Sharpen your Skills at SANS San Francisco Winter 2017. Save $200 thru 10/25.

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Exploring the Unknown ICS Threat Landscape

  • Tuesday, April 18th, 2017 at 11:00 AM EDT (15:00:00 UTC)
  • Robert M. Lee, Ben Miller, and Mike Assante
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsor

  • Dragos, Inc.

You can now attend the webcast using your mobile device!

Overview

ICS (in)security is hiding in plain sight. This presentation will be our first public discussion on unique research on industrial control system software, malware, and the consequences of poor operations security. Our premise for this project is the belief that there is a wealth of information surrounding Industrial Control Systems that is unrecognized by the traditional IT cybersecurity industry. We will walk through our methodology, show real-world findings and conclusions of what this means in our space.

Speaker Bios

Robert M. Lee

Robert M. Lee, a SANS certified instructor and author of the "ICS Active Defense and Incident Response" and "Cyber Threat Intelligence" courses, is the founder and CEO of Dragos, a critical infrastructure cyber security company, where he focuses on control system traffic analysis, incident response and threat intelligence research. He has performed defense, intelligence and attack missions in various government organizations, including the establishment of a first-of-its-kind ICS/SCADA cyber threat intelligence and intrusion analysis mission. Author of SCADA and Me and a nonresident National Cyber Security Fellow at New America, focusing on critical infrastructure cyber security policy issues, Robert was named EnergySec's 2015 Energy Sector Security Professional of the Year.


Ben Miller

Ben Miller is Director, Threat Operations Center at the industrial cyber security company Dragos, Inc. where he leads a team of analysts in performing active defense inside of ICS/SCADA networks. In this capacity, he is responsible for performing a threat hunting, incident response, and malware analysis mission for the industrial community. Previous to his role at Dragos, Inc. Ben was the Associate Director, Electricity Information Sharing & Analysis Center (Electricity ISAC) and led cyber analysis for the sector. He and his team focused on leading edge cyber activities as they relate to the North American bulk electric system. Ben was recognized as instrumental in building new capabilities surrounding information sharing and analytics in his five years at the E-ISAC. Prior to joining the E-ISAC, Ben built and led a team of 9 focused on Network Security Monitoring, forensics, and incident response at a Fortune 150 energy firm. His team received numerous accolades from industry and law enforcement. During this time, he also served in a CIP implementation project and various enterprise-wide mitigation programs. Ben has over 18 years' experience and currently holds the CISSP and GIAC GREM certifications.

Ben has served in various roles including both planner and player roles in GridEx I, II, and III. He served as a member of the NERC Cyber Attack Task Force, an acknowledged contributor to NIST SP 800-150, a panel member of the NBISE Advanced Defender panel, and adviser on CI Advanced Defender Training program. Ben is an accomplished speaker in various venues including SANS, ICSWJG, ShmooCon and others. Ben also helps run Charmsec; an informal 'citysec-style meet up' located in Baltimore.


Michael Assante

Michael Assante currently manages the SANS Industrials and Infrastructure practice area and is the lead for the Industrial Control System (ICS) and Supervisory Control and Data Acquisition (SCADA) security curriculum. Previously he served as vice president and chief security officer of the North American Electric Reliability Corporation (NERC), where he oversaw industrywide implementation of cyber security standards across the continent. Before joining NERC, Mike held a number of high-level positions at Idaho National Laboratory and served as vice president and chief security officer for American Electric Power. His work in ICS security has been widely recognized.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.