Agenda | December 9, 2022 | 10:30 AM - 1:30 PM EST
Timeline (EST) | Session Details |
---|---|
10:30 AM | Welcome & Opening RemarksDean Parsons, Certified Instructor, SANS Institute |
10:45 AM | You Are Not Alone – 5 Critical Controls for Consequence-Driven Incident Response in ICS/OT EnvironmentsKeeping the operational technology (OT) environments of industrial control systems (ICS) secure from cyberattacks is critical to our daily lives, and increasingly top of mind from the board room to the manufacturing floor. And while aligning organizational leadership and implementing a successful OT cybersecurity posture can be overwhelming for even seasoned security operations teams, there are some proven strategies to be proactive about protecting industrial infrastructure. Context and collaboration are key to establishing effective, consequence-driven incident response. First, it’s important to understand that leveraging an IT incident response plan (IRP) simply won’t work, because the risk profile is very different and the potential consequences and costs for personal, operational, and environmental safety are much more significant. Having a dedicated IRP suited for ICS/OT environments is a must-have for effective incident response that is consequence oriented. Join Tim Ennis, Senior Industrial Incident Responder at Dragos, and Jan Hoff, Principal Industrial Incident Responder at Dragos, for an informative panel discussion exploring 5 critical controls for OT cybersecurity and their significance for consequence-driven incident response. Additionally, this session will cover the importance of:
Tim Ennis, Senior Industrial Incident Responder, Dragos, Inc. Jan Hoff, Principal Industrial Incident Responder, Dragos, Inc. |
11:20 AM | Pre and Post Incident Network Collection at the Edge - A Practical Guide for Asset OwnersImplementing a comprehensive and continuous network visibility solution may not be possible for all organizations. Ron Fabela, CTO & Co-Founder at SynSaber will discuss the many practical steps to industrial edge visibility that can be taken before and after an incident has occured. Collection of industrial edge data is critical to the understanding of any process or control environment; so are some other non-technology based processes that can assist. Key takeaways for this segment include:
Ron Fabela, CTO & Co-founder, SynSaber |
11:55 AM | Implementing a Zero Trust Framework for Secure Remote Access in ICSRemote access is becoming a necessity for OT and there are countless reasons from professionals running offshore oil rigs, manufacturing plants meeting high demand, water treatment facilities serving large populations and other critical facilities needing 24/7 access from anywhere. But providing that access has traditionally been too complex and fraught with security issues as exposing critical infrastructure to the “outside” greatly expands the attack surface for hackers. Hear how to create and maintain secure and frictionless access to industrial control systems, enabling secure remote operations with a zero-trust architecture including protocol isolation, integrated MFA, role-based and time-based access controls, user session analytics, and more. Bill Moore, CEO, Xona |
12:30 PM | Break |
12:40 PM | Panel Discussion - ICS Consequence-Driven Incident ResponseDean Parsons, Certified Instructor, SANS Institute Bill Moore, CEO, Xona Jan Hoff, Principal Industrial Incident Responder, Dragos Ron Fabela, CTO & Co-founder, Synsaber |
1:25 PM | Wrap-UpDean Parsons, Certified Instructor, SANS Institute |