Prioritizing Security Resources
- Wednesday, October 2nd, 2013 at 1:00 PM EDT (17:00:00 UTC)
- Eric Cornelius
You can now attend the webcast using your mobile device!
Recently, ICS security has been the hot button topic in boardrooms the world over. However, the path to getting the job done is still fleeting at many organizations. This presentation will discuss a real-world approach to identify and prioritize areas which are in need of security controls. The approach focuses on the steps necessary to secure geographically disparate systems managed by multiple groups (which may have different priorities) within an organization.
Eric Cornelius is the Director of Critical Infrastructure and Industrial Control Systems (ICS) at Cylance, Inc. He is responsible for the thought leadership, architecture and consulting implementations for the Company. His leadership keeps organizations safe, secure and resilient against advanced attackers. Previously, Eric served as the Deputy Director and Chief Technical Analyst for the Control Systems Security Program at the US Department of Homeland Security. Eric brings a wealth of ICS knowledge to the Cylance team. In addition to his years of technical leadership, Eric literally wrote the book on incident response in the ICS arena. Eric's extensive knowledge of critical infrastructure and those who attack it will be brought to bear at Cylance as he leads a team of experts in securing America's critical systems. Eric is the co-author of "Recommended Practice: Creating Cyber Forensics Plans for Control Systems" as part of the DHS National Cyber Security Division, Control Systems Security Program, 2008. He is also a frequent speaker and instructor at ICS events across the globe. Cornelius earned a bachelor's degree from the New Mexico Institute of Mining and Technology where he was the recipient of many scholarships and awards including the National Science Foundation's Scholarship for Service. Cornelius went on to work at the Army Research Laboratory's Survivability/Lethality Analysis Directorate where he worked to secure field deployable combat technologies. It was at ARL that Cornelius became interested in non-traditional computing systems, an interest which ultimately led him to the Idaho National Laboratory. While at INL, Cornelius participated in deep-dive vulnerability assessments of a wide range of ICS systems. After attacking these systems for several years, Cornelius began to develop methodologies for detecting attacks and performing incident response in the ICS environment. Cornelius has continually improved these methodologies through extensive field testing and close partnership with asset owner/operators in nearly all sectors of critical infrastructure. Through this experience, Cornelius will help keep Cylance on the forefront of ICS security to better protect America's critical assets.