Special Offer w/ OnDemand or vLive: Get a 12.9" iPad Pro, Surface Pro, or $350 Off - Top Offers of 2018


To attend this webcast, login to your SANS Account or create your Account.

ICS Hacking Exposed

  • Tuesday, March 28th, 2017 at 11:00 AM EDT (15:00:00 UTC)
  • Clint Bodungen and Phil Neray
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.


  • CyberX

You can now attend the webcast using your mobile device!


Recently published by McGraw-Hill, "Hacking Exposed ICS" follows in the same spirit as the wildly-popular "Hacking Exposed" series by exploring cybersecurity from an attacker's perspective. In this educational webcast, the book's lead author leverages his experience as an ICS/SCADA security expert to show you how to implement an ICS-focused risk mitigation framework that's practical and efficient, based on situational awareness. Clint will cover key topics from the book including ICS terminology; ICS risk assessment frameworks; examples of ICS vulnerabilities, threats and consequences; and how to use threat modeling to turn ICS threat information into actionable threat intelligence. Phil Neray from CyberX will provide an overview of the company's recent ICS threat intelligence research including its recent discovery of Operation BugDrop, a cyber-surveillance operation targeting 70 organizations in critical infrastructure, scientific research and media.

Speaker Bios

Clint Bodungen

Clint is a Senior Researcher with Kaspersky Lab, North America, as part of the Critical Infrastructure Threat Analysis team. He is the lead author of "Hacking Exposed Industrial Control Systems: ICS and SCADA Security Secrets & Solutions" which was recently published by McGraw-Hill. Client has more than 20 years of experience in the cybersecurity industry, specializing in risk assessment, penetration testing, and vulnerability research. More than half of his 20 years in the industry has been focused exclusively on industrial control systems. He began his professional career serving in the United States Air Force as his unit's Computer Systems Security Officer (CSSO) and OPSEC Manager. Prior to Kaspersky Lab, he worked for Booz Allen Hamilton as an Industrial Cybersecurity Researcher/Analyst; for Cimation as an R&D Manager for Cimation Cyber Security Solutions and Sr. ICS/SCADA Security Researcher; and as a SCADA Security Consultant for Industrial Defender. Clint has led ICS risk assessment and penetration testing projects for many of the country's top energy organizations, is an Adjunct Professor in Cybersecurity at North American University in Houston, and is a frequent presenter at ICS cybersecurity conferences. He will be presenting at the SANS ICS Security Summit, March 20-21 in Orlando.

Phil Neray

Phil is the VP of Industrial Cybersecurity for CyberX. Prior to CyberX, Phil held executive roles at enterprise security leaders including IBM Security/Q1 Labs, Symantec, Veracode, and Guardium. Phil began his career as a Schlumberger engineer on oil rigs in South America and as an engineer with Hydro-Quebec. He has a BSEE from McGill University, is certified in cloud security (CCSK), and has a 1st Degree Black Belt in American Jiu Jitsu.


About CyberX

Founded in 2013 by military cyber-experts with nation-state expertise defending critical infrastructure, CyberX provides the most widely-deployed platform for continuously reducing ICS and IIoT risk. CyberX is a member of the Palo Alto Networks Application Framework developer community and the IBM Security App Exchange Community, and has integrated with CyberArk for secure remote access. CyberX has also partnered with premier solution providers worldwide including Optiv Security and Deutsche-Telekom/T-Systems.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.