This half day virtual seminar will explore the strategic challenges security leaders are facing with securing cyber physical systems. During the leadership panel, our guests will share their perspectives on what constitutes a cyber physical system and share sector-specific challenges as well as universal strategies that are applicable across all sectors. The panel will be followed by four traditional sessions that provide different approaches on a range of topics from navigating noise and preparing for ransomware attacks in OT environments to developing a workforce to protect critical infrastructure.
December 5, 2024 | 11:00 AM ET in Virtual Seminars
PART 1: Leadership Panel
In 2021, Gartner advised that organizations need to expand their security programs to include cyber physical systems. As we bring 2024 to a close, we see the rampant proliferation of the Internet of Things that are increasingly vulnerable. Are security leaders seeing the direct links between security and the risks of cyber physical systems? How does this link impact the strategic planning process? In addition to identifying the challenges in securing cyber physical systems, this cross-sector panel of cybersecurity leaders will share their unique perspectives on developing and implementing a security strategy that includes cyber physical systems and share insights on developing the team needed to secure critical infrastructure.
Moderator: Kasia Hanson, Founder and CEO, KFactor Global LLC
Panelists: Christian Dameff, Emergency Physician and Clinical Fellow, UCSD, Jeff Gottschalk, Assistant Head of Cybersecurity and Information Sciences Division, MIT Lincoln Laboratory, Megan Samford, VP, CSO US Federal Business & National Security Agreements, and Paul Tortora, Director of the Center for Cyber Security Studies and Senior Intelligence Official, US Naval Academy
PART 2: Traditional Sessions
Session 1: Test Your Assumptions Before You Test Your OT
You're worried about your OT security, so you want a penetration test. But what is an OT penetration test and how does it differ from IT? Do existing paradigms even bring value to your OT security program? This presentation considers the challenges of OT penetration testing by asking some hard questions and suggests answers based on rigorous examination of foundational concepts.
Speakers: Ric Derbyshire, Senior Security Researcher, Orange Cyberdefense and Charl van der Walt, Head of Security Research, Orange Cyberdefense
Session 2: In the Event of an Emergency: Investigating Break Glass Technologies
As demonstrated during the ‘Shields Up’ initiative, there is value in increasing organizational security postures in times of crisis. This presentation will identify different types and classes of break glass technologies and procedures. It will also share some examples of how this approach can be implemented within an asset owners environment.
Speaker: Sarah Freeman, Principal Cyber Engagement Operations Engineer, MITRE/CIPIC
Session 3: Intro to Industrial Control Systems—Why Is It Running Windows XP?
Industrial control systems run our world: water, electricity, manufacturing. How and why do they work they do? Why should you care if you're "only in IT"? And most importantly, how can we defend them?
Speaker: Bryson Bort, CEO, Scythe
Traditional Session Speakers
Product Security Professional Development & Personnel Management Risk Management & Governance Security Strategy & Architecture Technology Infrastructure & Operations
access control Advanced Persistent Threat Artificial Intelligence / Machine Learning business continuity & disaster recovery critical infrastructure cyberattacks Cyber-Physical Systems Endpoint Protection hackers & threats industrial control security Intrusion Detection / Prevention Medical Device Security Network / Infrastructure Security network access control Network Analysis / Forensics Professional / Workforce Development risk management security education security operations threat management vulnerability assessment Web / DNS Security