- ICS in the Cloud with Chris Blask
Just as we've seen in the IT/OT convergence over the past 20+ years, financial and architectural benefits are driving industrial owners/operators to adopt cloud-based technologies, blurring and obsolescing definitions of the "perimeter." This ongoing and inevitable extension of operational control system networks carries a number of security concerns that require reevaluation of how we protect the connected critical assets behind them. Let's talk about how this is being done and what the future holds for ICS cybersecurity. To sign up for this virtual meetup, go to: https://cs2ai.org/resource. We look forward to you joining us at 10 am EST on April 25th! What are Virtual Meetups? The CS2AI Virtual Meetups bring the Subject Matter Experts to you right on your desk or laptop and give you a chance to engage with them live! Each brings one or more SMEs to discuss some area of ICS cybersecurity. We keep these online sessions lively and informal, with at least half of the time allotted to responding to questions from you and our other attendees. The goal of our Virtual Meetup Series is to provide ICS cybersecurity practitioners, managers, leaders and newbies with useful, productive, and consistent opportunities for professional development. To do that we have recently added the Security Event Retrospective sessions, with panelists sharing their experiences and thoughts on important cybersecurity events. Keep an eye open for the next in this series! Plus, thanks to the support of our Strategic Alliance Partners, the Security Event Retrospectives are open to everyone!
- Open FAIR Overview and Quantifying Cyber Risk for Process Control Operators
This event offers two view of Open FAIR: the overview and case study of its industrial uses. RSVP: https://www.eventbrite.com/e/open-fair-overview-and-quantifying-cyber-risk-for-process-control-operators-tickets-55780698571 1. Overview of Open FAIR Risk Analysis Methodology - Jim Hietala - Introduction to the Open FAIR standards and how to apply them to analyze cybersecurity risk - Overview of learning resources - Training and certification - Open FAIR risk analysis software tools Bio: Jim Hietala, is Vice President, Security for The Open Group, where he manages security and risk management programs and standards activities, He has participated in the development of several industry standards including O-ISM3, O-ESA, and the Open FAIR Body of Knowledge. He led the development of the Open FAIR certification program for risk analysts, and a joint Open Group and SIRA risk management practices survey project. He also led the development of compliance and audit guidance for the Cloud Security Alliance's v2 publication. He was also very involved in forming and launching the new Open Process Automation Forum. 2. Quantifying Cyber Risk for Process Control Operators - Mike Radigan Process control operators need to understand how cyber risks compare against other business risks to determine how much to budget to manage it. Too often the CISO comes to the table with maturity gap assessments, benchmarks and best practice recommendations that have no basis for comparison with other operational risks. This presentation will demonstrate how industrial cyber risk can be analyzed, quantified and compared to the top operational risk issues for a power plant, based on a case study. Then, risk mitigation options were evaluated based on a common financial metric of risk reduced per unit cost. Bio: Mike Radigan has a 19 year career in the cyber risk management and network security industries. As Director of OT Strategy for Leidos Cyber, Mike uses his subject matter expertise in expressing cyber risk in financial or “business terms” to provide a unique and highly valued perspective to decision makers.
- 7th annual CS4CA USA Summit - Houston
As cyber-attacks on the US rise, Qatalyst Global brings the 7th annual CS4CA USA Summit to Houston on March 26th-27th, 2019 promoting IT-OT collaboration. 250+ senior experts assess the best cybersecurity solutions available to American Critical Infrastructure through table discussions, informative panels, interactive workshops, and real-life case studies. Benchmark your digital maturity with industry peers through 6+hs of network, hear first-hand from solution experts, share challenges and takeaways with senior executives from across America, and join dedicated IT and OT streams to hone in your area of interest or address common issues on plenary sessions. This is a CPD certified summit catered for the Oil & Gas, Energy, Chemical, Water, and other Critical Industries. Take advantage of (CS)2AI members’ discount with code CS50 upon registration to save $850 on your 2-Day all-inclusive conference pass, with seated lunches and refreshments during the networking breaks. More details at: https://www.cs4ca.com/usa/.
- Anatomy of a Breach
Speaker: Brad Green, Intertek Brad’s first exposure to security was working desktop support during the NIMDA outbreak in 2001, an event necessitating hard hats, steel-toed boots, and manually cleaning infected systems using floppy disks. The team he was on didn’t like the idea of going through that again, and he was given the opportunity to help bring the organization’s endpoints to a patched and well-managed state. He spent another 5 years consulting on IT operations, helping to design and operationalize configuration-, asset-, and patch-management strategies at a wide variety of organizations. He’s been in a technical pre-sales function for the past 10 years, representing technologies and services and helping his customers address a broad cross-section of security challenges. RSVP: https://www.eventbrite.com/e/anatomy-of-a-breach-tickets-58921113637 Agenda: 1. Brief Intro - Me & Topic 2. Intro - Hack & Fallout 3. Introduce TimeLine (Right of Bang) 4. Quick Peek - Hacking Team email dump on WikiLeaks 5. TimeLine (Left of Bang, discovered) 6. Look In - Phinneas Phisher Manifesto 7. TimeLine (Left of Bang, inferred from Manifesto) 8. Lessons Learned & Outro
- Evaluating Risk in a Control System Environment
Join us to learn about the Risk Management Lifecycle, why each piece of the puzzle is necessary for proper risk management, and why people are the most important element to manage risk. Rebekah Mohr is an ICS Security Manager at Accenture. She is the founder of the Houston Chapter of Women in Control System Cyber Security (WiCS2).
- Fall 2018 UH Cybersecurity Event
This exciting, all-day event focuses on training, internships and certification for cybersecurity careers. The day’s speakers are being hosted by Houston’s leading cybersecurity organizations, the students, and faculty of UH. Admission is free. The program is focused on cybersecurity industry trends, current skills needs and emerging opportunities in this growing industry. Our guest speaker, Steve Parker, is the founder of EnergySec, which is a leader in training for the electric generation and utility industry. He has a wealth of experience in securing critical infrastructure, as well as preparing for a career in that sector. Following the day’s agenda, we will have a student mixer, with refreshments to allow the students an opportunity to talk to local companies about internship and employment opportunities.
- ICS Security Online Meetup 7: Control System Security Workforce Challenges
Virtual Meetup - Registration required (see link below)
In our 7th ICS Security Online Meetup of 2018, our discussion leaders will dig into control system Cyber-security Workforce development challenges (Demographics, diversity, limited educational resources, limited company training budgets.) We will profile some of the key work force positions from entry level to leadership. We will also discuss the tensions that exist in many organizations between traditional IT teams and the teams that run the operational technology. This session will answer questions such as: 1) How do I change my culture to a cyber security culture in these environments? 2) How do I get teams to work together? 3) How do I find the right people or do I train people I already have? https://cs2ai.org/meetup-discussions/the-control-systems-security-workforce-challenges/ (ALL VIRTUAL MEETUP SESSIONS ARE AVAILABLE LIVE AND AS RECORDINGS TO PAID CS2AI GLOBAL MEMBERS) DISCUSSION LEADER: SAMARA MOORE Samara Moore is the Director of IT Cybersecurity Strategy and Governance at Exelon Corporation where she focuses on partnering across the enterprise to manage cyber and physical security and compliance risks. She brings more than 20 years of IT and Security experience to implementing and sustaining programs to effectively manage cyber risks. Samara is a recognized cybersecurity and critical infrastructure protection expert who specializes in aligning business & technology to manage cyber risk and optimizing processes and tools to enable the business and protect information resources and sensitive data. Moore was previously National Security Staff member at the White House, responsible for the NIST Cybersecurity Framework development. Prior to the White House, Samara co-led the development of the U.S. Department of Energy’s Cybersecurity Capability Maturity Model for power system utilities. DISCUSSION LEADER: REBEKAH MOHR Rebekah Mohr is a Security Manager for Accenture, specializing in ICS Security. She provides clients with services such as defining a company-wide ICS Security Program, conducting ICS Security gap assessment or risk modeling workshops, and providing materials and tools to close ICS Security gaps. Rebekah brings experience gained from 6 years working with Shell, where she was responsible for ICS Security at a Refinery, and later joined the global ICS Security Team as a Regional Technical Expert. During her time with the global team, she developed an ICS Security Risk Model, which was the first of its kind in the industry, and she designed a global ICS Security Remediation Program. Rebekah has been awarded with a Young Women in Energy and SANS “People who Made a Difference in Cyber Security” Award. Rebekah is driven to contribute as a thought leader within this space and to make a difference for the next generation of women in the technical workforce. DISCUSSION LEADER: ANDY BOCHMAN Mr. Bochman provides strategic guidance to senior USG and industry leaders on topics at the intersection of grid and critical infrastructure modernization and security. A frequent speaker, writer and standards developer, Andy has provided analysis on energy sector security actions, standards and gaps to DOE, DOD, DHS, FERC, NERC, NIST, NARUC, the Electricity Subsector Coordinating Council (ESCC), and state utility commissions, most recently testifying before the Senate Energy and Natural Resources Committee on energy infrastructure cybersecurity issues. He previously was Global Energy & Utilities Security Lead at IBM and Senior Adviser at the Chertoff Group in Washington, DC. Andy is currently researching a book on applying engineering fundamentals to critical infrastructure cyber challenges. His recent publications include: “the National Security Case for Simplicity in Energy Infrastructure” (CSIS, 2015), “IoT, Automation, Autonomy and Megacities in 2025: A Dark Preview” (CSIS, 2017), "The Missing Chief Security Officer" (CXO, 2018) and "Internet Insecurity: the Brutal Truth" (HBR, 2018).
- ICS Security Virtual Meetup 6:Keys to Effective Control System Security Programs
Virtual Meetup - Registration required (see link below)
Please join us to discuss the keys to an effective control system security program with MILLE GANDELSMAN of Indegy, KARL PERMAN of KPMG, BOB BEVIS of Verve Industrial Protection, and ERNEST WOHNIG of System 1. June 28, 2018 at 10:00 am Eastern US Time * * REGISTER NOW * * at https://www.cs2ai.org/virtual-meeting-series/ (Also for recorded sessions!) 2 CPE Credits available for attendees The discussion leaders will each deliver 5-10 minutes of prepared content and then YOU, the audience, will ask questions to help guide the panel discussion! Which means that you will be able to actively participate in the live discussion! ABSTRACT: This session will identify the key areas that enable organizations to run effective control systems security programs. Core to this will be understanding how prioritization is accomplished in situations where most of us do not and may never have enough resources. This session will introduce key elements including but not limited to budgets, governance, policy, assessments, incident response, change management and overall risk management techniques, with a deeper look at some of these same areas in forthcoming sessions. DISCUSSION LEADER: MILLE GANDELSMAN Mille leads Indegy’s technology research and product management activities. Prior to Indegy, Mille led engineering efforts for Stratoscale and spent several years leading cyber security research for Israel’s elite intelligence corps. Mille is a graduate of the elite Talpiot military academy and holds a Masters degree with honors in Computer Science from Tel Aviv University. DISCUSSION LEADER: ERNEST WOHNIG Ernest is an internationally recognized cyber security and assurance leader having written, presented, and advised senior corporate and federal leadership on security and assurance issues across the energy sector and to the federal government for over 20 years. He has advised clients across several industries, helping them understand their risk posture and to develop proactive security strategies and programs resulting in clear alignment of security investments to business value. Mr. Wohnig is one of the key figures shaping the discussion and practice of cyber security in the critical infrastructure and industrial control system arenas. DISCUSSION LEADER: ROBERT BEVIS Bob is the founder of Verve Industrial and leads the technical vision for the company. With over 25 years of cyber security, ICS system design, and project management, Bob’s unique ability to understand cyber security requirements (including NERC-CIP) in an operating environment enable scalable, cost effective and efficient security solutions. DISCUSSION LEADER: KARL PERMAN Karl is the Operational Technology Security Lead in KPMG’s Risk Consulting practice with over 30 years of experience delivering critical infrastructure, business protection, compliance, risk management and law enforcement consulting services. He has developed and implemented critical infrastructure protection programs, developed security technology infrastructure to protect assets, created vulnerability assessments in diverse environments, established organizational strategies and value-added security programs, and led high-level, complex investigations of criminal conduct and employee misconduct. His career includes senior level positions including Director of Security, North American Transmission Forum; Manager, Infrastructure Protection and Regulatory Compliance at Exelon Corporation; and Manager, Corporate Investigative and Protective Services at Southern California Edison.
- ICS Virtual Meetup Session 5: Control Systems Ecosystem-Asset Owners
Please join us as Steve Mustard and Paul Piotrowski discuss the unique #security concerns and responsibilities of Asset Owners in the industrial space https://www.cs2ai.org/meetup-discussions/the-control-systems-ecosystem-asset-owners/ May 31, 2018 at 10:00 am Eastern US Time * * REGISTER NOW * * at https://www.cs2ai.org/virtual-meeting-series/ (Also for recorded sessions!) 2 CPE Credits available for attendees The discussion leaders will deliver 10-15 minutes (each) of prepared content and then YOU, the audience, will ask questions to help guide the panel discussion! Which means that you will be able to actively participate in the live discussion! Abstract: This session will examine who the end-user participants in this ecosystem are, with a few views into some specific systems. We will identify an extensive list of industry verticals, which deploy control networks to include Oil, Gas, Natural Gas, Chemical, Electric (big to rural collective), Gas Distribution, Manufacturing (multi-subvert), Water, Transportation, Waster Water, Communications, Buildings, Healthcare and Military Systems. This session will address questions to include: Who owns these systems? Who uses them? And who is responsible for security? DISCUSSION LEADER: STEVE MUSTARD Steve Mustard, is an independent automation consultant and subject-matter expert of the International Society of Automation (ISA) and its umbrella association, the Automation Federation. He also is an ISA Executive Board member. Backed by nearly 30 years of software development experience, Mustard specializes in: the development and management of real-time embedded equipment and automation systems; and the integration of real-time processing, decision-support and other disparate systems to improve business processes. He serves as president of National Automation, Inc. Mustard is a recognized authority on industrial cybersecurity, having developed and delivered cybersecurity management systems, procedures, training and guidance to multiple critical infrastructure organizations. He serves as the Chair of the Automation Federation's Cybersecurity Committee. Mustard is a licensed Professional Engineer, UK registered Chartered Engineer, a European registered Eur Ing, an ISA Certified Automation Professional® (CAP®) and a certified Global Industrial Cybersecurity Professional (GICSP). He also is a Fellow in the Institution of Engineering and Technology (IET) and a Senior Member of ISA. DISCUSSION LEADER: PAUL PIOTROWSKI Paul Piotrowski is currently an Automation Engineer in Shell’s Global PCD Integrity Organization (Process Control Domain). Paul consults globally on PCD Security issues for large global capital projects for all Shell Operating Assets. He has spent over 16 years in Shell in various security roles including network operations, risk governance and compliance, audit, incident management, forensics and project management. He has travelled extensively for Shell allowing him the opportunity to work across diverse set of cultures and landscapes which have shaped his view of the world. Paul possesses the valuable hybrid skill set of Operations Technology (OT) and Information Technology (IT). Through visiting and working at over 50 Shell assets globally he understands how to embed practical solutions between “operations” and “corporate IT” that reduce an organization's cyber security risk while minimizing operational impact. Paul is amid becoming a certified SANS ICS Security Instructor for the GISCP course. He holds a B.SC degree in Computer Science with a minor in management. He holds several certifications including the GICSP (Global Industrial Cyber Security Professional) and CISSP. In addition, he has participated in several executive development programmes. He is based out of the Calgary, Canada.
- Industrial Cloud Architecture
At this upcoming event, Brett Young will be leading us through a discussion about the "Industrial Cloud" reference architecture. It is an approach to rapidly transform operational facilities while reducing operational costs. That's a win-win! Come join us for a cocktail reception generously sponsored by our local sponsors: Autosol, Cylance, RSA, Set Solutions, LEO Cyber Security, Netskope and Fortinet. Please RSVP. We look forward to seeing you there! Thank you!