- ICS Operational Rules
Please register at the following link if interested in attending our meetup: https://www.eventbrite.com/e/cyber-security-meetup-on-ics-operational-rules-tickets-64073932858 Our discussion leader for this Meetup is Malek Abutayeh (SUEZ Middle East IT/OT Manager) Malek Abutayeh is SUEZ Middle East IT/OT Manager, 15+ years’ experience in IT operations and security covering both IT & OT. Focusing on developing and guiding the implementation of the company's Industrial Control Systems (ICS) security architecture, ensuring compliance with SUEZ cyber security controls and standards as well compliance with local ICS regulation. Implement, operate and maintain security solutions with ICS infrastructure such as firewalls, IDS, and secure remote access. CS(2)AI meets are free for anyone to attend. There are absolutely no fees. Just come with an open mind and willingness to share and learn. Make sure you carry a valid ID proof when you come to attend the meet. For assistance to venue location or more details contact [masked] (Abdul Rasheed)
- ICS Protocols Security Issues
Agenda: - Introduction to ICS - Overview of ICS protocols - Packet Structure of Modbus and IEC[masked] - Practical Demonstration Presenter Profile: Arun Mane is a Security Researcher and Founder, Director of Amynasec.io His areas of interest are Hardware Security, IOT, SCADA, Automotive security, Fault Injection, RF protocols, and Firmware Reverse Engineering. Performed Security Audits for both government and private clients, Rest of his time get engaged with open security communities, he’s been a speaker at the nullcon 2016,2017,2018 Goa, GNUnify 2017, Defcamp 2017, 2018 Romania, BsidesDelhi 2017, c0c0n x 2017, EFY 2018, x33fcon2018, BlackHat USA 2018, Defcon USA 2018, OWASP Seasides 2019 Goa. And Trainer for Practical Industrial Control Systems (ICS) hacking training, delivered in x33fcon2018, HIP 2018 and also delivered training for IoT hacking in HITB 2017, HIP 2017, BlackHat Asia 2018 and private clients in London, Australia, Sweden, Netherl
- Cyber Security Risk Management in Critical Infrastrucure
Hi All, Hope you are doing great. Please register at the below link only if you intend to attend, seats are limited, event is FREE https://www.eventbrite.com/e/cs2ai-dubai-meet-is-happening-on-cyber-security-risk-management-in-critical-infrastructure-tickets-50312913278
- ICS Security Online Meetup 7: Control System Security Workforce Challenges
Virtual Meetup - Registration required (see link below)
In our 7th ICS Security Online Meetup of 2018, our discussion leaders will dig into control system or operating technology (OT) Cyber-security Workforce development challenges (Demographics, diversity, limited educational resources, limited company training budgets.) We will profile some of the key work force positions from entry level to leadership. We will also discuss the tensions that exist in many organizations between traditional IT teams and the teams that run the operational technology. This session will answer questions such as: 1) How do I change my culture to a cyber security culture in these environments? 2) How do I get teams to work together? 3) How do I find the right people or do I train people I already have? https://cs2ai.org/meetup-discussions/the-control-systems-security-workforce-challenges/ (ALL VIRTUAL MEETUP SESSIONS ARE AVAILABLE LIVE AND AS RECORDINGS TO PAID CS2AI GLOBAL MEMBERS) DISCUSSION LEADER: SAMARA MOORE Samara Moore is the Director of IT Cybersecurity Strategy and Governance at Exelon Corporation where she focuses on partnering across the enterprise to manage cyber and physical security and compliance risks. She brings more than 20 years of IT and Security experience to implementing and sustaining programs to effectively manage cyber risks. Samara is a recognized cybersecurity and critical infrastructure protection expert who specializes in aligning business & technology to manage cyber risk and optimizing processes and tools to enable the business and protect information resources and sensitive data. Moore was previously National Security Staff member at the White House, responsible for the NIST Cybersecurity Framework development. Prior to the White House, Samara co-led the development of the U.S. Department of Energy’s Cybersecurity Capability Maturity Model for power system utilities. DISCUSSION LEADER: REBEKAH MOHR Rebekah Mohr is a Security Manager for Accenture, specializing in ICS Security. She provides clients with services such as defining a company-wide ICS Security Program, conducting ICS Security gap assessment or risk modeling workshops, and providing materials and tools to close ICS Security gaps. Rebekah brings experience gained from 6 years working with Shell, where she was responsible for ICS Security at a Refinery, and later joined the global ICS Security Team as a Regional Technical Expert. During her time with the global team, she developed an ICS Security Risk Model, which was the first of its kind in the industry, and she designed a global ICS Security Remediation Program. Rebekah has been awarded with a Young Women in Energy and SANS “People who Made a Difference in Cyber Security” Award. Rebekah is driven to contribute as a thought leader within this space and to make a difference for the next generation of women in the technical workforce. DISCUSSION LEADER: ANDY BOCHMAN Mr. Bochman provides strategic guidance to senior USG and industry leaders on topics at the intersection of grid and critical infrastructure modernization and security. A frequent speaker, writer and standards developer, Andy has provided analysis on energy sector security actions, standards and gaps to DOE, DOD, DHS, FERC, NERC, NIST, NARUC, the Electricity Subsector Coordinating Council (ESCC), and state utility commissions, most recently testifying before the Senate Energy and Natural Resources Committee on energy infrastructure cybersecurity issues. He previously was Global Energy & Utilities Security Lead at IBM and Senior Adviser at the Chertoff Group in Washington, DC. Andy is currently researching a book on applying engineering fundamentals to critical infrastructure cyber challenges. His recent publications include: “the National Security Case for Simplicity in Energy Infrastructure” (CSIS, 2015), “IoT, Automation, Autonomy and Megacities in 2025: A Dark Preview” (CSIS, 2017), "The Missing Chief Security Officer" (CXO, 2018) and "Internet Insecurity: the Brutal Truth" (HBR, 2018).
- ICS Security Virtual Meetup 6:Keys to Effective Control System Security Programs
Virtual Meetup - Registration required (see link below)
Please join us to discuss the keys to an effective control system security program with MILLE GANDELSMAN of Indegy, KARL PERMAN of KPMG, BOB BEVIS of Verve Industrial Protection, and ERNEST WOHNIG of System 1. June 28, 2018 at 10:00 am Eastern US Time * * REGISTER NOW * * at https://www.cs2ai.org/virtual-meeting-series/ (Also for recorded sessions!) 2 CPE Credits available for attendees The discussion leaders will each deliver 5-10 minutes of prepared content and then YOU, the audience, will ask questions to help guide the panel discussion! Which means that you will be able to actively participate in the live discussion! ABSTRACT: This session will identify the key areas that enable organizations to run effective control systems security programs. Core to this will be understanding how prioritization is accomplished in situations where most of us do not and may never have enough resources. This session will introduce key elements including but not limited to budgets, governance, policy, assessments, incident response, change management and overall risk management techniques, with a deeper look at some of these same areas in forthcoming sessions. DISCUSSION LEADER: MILLE GANDELSMAN Mille leads Indegy’s technology research and product management activities. Prior to Indegy, Mille led engineering efforts for Stratoscale and spent several years leading cyber security research for Israel’s elite intelligence corps. Mille is a graduate of the elite Talpiot military academy and holds a Masters degree with honors in Computer Science from Tel Aviv University. DISCUSSION LEADER: ERNEST WOHNIG Ernest is an internationally recognized cyber security and assurance leader having written, presented, and advised senior corporate and federal leadership on security and assurance issues across the energy sector and to the federal government for over 20 years. He has advised clients across several industries, helping them understand their risk posture and to develop proactive security strategies and programs resulting in clear alignment of security investments to business value. Mr. Wohnig is one of the key figures shaping the discussion and practice of cyber security in the critical infrastructure and industrial control system arenas. DISCUSSION LEADER: ROBERT BEVIS Bob is the founder of Verve Industrial and leads the technical vision for the company. With over 25 years of cyber security, ICS system design, and project management, Bob’s unique ability to understand cyber security requirements (including NERC-CIP) in an operating environment enable scalable, cost effective and efficient security solutions. DISCUSSION LEADER: KARL PERMAN Karl is the Operational Technology Security Lead in KPMG’s Risk Consulting practice with over 30 years of experience delivering critical infrastructure, business protection, compliance, risk management and law enforcement consulting services. He has developed and implemented critical infrastructure protection programs, developed security technology infrastructure to protect assets, created vulnerability assessments in diverse environments, established organizational strategies and value-added security programs, and led high-level, complex investigations of criminal conduct and employee misconduct. His career includes senior level positions including Director of Security, North American Transmission Forum; Manager, Infrastructure Protection and Regulatory Compliance at Exelon Corporation; and Manager, Corporate Investigative and Protective Services at Southern California Edison.
- ICS Virtual Meetup Session 5: Control Systems Ecosystem-Asset Owners
Please join us as Steve Mustard and Paul Piotrowski discuss the unique #security concerns and responsibilities of Asset Owners in the industrial space https://www.cs2ai.org/meetup-discussions/the-control-systems-ecosystem-asset-owners/ May 31, 2018 at 10:00 am Eastern US Time * * REGISTER NOW * * at https://www.cs2ai.org/virtual-meeting-series/ (Also for recorded sessions!) 2 CPE Credits available for attendees The discussion leaders will deliver 10-15 minutes (each) of prepared content and then YOU, the audience, will ask questions to help guide the panel discussion! Which means that you will be able to actively participate in the live discussion! Abstract: This session will examine who the end-user participants in this ecosystem are, with a few views into some specific systems. We will identify an extensive list of industry verticals, which deploy control networks to include Oil, Gas, Natural Gas, Chemical, Electric (big to rural collective), Gas Distribution, Manufacturing (multi-subvert), Water, Transportation, Waster Water, Communications, Buildings, Healthcare and Military Systems. This session will address questions to include: Who owns these systems? Who uses them? And who is responsible for security? DISCUSSION LEADER: STEVE MUSTARD Steve Mustard, is an independent automation consultant and subject-matter expert of the International Society of Automation (ISA) and its umbrella association, the Automation Federation. He also is an ISA Executive Board member. Backed by nearly 30 years of software development experience, Mustard specializes in: the development and management of real-time embedded equipment and automation systems; and the integration of real-time processing, decision-support and other disparate systems to improve business processes. He serves as president of National Automation, Inc. Mustard is a recognized authority on industrial cybersecurity, having developed and delivered cybersecurity management systems, procedures, training and guidance to multiple critical infrastructure organizations. He serves as the Chair of the Automation Federation's Cybersecurity Committee. Mustard is a licensed Professional Engineer, UK registered Chartered Engineer, a European registered Eur Ing, an ISA Certified Automation Professional® (CAP®) and a certified Global Industrial Cybersecurity Professional (GICSP). He also is a Fellow in the Institution of Engineering and Technology (IET) and a Senior Member of ISA. DISCUSSION LEADER: PAUL PIOTROWSKI Paul Piotrowski is currently an Automation Engineer in Shell’s Global PCD Integrity Organization (Process Control Domain). Paul consults globally on PCD Security issues for large global capital projects for all Shell Operating Assets. He has spent over 16 years in Shell in various security roles including network operations, risk governance and compliance, audit, incident management, forensics and project management. He has travelled extensively for Shell allowing him the opportunity to work across diverse set of cultures and landscapes which have shaped his view of the world. Paul possesses the valuable hybrid skill set of Operations Technology (OT) and Information Technology (IT). Through visiting and working at over 50 Shell assets globally he understands how to embed practical solutions between “operations” and “corporate IT” that reduce an organization's cyber security risk while minimizing operational impact. Paul is amid becoming a certified SANS ICS Security Instructor for the GISCP course. He holds a B.SC degree in Computer Science with a minor in management. He holds several certifications including the GICSP (Global Industrial Cyber Security Professional) and CISSP. In addition, he has participated in several executive development programmes. He is based out of the Calgary, Canada.
- Introduction to Baldrige Cyber security Excellence Builder
Our discussion leader for the next Meetup is Jean Michel Briffaut a cybersecurity specialist working in the Rail industry for more than 10+ years and he will provide us a talk on an Introduction to the Baldrige Cybersecurity Excellence Builder and will explain, based on his experience, how it can help organizations to better understand the effectiveness of their cybersecurity risk management efforts and to identity improvement opportunities in the context of their overall organizational performance. The meets are completely free but please note no food and drinks are allowed inside the conference room except water. Feel free to reach Abdul Rasheed for assistance to venue location and details @ O[masked] Google map: https://goo.gl/maps/SMk97z3Y2gR2
- Virtual Meetup #4: The Control Systems Ecosystem – Suppliers
April 26, 2018 at 10:00 am Eastern US Time * * REGISTER NOW * * at https://www.cs2ai.org/virtual-meeting-series/ (Also for recorded sessions!) 2 CPE Credits available for attendees This session will go into who are all the players in this ecosystem. Examples are: OEMs, suppliers, vendors, integrators, key consultants and their interrelationships and influences on the market. We will discuss some great progress being made by participants in this supply chain, but also the significant challenges we still face. The discussion leaders will deliver 10-15 minutes (each) of prepared content and then YOU, the audience, will ask questions to help guide the panel discussion! Which means that you will be able to actively participate in the live discussion! Questions addressed will include: - Who has responsibility for security in an offered/procured component? - How does one conduct due diligence on suppliers? - What are fair expectations associated with such due diligence? - How are vendors adapting to the increased demand for built-in security and greater support for security issues from customers? - What do they feel they can do better? DISCUSSION LEADERS: GRAHAM SPEAKE is the CISO at Berkana Resources Corporation. With over 30 years’ experience, Graham is a control systems and cyber security expert. In addition to his role at Berkana, Graham is a NexDefense fellow, SANS trainer and a subject-matter expert to the GIAC GICSP certification. Graham was Principal Systems Architect at Yokogawa, responsible for steering development of security within Yokogawa products and ensuring security certifications such as ISA Secure and Achilles were achieved. Graham spent nearly 10 years with BP, securing critical plants in both the U.K and the U.S. At Industrial Control Services he developed the software for one of the first computer-based emergency shutdown systems which was successfully deployed by multiple platforms in the North Sea. Graham is the author of several books on Linux and has been a technical editor for books on hacking. CHERISE ESPARZA-GUTIERREZ, co-founder & CTO at SecurityGate, is an industry pioneer for implementation of Achilles Practice Certification PCD/ICS offshore technology cyber security for rig fleet. She is an innovative IT/ICS operations professional with 11+ years’ experience of managing IT & ICS network infrastructures, OT/PCD/ICS/IT cyber security based on (WIB/IEC 62443; NIST[masked], ISO2700(1&2)), and operational risk management within the corporate & ICS network environments. Cherise specializes in cyber security, enterprise telecommunications, network engineering design, ICS/SCADA/OT security, IT risk management, and Incident Response. ROB GARRY is Vice President & Chief Engineer of Product Cyber Security & Chief Engineer at GE. His career has been in the area of control system design and application for critical infrastructure in power generation applications, including gas, steam, wind, O&G and nuclear. His area of expertise includes model-based controls, safety system and platform design. He currently resides in Greenville, South Carolina, where he is responsible for product security around GE Powers products and applications.
- How to Initiate ICS/OT Cyber Security Program?
Mohamed Youssef is our discussion leader for the next Meetup and he will provide us a talk on How to initiate ICS/OT Cyber Security Program? - 1 hr This presentation is very important and covers how to initiate and start ICS/OT program, the main elements of the business case, why ICS /OT is not same as IT, and what the main phases of the program are. The need to secure industrial control systems (ICS) from the risk of cyber-attacks cannot be underestimated in a world where human error, online criminal activity and espionage are very real threats to businesses. Security vendors keep alarming every quarter with the potential damage happening around from cyber security incidents, let's learn and share our experiences with global security leaders at CS2AI in Dubai this week. The meets are completely free but please note no food and drinks are allowed inside the conference room except water. Feel free to reach Abdul Rasheed for assistance to venue location and details @[masked]
- Inside the Control System – Components, Processes, and Automation
For our second session in our ICS Security Virtual Meeting series, Bryan Singer and Emmet Moore III take us Inside the Control System – Components, Processes, and Automation February 22, 2018 2 CPE Credits available for attendees This session covers hardware, software, systems, information flow and operations unique to these environments (to include PLC’s, HMIs, Historians, Field Devices, Controller devices, Operating Systems (yes Microsoft)). We will cover basic network structure and design architecture related to technical components (PLC, HMIs, Field devices, etc.) and information. The variety of control system architectures across various sectors (electrical, manufacturing, transportation, health, etc.) will be addressed. This session will address questions including: - What components are found inside a control or operating technology system? - What is process control? - What is a set point or a flow point? - What are an engineering Safety Systems? - What are the primary directives for these systems? - What differentiates these components from their IT equivalents? Register now at https://www.cs2ai.org/virtual-meeting-series/ (Also to watch recorded sessions!) Discussion Leader: Bryan Singer Bryan has an extensive background in a variety of industries including manufacturing, DoD, healthcare, and others. His proven professional skills include system architecture and design, software project management, application development, system administration, network administration, database design and administration, and multi-tier support. Previously he was the chairman of ISA-62443/ISA-99 Industrial Control Systems Security Standards body; Interim Governing Board, for the Process Control Security Forum; and an industry representative for security architecture concerns to almost every major manufacturing, utilities, and other critical infrastructure. His specialties are: 1) System Architecture and Design using methodologies including UML, Rational Unified Process, Booch, Yourdon, etc.; 2) MES, EAI, ERP, LIMS, PLC, DCS, HMI, and other manufacturing systems; 3) Client/Server development in Java, JSP, ASP, C/C++, Visual C++, VB, PERL, Shell (ksh, csh, sh, bash), SQL, PL/SQL, and HTML; 4) Physical and network vulnerability assessments, penetration testing, information assurance, and biometrics, and; 5) • PGP, SSH, VPN, WEP, SSL, WAP, 802.1x, RADIUS, etc https://www.linkedin.com/in/bryanlsinger/ Discussion Leader: Emmett Moore Emmett is the founder and CEO of Red Trident Inc.. Over the years, he has focused on Threat Intelligence, Vulnerability Research, and Security Services. He has been responsible for all aspects of the product development life cycle in the Oil & Gas Industry. As a project specialist he handled a multitude of roles, which included managing high level automation projects for the oil and gas industry, as well as being a technical specialist various other projects. https://www.linkedin.com/in/emooreiii/