Cybersecurity Webinars and Workshops

Ransoming Critical Infrastructure - Emergency Webcast

As ransomware attacks continue to impact organizations around the world, and with recent events like the colonial pipeline impacts, we are seeing more and more attacks that have an adjacent or direct impact on Operational Technology environments. As ransomware attacks continue to rise, how should companies think about the cyber to physical impacts to their OT environments? Organizations responsible for operating and maintaining critical infrastructure environments need to consider the steps they should be pursuing right now before a potential attack occurs, establish and implement procedures on how or if they should operate their systems during an attack, and what actions need to be taken after an attack. Tim Conway & Jeff Shearer will discuss how organizations responsible for operating & maintaining critical infrastructure environments need to consider the following: Steps to pursue before a potential attack Procedures to implement during an attack Actions necessary to take after an attack

OT Network Visibility and Detective Controls in a NERC CIP World

NERC CIP is complicated. Integrating solutions into your CIP program is complex. Demonstrating compliance in a zero-deficiency regulatory sector is challenging. Going beyond compliance in pursuit of expanded cybersecurity capabilities and innovative emerging solutions in ICS environments can be confusing. How do you determine the most appropriate operation technology solutions for your NERC CIP program? Are there unique operating models that make certain solutions better than others? In this webcast, SANS Instructor Tim Conway and Dragos Cyber Risk Advisor Jason Christopher look at the NERC CIP standards and explore how to balance technology implementations for resilient operations, cybersecurity, and compliance benefits. Attendees will learn how to integrate solutions into their CIP programs that help drive detection and incident response actions. Be among the first to receive the associated whitepaper written by Tim Conway.

ICS Threat Landscape Update: Active Cyber Defense for Industrial Control Systems

The presentation draws attention to practical threat detection and incident response in industrial control system environments, by dissecting advanced ICS adversary threat capabilities in recent attack campaigns. A focus of the webcast is on ICS adversary Tactics Techniques and Procedures (TTPs) and Indicators of Compromise (IoCs). Dean will illustrate why the cyber weapons and the techniques used in modern attacks may be more important than adversary attribution for tactical ICS incident response. 개요 이 프레젠테이션은 최근 공격 유형들(campaigns)중에서 고급 산업 제어 시스템 (ICS)의 적대적 위협 가능성들(adversary threat capabilities)을 심층 분석하여 산업제어시스템 환경 속에서 일어날 실질적 위협을 감지하고 발생한 사고에 대응하는 것에 초점을 맞추고 있습니다. 이 웹 캐스트에서는 산업 제어 시스템의 공격자 전략과 전술, 그리고 그 과정(Adversary TTPs) 및 침해 지표 (IoCs)에 집중하여 설명 할 것입니다. 강사 Dean은 전술적 산업제어시스템의 사고 대응을 위해 왜 최근 공격에 활용되는 사이버 무기와 기술들이 적대적 속성(adversary attribute)보다 더 중요한지 그 이유를 설명 할 것입니다.

Cyber42 Game Day: Industrial Edition

Cyber42: Industrial Edition will put you through the paces as an industrial control system (ICS) security manager as players adapt to challenges in operational technology (OT) environments. Unlike traditional IT networks, industrial equipment is designed to impact the physical world and require special considerations when deploying security technologies. As threats continue to rise targeting these networks, many of which are vital for critical infrastructure (like power, water, and energy), it is more important than ever to understand the impacts on ICS due to a cyber security event and to invest in resilience and security that promotes both reliability and safety. Players will step into the world of Cyber42: Industrial Edition, which is being developed for the upcoming ICS418: ICS Security Essentials for Managers, and address real-world industrial cyber threats from the comfort of their own home! This Game Day will focus on balancing security program improvements that impact engineers, operations, and customers all while considering the various technical and cultural implications of an OT security program. In this simulation, you will compete for the high score across other ICS managers facing the same dilemma: How to protect industrial equipment from shut downs, failure, damage, or worse! Do you have what it takes? Find out by playing the game with us! Important Notes: Cyber42 Game Days utilize three platforms:Webcast to view presenters slides throughout the gameLog into the webcast via your SANS Portal AccountSlack to interact with other players, leaders, and SANS Staff for supportLog in information and directions to be provided a week before Game Day (and at Game Day)Cyber42 Web App online gameDirections to join will be provided at Game Day

産業用制御システム(ICS)で手を動かそう

SANSのICSに関するコースを開発しているTim ConwayとJeff ShearerによるWebcastを開催します。TimとJeffは重要インフラやプロセス環境に携わるサイバーセキュリティ人材の実践的な経験や集中的なトレーニングの必要性について議論します。ICSの環境で働いていたり、サポートしたりしている方が関わる一般的な要素と資産の種類や、このコミュニティにいる専門家が知っておくべき様々な知識に関して説明します。

산업 제어시스템(ICS) 직접 체험하기!

SANS의 산업 제어시스템(ICS) 코스의 저자이며 국제적으로 유명한 Tim Conway와 Jeff Shearer이 핵심 인프라 및 프로세스 환경에서 근무하는 사이버보안 실무자들이 ICS 환경을 보호하고 위협 및 취약점 식별 방법을 익혀야 함에 있어 실무 경험과 전문 교육의 중요성에 대해 설명합니다. Jeff와 Tim은 ICS 환경을 지원하고 작업하는 모든 실무자님들이 접하게 될 공통 요소 및 자산 유형과 ICS 전문가들이 추구해야 하는 다양한 지식 영역에 대해 논의하고자 합니다.

Menguasai Industrial Control Systems

Bergabunglah dengan para pakar global terkemuka dan instruktur pelatihan SANS ICS, Tim Conway dan Jeff Shearer, yang akan membahas perlunya pengalaman langsung dan pelatihan terfokus bagi praktisi keamanan siber yang bekerja di sektor infrastruktur vital dan lingkungan processing untuk mengidentifikasi ancaman dan kerentanan serta metode untuk mengamankan lingkungan ICS.

การลงมือปฏิบัติจริงกับ Industrial Control Systems

ความจำเป็นของประสบการณ์ที่ได้จากการลงมือปฏิบัติงานจริง และการฝึกอบรมแบบเจาะจงหัวข้อสำหรับผู้ที่ทำงานในสาย Cybersecurity ที่ต้องทำงานเกี่ยวกับ Critical Infrastructure การระบุภัยคุกคาม และข้อบกพร่องของระบบ กระบวนการทำให้ ICS ปลอดภัย Tim และ Jeff จะอภิปรายเกี่ยวกับ องค์ประกอบพื้นฐานของ ICS และชนิดของอุปกรณ์ที่จะพบกับใน ICS และระบบสนับสนุน

Discover the NEW ICS Cybersecurity Field Manual – Vol. 1

New to the ICS/OT security area? Are you an IT Security Manager stepping over to take on responsibilities to secure critical infrastructure? Maybe you’re in an engineering role taking a more focused approach to cyber security and practical cyber defense. Or perhaps you have IT security knowledge and are looking to explore OT security.

タイトル：産業制御システム（ICS）の脅威の状況とアクティブデフェンス

概要：このWebcastでは、最近の攻撃キャンペーンにおける高度なICS攻撃者の脅威を分析することで、産業用制御システム環境における実践的な脅威の検出とインシデントレスポンスの対応方法についてご紹介します。このWebcastの焦点は、ICS攻撃者の戦術と手順（TTPs）、および産業用制御システムのセキュリティを、いかにプロアクティブかつ最低限のコストで、効果的に実現するかというところにあります。Deanは、近年の攻撃で使用されるツールや技術について理解することが、戦術的なICSインシデントレスポンスにおいて重要である理由を説明し、あらゆるICS/OT重要インフラ部門の業務において実践的なヒントを提供します。

ภัยคุกคามต่อระบบ Industrial Control System และวิธีป้องกัน

การบรรยายนี้จะมุ่งเป้าที่การตรวจจับภัยคุกคามและการตอบสนองต่อภัยคุกคามในสภาพแวดล้อมของ Industrial Control System (ICS) โดยจะเจาะลึกถึงเทคนิคและความสามารถของผู้ร้ายในเคสที่เกิดขึ้นไม่นานมานี้ การบรรยายจะเน้นเรื่อง Tactics Techniques and Procedures (TTP) ของผู้ร้าย และอุตสาหกรรม ICS จะตอบสนองต่อผู้ร้ายอย่างไรโดยที่ไม่ต้องใช้งบประมาณสูง Dean จะแสดงให้เห็นว่าการวิเคราะห์เทคนิคและเครื่องมือ ที่ผู้ร้ายใช้ สำคัญหว่าการระบุตัวของผู้ร้าย ซึ่งจะทำให้การปฏิบัติงานของมีประสิทธิภาพมากขึ้นในอุตสาหกรรม ICS/OT

산업시스템(ICS) 위협 환경 및 적극적 방어 전략

이번 웹 캐스트에서는 최근 공격 유형들(campaigns)중에서 고급 산업제어시스템 (ICS)을 대상으로 한 적대적 위협 가능성들(adversary threat capabilities)을 심층 분석하여 산업제어시스템(ICS) 환경에서 일어날 수 있는 실질적 위협을 감지하고 발생한 사고에 대응하는 것에 초점을 맞추고 있으며, 산업제어시스템(ICS)의 공격자TTP(Tactics, Techniques and Procedures/전술, 기법 및 절차) 및 효율적이고 경제적인 사전 방어기법들을 소개합니다. 특히, 강사 Dean은 최근 많은 공격에서 활용되고 있는 사이버무기와 기술들이 전술적 산업제어시스템(ICS) 침해사고대응(IR)에서 드러나는 적대적 공격속성(adversary attribution)보다 왜 더 중요한지에 대해 자세히 다룰 예정입니다.