What we're about

Welcome! This meetup dedicated to all professionals involved in Cyber Security for Automated Processes and Control Systems including security for Operating Technology (OT), Industrial Control Systems (ICS), SCADA Systems, Transportation Systems, Building Control Systems (BCS), and even emerging Industrial Internet of Things (IIoT) systems. Our purpose is to connect the professionals in the Greater Cleveland area with real interest in or responsibility for the cyber security of these systems.

Once we have enough critical mass of interest in Cleveland, we will gather for purposes of education, information exchange, and discovery of new opportunities and, yes, perhaps a few happy hours! If you are interested in serving on a committee to help shape this meetup experience, please contact the organizers directly.

Upcoming events (3)

(CS)2AI Online: Stop Tomorrow's Crisis- Developing and Leading a Top ICS IR Team

NOTE: Meetup.com does not integrate its RSVP's to our webinar platform. Register for this event at gotowebinar: https://attendee.gotowebinar.com/register/7308129848920150540?source=06022021meetupevent

Incident response can be one of the most challenging times a process may face. The key to success is pre-coordination, preparation and training. CS2AI founding fellow Mark Bristow will take you through strategies in setting up and training your ICS incident response capability to make sure you are ready for this challenging day. With the right staffing model, incident response plan, pre-arranged internal and external partnerships, pre-built mitigation strategies and the right frame of mind, responding to an OT cyber incident can be effectively managed. Mark has worked on hundreds of incident response efforts impacting or threating process control environments in his long career with CISA’s Threat Hunting teams (formerly ICS-CERT).

Speaker:
Mark Bristow is Branch Chief, Cyber Defense Coordination (CDC) at Cybersecurity and Infrastructure Security Agency (CISA). He previously served as Director of the US Department of Homeland Security's (DHS) National Cybersecurity and Communications Integration Center (NCCIC), responsible for Incident Response efforts of the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) and the United States Computer Readiness Team (US-CERT).

--------------------------------------------------------------------------------------------------
Certificates for Professional Development/Continuing Education Units (PDUs/CEUs) are available for all attendees.
--------------------------------------------------------------------------------------------------
To view any of our growing library of past seminars and symposiums, check out the Resources area of our website in the Members Portal https://www.cs2ai.org/
--------------------------------------------------------------------------------------------------
If you're interested in speaking at a future (CS)2AI event, having your organization become a Strategic Alliance Partner, or engaging in any of the other ways available, please contact us on our https://www.cs2ai.org/get-involved
--------------------------------------------------------------------------------------------------
Please note that all (CS)2AI ONLINE events are provided free of charge as educational career development content through the support of our paid members and our generous contributions of our corporate Strategic Alliance Partners. Contact information used in registering for our directly supported seminars may be shared with sponsors funding those specific events. Unless noted on the Gotowebinar registration page, all events are open for direct funding support.

(CS)2AI: Why Hasn’t SOAR Taken Off in ICS? (sponsored by Industrial Defender)

Please Note: Meetup.com is not integrated with gotowebinar. To register for this event, please go to https://attendee.gotowebinar.com/register/7654259409181761292?source=08182021meetupevent

Besides the typical reluctance to embrace new technology in the ICS world, security orchestration, automation and response (SOAR) tools haven’t been as widely adopted as they probably should be because of the contextual data deficiency found in most security alerts. To create an appropriate automated response, you need to know exactly which devices are compromised and whether you can/should isolate them, which up until recently has been extremely difficult to do for industrial control systems.

Let’s say you’re alerted that an HMI has a banking Trojan. That’s not great, but not likely something you’d feel compelled to take offline. However, if there was ransomware in an HMI, you have a serious problem. So, what should you do? Well, if you have 7 HMIs, it’s likely fine to just disconnect the infected one to stop the spread, but if that’s your only one, then it’s definitely not ok. This is a prime example of why having access to contextual data about both the threat AND the affected asset is so critical to informing automated security management.
In this seminar, you’ll learn:

• Why security orchestration and automation reduce the risk of operational downtime from a cyberattack
• What type of contextual security information is critical to powering a next-gen program
• How feeding the right ICS asset data into your SIEM + SOAR helps demonstrate ROI across your security ecosystem

This session will include our ever popular Quality Question Prize Wheel: everyone who submits an on-topic question for the speakers gets entered for a prize drawing after the presentation.

Please Note: meetup.com is not integrated with gotowebinar. To register for this event, please go to https://attendee.gotowebinar.com/register/7654259409181761292?source=08182021meetupevent

--------------------------------------------------------------------------------------------------
Certificates for Professional Development/Continuing Education Units (PDUs/CEUs) are available for all attendees.
--------------------------------------------------------------------------------------------------
To view any of our growing library of past seminars and symposiums, check out the Resources area of our website in the Members Portal https://www.cs2ai.org/
--------------------------------------------------------------------------------------------------
If you're interested in speaking at a future (CS)2AI event, having your organization become a Strategic Alliance Partner, or engaging in any of the other ways available, please contact us on our https://www.cs2ai.org/get-involved
--------------------------------------------------------------------------------------------------
Please note that all (CS)2AI ONLINE events are provided free of charge as educational career development content through the support of our paid members and our generous contributions of our corporate Strategic Alliance Partners. Contact information used in registering for our directly supported seminars may be shared with sponsors funding those specific events. Unless noted on the Gotowebinar registration page, all events are open for direct funding support.

IoT Skimmer: Energy Market Manipulation through High-Wattage IoT Botnets

Network event

Tohid Shekhari, and Professor Raheem Beyah of the Georgia Institute of Technology, share their research showing how an "IoT Skimmer" – a massive botnet consisting of thousands of connected high-wattage IoT devices and appliances, such as connected refrigerators, air conditioners and heaters, could cause sufficient demand-side power fluctuations to influence energy prices and create financial damage by targeting utility firms.

Their research found that an increase or decrease of only 1% of power consumption is sufficient to manipulate prices and would be very difficult to detect. Malicious actors to whom these tactics could appeal include competitive companies seeking to financially damage another utility, nation-states wanting to cause economic disruption, and financial market profiteers.

This talk includes information of past attacks on electrical grids and manipulation of electric markets as well as background on power grid design & functionality, electricity markets, IoT botnets and known botnet attacks, analysis of the threat model and attack feasibility, potential stealth strategies of attackers, and available countermeasures.

Please Note: meetup.com is not integrated with gotowebinar. To register for this event, please go to https://attendee.gotowebinar.com/register/2116410760909040656?source=032521MeetupEvents

Speakers:
Professor Raheem Beyah, Executive Director of the Online Masters in Cybersecurity program and Vice President for Interdisciplinary Research at Georgia Institute of Technology as well as founder and Chairman of the Board of Directors of Fortiphyd Logic, has built and deployed novel cybersecurity solutions throughout his professional career.
https://www.linkedin.com/in/raheem-beyah-74aa501/

Tohid Shekari is currently pursuing a PhD degree in ECE and MSc in Cybersecurity with the School of Electrical and Computer Engineering, Georgia Institute of Technology, Atlanta, GA, USA. His current research interests include cyber-physical system security, cybersecurity in power systems, intrusion detection in power substations, power system resilience, and power system operation.
https://www.linkedin.com/in/tohid-shekari-963b0941/

Please Note: meetup.com is not integrated with gotowebinar. To register for this event, please go to https://attendee.gotowebinar.com/register/2116410760909040656?source=032521MeetupEvents

--------------------------------------------------------------------------------------------------
Certificates for Professional Development/Continuing Education Units (PDUs/CEUs) are available for all attendees.
--------------------------------------------------------------------------------------------------
To view any of our growing library of past seminars and symposiums, check out the Resources area of our website in the Members Portal https://www.cs2ai.org/
--------------------------------------------------------------------------------------------------
If you're interested in speaking at a future (CS)2AI event, having your organization become a Strategic Alliance Partner, or engaging in any of the other ways available, please contact us on our https://www.cs2ai.org/get-involved
--------------------------------------------------------------------------------------------------
Please note that all (CS)2AI ONLINE events are provided free of charge as educational career development content through the support of our paid members and our generous contributions of our corporate Strategic Alliance Partners. Contact information used in registering for our directly supported seminars may be shared with sponsors funding those specific events. Unless noted on the Gotowebinar registration page, all events are open for direct funding support.

Photos (40)