SANS Industrial Control Systems Security Briefing - Live from Houston, TX
- Monday, June 10th, 2013 at 5:30 PM EDT (21:30:00 UTC)
- Mike Assante, President & CEO of NBISE; Lior Frenkel, Co-Founder & CEO, Waterfall Security Solutions; Bart Pestarino, Codenomicon and Jonathan Knudsen, Principal Systems Engineer, Codenomicon
You can now attend the webcast using your mobile device!
Join the SANS Institute in bringing the first SANS Industrial Control Systems Security Briefing to the heart of the Oil & Gas Industry - Houston, Texas. This event provides a unique opportunity to engage in dialog around Industrial Controls Systems Security and learn about key solution capabilities.
In the Houston area? Please plan to attend this event in person. Register for the ICS Security Briefing at:
- 4:30pm - 5:00pm
Keynote Address - Eric Cornelius, Technical Director - Incident Response and Critical Infrastructure at Cylance, Inc.
- 5:00pm - 5:30pm
Mitigating ICS Security "Elephants in the Room" by Waterfall Technologies
Control system software and devices are riddled with vulnerabilities - the vulnerabilities which have been announced and patched are only a tiny fraction of the real problem. Unauthenticated, plain text communications protocols mean that any software with access to a control systems network can send commands to any device, and those devices will carry out the commands. For these reasons and many others, strong perimeter protection will continue to be disproportionately important to control system security postures. Join us to learn how leading security programs are protecting safety system and control system networks.
Speaker: Lior Frenkel, Co-Founder & CEO Waterfall Security Solutions
- 5:30pm - 6:00pm
How to Find & Eliminate Existing ICS Vulnerabilities: Zero-Days & Knowns by Codenomicon
In this three-part session, Codenomicon will show how security testers can find and fix PLC vulnerabilities today, rather than waiting until the vulnerabilities are either reported or exploited sometime in the future.
Reuse of proprietary and open-source libraries is a well-accepted development practice. Vulnerability Persistence occurs when zero-days or known vulnerabilities remain version-to-version or product-to-product, staying present in code long after developers wrote the original code. These persistent vulnerabilities, if exploited, cause avoidable consequences and costs for operators and vendors, such as incident response, compensating controls, and patch management challenges.
An axiom of the Security Development Lifecycle (SDL) is that finding and recreating vulnerabilities is hard, but fixing the vulnerabilities is easy after the vulnerabilities are identified and can be recreated. Codenomicon will conduct a technical demo to show product-to-product vulnerability persistence in two PLCs, with a focus on an SDL approach to vulnerability discovery and remediation.
R&D is the SDL phase in which PLC manufacturers stand to gain the highest ROI on their vulnerability testing investment. Codenomicon will show software security testing on a software PLC simulator to demonstrate how PLC manufacturers could conduct vulnerability testing on a PLC system simulation during the R&D phase of PLC development.
Following the technical demos, Codenomicon will present the business case with which a large Network Equipment Vendor, whose hardware is used in ICS networks, substantiated further investment in SDL vulnerability discovery capabilities, realizing a 176% ROI and payback after an initial 2-week testing of a large application.
Speakers: Bart Pestarino, Codenomicon and Jonathan Knudsen, Principal Systems Engineer, Codenomicon
- 6:00pm - 6:15pm - Networking Break
- 6:15pm 7:15pm
ICS Expert Panel Moderated by Mike Assante
- 7:15pm 7:30pm
Closing Address - Tim Conway