Agenda
Timeline (EDT) | Session Description |
---|---|
9:30 AM | WelcomeJustin Searle, Senior Instructor, SANS Institute |
9:40 AM | Industry 4.0 and IT/OT ConvergenceDigital transformation is blurring the line between IT and OT. The two worlds are converging. Processes are overlapping within the electric, gas, and water utility industries, as IT and OT teams are using the same infrastructure and applications. Smart metering is a perfect example of this. The meters themselves are OT and are a part of the electricity distribution network, yet the meter data management and back office functions are classic IT applications. Keith Walsh, Principal Solution Architect, Armis |
10:15 AM | Defensible Perimeters Between IT and OT Using Network Traffic MonitoringOperational technology networks are becoming increasingly difficult to control and monitor due to the increasing connectivity and internet access required by network modernization, business initiatives, and digital transformation projects. Additionally, organizations that have not deployed monitoring solutions for their OT networks further limit their visibility when there are unknown, unapproved, or unintended network changes that expose the OT environment to attacks from the IT network and the open Internet. Securely connecting IT and OT is achievable by leveraging cybersecurity network traffic monitoring with network controls to create defensible perimeters. This session will address the risks with unmonitored networks, describe common adversary attack patterns used to penetrate connected networks, and demonstrate how OT-specific cybersecurity network traffic monitoring solutions are required to provide enhanced visibility to identify malicious or unauthorized network communications, detect threat activity penetrating the OT network from the IT boundary, and verify that vulnerability mitigation controls are in place and functioning properly. Chris Carlson, VP, Product, Dragos. Inc |
10:50 AM | The Easy Ticket to Reducing Security Risk: Leveraging and Improving Asset InventoriesInstead of adding more complexity to your current security stack, why not leverage and improve on what you already have? In this session, cyber threat intelligence gurus, Syed Kaptan and Maurits Lucas, will share an impactful way to reduce security risk: the build and management of asset inventories. In this session, listeners will learn how to:
Syed Kaptan, Director - Threat Intelligence Engineering, ThreatQuotient |
11:25 AM | Break |
11:35 AM |
The “Forgotten” OT/ICS Endpoints - How to Demonstrate Measurable Improvement in OT/IC SecurityFirewalls are easy to misconfigure. While the security consequences of such errors may be acceptable for some firewalls connecting data and information networks, the accumulated risks of misconfigured firewalls in a defense-in-depth OT network architecture are generally unacceptable. We explore eight common mistakes that firewall administrators make and describe how these mistakes can compromise ICS network security. The lesson here though is not 'stop making mistakes. ' The lesson is to choose appropriate technology for the need. We explore technology alternatives to 'OT firewalls that eliminate the potential for online attacks as a result of misconfiguration. John Livingston, CEO, Verve Industrial Protection |
12:10 PM | Eight Common OT / Industrial Firewall Mistakes
Firewalls are easy to misconfigure. While the security consequences of such errors may be acceptable for some firewalls connecting data and information networks, the accumulated risks of misconfigured firewalls in a defense-in-depth OT network architecture are generally unacceptable. We explore eight common mistakes that firewall administrators make and describe how these mistakes can compromise ICS network security. The lesson here though is not 'stop making mistakes. ' The lesson is to choose appropriate technology for the need. We explore technology alternatives to 'OT firewalls that eliminate the potential for online attacks as a result of misconfiguration. Mike Firstenberg, Director of Industrial Security, Waterfall Security Solutions |
12:45 PM | The DHS 16 - Securing the Operation of Essential ServicesThe Department of Homeland Security has identified 16 unique industries as being essential and part of the critical infrastructure. Impacts or disruptions to any of these verticals would have dire and reverberating effects across society. Over the course of the last 10 months, many of these industries have experienced significant and unanticipated stressors and some companies did not survive.
In this session we will discuss who the DHS 16 are, the challenges that they have faced now and into the future.
From this retrospective, we will provide a "lessons learned" synopsis which can be applied to all industries going forward as to what is needed to ensure resilience, security and continued operations of industrial and critical infrastructure environments. Michael Rothschild, Sr. Director, OT Solutions, Tenable, Inc. |
1:20 PM |
|
1:30 PM | How to Verify Perimeter Defense with OT Network VisibilityGaining accurate visibility of OT networks is fundamental to protect critical assets and to ensure network access security as the first line of perimeter defense. This presentation will present practical advice on how to eliminate blind spots through automated network architecture visibility and understand cyber risks in the context of network segmentation and access policies. Robin Berthier, Ph.D., CEO, Network Perception |
2:05 PM | From the Ground UpA manufacturer's plants were ransomed 4 times in the year it took them to procure a secure remote access system. A network security architect at an electrical authority spent 15 months trying to get his colleagues in a room to plan aligning with 800-160 v2. We all have our own stories. The ICS Security "Solution" we need is not another product, it is a way to reliably get things done. This talk is about one way we have found that works. Half technical, half about people, this session will be taught around the example of getting a pre-existing multi-facility OT environment shifted over to a cyber resilient posture. To help, we've invited along a unexpected yet essential ally in this effort, VTScada. Ian Schmertzler, President, Dispel |
2:40 PM | Wrap-UpJustin Searle, Senior Instructor, SANS Institute |