SANS Offensive Operations West 2021 features 10+ Live Online courses, Core NetWars, and Coin-A-Palooza! Register now.


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Where Are We Now?: The SANS 2016 ICS Survey

  • Wednesday, June 29, 2016 at 1:00 PM EDT (2016-06-29 17:00:00 UTC)
  • Derek Harp, Bengt Gregory-Brown, Arabella Hallawell, David Meltzer, Christopher Strand, Jason Trost


  • Anomali
  • Arbor Networks
  • Belden
  • Carbon Black

You can now attend the webcast using your mobile device!



The SANS 2015 ICS Survey identified a number of challenges facing those working to secure industrial control systems, including the time needed to detect a breach, inability to determine the source of the breach, integration of IT into control systems and a variety of outsider and insider attack vectors. This new webcast presents the results of the 2016 survey and explores how the state of security for industrial control systems has changed over the past 12 months as well as looks at emerging threats.

In addition to providing a look at the state of ICS security programs in operation across the world, this webcast will cover updates on

  • Key threat vectors
  • Perceived vulnerabilities
  • Security initiatives
  • Security policies and standards

Be among the first to receive the associated whitepaper written by Derek Harp and Bengt Gregory-Brown.

View the associated whitepaper here.

Speaker Bios

Derek Harp

Derek Harp is currently the director for ICS Global Programs at SANS and chair of the GICSP Steering Committee. He is responsible for organizing events, resources and initiatives that educate and enable increased collaboration within the entire ICS security community. Derek has served as a founder, CEO or advisor of early-stage companies for the past 18 years with a focus on cyber security. He is a former U.S. Navy officer with experience in combat information management, communications security and intelligence.

Bengt Gregory-Brown

Bengt Gregory-Brown is a consultant to the SANS ICS program and the principal analyst at Sable Lion Ventures, LLC, a virtual accelerator focused on emerging cyber security solutions. He brings more than 20 years of experience to bear in his writings about the management of IT and infrastructure projects, enterprise security governance, IT and ICS security risk analysis, regulatory compliance and policy conformance for high-profile companies. Bengt has managed multiple patents from ideation through issuance and has authored works for numerous corporate entities.

Arabella Hallawell

Arabella Hallawell, senior director of product marketing at Arbor Networks, is responsible for the go-to-market positioning and activation of the company's Advanced Threat solutions. Previously, she led strategic planning at Arbor. Arabella has more than 20 years of experience in IT security and strategy. Prior to joining Arbor, she was VP of corporate strategy at Sophos, a global IT security vendor headquartered in Boston and Oxford, UK, where she led M&A strategy, market and customer insight, and global corporate communications. Prior to Sophos, Arabella was research VP at Gartner, the IT research and advisory services firm.

David Meltzer

David Meltzer is Tripwire's chief research officer and has spent the past two decades protecting organizations from the world's most sophisticated cyber attackers. David is a security entrepreneur and developer; he founded two of the industry's first security vulnerability research groups, Cambia Security and Soncity. David speaks at industry events on threat intelligence and Industrial Internet of Things topics, and he received the Shaping Info Security award in 2006. He holds a B.S. in computer science from Carnegie Mellon University.

Christopher Strand

Christopher Strand leads Carbon Black's security, risk and compliance program. With more than 20 years of information technology and compliance experience, he oversees the development of enterprise network and application security solutions that help organizations deploy positive security to maintain and improve their compliance posture. Previously, Christopher held security/compliance positions at Trustwave, Tripwire, EMC/RSA, and Compuware. A PCI Professional (PCIP) and trained Quality Security Assessor (QSA), he also has been certified on and is proficient with other regulatory disciplines including HIPAA, North American Electrical Reliability Corporation (NERC) and Gramm-Leach-Bliley Act (GLBA). Christopher regularly speaks and writes about security, compliance issues and best.

Jason Trost

Jason Trost is Head of Analytic Engines in HSBC's Cybersecurity Sciences and Analytics division. He is deeply interested in network security, DFIR, big data and security data science. He has worked in security for nearly 15 years, spending most of that time on applying big data technologies and data science against cybersecurity challenges. He started his career with the U.S. Dept of Defense before transitioning into private industry, working at multiple cybersecurity startups then in the Cybersecurity department of Capital One, and most recently at HSBC. He is currently leading teams focused on Cybersecurity metrics and reporting as well as network, endpoint, and cloud security analytics. He is a regular attendee of big data, data science, and security conferences, and he has spoken at Blackhat, SANS CTI Summit, FloCon, Hadoop Summit and several BSides Security conferences.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.