Final Days to get an iPad Mini 4, a Galaxy Tab A, or Take $250 Off with Online Training - Register by 9/27!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Deconstructing the Reports of Iranian Activity Against the Power Grid and New York Dam

  • Tuesday, January 5th, 2016 at 12:00 PM EST (17:00:00 UTC)
  • Mike Assante, Robert M. Lee
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!

Overview

On December 20th and 21st there were two reports of separate incidents detailing focused adversary efforts into research U.S. infrastructure. The activity was attributed to Iranian actors and targeted sites along the power grid including Calpine and a dam in New York. Both of these case-studies are interesting and pose lessons learned for the community. In this webcast Michael Assante, SANS ICS Director, and Robert M. Lee, ICS515 Course Author, will deconstruct these two cases noting strengths, weaknesses, and lessons learned from the reports. The cases will also be discussed in the context of the ICS Cyber Kill Chain and the most important takeaways will be mapped to efforts defenders can employ today.


Learn more about securing industrial control systems at the upcoming ICS Security Summit in Orlando, FL on February 22 & 23, 2016.

The Summit is the premier event to attend in 2016 for ICS cybersecurity practitioners and managers. This year's summit will center on the theme "Defense is Doable" and will feature more in-depth technical talks, case studies, and hands-on challenges than ever before.

Attendees will:

  • Understand how ICS systems are being targeted
  • Learn how to safeguard ICS against the new threat matrix
  • Gather with fellow practitioners to share skills and acquire new ones
  • Explore how cyber-informed engineering mixes with cyber security for ICS success
  • Discover best practices for teaching operators cyber security awareness
  • Test and expand ICS security knowledge through exciting hands-on challenges

Speaker Bios

Robert M. Lee

Robert M. Lee is the CEO and Founder of the critical infrastructure cyber security company Dragos Security LLC where he has a passion for control system traffic analysis, incident response, and threat intelligence research. He is a SANS Certified Instructor and the course author of SANS ICS515 - "Active Defense and Incident Response" and the co-author of SANS FOR578 - "Cyber Threat Intelligence." Robert is also a non-resident National Cyber Security Fellow at New America focusing on policy issues relating to the cyber security of critical infrastructure and a PhD candidate at Kings College London. For his research and focus areas, he was named one of Passcode's Influencers, awarded EnergySec's 2015 Cyber Security Professional of the Year, and named to the 2016 Forbes' 30 Under 30 list.

Robert obtained his start in cyber security in the U.S. Air Force where he served as a Cyber Warfare Operations Officer. He has performed defense, intelligence, and attack missions in various government organizations including the establishment of a first-of-its-kind ICS/SCADA cyber threat intelligence and intrusion analysis mission. Robert routinely writes articles in publications such as Control Engineering and the Christian Science Monitor's Passcode and speaks at conferences around the world. Lastly, Robert, is author of the book "SCADA and Me" and the weekly web-comic http://www.LittleBobbyComic.com.

"Rob is the best instructor I have seen. Real world examples, humor, time efficient, [and] effective."
- Toni Benson, Cyber Analyst


Mike Assante

Michael Assante is currently the SANS lead for Industrial Control System (ICS) and Supervisory Control and Data Acquisition (SCADA) security and Co-founder of NexDefense an Atlanta-based ICS security company. He served as Vice President and Chief Security Officer of the North American Electric Reliability (NERC) Corporation, where he oversaw industry-wide implementation of cyber security standards across the continent. Prior to joining NERC, Mr. Assante held a number of high-level positions at Idaho National Labs and served and as Vice President and Chief Security Officer for American Electric Power. Mr. Assante's work in ICS security has been widely recognized and was selected by his peers as the winner of Information Security Magazine's security leadership award for his efforts as a strategic thinker. The RSA 2005 Conference awarded him its outstanding achievement award in the practice of security within an organization.

He has testified before the US Senate and House and was an initial member of the member of the Commission on Cyber Security for the 44th Presidency. Before his career in security served in various naval intelligence and information warfare roles, he developed and gave presentations on the latest technology and security threats to the Chairman of the Joint Chiefs of Staff, Director of the National Security Agency, and other leading government officials. In 1997, he was honored as a Naval Intelligence Officer of the Year.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.