RSAC 365 Virtual Seminar: Securing Cyber-Physical Systems

This half day virtual seminar will explore the strategic challenges security leaders are facing with securing cyber physical systems. During the leadership panel, our guests will share their perspectives on what constitutes a cyber physical system and share sector-specific challenges as well as universal strategies that are applicable across all sectors. The panel will be followed by four traditional sessions that provide different approaches on a range of topics from navigating noise and preparing for ransomware attacks in OT environments to developing a workforce to protect critical infrastructure.

December 5, 2024 | 11:00 AM ET in Virtual Seminars

PART 1: Leadership Panel

In 2021, Gartner advised that organizations need to expand their security programs to include cyber physical systems. As we bring 2024 to a close, we see the rampant proliferation of the Internet of Things that are increasingly vulnerable. Are security leaders seeing the direct links between security and the risks of cyber physical systems? How does this link impact the strategic planning process? In addition to identifying the challenges in securing cyber physical systems, this cross-sector panel of cybersecurity leaders will share their unique perspectives on developing and implementing a security strategy that includes cyber physical systems and share insights on developing the team needed to secure critical infrastructure.

Moderator: Kasia Hanson, Founder and CEO, KFactor Global LLC

Panelists: Christian Dameff, Emergency Physician and Clinical Fellow, UCSD, Jeff Gottschalk, Assistant Head of Cybersecurity and Information Sciences Division, MIT Lincoln Laboratory, Megan Samford, VP, CSO US Federal Business & National Security Agreements, and Paul Tortora, Director of the Center for Cyber Security Studies and Senior Intelligence Official, US Naval Academy


PART 2: Traditional Sessions

Session 1: Test Your Assumptions Before You Test Your OT

You're worried about your OT security, so you want a penetration test. But what is an OT penetration test and how does it differ from IT? Do existing paradigms even bring value to your OT security program? This presentation considers the challenges of OT penetration testing by asking some hard questions and suggests answers based on rigorous examination of foundational concepts.

Speakers: Ric Derbyshire, Senior Security Researcher, Orange Cyberdefense and Charl van der Walt, Head of Security Research, Orange Cyberdefense

 

Session 2: In the Event of an Emergency: Investigating Break Glass Technologies

As demonstrated during the ‘Shields Up’ initiative, there is value in increasing organizational security postures in times of crisis. This presentation will identify different types and classes of break glass technologies and procedures. It will also share some examples of how this approach can be implemented within an asset owners environment.

Speaker: Sarah Freeman, Principal Cyber Engagement Operations Engineer, MITRE/CIPIC 

 

Session 3: Intro to Industrial Control Systems—Why Is It Running Windows XP?

Industrial control systems run our world: water, electricity, manufacturing. How and why do they work they do? Why should you care if you're "only in IT"? And most importantly, how can we defend them?

Speaker: Bryson Bort, CEO, Scythe



Panel Speakers

Emergency Physician and Clinical Informatics Fellow, University of California San Diego

Assistant Head of Cyber Security and Information Sciences Division, MIT Lincoln Laboratory

Founder and CEO, KFactor Global LLC

VP, CSO, US Federal Business & National Security Agreements, Schneider Electric

Director of the Center for Cyber Security Studies and Senior Intelligence Official, US Naval Academy


Traditional Session Speakers

CEO, SCYTHE

Senior Security Researcher, Orange Cyberdefense

Chief Engineer, Intelligence, Modeling and Simulation, MITRE/CIPIC

Head of Security Research, Orange Cyberdefense

Product Security Professional Development & Personnel Management Risk Management & Governance Security Strategy & Architecture Technology Infrastructure & Operations

access control Advanced Persistent Threat Artificial Intelligence / Machine Learning business continuity & disaster recovery critical infrastructure cyberattacks Cyber-Physical Systems Endpoint Protection hackers & threats industrial control security Intrusion Detection / Prevention Medical Device Security Network / Infrastructure Security network access control Network Analysis / Forensics Professional / Workforce Development risk management security education security operations threat management vulnerability assessment Web / DNS Security


Please register using the form below