How to Implement IT Security After a Cyber Meltdown

Presented at Black Hat USA 2015, Aug. 6, 2015, 11 a.m. (50 minutes)

The 2012 cyber attacks against Saudi Aramco and the Aramco family of affiliates was a major game changer in IT & ICS Security. The energy sector, relevant markets, and governments world wide shuddered. Although oil production wasn't directly affected, business operations were greatly interrupted and remain so. This presentation is the story how I implemented the first IT Security unit for Aramco Overseas Company, a Saudi Aramco affiliate which provides all IT services for Saudi Aramco in South America and the EMEA region outside of Saudi Arabia.

Presenters:

• Christina Kubecka - HypaSec
  Chris Kubecka is an experienced, committed, energetic and certified IT security expert who is passionate about solutions. 21 years of relvant, professional experience ranging from military, government, public and private busiensses. Recently, Chris setup a world class security and network operations center, the IT security unit and progam for the EMEA Saudi Aramco affilate Aramco Overseas after the 2012 cyber attack in Saudi Arabia. Chris is a member of the Executive Steering Committe with the Cyber Sentae. She has chaired, presented and (co) authored at leading industry conferences.

Links:

• https://www.blackhat.com/us-15/briefings.html#how-to-implement-it-security-after-a-cyber-meltdown
• https://infocon.org/cons/Black Hat/Black Hat USA/Black Hat USA 2015/video/Black Hat USA 2015 - How To Implement IT Security After A Cyber Meltdown.srt (subtitles)
• https://infocon.org/cons/Black Hat/Black Hat USA/Black Hat USA 2015/video/Black Hat USA 2015 - How To Implement IT Security After A Cyber Meltdown.mp4
• https://www.youtube.com/watch?v=WyMobr_TDSI
• https://www.blackhat.com/docs/us-15/materials/us-15-Kubecka-How-To-Implement-IT-Security-After-A-Cyber-Meltdown.pdf