Date: Monday, February 11
Time: 8:00am - 3:00pm
Location: Yacht & Beach Club Conference Center - Hampton Room
Presenters: Tim Roxey, Mark Fabro, and Mike Assante
Agenda at the bottom of this page
The Electricity Sector Information Sharing and Analysis Center (ES-ISAC) is happy to announce a free daytime training opportunity for ES-ISAC members (non-members will not be admitted). The ES-ISAC personnel, Lofty Perch, DOE, and NBISE will support the main day's training on: 1) DOE C2M2, 2) the MSEL injected CRPA Tabletop Exercise, and 3) NBISE material.
The <strong>free</strong> training will cover both the recently-developed Department of Energy (DOE) Electricity Sub-sector Cybersecurity Capability Maturity Model (ES-C2M2) work and the ES-ISAC‚s ongoing Cyber Risk Preparedness Assessment (CRPA) methodology. The intention of this training is to expose BPS personnel to both of these activities‚one an assessment, and the other an exercise methodology‚and show how these activities are being coupled into an Assess-Exercise-Access style methodology. Participants will receive all of the exercise materials compliments of ES-ISAC.
As an excellent additional feature to the CRPA/C2M2 training, Mike Assante of the National Board of Information Security Examiners <a href="https://www.nbise.org/">(https://www.nbise.org/)</a> will be using this forum to host several discussions around workforce training issues.
<strong>Exposure to Closure is also on February 11</strong>
Plan to stay through the evening to enjoy <a href="https://www.sans.org/event/north-american-scada-2013/product/2435">"Exposure to Closure</a> - The life and times of an exploited Vulnerability". This four-act dinner theater is the third installment in the highly popular four-part "Exposure to Closure" series, back by popular demand. This interactive "whodunit" begins with a germ of suspicion discovered by vulnerability researchers or intelligence analysts, and follows through forensic deconstruction, vulnerability mitigation, and on to the enumerators, who will determine if the mitigation path taken was effective.
<strong>The <a href="https://www.sans.org/event/north-american-scada-2013/product/2435">SANS North American ICS & SCADA Summit</a> is February 12 - 13</strong>
The following two days will feature The North American ICS & SCADA Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset owning and operating organizations along with control systems and security vendors who have innovative solutions for improving security. Along with government and research leaders, they are coming together to learn and discuss the newest and most challenging cyber security risks to control systems and the most effective defenses. The North American ICS & SCADA Summit is an action conference designed so that every attendee leaves with new tools and techniques they can put to work immediately when they return to their office.
Register to attend Exposure to Closure or the North American ICS & SCADA Summit at <a href="https://www.sans.org/registration/register.php?conferenceid=28439">https://www.sans.org/registration/register.php?conferenceid=28439</a>
8:00-8:15 Wake up and Welcome (Tim, Mike)
8:15-9:00 DoE spread the C2M2 Love (Special DoE facilitator)
9:00-9:15 Welcome to your Acme Network and review your homework materials (Mark)
(All registrants will have received the ACME Network and CRPA templates in advance)
9:30-12:00 Normal CRPA Move 1 plus embedded Mike's material
12:00-12:45 Lunch on Own
12:45-1:45 Normal CRPA Move 2 plus embedded Mike's material
1:45-2:45 Normal CRPA Move 3 plus hot wash and last of Mike's material
2:45-3:00 final wrap
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Vendor: Events hosted by external vendor exhibitors.
- Lunch & Learn: Short presentations given during the lunch break.
|Participating Vendors||National Electric Sector Cybersecurity Organization (NESCO)||Vendor Event|
|Asgard Networks||—||Vendor Event|
|CRPA/C2M2 Training||—||Special Events|
|Industrial Defender Lunch and Learn Presentation||Justin Searle, Managing Partner, UtiliSec||Tuesday, February 12th, 11:45am - 1:00pm||Lunch and Learn|
|International Attendee Reception||—||Tuesday, February 12th, 5:00pm - 6:00pm||Reception|
|Codenomicon Welcome Reception||—||Tuesday, February 12th, 6:00pm - 8:00pm||Reception|