Lessons from NASA’s Mission Control Incident Response Program

https://secure.meetupstatic.com/photos/event/6/3/c/a/600_463345546.jpeg

Seth Jaffe will provide a unique incident response (IR) framework well suited to the ICS community. His presentation will prove to be extremely entertaining, culminating in a behind-the-scenes video of a response to a real mission critical incident at NASA. Nearly every industry authority or governmental agency that has provided recommendations for a cyber security Incident Response Plan (IRP). However, few have provided a concrete structure and even fewer address the unique environment of ICS/SCADA. Seth will share a model ICS incident response framework used by NASA’s Mission Control Center for the International Space Station (ISS). The ISS itself boasts 52 onboard computers, 1.8 million lines of code, 100 data networks, and over 400,000 sensors/signals. All of these assets are onboard an Earth-orbiting spacecraft that can never be shut down.

Seth will decompose an IRP into Policies, Procedures, Rules, Directives, and Dataset Repositories. He will lead a discussion on the governance of each of these components including the development, use, and document control management for each. He will also touch upon the organizational structure of the Mission Control room itself, describing the unique communication structure between members of the IR team. Finally, he will show a behind-the-scenes video of how Mission Control handled a vehicle launch incident – providing valuable insight into the effectiveness of the IRP in action. Seth is a former NASA flight controller, certified to fly both the ISS and the Space Shuttle, and he is now charged with developing modern incident response programs at LEO Cyber Security.

About the Speaker:

Seth Jaffe is the Vice President of the Incident Response Practice at LEO Cyber Security. In his role, Seth assists clients in the preparation, maturation, testing, and training of all aspects of incident response, leveraging fifteen years of experience in NASA’s Mission Control. Prior to LEO Cyber Security, Seth held the position of technology attorney at a major U.S. airline, where he was the Lead Legal team member on the IR Team, tasked with developing IR procedures and policies, facilitating effective emergency communications with other team members, and responding to actual incidents.

Earlier in his career, Seth worked in Mission Control at NASA’s center for manned spaceflight where he was certified as a senior flight controller, evaluator, and instructor supporting both Space Shuttle and the International Space Station (ISS) missions. In the Mission Control environment, Seth trained candidates to react to time sensitive emergency situations. He took part in over 100 simulations and logged over 3000 hours flying the ISS, experience he draws upon in his incident response practice.

Lots of great food and drinks will be provided!