we created (and are maintaining) this dataset using responsible data science practices for data collection, rehashing collected data into meaningful variables, and developing code books for variables to promote transparency and trustworthiness. We also present challenges and limitations we experienced in generating this dataset, such as missing data, establishing consistency across varying levels and types of information, and using only publicly disclosed incidents. We also share the  different communities that have requested this dataset and their potential uses. Finally, we discuss feedback from the community that has impacted major revisions to this dataset and how further engagement might inform future iterations. We hope to demonstrate how this dataset is not only valuable as a free resource, but that it is also dynamic and evolving based on community engagement.
  • Understanding the relevance of using responsible data science principles to develop and maintain datasets.
  • Understanding reasonable expectations for datasets based on publicly disclosed incidents.
  • Demonstrating the need for academic-industry-government dialog and partnerships.



Speakers
avatar for Aunshul Rege

Aunshul Rege

Associate Professor, Temple University.
Aunshul Rege is an Associate Professor with the Department of Criminal Justice at Temple University. Her National Science Foundation sponsored research and education projects examine the human element of cybercrimes, focusing on behavior, decision-making, adaptation, and group dynamics... Read More →
avatar for Rachel Bleiman

Rachel Bleiman

PhD Student, Temple University
Rachel Bleiman is a first-year PhD student studying Criminal Justice at Temple University in Philadelphia, PA. She has worked as a graduate research assistant on a National Science Foundation grant for over a year, during which she has researched cybersecurity issues, such as adversarial... Read More →


Tuesday October 20, 2020 2:30pm - 3:00pm EDT
TBA

2:30pm EDT

Examining USB Attack Platforms (UAPs) and Their Impact on ICS
According to the 2019 SANS State of ICS Cybersecurity Survey, direct physical access is the #1 threat vector, followed close behind by remote access (together, representing 97% of threats).  Regardless, there’s little focus on an emerging class of sophisticated penetration testing tools that provide direct physical access and covert remote access, fully capable of bypassing existing network security controls and jumping over air gaps. This session will examine the capabilities of these new attack platforms, and the security implications they introduce to ICS/OT environments, and will offer recommended mitigation practices.

Speakers
avatar for Eric Knapp

Eric Knapp

Chief Engineer and Global Director of Solutions and Technology, Honeywell


Tuesday October 20, 2020 2:30pm - 3:00pm EDT

3:00pm EDT

Zero Trust Industrial Control - What Can We Learn From Decades of Functional Safety
Trains, Trucks, Ships, Drills, Power Stations, Oil Platforms and other process control networks are increasingly becoming connected and automated. This can increase production through real time monitoring and access to data insights which aide in overall efficiencies.

Industrial Control Systems are built to be fault tolerant, highly available, fail-safe systems, the life of which are determined by the process that these systems are there to support such as an oil reservoir or an ore body.

Automation is changing this and now business requirements for real time analytics means there is a steady flow of information into and out of these connected highly sensitive networks.

As Industrial Control Systems become more and more connected what are we doing to secure them?

Most high criticality control systems are by nature already very complex systems and due to their fail safe design, has a lot of benefits we in the cyber world can use to help protect our teams from the worst case scenario.

This session will demonstrate that not all control systems are the same, and just how important understanding the process being controlled is from a cyber perspective.

This talk will help answer the question "How can we align the cyber security of OT systems to our engineering, quality assurance and health and safety teams more mature view of the control systems landscape?"

Speakers
avatar for Aaron Fenwick

Aaron Fenwick

Director, PwC | Cyber Security
Aaron Fenwick is a Father, Husband, Hacker, Electronics enthusiast, and a Penetration Tester @ PwC specializing in Industrial Control Systems. He spends hiis work time traveling around the world to some inhospitable places hacking into Industrial Control Systems for various clients... Read More →


Tuesday October 20, 2020 3:00pm - 3:45pm EDT
Main Stage
 
Wednesday, October 21
 

10:00am EDT

The Future of the Threat Intelligence and Hunting in ICS
The industrial control systems are living a new era of digitalization, bringing several needed automation upgrades; however, it also makes these systems more open for external attacks.

This session aims to give an overview of the key technologies trends that are being developed to support the threat intelligence and hunting future in ICS in order to face the most recent cyber threats, and at the same time, without compromise the continuous need of improvement of the productivity levels.

This talk will support those who interact with communication systems, looking to be prepared to respond to the new wave of cybersecurity demands.


Speakers
avatar for Felipe Costa

Felipe Costa

Industrial Cybersecurity (IACS) Expert, Moxa Americas
Felipe is an Electrical and Electronics Engineer and an official ISA/IEC-62443 industrial cybersecurity instructor for the ISA (International Society of Automation) trained at ISA Headquarters in US. He is also a LATAM Industrial Cybersecurity (IACS) Expert, an international speaker... Read More →


Wednesday October 21, 2020 10:00am - 10:30am EDT

10:30am EDT

ICS Attacks Aren't Evolving, They Are Devolving
Industrial Control System attacks have been around for several years. Most of them started with nation-state very sophisticated information gathering campaigns. This changed in the digital world with the advent of Stuxnet. This was still a very targeted attack that required a lot of engineering talent to pull off. Fast forward to EKANS (snake) ransomware. This ransomware has aspects in it that directly attack supervisory software used in industrial controls. Ransomware, in its very nature, is like fast food. It is cheap, quick, and has a lot of calories. Join us to learn about where the attacks are headed. Discuss what may be next to give people industrial grade indigestion.

Sponsored by CyberX, a Microsoft Company

Speakers
avatar for James Cabe

James Cabe

Channel Technical Director, CyberX, a Microsoft Company


Wednesday October 21, 2020 10:30am - 11:15am EDT
Main Stage

11:15am EDT

IT vs. OT: Comparing Process Control Room and SOC Operations
Partially because the industry is now exposed to security threats such as external connectivity to the Internet and the use of standard hardware and software, from which it was historically isolated. And partially because the potential impact of attacks on critical infrastructures and societal wellbeing can no longer be ignored. Meanwhile, many IT security experts are getting involved in the protection of industrial control systems against cyber-threats, including the establishment of consolidated IT-OT SOCs. However, the harmonization of modern IT security approaches and the traditional process control culture is far from reality. The purpose of this presentation is twofold. Firstly, to help IT security experts understand the specifics of OT environments as well as the associated vocabulary and mindset. Secondly, to address the challenges of monitoring and reacting to ICS threats by the means of established IT SOC procedures.

Using the example of monitoring functions of IT infrastructure and industrial processes, as well as two seemingly very dissimilar job functions such as SOC Analyst (IT) and Control Center Operator (OT), it will be shown that both job functions are in essence very similar and offer cross-learning opportunities. We will highlight the similarities and peculiarities of two fields in key areas such as vocabulary, types of anomalies/events/threats, SIEM vs. HMI applications, alarm configuration and management, anomaly detection, event logging, and others. We will also show that consolidated IT-OT SOC may require special considerations and Standard Operating Procedures (SOP) to accommodate response time expected in the OT domain.

It is hoped that after this presentation, IT security experts will have a much better understanding of daily OT operations and the associated ecosystem, and get one step closer to achieving much discussed "IT-OT Convergence".

Speakers
avatar for Marina Krotofil

Marina Krotofil

Cyber Security Professional
Marina Krotofil is a cyber security professional with a decade of hands-on experiences in advanced methods for securing Industrial Control Systems (ICS). She is also an experienced Red/Blue Teamer who contributed research on novel attack vectors, exploitation techniques and design... Read More →


Wednesday October 21, 2020 11:15am - 12:00pm EDT
Main Stage

12:00pm EDT

Break - Visit Expo Hall and Networking Lounge
Wednesday October 21, 2020 12:00pm - 12:15pm EDT
Virtual Exhibit Hall

12:15pm EDT

Mitigating OT Cyber Risk by Securing the OT Network Layer
Industrial organizations manage expensive and sophisticated equipment at their facilities—and the systems that run the machinery are increasingly being connected to the internet. The cybersecurity implications of this trend are substantial, including possible threats to physical safety, and in some cases, national security. As the production environment increasingly becomes digitized, organizations strive to secure the growing number of enabled IoT devices while maintaining business imperatives like operational efficiency, continuity of operations, product integrity, and compliance.
During this session, we will explore the impact and considerations for safe and secure operations including the need to
  • Evaluate the security needs of aging equipment and its impact on safety, uptime and time-to-market
  • Recognize the value of neutralizing threats in real time and sustained situational awareness to inform decision making
  • Understand how the Fortinet Security Fabric can provide foundation for securing industrial controls and SCADA systems in any environment
Sponsored by Fortinet

Speakers
avatar for Rick Peters

Rick Peters

CISO, Operational Technology North America, Fortinet
Rick brings the Fortinet OT-CI team more than 37 years of cybersecurity and global partnering experience working across foreign, domestic, and commercial industry sectors at the National Security Agency (NSA).  As Fortinet’s Operational Technology North American CISO, he delivers... Read More →
avatar for Carlos Sanchez

Carlos Sanchez

Director, OT & Critical Infrastructure, Fortinet


Wednesday October 21, 2020 12:15pm - 1:00pm EDT
Main Stage

1:00pm EDT

Maturing Microsoft’s Data Center Security With OT+IT Incident Response Plans
Speakers
avatar for Imran Mohiuddin

Imran Mohiuddin

Group Program Manager Cloud Data Center Cybersecurity, Microsoft
Imran is the Partner Group Product Manager at Microsoft leading Datacenter Cybersecurity team to secure all datacenters that power Microsoft Cloud. Imran comes from deep data, analytics, security and cloud background having worked both at Azure and AWS.
avatar for Israel Emmanuel

Israel Emmanuel

Principal Program Manager, Microsoft
Cybersecurity expert with over 22 years of cross-functional teams experiences leading Incident Response and Threat Detection engagements in various sectors such as Technology, Government, Consulting, Engineering, Financial, Healthcare, and Retail industries. Led the post-data breach... Read More →
avatar for Bugra Karabey

Bugra Karabey

Principal Security Program Manager, Microsoft
Bugra Karabey is a Cybersecurity, Risk, and Privacy expert. Currently he is a member of Microsoft's Cloud + AI Datacenter Cybersecurity team, developing solutions to secure cyber-physical (IT/OT, IIoT, and ICS) components in Azure, Office 365, and XBOX data centers. He also leads... Read More →


Wednesday October 21, 2020 1:00pm - 1:45pm EDT

1:45pm EDT

Enabling Secure & Safe Remote Industrial Operations
The executive desire for a shift to remote work within the oil and natural gas industry has been underway for some time. While such a shift is likely to benefit the broader organization with lower costs and greater safety, it is also not without risks to security and also safety. The COVID-19 pandemic has been a catalyst for increasing the shift to remote work, but it has also exposed weaknesses in processes and tools to support it. 
In this session:
  • Explore the benefits that remote work can bring to operators, automation engineers, and health & safety personnel 
  • Examine the tools and process changes required to enable effective, secure, and safe remote operations
  • Hear specific recommendations to help guide decisions and investments that enable remote work, while addressing potential security and safety implications
  • Review lessons learned on challenges to anticipate, pitfalls to avoid, and best practices for ensuring process safety as well as reducing potential cybersecurity risks

Speakers
avatar for Matthew  Selheimer

Matthew Selheimer

Sr. VP of Strategy, PAS Global
Matthew (Matt) Selheimer joined PAS in 2019. As CMO and Sr. VP of Strategy, Matt directs marketing globally at PAS. He is responsible for expanding awareness of the PAS value proposition and driving demand for PAS solutions to ensure safety and reliability in the face of unprecedented... Read More →


Wednesday October 21, 2020 1:45pm - 2:30pm EDT

2:30pm EDT

2:45pm EDT

Evaluating Volatile Memory Forensics Techniques for Embedded Devices
With the increased number and sophistication of cyber-attacks, digital forensics has proven to be a powerful data collection tool. Forensic value is operationalized through data preservation as evidence in order to assess the root cause of a system failure or cyber incident for both IT and OT systems. While the IT domain has matured approaches and methodologies to collect and analyze volatile memory, options for OT domain embedded devices are limited at best. In this presentation, hardware forensic techniques to collect and analyze volatile memory content of specific embedded devices are discussed.

Speakers
avatar for Rima A. Awad

Rima A. Awad

Cyber Security Research Engineer, Oak Ridge National Laboratory
Rima A. Awad is a Cyber Security Research Engineer in the Manufacturing Science Division at Oak Ridge National Laboratory. Rima is involved in cyber security R&D projects focused on automating the detection and analysis malware. Currently, her research focus is on augmenting SCADA... Read More →
avatar for Juan Lopez Jr., PhD

Juan Lopez Jr., PhD

Group Leader, Energy & Control Systems Security, Oak Ridge National Laboratory


Wednesday October 21, 2020 2:45pm - 3:15pm EDT

2:45pm EDT

Lurking Beneath the Surface: Uncovering Hidden Components in ICS Software
Today’s ICS software is never written from scratch. Vendors focus development resources on core competencies and prefer to buy (rather than build) components available off the shelf, such as license managers, installers, and cryptographic libraries. This strategy, while efficient in terms of development effort, entwines the vendor’s security posture with multiple suppliers and open source projects. Worse, it makes it difficult to see what exactly is included in a package. In 2018, asset owners were exposed to critical vulnerabilities in the Gemalto Sentinel License Management Software because major ICS vendors quietly embedded it in their products and ICS operators didn’t know. And searching the CVE databases didn’t help as the vulnerabilities appeared under Gemalto rather than the vendor names.

ICS vendors deal with a similar challenge: their developers rely on libraries, frameworks, and other 3rd-party code to be efficient and avoid recreating proven functionality. In turn, these components usually have their own embedded third-party and open source code originating from widely-used repositories, such as GitHub, where attackers have been known to plant malicious code. And if their DevOps environment is lax about version control, the developers may unwittingly embed old versions of code with known vulnerabilities.

This talk introduces techniques to help both ICS vendors and operators assess the validity and safety of ALL the components of any given ICS package — before it is shipped or installed. We look at using a Software Bill of Materials to expose mystery components, and score each one for safety and security.

Learning Objectives
  • Understand the depth and breadth of embedded “mystery components” in ICS packages from both a vendor and asset owner perspective.
  • Learn how to view the relationships between components, across multiple product lines and vendors.
  • Explore tools and solutions for exposing and scoring components prior to installation on critical systems.

Speakers
avatar for Eric Byres

Eric Byres

CEO, aDolus Inc.
Eric Byres is widely recognized as one of the world’s leading experts in the field of industrial control system (ICS) and Industrial Internet of Things (IIoT) cybersecurity. He is the inventor of the Tofino Security technology – the most widely deployed ICS-specific firewall in... Read More →


Wednesday October 21, 2020 2:45pm - 3:15pm EDT

3:15pm EDT

[Encore] From the Trenches: OT Security Transformation and Innovation
This exclusive discussion took place at SecurityWeek's 2020 ICS Lockdown Virtual Event on July 9, 2020.

With the impact of COVID-19 on businesses around the globe, brining IT and OT teams together to keep industrial operations running smoothly and securely is more important than ever. In this panel discussion, OT security veterans will discuss best practices for aligning IT and OT teams, while securing your operational networks during a time of increased risk.

Speakers
avatar for Ben Stirling

Ben Stirling

Manager, Generation Cyber Security, Vistra Energy
Benjamin Stirling is a Manager, Generation Cyber Security with Vistra Energy as well as a member of the ERCOT CIP working group and ISA 99 Workgroup 4. For the last 7 years, Ben has been deeply integrated with Luminant’s I&C, Operational Technology, and Vistra Cyber Security groups. Providing support in cyber security engineering regarding industrial contr... Read More →
avatar for Paul Brager

Paul Brager

Director, Global OT Security Programs, Baker Hughes
Regarded as a thought leader and expert in the cyber security community for twenty-seven (27) years, Mr. Brager has deep expertise evaluating, securing, and defending critical infrastructure and manufacturing assets (ICS, IoT, and IIoT). As a speaker, author, and researcher, Paul... Read More →


Wednesday October 21, 2020 3:15pm - 4:00pm EDT
Main Stage

3:15pm EDT

[Encore] Fireside Chat With Admiral Mike Rogers
In this exclusive fireside chat that took place at SecurityWeek's 2019 ICS Cyber Conference, Admiral Mike Rogers joins SecurityWeek's Mike Lennon to discuss a range of topics, ranging from geopolitical tensions and nation-state threats, to protection of U.S. critical infrastructure from cyber threats across the board.

This video has been made available for those who did not attend the 2019 event in Atlanta.

Admiral Mike Rogers is the former director of the National Security Agency (NSA), the former chief of the Central Security Service, and the former commander of the U.S. Cyber Command. He retired from the U.S. Navy in 2018 and was responsible for creating the DoD’s newest combatant command and running the U.S. government’s largest intelligence organization.

Wednesday October 21, 2020 3:15pm - 4:00pm EDT
Main Stage
 
Thursday, October 22
 

9:00am EDT

ICS Red vs. Blue Training Workshop ($)
Premium Conference Registration Required ($495)


Created and taught by world-renowned ICS cybersecurity expert, Clint Bodungen (Lead author of “Hacking Exposed: Industrial Control Systems” and co-creator of the Red vs. Blue cybersecurity gamification platform)
 
WHAT’S IN VERSION 3.0?
Updated and more detailed curriculum. Updated and expanded gamification using ThreatGEN’s Red vs. Blue platform. New technical labs using ThreatGEN’s ICS simulation technology.

Workshop Overview
This workshop, held virtually, will help attendees gain a better, and more detailed, understanding of industrial control systems, along with their vulnerabilities, attack surface, adversarial tactics, and the most efficient risk management strategies. Attendees will exercise what they learn in Red Team vs. Blue Team exercises and labs. Defending ICS networks and assets requires more than any single solution and it is not a just matter of deploying “best practices” and “layered defense”. A necessary combination of proactive and reactive strategies such as vulnerability assessments, network segmentation, system hardening and threat monitoring, just to name a few, are needed. However, most organizations are often limited in their ability to deploy even the most basic security controls due to lack of required skills. This workshop starts from a strategic perspective, helping attendees “get their head around” the big picture. It starts with a deep dive into industrial control systems components and architecture, and then introduces beginner to intermediate topics including ICS vulnerabilities, “hacker” methodologies, and security controls at a comfortable and easy to follow pace. These topics are then exercised and reinforced using ThreatGEN’s Red vs. Blue cybersecurity gamification platform as well as other, more technical, hands-on labs and simulations for those that want to go a bit deeper.

What is Red vs. Blue Training?
Training is one of the most essential components of your risk mitigation strategy and overall cybersecurity program. However, without learning cybersecurity from the “hacker’s” perspective and gaining a true understanding of how adversaries attack and compromise ICS networks and assets, you’re only getting half of the picture. Without that other half, you’re essentially blindly deploying generic security controls and “best practices”. Layered defense is a great concept, but few organizations have the resources to deploy every layer effectively, and in most case, it still ends up being a waste of resources. In order to have an efficient and cost-effective risk mitigation strategy, you must understand not only where your vulnerabilities are, but also the tactics that attackers will use to exploit these vulnerabilities. Red vs. Blue Training provides the opportunity to learn these adversarial tactics in conjunction with the defensive methods; and then students get to apply the skills they learn as they face off in a head-to-head competition, Blue Team (the defenders) against Red Team (the attackers). ThreatGEN® Red vs. Blue cybersecurity gamification platform uses cutting-edge computer gaming technology developed by experienced industry professionals and authors of “Hacking Exposed: Industrial Control Systems”, to offer all the most valuable aspects of red team/blue team training, but in a fraction of the time and without a technical learning curve. Students of all levels can even play the part of the red team, regardless of experience or skill level.

EXPERIENCE LEVEL: All experience levels will gain from this workshop

What you will get out of this workshop:
• A comprehensive, “big picture” understanding of how all the cybersecurity pieces work together
• An understanding of the concepts, function, and components of industrial control systems, equipment, and technology
• Learn vulnerabilities and attack vectors specific to ICS
• Learn about the methods and strategies hackers use to attack industrial control systems as well as traditional IT systems (Introductory level. This is not a technical hands-on, “hacking” course)
• Learn and apply practical industrial cybersecurity and risk management concepts
• Learn how to deploy efficient and cost-effective mitigation strategies and security controls
• Learn how to build a complete ICS cyber security program
• Apply what you’ve learned against a live adversary using the cutting-edge, turn-based computer training
• Learn how to respond to, adapt, and defend against active attacks (Introductory level, this is not an incident response or threat hunting class)
• Participate as the blue team and the red team, regardless of experience or technical skill level

Intended Audience:
• Anyone interested in gaining beginner to intermediate knowledge of ICS/OT cybersecurity
• Anyone interested in or tasked with ICS/OT risk assessment and management
• Anyone interested in gaining a better understanding over the overall cybersecurity “big picture”
• Cybersecurity managers
• Upper management concerned with IT/OT cybersecurity
• Plant managers and asset owners
• IT cybersecurity staff tasked with ICS/OT cybersecurity
• Engineers tasked with ICS/OT cybersecurity
• End users looking for a more effective (and entertaining) cybersecurity awareness training

What attendees need to get the most out of this workshop:
• Since this is an online virtual event, a computer will be needed.

Register for a Premium Conference Pass to Secure a Spot in the Workshop

Thursday October 22, 2020 9:00am - 5:00pm EDT
 
  • Timezone
  • Filter By Date 2020 ICS Cyber Security Conference | USA Oct 19-22, 2020
  • Filter By Venue SecurityWeek Virtual Conference Center
  • Filter By Type
  • Break
  • Main Track
  • Strategy Track
  • Technical Track