This year is the 17th annual SANS ICS Security Summit! I wanted to write this post to share a few things about the logistics, what to expect, and ideally get you hyped up to submit to the Call for Presentations (CFP) or prepared to come and attend.
The Summit itself will take place June 2-3 and will offer practitioner focused talks which you can attend for free virtually, or you can join us in-person in Orlando, Florida. The training will have both Live Online and in-person options as well, and will run June 4-9. Last year, we held the SANS ICS Security Summit completely virtually and had over 6,000 people from around the world attend. As great as it was to be able to reach so many people (and one of the reasons we’ll include a virtual option for the foreseeable future), nothing can replace the in-person event and ability to network, share knowledge, and ideally get to relax a little as well.
The SANS Summit team has been hard at work not only making sure we can provide safe environments for everyone but also to make the summit economical for everyone as we try to get more people involved in the ICS community (previous Summits would cost around $1,200 for the two days. This Summit will be $750 for the two days). The event itself will be held at the Hilton Orlando Lake Buena Vista hotel which will give attendees opportunities to have numerous food options and activities during the week as well as be able to take advantage of the theme parks...especially if bringing friends or family members. Tim Conway and I both always take advantage of this with our families, and you’ll find us all in Walt Disney World before or after the event (as well as my wife and son during the event enjoying it) admiring not only the happiest place on earth but all the amazing control systems that bring the parks to life.
As always, for the CFP, we’re looking for practitioner focused talks on any ICS/OT topics you all want to come up with. Sure, the latest cyberattacks, vulnerabilities, incident response cases, and more are always interesting, but over the years we’ve gotten amazing talks covering completely unexpected areas as well – so don’t filter yourself needlessly. If you have a talk that is interesting to you and focused on ICS/OT then it’s likely something that’ll be interesting to others and you should submit it. There’s also been a ton going on this past year ranging from adapting to remote working conditions and operations to thinking through the impacts of asset inventories + software bill of materials (SBOMs) when vulnerabilities like Log4J come out. The past year has pushed a lot of people to be creative and push the boundaries in ICS security – we’re looking to hear from you.
The ICS Security Summit CFP is now open! We'll be accepting submissions until Thursday, February 17. Learn more here.
In the evenings, there will also be plenty of educational and fun things to keep your attention. As an example, we usually have some sort of capture the flag (CTF) type event with hands on ICS security challenges and data, as well as some after hours event ranging from a party to laser tag. We’re still coming up with ideas this year, but it’ll be fun as always and we’ll try to make it creative and something that takes advantage of the local area. If you end up taking one of the SANS classes, you’ll also be able to take advantage of ICS NetWars which is a free add-on for students to give people hands-on time with ICS datasets and equipment to perform security tasks and put your skills to the challenge while attempting to earn ICS specific challenge coins.
We’re looking forward to seeing you all! Please visit the SANS ICS Security Summit & Training 2022 event site for additional information and to get registered!
P.S. - To get a taste of the type of presentations and speakers you’ll see at ICS Security Summit 2022, check out these talks from last year's Summit.