Architecting Secure ICS Environments

Presented at Wild West Hackin' Fest 2019, Oct. 24, 2019, 4 p.m. (50 minutes)

Criminals are hacking Industrial Control Systems (ICS). Their motivations are as diverse as the environments where ICS solutions and devices are found. Businesses are taking notice and asking the hard question: "how do we secure systems that are intended to run continuously?" The personnel operating these environments need to understand IT security as much as IT security professionals need to understand the concepts and requirements of an ICS implementation. The purpose of this presentation will be to, briefly, introduce the concepts and security considerations for ICS devices and solutions. It will brush on common devices and implementations while providing an overview of the methodologies used to architect and secure ICS environments. Attendees will walk away with an excellent starting point for assisting with the security of a business' ICS deployments in a manner that facilitates safety and business-centric decisions.


Presenters:

  • Don C. Weber / Cutaway - Cutaway Security   as Don C. Weber
    Don C. Weber has devoted himself to the field of information security since 2002. His most recent experiences include providing penetration assessment, architecture review, detailed hardware security assessment, wireless and radio implementation analysis, and incident response management for a wide range of industries including those in the financial, retail, media and energy markets. Don's Smart Grid experience includes end-to-end AMI assessments for several energy-related clients and he has provided guidance on several Smart Grid-related standards committees and during Smart Grid conferences. Don's previous experiences include large-scale incident response efforts for organizations with international assets and interests, the certification and accreditation of classified federal and military systems, assessment and penetration testing of worldwide commercial assets, and, as a Navy contractor, the management of a team of distributed security professionals responsible for the security of mission critical Navy assets. Don has achieved his master's degree in network security, the Certified Information Systems Security Professional (CISSP) certification, and many GIAC certifications. Don was a founding member of the GIAC Ethics Council of which he was the GIAC EC Chair in 2009. Don regularly contributes to a wide variety of open source projects involving information security and incident response. @cutaway <https://www.linkedin.com/in/cutaway>

Links:

Similar Presentations: