SANS Industrial Control Systems Security Briefing - Live from Houston, TX

  • Monday, 10 Jun 2013 5:30PM EDT (10 Jun 2013 21:30 UTC)
  • Speaker: NULL

Join the SANS Institute in bringing the first SANS Industrial Control Systems Security Briefing to the heart of the Oil & Gas Industry - Houston, Texas. This event provides a unique opportunity to engage in dialog around Industrial Controls Systems Security and learn about key solution capabilities.

In the Houston area? Please plan to attend this event in person. Register for the ICS Security Briefing at:
https://www.sans.org/vendor/event/sans-industrial-control-systems-security-vendor-briefing-houston-jun2013

Agenda:

  • 4:30pm - 5:00pm
    Keynote Address - Eric Cornelius, Technical Director - Incident Response and Critical Infrastructure at Cylance, Inc.
  • 5:00pm - 5:30pm
    Mitigating ICS Security "Elephants in the Room" by Waterfall Technologies
    Control system software and devices are riddled with vulnerabilities - the vulnerabilities which have been announced and patched are only a tiny fraction of the real problem. Unauthenticated, plain text communications protocols mean that any software with access to a control systems network can send commands to any device, and those devices will carry out the commands. For these reasons and many others, strong perimeter protection will continue to be disproportionately important to control system security postures. Join us to learn how leading security programs are protecting safety system and control system networks.
    Speaker: Lior Frenkel, Co-Founder & CEO Waterfall Security Solutions
  • 5:30pm - 6:00pm
    How to Find & Eliminate Existing ICS Vulnerabilities: Zero-Days & Knowns by Codenomicon
    In this three-part session, Codenomicon will show how security testers can find and fix PLC vulnerabilities today, rather than waiting until the vulnerabilities are either reported or exploited sometime in the future.
    Reuse of proprietary and open-source libraries is a well-accepted development practice. Vulnerability Persistence occurs when zero-days or known vulnerabilities remain version-to-version or product-to-product, staying present in code long after developers wrote the original code. These persistent vulnerabilities, if exploited, cause avoidable consequences and costs for operators and vendors, such as incident response, compensating controls, and patch management challenges.
    An axiom of the Security Development Lifecycle (SDL) is that finding and recreating vulnerabilities is hard, but fixing the vulnerabilities is easy after the vulnerabilities are identified and can be recreated. Codenomicon will conduct a technical demo to show product-to-product vulnerability persistence in two PLCs, with a focus on an SDL approach to vulnerability discovery and remediation.
    R&D is the SDL phase in which PLC manufacturers stand to gain the highest ROI on their vulnerability testing investment. Codenomicon will show software security testing on a software PLC simulator to demonstrate how PLC manufacturers could conduct vulnerability testing on a PLC system simulation during the R&D phase of PLC development.
    Following the technical demos, Codenomicon will present the business case with which a large Network Equipment Vendor, whose hardware is used in ICS networks, substantiated further investment in SDL vulnerability discovery capabilities, realizing a 176% ROI and payback after an initial 2-week testing of a large application.
    Speakers: Bart Pestarino, Codenomicon and Jonathan Knudsen, Principal Systems Engineer, Codenomicon
  • 6:00pm - 6:15pm - Networking Break
  • 6:15pm 7:15pm
    ICS Expert Panel Moderated by Mike Assante
  • 7:15pm 7:30pm
    Closing Address - Tim Conway