SANS Cyber Defence Australia 2023 Community Night - June 29

Presentation 1 - The Five ICS Cybersecurity Critical Controls for APAC Practitioners

Peter Jackson, Certified Instructor Candidate

In ICS (industrial control systems) or OT (operational technology) security, there is an endless list of ‘security’ issues that could be ‘remediated’. Many industrial organisations, much less IT/OT stakeholders don’t know where to start.

This talk will present five cybersecurity controls that can be utilised together to create an efficient and effective industrial control system (ICS) or operational technology (OT) security program.

Peter will discuss the controls and the rationale behind them so that organisations can adapt the controls to fit their environment and risks. The controls are intended to be outcome focused instead of prescriptive in nature. They are also intelligence-driven in that they have been chosen based on the analysis of recent compromises and attacks in industrial companies around the world.

Peter will bring regional-specific ICS/OT insights to APAC ICS/OT practitioners. This is based on >15 years in supporting industrial organisations with ICS resilience as an experienced pragmatic engineer and SANS instructor.

Presentation 2 - Establishing the Link Between Corruption and Cybercrime

Jason Jordaan, Principal Instructor

We are confronted by so many cyber threat actors, with the primary focus being on external threats, and when it comes to internal threats, the focus is often on internal negligence. But the reality is we are seeing in more and more cases that external threat actors are actually simply corrupting internal staff members, often in trusted IT and security positions, to overcome even the most sophisticated cyber security systems. Considering that many cybercrime groups operate as organised crime groups, which are already willing to use corruption to achieve their aims, it is not surprising that they are willing to engage in corruption to facilitate their cybercrimes.

This talk will explore this concept in detail, showing how corruption related to cybercrime works, how organised crime groups identify targets, and talk about a case study that the presenter was involved in, where a cybercrime group used corruption to pull of a major hack of several government departments.