SANS Oil & Gas Solutions Forum: Objective-based Security Drives Effective Solutions

  • Friday, 10 Jul 2020 9:30AM EDT (10 Jul 2020 13:30 UTC)
  • Speaker: Jason Dely

View full agenda here and join Slack Workspace here.

Over the last 15 or so years, Oil & Gas organizations, vendors 'and service providers have been steadily improving their awareness of the emerging cyber threats to their operations and the need to improve their security. As the realization of proven and potential impacts associated to these threats evolve, these organizations and the market that serves them continues to develop, integrate and refine roadmaps on their cybersecurity initiatives. These initiatives have not been easy the discovery of various obstacles along the way including legacy systems, architectural changes, vendor/partner relationships, personnel training and availability of supportive technologies. As a result, a prioritized approach to resourcing is necessary that not only combines an effective use of people, process and technology but also incorporates the uniqueness of how each organization is stood up across both their Information and Operations environments.

With this prioritization in mind, while also still meeting or exceeding regulatory obligations, a security initiative must be right-sized and coordinated across the 5 domains of Identify, Protect, Detect, Response and Recover. However, with limited availability of funding for security improvements, only through objective oriented security can an organization select the right solution to meet their needs. Security is truly not a one-size fits all. Luckily, more than every does the control systems security market have many available security improvement options in technologies and solutions. '

How will organizations establish these objectives? What is needed to meet these objectives? This briefing will explore these questions through invited speakers while showcasing current capabilities available today. Vendor presentations will focus on case-studies and specific capabilities that may service part of an organizations security initiatives.


9:30-10:10am: 'Welcome & Keynote, Jason Dely

10:10-10:45am: SecOps Made Easier with Automation

10:45-11:20am: 'Adjusting Processes to Meet Today's Evolving Environment

11:20-11:35am: Break

11:35-12:10pm: Shrink your (attack) surface, sharpen your (cyber) security

12:10-12:45pm: Evolving Security Operations in Oil and Gas for the Covid-19 Era and Beyond

12:45-12:55pm: 'Break

12:55-1:30pm: Design & Implementation of OEM ICS Cybersecurity Frameworks: The Good, The Bad, and The Ugly

1:30-2:05pm: Security, Speed, Scalability, Sustainability, and Survivability - AN OT Remote Access Story

2:05-2:10pm: Closing Statement, Jason Dely