SANS 2014

Orlando, FL | Sat, Apr 5 - Mon, Apr 14, 2014

ICS Cybersecurity in an Interconnected World

  • Wally Magda
  • Tuesday, April 8th, 12:30pm - 1:15pm

This event is free, but space is limited and allocated on a first-registered basis. Lunch will be provided. Please click the link below to register.

Industrial Control Systems, such as SCADA, are the ‚brains‚ of critical infrastructure, providing the vital functions of control and monitoring necessary to operate the Bulk Electric System. Since they were designed for functionality and performance, cybersecurity was not a primary consideration. During this session, we will discuss SCADA threat vectors, possible consequences, and some horror stories. Many of the actions presented to protect the utility and its customers can be applied to all Industrial Control Systems.

Wally Magda Bio:

Wally Magda is an internationally recognized cyber security expert for Industrial Control Systems (ICS) with over 20 years of experience. His deep security experience spans military nuclear missile command and control systems, intelligence agencies, enterprise cyber security and industrial control systems. Starting out as an Instrumentation, Control and Electrical (ICE) Tech he progressed to managing ICS as a process control engineer. Seeing the need for cyber security professionals to assist the industrial control vertical business units, he stepped into the enterprise level cyber security realm. Wally has conducted numerous ICS cyber and physical security assessments for electric, natural gas, chemical, LNG, and manufacturing facilities. He was on a network security assessment team tasked to review cyber and physical security architecture of solar power collection dishes at the Sandia National Laboratories‚ National Solar Thermal Test Facility (NSTTF). He was a contributing participant on the NISTIR 7628 Smart Grid Interoperability Panel‚Cyber Security Working Group (SGIP‚CSWG). He is currently an active member of the ASIS Critical Infrastructure Working Group (CIWG) Cyber Security Education Committee. Wally presents at conferences and events such as the FBI InfraGard, UTC Telecom, WECC CIPUG and ISSA-COS. He volunteers as an instructor teaching CISSP prep courses at a local technical university. Wally earned a Bachelor of Science degree in Management Information Systems (MIS) and holds a number of professional certifications including ISA Certified Automation Professional (CAP), SANS GIAC Global Industrial Cyber Security Professional (GICSP), ASIS Physical Security Professional (PSP), and ISC2 Certified Information Systems Security Professional (CISSP).

 

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Vendor: Events hosted by external vendor exhibitors.
  • Lunch & Learn: Short presentations given during the lunch break.
Sunday, April 6
Session Speaker Time Type
Registration Welcome Reception Sunday, April 6th, 5:00pm - 7:00pm Reception
Building and Managing a PKI Solution for Small and Medium Size Business Wylie Shanks - Master's Degree Candidate Sunday, April 6th, 7:30pm - 8:10pm Special Events
Monday, April 7
Session Speaker Time Type
General Session - Welcome to SANS Rob Lee Monday, April 7th, 8:15am - 8:45am Special Events
SANS Technology Institute Open House Alan Paller Monday, April 7th, 6:00pm - 7:00pm Special Events
Online Training Pool Party Monday, April 7th, 6:15pm - 7:15pm Special Events
APT Attacks Exposed: Network, Host, Memory, and Malware Analysis Rob Lee, Ovie Carroll, Alissa Torres, Phil Hagen, and Lenny Zeltser Monday, April 7th, 7:15pm - 9:15pm Keynote
Tuesday, April 8
Session Speaker Time Type
How to Become a SANS Instructor John Strand, Certified Instructor Tuesday, April 8th, 12:30pm - 1:15pm Lunch and Learn
Continuous Monitoring & Mitigation Doug Laughlin, Account Manager - GA/FL/Caribbean, ForeScout Technologies, Inc Tuesday, April 8th, 12:30pm - 1:15pm Lunch and Learn
World War C Threat Landscape - A Look At The Threats of Yesterday, The Trends Today, and What‚s to Come Tomorrow Mark Stanford, Senior Sales Engineering Manager, FireEye, Inc Tuesday, April 8th, 12:30pm - 1:15pm Lunch and Learn
The Power of Metadata Mike Nichols, Senior Technical Product Manager, General Dynamics Fidelis Cybersecurity Tuesday, April 8th, 12:30pm - 1:15pm Lunch and Learn
Enabling Secure Cloud Storage: Moving from Perimeter to Object-Based Protection Gregory Breeze, Principal SE, AlephCloud Tuesday, April 8th, 12:30pm - 1:15pm Lunch and Learn
‚Ę‚The Power of Lossless Packet Capture (1G-100G) & Real-time Netflow‚ Andrew Weisman, Senior Sales Engineer, Emulex Tuesday, April 8th, 12:30pm - 1:15pm Lunch and Learn
ICS Cybersecurity in an Interconnected World Wally Magda Tuesday, April 8th, 12:30pm - 1:15pm Lunch and Learn
Women in Technology Meet and Greet Karen Fioravanti Tuesday, April 8th, 6:15pm - 7:15pm Special Events
Security Awareness Metrics: Measuring Human Behavior Lance Spitzner Tuesday, April 8th, 7:15pm - 8:15pm SANS@Night
RapidTriage: An Automated Approach to System Intrusion Discovery Trenton Bond - Master's Degree Candidate Tuesday, April 8th, 7:15pm - 7:55pm Special Events
An Introduction to PowerShell for Security Assessments James Tarala Tuesday, April 8th, 8:15pm - 9:15pm SANS@Night
Securing The Kids Lance Spitzner Tuesday, April 8th, 8:15pm - 9:15pm SANS@Night
Social Engineering for Pentesters Dave Shackleford Tuesday, April 8th, 8:15pm - 9:15pm SANS@Night
A Hands-on XML External Entity Vulnerability Training Module Carrie Roberts - Master's Degree Candidate Tuesday, April 8th, 8:15pm - 8:55pm Special Events
Wednesday, April 9
Session Speaker Time Type
Vendor Solutions Expo Wednesday, April 9th, 12:00pm - 1:30pm Vendor Event
Vendor Solutions Expo Wednesday, April 9th, 5:00pm - 7:00pm Vendor Event
Windows Exploratory Surgery with Process Hacker Jason Fossen Wednesday, April 9th, 7:15pm - 8:45pm SANS@Night
RTC Security Jason Ostrom Wednesday, April 9th, 7:15pm - 8:15pm SANS@Night
Security Static Vulnerable Devices Chris Farrell - Master's Degree Candidate Wednesday, April 9th, 7:15pm - 7:55pm Special Events
Analyzing a Second-Hand ATM (Automated Teller Machine) Erik Van Buggenhout Wednesday, April 9th, 7:15pm - 8:15pm SANS@Night
How I Learned to Stop Worrying and be Agile! James Leyte-Vidal Wednesday, April 9th, 8:15pm - 9:15pm SANS@Night
The Security Onion Cloud Client: Network Security Monitoring for the Cloud Joshua Brower - Master's Degree Candidate Wednesday, April 9th, 8:15pm - 8:55pm Special Events
OpenSSL "Heartbleed" Vulnerability Jake Williams Wednesday, April 9th, 8:15pm - 9:15pm SANS@Night
Thursday, April 10
Session Speaker Time Type
Continuous Security Intelligence with the SANS Critical Security Controls Kevin Landt, Product Management, EiQnetworks Thursday, April 10th, 12:30pm - 1:15pm Lunch and Learn
Retina Vulnerability Management: The Best-Kept Secret in Security Morey J. Haber - Sr. Director, Program Management, BeyondTrust Thursday, April 10th, 12:30pm - 1:15pm Lunch and Learn
Phishing your employees- Lessons learned from phishing 5 million people Jim Hansen, Executive VP, PhishMe Thursday, April 10th, 12:30pm - 1:15pm Lunch and Learn
Tenable, the SANS 20 Critical Security Controls, And You; The Basics and Beyond Jack Daniel, Technical Product Manager for Tenable Network Security Thursday, April 10th, 12:30pm - 1:15pm Lunch and Learn
Fortinet Next Generation Firewalls Justin Kallhoff, CEO Infogressive Thursday, April 10th, 12:30pm - 1:15pm Lunch and Learn
Why use Continuous Monitoring Jonas Kelly, Technical Account Manager, Qualys Thursday, April 10th, 12:30pm - 1:15pm Lunch and Learn
The Dynamic Threat Landscape and Next Generation Security Scott deLelys, CISSP , Palo Alto Networks Thursday, April 10th, 12:30pm - 1:15pm Lunch and Learn
GIAC Program Overview Jeff Frisk Thursday, April 10th, 6:00pm - 6:45pm Special Events
How the West was Pwned G.Mark Hardy Thursday, April 10th, 7:15pm - 8:15pm SANS@Night
The Law of Offensive Countermeasures, Active Defense or Whatever You Wanna Call It Benjamin Wright Thursday, April 10th, 7:15pm - 8:15pm SANS@Night
Continuous Ownage: Why you Need Continuous Monitoring Seth Misenar and Eric Conrad Thursday, April 10th, 7:15pm - 8:15pm SANS@Night
Introduction to IDA Pro and Debugging Stephen Sims Thursday, April 10th, 8:15pm - 9:15pm SANS@Night
Hacking Back, Active Defense and Internet Tough Guys John Strand Thursday, April 10th, 8:15pm - 9:15pm SANS@Night
Friday, April 11
Session Speaker Time Type
Evolving VoIP Threats Paul A. Henry Friday, April 11th, 7:15pm - 8:15pm SANS@Night
What is bWAPP? Web Application Penetration Testing with bWAPP Malik Mesellem Friday, April 11th, 7:15pm - 8:15pm SANS@Night
There's *GOLD* in Them Thar Package Management Databases! Phil Hagen Friday, April 11th, 8:15pm - 9:15pm SANS@Night
How to Spy on your Employees with Memory Forensics Jacob Williams and Alissa Torres Friday, April 11th, 8:15pm - 9:15pm SANS@Night