Eight Courses at SANS New York City Summer 2018. Save $400 thru 6/20!

North American ICS & SCADA Summit

Lake Buena Vista, FL | Wed, Feb 6 - Fri, Feb 15, 2013
This event is over,
but there are more training opportunities.

CRPA/C2M2 Training

Date: Monday, February 11

Time: 8:00am - 3:00pm

Location: Yacht & Beach Club Conference Center - Hampton Room

Presenters: Tim Roxey, Mark Fabro, and Mike Assante

Agenda at the bottom of this page

The Electricity Sector Information Sharing and Analysis Center (ES-ISAC) is happy to announce a free daytime training opportunity for ES-ISAC members (non-members will not be admitted). The ES-ISAC personnel, Lofty Perch, DOE, and NBISE will support the main day's training on: 1) DOE C2M2, 2) the MSEL injected CRPA Tabletop Exercise, and 3) NBISE material.

The free training will cover both the recently-developed Department of Energy (DOE) Electricity Sub-sector Cybersecurity Capability Maturity Model (ES-C2M2) work and the ES-ISAC‚s ongoing Cyber Risk Preparedness Assessment (CRPA) methodology. The intention of this training is to expose BPS personnel to both of these activities‚one an assessment, and the other an exercise methodology‚and show how these activities are being coupled into an Assess-Exercise-Access style methodology. Participants will receive all of the exercise materials compliments of ES-ISAC.

As an excellent additional feature to the CRPA/C2M2 training, Mike Assante of the National Board of Information Security Examiners (https://www.nbise.org/) will be using this forum to host several discussions around workforce training issues.

Exposure to Closure is also on February 11

Plan to stay through the evening to enjoy "Exposure to Closure - The life and times of an exploited Vulnerability". This four-act dinner theater is the third installment in the highly popular four-part "Exposure to Closure" series, back by popular demand. This interactive "whodunit" begins with a germ of suspicion discovered by vulnerability researchers or intelligence analysts, and follows through forensic deconstruction, vulnerability mitigation, and on to the enumerators, who will determine if the mitigation path taken was effective.

The SANS North American ICS & SCADA Summit is February 12 - 13

The following two days will feature The North American ICS & SCADA Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset owning and operating organizations along with control systems and security vendors who have innovative solutions for improving security. Along with government and research leaders, they are coming together to learn and discuss the newest and most challenging cyber security risks to control systems and the most effective defenses. The North American ICS & SCADA Summit is an action conference designed so that every attendee leaves with new tools and techniques they can put to work immediately when they return to their office.

Register to attend Exposure to Closure or the North American ICS & SCADA Summit at https://www.sans.org/registration/register.php?conferenceid=28439

CRPA/C2M2 Agenda:

8:00-8:15 Wake up and Welcome (Tim, Mike)

8:15-9:00 DoE spread the C2M2 Love (Special DoE facilitator)

9:00-9:15 Welcome to your Acme Network and review your homework materials (Mark)

(All registrants will have received the ACME Network and CRPA templates in advance)

9:15-9:30 Break

9:30-12:00 Normal CRPA Move 1 plus embedded Mike's material

12:00-12:45 Lunch on Own

12:45-1:45 Normal CRPA Move 2 plus embedded Mike's material

1:45-2:45 Normal CRPA Move 3 plus hot wash and last of Mike's material

2:45-3:00 final wrap


Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Vendor: Events hosted by external vendor exhibitors.
  • Lunch & Learn: Short presentations given during the lunch break.
Additional Sessions
Session Speaker Type
Participating Vendors National Electric Sector Cybersecurity Organization (NESCO) Vendor Event
Vendor Event
Asgard Networks Vendor Event
CRPA/C2M2 Training Special Events
Tuesday, February 12
Session Speaker Time Type
Industrial Defender Lunch and Learn Presentation Justin Searle, Managing Partner, UtiliSec Tuesday, February 12th, 11:45am - 1:00pm Lunch and Learn
International Attendee Reception Tuesday, February 12th, 5:00pm - 6:00pm Reception
Codenomicon Welcome Reception Tuesday, February 12th, 6:00pm - 8:00pm Reception