Last Day to get an iPad mini, Surface Go 2, or Take $300 Off with OnDemand Training


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Onboarding the ICS Mindset into Cyber Security Controls

  • Thursday, August 13, 2015 at 3:00 PM EDT (2015-08-13 19:00:00 UTC)
  • Jason Dely

You can now attend the webcast using your mobile device!



Successful deployment of effective cyber security measures requires incorporation and adaptation of the ICS staff. The ICS environment has had 20+ years to adopt COTS and IT standards and repurpose these technology on a separate path from the traditional IT security evolution. Combine that with the activities and responsibilities of the ICS users, introducing cyber security into these environments requires more then simply selecting and tweaking new or existing technologies. Though some preferred methods used within ICS may seem inappropriate, adaptation, when appropriate, to different methods can and will be difficult. Improving cyber security effectiveness involves an exploration into the unique characteristics of the Industrial Control System 'user' with the balance of business risk and operational risk. From real world experience, the 4D's (Determine, Decide, Design and Deploy) describes the development and improvement process uniquely faced within ICS cyber security controls.

  • Determining the operations staff needs and activities when planning to improve or add additional cyber security controls.
  • Deciding which technologies to use; who will be impacted, what risk will they address, where will they be deployed, when will they be deployed, how will they effect operation.
  • Designing and deploying the controls that meets the appropriate overall effectiveness without hinderance to system availability or emergency recovery.

Speaker Bio

Jason Dely

Jason Dely is a critical infrastructure security professional with extensive proven experience in Industrial Controls System security initiatives and solutions. Jason is a leader and contributor in the management, consultation, planning, designing and implementation of a variety of security and infrastructure projects supporting ICS across industrial automation and critical infrastructure environments. Jason has been involved in projects and system improvements within multiple industries including Water Utilities, Oil and Gas, Steel and Chemical. Mr. Dely has multiple knowledge and integration experiences across ICS and IT technologies and is frequently a speaker at various industry events. Jason is an Electronics Engineering Technologist from Niagara College and is a CISSP, CISM and SANS GIAC certified Exploit Researcher and Advanced Penetration Tester (GXPN).

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.