Get a GIAC Certification Attempt Included or $350 Off with SANS Online Training!

ICS Security Summit & Training 2018

Orlando, FL | Sun, Mar 18 - Mon, Mar 26, 2018

Developing an Industrial Controls Security Framework for balanced and targeted investment

  • Ernie Hayden CISSP CEH GICSP
  • Tuesday, February 24th, 12:45pm - 2:00pm

The challenge with implementing an industrial controls security program is to identify the appropriate standards to use and to maximize their use. For instance should you use ISA-99/IEC-62443? What about ISO 27001/2? What about NIST 800-82 and NIST 800-53 or the latest NIST Framework? While working with several major global corporations in the Electric Utility, Oil & Gas and Manufacturing sectors, this challenge surfaced. Ultimately, an ICS Cybersecurity Framework was developed by Securicon and corporate stakeholders to satisfy not only these questions, but also help identify and prioritize impact criteria and methods for illustrating and measuring cost savings. This presentation will discuss setting the scene for the problem and providing information on how the challenge was solved with an effective framework.

The presentation will also include a sense of how the different standards were analyzed and how they were integrated into the single ICS Cyber Security Framework. We will also review how the Framework is being used as a cost savings vehicle.

The audience will gain a sense of the challenge faced by these global companies and ICS security; they will understand the desired outcome for this ICS cybersecurity framework, and they will understand the approach taken to build the framework for ultimate use as part of a balanced Cyber Security Program.

(The global companies associated with this Framework development wish to remain anonymous).


Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Vendor: Events hosted by external vendor exhibitors.
  • Lunch & Learn: Short presentations given during the lunch break.
Sunday, March 18
Session Speaker Time Type
Electricity Information Sharing and Analysis Center (E-ISAC) strategic plan update and GridEx IV lessons learned Bill Lawrence, NERC E-ISAC Sunday, March 18th, 5:30pm - 6:30pm SANS@Night
Monday, March 19
Session Speaker Time Type
Vendor Solutions Expo Monday, March 19th, 11:00am - 11:30am Vendor Event
Defeating Alert Fatigue: Transforming NSM Alerts Into Effective Workflows Monday, March 19th, 12:05pm - 1:30pm Lunch and Learn
ICS Cybersecurity Vulnerabilities and the One Chip Challenge Monday, March 19th, 12:05pm - 1:30pm Lunch and Learn
Choose the Right Tool for the Job - A "Lessons Learned" discussion on the value of breaking tradition in the OT space Rick Kaun, VP Solutions Monday, March 19th, 12:05pm - 1:30pm Lunch and Learn
Vendor Solutions Expo Monday, March 19th, 3:00pm - 3:30pm Vendor Event
ICS Security Summit Night Out Monday, March 19th, 6:00pm - 8:00pm Reception
Tuesday, March 20
Session Speaker Time Type
Vendor Solutions Expo Tuesday, March 20th, 10:30am - 11:00am Vendor Event
Vendor Solutions Expo Tuesday, March 20th, 3:15pm - 3:45pm Vendor Event
GIAC Certification Reception Tuesday, March 20th, 6:30pm - 8:00pm Reception
Wednesday, March 21
Session Speaker Time Type
Under the Hood of ICS Monitoring and Detection: 3 Use Cases Kim Legelis, Chief Marketing Officer Wednesday, March 21st, 12:30pm - 1:15pm Lunch and Learn
Alright, Who Changed What? Eric Persson, ICS Cybersecurity Consultant Wednesday, March 21st, 12:30pm - 1:15pm Lunch and Learn
ICS's go time! Jason DelyTechnical Director, ICS and Critical Infrastructure Wednesday, March 21st, 12:30pm - 1:15pm Lunch and Learn
Thursday, March 22
Session Speaker Time Type
Learning from the Adversary: The Value of Malware Analysis for ICS Dean Parsons Thursday, March 22nd, 6:00pm - 7:00pm SANS@Night