Register Now for Online Training and get a GIAC Cert Attempt Included or $350 Off

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

The Four Types of Threat Detection for ICS Security

  • Tuesday, November 21st, 2017 at 1:00 PM EST (18:00:00 UTC)
  • Robert M. Lee
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsor

  • Dragos, Inc.

You can now attend the webcast using your mobile device!

Overview

Threat detection can be summarized into four types: Configuration, Modeling (Anomalies), Indicators, and Behavioral Analytics. Understanding the difference in these types and how to use each enables industrial control system (ICS) security teams to defend their environments appropriately. 

As companies try to invest in different type of security technologies they must understand what approaches are right for them before they invest poorly. This presentation will educate on the four types of detection and uses for each while also showcasing the Dragos, Inc. team's approach. The Dragos Platform, Dragos WorldView ICS Threat Intelligence, Dragos Threat Operations Center, and CyberLens assessment tool give the community unique insights into their environments, the ICS threat landscape, and how to respond.

Speaker Bio

Robert M. Lee

Robert M. Lee, a SANS certified instructor and author of the "ICS Active Defense and Incident Response" and "Cyber Threat Intelligence" courses, is the founder and CEO of Dragos, a critical infrastructure cybersecurity company, where he focuses on control system traffic analysis, incident response and threat intelligence research. He has performed defense, intelligence and attack missions in various government organizations, including the establishment of a first-of-its-kind ICS/SCADA cyber threat intelligence and intrusion analysis mission. Author of SCADA and Me and a nonresident National Cyber Security Fellow at New America, focusing on critical infrastructure cybersecurity policy issues, Robert was named EnergySec's 2015 Energy Sector Security Professional of the Year.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.