ICS Cybersecurity in an Interconnected World
- Wally Magda
- Tuesday, April 8th, 12:30pm - 1:15pm
This event is free, but space is limited and allocated on a first-registered basis. Lunch will be provided. Please click the link below to register.
Industrial Control Systems, such as SCADA, are the ‚brains‚ of critical infrastructure, providing the vital functions of control and monitoring necessary to operate the Bulk Electric System. Since they were designed for functionality and performance, cybersecurity was not a primary consideration. During this session, we will discuss SCADA threat vectors, possible consequences, and some horror stories. Many of the actions presented to protect the utility and its customers can be applied to all Industrial Control Systems.
Wally Magda Bio:
Wally Magda is an internationally recognized cyber security expert for Industrial Control Systems (ICS) with over 20 years of experience. His deep security experience spans military nuclear missile command and control systems, intelligence agencies, enterprise cyber security and industrial control systems. Starting out as an Instrumentation, Control and Electrical (ICE) Tech he progressed to managing ICS as a process control engineer. Seeing the need for cyber security professionals to assist the industrial control vertical business units, he stepped into the enterprise level cyber security realm. Wally has conducted numerous ICS cyber and physical security assessments for electric, natural gas, chemical, LNG, and manufacturing facilities. He was on a network security assessment team tasked to review cyber and physical security architecture of solar power collection dishes at the Sandia National Laboratories‚ National Solar Thermal Test Facility (NSTTF). He was a contributing participant on the NISTIR 7628 Smart Grid Interoperability Panel‚Cyber Security Working Group (SGIP‚CSWG). He is currently an active member of the ASIS Critical Infrastructure Working Group (CIWG) Cyber Security Education Committee. Wally presents at conferences and events such as the FBI InfraGard, UTC Telecom, WECC CIPUG and ISSA-COS. He volunteers as an instructor teaching CISSP prep courses at a local technical university. Wally earned a Bachelor of Science degree in Management Information Systems (MIS) and holds a number of professional certifications including ISA Certified Automation Professional (CAP), SANS GIAC Global Industrial Cyber Security Professional (GICSP), ASIS Physical Security Professional (PSP), and ISC2 Certified Information Systems Security Professional (CISSP).
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Vendor: Events hosted by external vendor exhibitors.
- Lunch & Learn: Short presentations given during the lunch break.
|Registration Welcome Reception||—||Sunday, April 6th, 5:00pm - 7:00pm||Reception|
|Building and Managing a PKI Solution for Small and Medium Size Business||Wylie Shanks - Master's Degree Candidate||Sunday, April 6th, 7:30pm - 8:10pm||Special Events|
|General Session - Welcome to SANS||Rob Lee||Monday, April 7th, 8:15am - 8:45am||Special Events|
|SANS Technology Institute Open House||Alan Paller||Monday, April 7th, 6:00pm - 7:00pm||Special Events|
|Online Training Pool Party||—||Monday, April 7th, 6:15pm - 7:15pm||Special Events|
|APT Attacks Exposed: Network, Host, Memory, and Malware Analysis||Rob Lee, Ovie Carroll, Alissa Torres, Phil Hagen, and Lenny Zeltser||Monday, April 7th, 7:15pm - 9:15pm||Keynote|
|How to Become a SANS Instructor||John Strand, Certified Instructor||Tuesday, April 8th, 12:30pm - 1:15pm||Lunch and Learn|
|Continuous Monitoring & Mitigation||Doug Laughlin, Account Manager - GA/FL/Caribbean, ForeScout Technologies, Inc||Tuesday, April 8th, 12:30pm - 1:15pm||Lunch and Learn|
|World War C Threat Landscape - A Look At The Threats of Yesterday, The Trends Today, and What‚s to Come Tomorrow||Mark Stanford, Senior Sales Engineering Manager, FireEye, Inc||Tuesday, April 8th, 12:30pm - 1:15pm||Lunch and Learn|
|The Power of Metadata||Mike Nichols, Senior Technical Product Manager, General Dynamics Fidelis Cybersecurity||Tuesday, April 8th, 12:30pm - 1:15pm||Lunch and Learn|
|Enabling Secure Cloud Storage: Moving from Perimeter to Object-Based Protection||Gregory Breeze, Principal SE, AlephCloud||Tuesday, April 8th, 12:30pm - 1:15pm||Lunch and Learn|
|‚Ę‚The Power of Lossless Packet Capture (1G-100G) & Real-time Netflow‚||Andrew Weisman, Senior Sales Engineer, Emulex||Tuesday, April 8th, 12:30pm - 1:15pm||Lunch and Learn|
|ICS Cybersecurity in an Interconnected World||Wally Magda||Tuesday, April 8th, 12:30pm - 1:15pm||Lunch and Learn|
|Women in Technology Meet and Greet||Karen Fioravanti||Tuesday, April 8th, 6:15pm - 7:15pm||Special Events|
|Security Awareness Metrics: Measuring Human Behavior||Lance Spitzner||Tuesday, April 8th, 7:15pm - 8:15pm||SANS@Night|
|RapidTriage: An Automated Approach to System Intrusion Discovery||Trenton Bond - Master's Degree Candidate||Tuesday, April 8th, 7:15pm - 7:55pm||Special Events|
|An Introduction to PowerShell for Security Assessments||James Tarala||Tuesday, April 8th, 8:15pm - 9:15pm||SANS@Night|
|Securing The Kids||Lance Spitzner||Tuesday, April 8th, 8:15pm - 9:15pm||SANS@Night|
|Social Engineering for Pentesters||Dave Shackleford||Tuesday, April 8th, 8:15pm - 9:15pm||SANS@Night|
|A Hands-on XML External Entity Vulnerability Training Module||Carrie Roberts - Master's Degree Candidate||Tuesday, April 8th, 8:15pm - 8:55pm||Special Events|
|Vendor Solutions Expo||—||Wednesday, April 9th, 12:00pm - 1:30pm||Vendor Event|
|Vendor Solutions Expo||—||Wednesday, April 9th, 5:00pm - 7:00pm||Vendor Event|
|Windows Exploratory Surgery with Process Hacker||Jason Fossen||Wednesday, April 9th, 7:15pm - 8:45pm||SANS@Night|
|RTC Security||Jason Ostrom||Wednesday, April 9th, 7:15pm - 8:15pm||SANS@Night|
|Security Static Vulnerable Devices||Chris Farrell - Master's Degree Candidate||Wednesday, April 9th, 7:15pm - 7:55pm||Special Events|
|Analyzing a Second-Hand ATM (Automated Teller Machine)||Erik Van Buggenhout||Wednesday, April 9th, 7:15pm - 8:15pm||SANS@Night|
|How I Learned to Stop Worrying and be Agile!||James Leyte-Vidal||Wednesday, April 9th, 8:15pm - 9:15pm||SANS@Night|
|The Security Onion Cloud Client: Network Security Monitoring for the Cloud||Joshua Brower - Master's Degree Candidate||Wednesday, April 9th, 8:15pm - 8:55pm||Special Events|
|OpenSSL "Heartbleed" Vulnerability||Jake Williams||Wednesday, April 9th, 8:15pm - 9:15pm||SANS@Night|
|Continuous Security Intelligence with the SANS Critical Security Controls||Kevin Landt, Product Management, EiQnetworks||Thursday, April 10th, 12:30pm - 1:15pm||Lunch and Learn|
|Retina Vulnerability Management: The Best-Kept Secret in Security||Morey J. Haber - Sr. Director, Program Management, BeyondTrust||Thursday, April 10th, 12:30pm - 1:15pm||Lunch and Learn|
|Phishing your employees- Lessons learned from phishing 5 million people||Jim Hansen, Executive VP, PhishMe||Thursday, April 10th, 12:30pm - 1:15pm||Lunch and Learn|
|Tenable, the SANS 20 Critical Security Controls, And You; The Basics and Beyond||Jack Daniel, Technical Product Manager for Tenable Network Security||Thursday, April 10th, 12:30pm - 1:15pm||Lunch and Learn|
|Fortinet Next Generation Firewalls||Justin Kallhoff, CEO Infogressive||Thursday, April 10th, 12:30pm - 1:15pm||Lunch and Learn|
|Why use Continuous Monitoring||Jonas Kelly, Technical Account Manager, Qualys||Thursday, April 10th, 12:30pm - 1:15pm||Lunch and Learn|
|The Dynamic Threat Landscape and Next Generation Security||Scott deLelys, CISSP , Palo Alto Networks||Thursday, April 10th, 12:30pm - 1:15pm||Lunch and Learn|
|GIAC Program Overview||Jeff Frisk||Thursday, April 10th, 6:00pm - 6:45pm||Special Events|
|How the West was Pwned||G.Mark Hardy||Thursday, April 10th, 7:15pm - 8:15pm||SANS@Night|
|The Law of Offensive Countermeasures, Active Defense or Whatever You Wanna Call It||Benjamin Wright||Thursday, April 10th, 7:15pm - 8:15pm||SANS@Night|
|Continuous Ownage: Why you Need Continuous Monitoring||Seth Misenar and Eric Conrad||Thursday, April 10th, 7:15pm - 8:15pm||SANS@Night|
|Introduction to IDA Pro and Debugging||Stephen Sims||Thursday, April 10th, 8:15pm - 9:15pm||SANS@Night|
|Hacking Back, Active Defense and Internet Tough Guys||John Strand||Thursday, April 10th, 8:15pm - 9:15pm||SANS@Night|
|Evolving VoIP Threats||Paul A. Henry||Friday, April 11th, 7:15pm - 8:15pm||SANS@Night|
|What is bWAPP? Web Application Penetration Testing with bWAPP||Malik Mesellem||Friday, April 11th, 7:15pm - 8:15pm||SANS@Night|
|There's *GOLD* in Them Thar Package Management Databases!||Phil Hagen||Friday, April 11th, 8:15pm - 9:15pm||SANS@Night|
|How to Spy on your Employees with Memory Forensics||Jacob Williams and Alissa Torres||Friday, April 11th, 8:15pm - 9:15pm||SANS@Night|