$400 Amazon Gift Card with OnDemand Training through March 10 - Learn More!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks

  • Thursday, June 27, 2019 at 1:00 PM EDT (2019-06-27 17:00:00 UTC)
  • Sandeep Lota, Dean Parsons


  • Forescout Technologies BV

You can now attend the webcast using your mobile device!



Critical infrastructure organizations are increasingly becoming targets of malware campaigns. This rising tide of cyberthreats, coupled with the increased exposure of OT networks to the Internet is making ICS network protection a strategically important issue. To stay cyber resilient in todays environment, asset owners need a fresh approach to cybersecurity.

During this webinar, we will discuss an anonymized investigation conducted by our team to identify a real malware infection on a production network, the tools and techniques used to contain this threat and how to use threat intelligence and visibility to stay ahead of cyber adversaries.

We will focus on improving security strategy in four key areas, in the context of the SANS Top 20 CIS Controls:

  • Asset visibility and network baselining
  • Continuous network monitoring
  • Threat intelligence ingestion
  • Thorough incident response plans

Speaker Bios

Sandeep Lota

With over 20 years of progressive experience designing and architecting system breakthroughs, Sandeep Lota is a senior network security expert with a proven track record of supporting national and international projects for the world’s largest companies. Sandeep has a long record of success innovating complex, large enterprise solutions for network and security infrastructures.

His current role as a Senior Systems Engineer at Forescout involves the design and architecture of transformative solutions based on complex customer requirements. Sandeep holds active & advanced certifications from many well-known hardware and software vendors. This training background coupled with years of practical experience has positioned him as an instructor for several advanced networking and security courses.

Dean Parsons

Dean Parsons is a SANS instructor for ICS515: ICS Active Defense and Incident Response, a member of the SANS/GIAC advisory board, an active member of the cybersecurity community, and OT Cyber Security Officer. With 20 years combined experience in IT, Industrial Control System cyber defense across the telecommunications to critical infrastructure sectors, Mr. Parsons lead's an active ICS Cybersecurity Program for an electric utility in Canada across facilities for generation (hydro, thermal, gas turbine), transmission and distribution.

As an ICS security practitioner and ambassador for safety and operational resilience, he frequently speaks at high-profile cybersecurity events across North America, and has a natural way of engaging his audience.

His enthusiasm in the field started at an early age writing ethical hacking tools on his custom compiled versions of Linux; password crackers, host-based intrusion detection systems, network sniffing tools, smart port scanners, kernel modules and exploits. Any given day Dean could be dissecting packets from plant operations, writing policies, or presenting to a board of directors.

Dean earned a bachelor’s degree in computer science from Memorial University of Newfoundland and holds the CISSP, GSLC, GCIA and GRID accreditations.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.