For as long as Dean can remember, he has always had a passion for security, so his decision to go into the field was a natural progression. He grew up ethically hacking computer systems of all types using his own custom-compiled Linux systems and custom C code hacking tools. From a young age, he wrote security tools such as password crackers in Python, host-based intrusion detections systems, network sniffing tools, intelligent port scanners, and kernel module and exploits, among many others. Dean’s passion for this type of work is rooted in protecting the greater good. He recognizes the crucial need for more defenders in the industry as adversaries continue to specifically target ICS and critical infrastructure.
To support himself while earning his bachelor’s degree in computer science at Memorial University of Newfoundland, Dean worked as a security consultant performing Linux hardening, writing networking applications, and performing ethical hacks and vulnerability assessments for industrial marine and offshore engineering firms, among others. Dean now has more than 20 years of technical and management experience. He has worked in both Information Technology and ICS Cyber Defense in the telecommunications and electricity sectors covering generation, transmission and distribution of power for critical infrastructure in Canada, including the NERC-CIP alignment.
As an ICS Cyber Defense consultant, no day looks the same for Dean. One day you might find him dissecting packets and writing policies, while on the next he might be presenting to a board of directors or to professionals at a security conference.
Dean will be the first to tell you that ICS cybersecurity starts with safety and is driven by it. To ensure this safety, he has built ICS security teams and processes for practical defense across multiple ICS sectors. These teams have been effective in performing ICS incident response and playing key roles in preserving the safety and reliability of operational technology and ICS operations. Dean has integrated cybersecurity as mandatory ICS-physical and on-site safety training for engineering staff. This training is ever more important as adversaries make brazen moves to target the ICS safety systems designed to keep people and physical assets safe.
“I’m an ambassador for defending our industrial systems, and an advocate for safety, reliability and cyber protection of our critical infrastructure,” Dean explains. “Every ICS class I teach I empower every student to ask questions and get involved in the always up-to-date conversation. Using this approach and sharing my experiences from the field creates memorable moments to effectively deliver the course content. It prepares students for SANS GIAC certifications while simultaneously helping them retain critical knowledge long after the class ends, which is super important for practical ICS defense.”
In ICS515: ICS Active Defense and Incident Response, the course Dean teaches for SANS, he tackles common misconceptions and challenges of IT security applied to ICS security with an emphasis on safety for critical infrastructure. He takes students through incidence response, and emphasizes the main differences between traditional IT security and ICS security. One thing you will certainly hear echoed in Dean’s class is “Defense is Do-able!” He also reminds you to keep in mind Yoda’s famous expression: “Do. Or do not. There is no try.”
Dean is also the co-author of the new upcoming SANS course ICS418: ICS Security Essentials for Managers with SANS Certified Instructor Jason Christopher. ICS418 fills the identified gap among leaders working across critical infrastructure and operational technology environments. It empowers new and established ICS Security Managers with tools to address industry pressures and manage cyber threats and defenses that prioritize the business while ensuring the safety and reliability of ICS operations.
Outside of class, Dean has been invited to speak on ICS security at conferences and workshops throughout North America and the United Kingdom. He has also contributed to many SANS ICS webcasts. When Dean isn’t working, you can find him exploring the coast of Newfoundland on his jet skis, playing piano, jamming out to ‘80s music, or riding motorcycles. He is an accomplished motorcycle instructor and rider and has published some adventures in his travel book The Evergreen Rider: Newfoundland by Motorcycle Through All Seasons, All Weather.
ADDITIONAL CONTRIBUTIONS BY DEAN PARSONS:
PUBLISHED WORKS, ARTICLES & BLOGS
SANS ICS Sit Visit Plan, May 2021
7 Tips For Planning ICS Plant Visits, May 2019
News article: Addressing Modern Industrial Control System Attacks, March 2019
WEBCASTS & PRESENTATIONS
Top 5 ICS Assets and How to Protect Them, August 2021
Cyber42: Industrial Edition Game Day, July 2021
Improving Incident Response for ICS, November 2017
CHEAT SHEETS & POSTERS
ICS Assessment Quick Start Guide – Poster
ICS Site Visit Plan – Cheat Sheet
ICS Security Program Maturity Quick Start Guide – Cheat Sheet
ICS Assessment Methodology Quick Start Guide – Cheat Sheet
ICS Common Acronyms Quick Start Guide – Cheat Sheet