What we're about

ANNOUNCING ---> We are ready to get this thing rolling!

We're putting together plans for an event in September, and we would love to have some help. If you know of a good venue for our first get-together, someplace informal, preferably serving food and beverages, but not too loud (we need to be able to hear each other, after all), or have any other valuable skills (or time) please let us know!

GROUP DESCRIPTION:

This meetup IS dedicated to all professionals involved in Cyber Security for Automated Processes and Control Systems including security for Operating Technology (OT), Industrial Control Systems (ICS), SCADA Systems, Transportation Systems, Building Control Systems (BCS), and even emerging Industrial Internet of Things (IIoT) systems. Our purpose is to connect the professionals in the Greater Cincinnati area with real interest in or responsibility for the cyber security of these systems.

We're just getting started here, so our meetups might not be very frequent at first, but the more people get involved, the more great events we can hold! Contact us if you would like to volunteer to help lead the group!

Upcoming events (2)

(CS)2AI ONLINE: Saved by Ransomware! with Brent Huston

Online event

Join us for a fascinating story of an unusual ICS network incident Brent and his team worked recently. In it, he'll discuss how a successful compromise of an exposed server handed an attacker an opportunity to tamper with some critical infrastructure functions and how the victim was essentially saved by a ransomware infection. The talk will cover the attack scenario, the methodology of the attackers and some interesting IOCs and TTPs that were discovered during the incident analysis. Come and learn how, in this particular case, ransomware saved the day! Speaker: Brent Huston, Security Evangelist and CEO of MicroSolved Brent is an entrepreneur, inventor & futurist with a focus on crime, fraud & industrial espionage. Interested in the impacts of technology across these activities. He has a great reputation as a security & criminal researcher with a history of innovative approaches, responsible disclosure, rational control development & substantial findings. World-class experience with ICS/SCADA, utility & critical networks including segmentation, pen-testing, protocol/process weaknesses & incident response. Deep knowledge of fuzzing, honeypots & attacker deception/tampering. To date, he has brought more than a dozen technology products to market and he holds two US patents. He currently serves as an advisor, mentor and investor in multiple technology companies around the world.

(CS)2AI ONLINE: Applied Deception in the Era of IT/OT Convergence

NOTE: Registration at gotowebinar is required:https://attendee.gotowebinar.com/register/2794448792846923276?source=08272020MeetupEvents We all want to make sure our organizations won’t appear in news headlines as another breached ICS/SCADA company, but the presence of EDR, EPP, DPI, DLP, EUBA, SIEM, and Network Monitoring Systems in ICS/OT environments does not guarantee preventing and detecting insider threats or network compromise. The addition of a next-gen honeypot or “Deception” tool using Free and Open Source Software (FOSS) can complete the defense-in-depth aligned with Governance, Risk Management, and Compliance. Not every organization has an OT network Incident Response (IR) program. Even those who do have significant challenges: - Lack of network-based threat visibility - Huge data sets to correlate on whole enterprise threat hunting - Overwhelming numbers of false-positive alerts - Limited resources to respond A customized stand-alone honeypot in-line with the ICS/SCADA network to bait and trap any malefactor can lessen dwell time by warning immediately on being compromised. This accelerates breach detection of misuse and malicious activities such as Internal Reconnaissance, Lateral Movements from IT, Credential Theft, Ransomware, Data Exfiltration, and Zero-Day Exploits. KEY TAKEAWAYS 1. Amplified Breach Detection with almost 100% accuracy 2. Slows down attackers and reduces dwell time 3. Scalable and Operationally Efficient with counterintelligence gained 4. Rapidly Detect and trap APT’s 5. Zero cost, high ROI 6. Be able to configure, design, and deploy a solution that covers both IT and OT environments 7. Learn the basics of incident handling in ICS/SCADA 8. Add threat intelligence to the IR program Art (Mike) Rebultan has many years of experience as a security practitioner in PCI-DSS audit management, Unix/Linux server lockdown and systems administration, R&D, VAPT, cybercrime investigation and incident response. He has a master’s in IT with concentration in e-commerce security and is trained in digital forensics and cybersecurity. https://www.peerlyst.com/users/mike-art-rebultan/ https://www.linkedin.com/in/artrebultan/ NOTE: Registration at gotowebinar is required:https://attendee.gotowebinar.com/register/2794448792846923276?source=08272020MeetupEvents

Photos (12)