Gain Top-Notch InfoSec Skills at SANS Chicago 2018. Save $200 thru 7/18.

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Who Owns ICS Security? Fusing IT, OT, & IIoT Security in the Corporate SOC.

  • Thursday, December 14th, 2017 at 1:00 PM EST (18:00:00 UTC)
  • Doug Wylie and Phil Neray
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsor

  • CyberX

You can now attend the webcast using your mobile device!

Overview

When targeted ICS attacks and malware impact production operations, everyone in the organization is affected. Downtime leads to customer dissatisfaction, reduced revenue, quarterly losses due to clean-up costs, fewer career opportunities from slower growth, and more.

ICS security has historically operated in its own silo. With its unique priorities (Safety and Availability vs. Confidentiality, etc.), lack of visibility into non-IT devices and protocols, and the notion of air-gapping, this seemed like the optimum approach.

But the world has changed dramatically. IIoT technology brings many benefits to businesses such as smart machines and real-time intelligence from the factory floor - but it also increases the attack surface and requires continuous connectivity between IT and OT.

Attackers look for the weakest links - and don't care if they pivot from a control engineer's PC on the corporate IT network, an HMI maintained by a third-party vendor whose credentials have been compromised, or a vulnerable CCTV device operated by the physical security team.

In this educational webinar led by Doug Wylie, SANS Director of the Industrials & Infrastructure practice area and previously Director of Product Security and Risk Management at Rockwell Automation, with Phil Neray, VP of Industrial Cybersecurity at CyberX, we'll explore the following questions:

  • Blending IT, OT and IIoT Security in the Corporate SOC: Given the massive investment organizations have already made in centralized SOCs - in trained personnel, standardized workflows, and unifying technologies such as SIEMs - is it time to bring ICS security into the corporate SOC?
  • Addressing the culture gap: How do we encourage tighter collaboration between IT security and OT teams?
  • Funding models: Who pays for stronger ICS security?
  • New technologies for Active Cyber Defense: With varying degrees of maturity, purpose-built OT security platforms now provide unprecedented visibility into ICS protocols, devices, and applications, combined with OT-specific analytics for behavioral anomaly detection. So how do we move beyond simple Syslog alerts to provide deeper visibility for SOC analysts - so they can leverage their skills in modern active cyber defense strategies such as threat modeling, threat hunting, and threat intelligence?

Speaker Bios

Doug Wylie

Doug Wylie directs the SANS Industrials and Infrastructure business portfolio, helping companies fulfill business objectives to manage security risks and develop a security-effective workforce. His lengthy career spans a wide array of industries. He served as Rockwell Automations director of product security risk management, where he founded and led its industrial cyber security and risk management program. Doug works around the world with companies, industry and standards bodies, and government entities to help safeguard converged IT-OT systems from contemporary cyber security threats. He holds the CISSP certification and numerous patents, as well as being an accomplished writer, speaker and presenter.


Phil Neray

Phil is the VP of Industrial Cybersecurity for CyberX. Prior to CyberX, Phil held executive roles at enterprise security leaders including IBM Security/Q1 Labs, Symantec, Veracode, and Guardium. Phil began his career as a Schlumberger engineer on oil rigs in South America and as an engineer with Hydro-Quebec. He has a BSEE from McGill University, is certified in cloud security (CCSK), and has a 1st Degree Black Belt in American Jiu Jitsu.

 

About CyberX

Founded in 2013 by military cyber-experts with nation-state expertise defending critical infrastructure, CyberX provides the most widely-deployed platform for continuously reducing ICS and IIoT risk. CyberX is a member of the Palo Alto Networks Application Framework developer community and the IBM Security App Exchange Community, and has integrated with CyberArk for secure remote access. CyberX has also partnered with premier solution providers worldwide including Optiv Security and Deutsche-Telekom/T-Systems.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.