Ralph Langner challenged us at S4x18 to grow the ICS Security Community by 10X. At S4x19 we introduced the OnRamp 101-Level ICS Security Training to a sold out class of 78 students. We have since trained another 200 students in the OnRamp Online. The Highway is our 201-Level ICS Security Training course.
Date: Jan 20th in Miami South Beach (the day before S4x20)
Time: 8:30 – 5:00
Capacity: 150 students
Prerequisites: None, but those new to ICS security should participate in the OnRamp Online that begins on October 15th and will be provided free of charge.
Meals: Lunch and snacks will be provided.
Like the OnRamp, this is a one-time only collection of the best in ICS security teaching for one-day only. The goal is to educate students on what they need to know to participate more effectively in ICS / OT Security Program Development and Risk Management.
Learn how to use the NIST CSF and the most respected Maturity Models to develop and measure your ICS / OT Security Program.
Putting in or upgrading your ICS is the best time to specify the security requirements and include it in your selection criteria. You also have to make sure what the vendor or integrator installs it properly as well. Mark Heard has done this as an asset owner and seen it done well and poorly as a consultant and incident responder.
Rob Joyce of NSA’s TAO said they knew the systems they were attacking better than the owner of those systems. Don’t let that happen to you. Ralph Langner will show you what you need to know about your ICS cyber assets and how asset management interacts with your security program.
Jonathan has been performing and teaching ICS cyber security assessments for almost two decades. In this session he will describe what to expect from your assessment and how to use the information you get from an assessment.
Attacking the ICS cyber assets is often just an initial step to reaching the end goal of affecting the underlying process being monitored and controlled. Marina will build on the cyber security assessment Jonathan has provided and look at how cyber attacks and knowledge of the physical process can be used by both attackers and defenders.
Many thought leaders in the ICS security space are urging asset owners to pay more attention to the consequence side of the risk equation. Andy will explain how to make the consequence case to both executive management as well as the operations and IT teams.
One of the best ways to learn about incident response and train your team is through tabletop exercises. Kai Thomsen will provide some tabletop exercise examples and use them to drive home key points in building an effective ICS incident response capability.
We like to finish the training with a forward looking session. These technologies are important for ICS cloud services and next generation network infrastructures. While they are forward looking from an ICS deployed base standpoint, they are available now and should be considered.