Controls Systems Security – How do we Best Defend Them?

September 27, 2018 (10:00am EST)

Abstract:

In order to do well at cyber defense, it can be very helpful to see yourself and your org from other defenders points of view. This session will focus on defensive technology, practices, etc.  As more than a few of our members have done defensive work in a DOD context, we will talk about that too.

This session will answer questions like:

  • What solutions are available in the market (overview)?
  • Are perspectives and practices different in various industries (electric, manufacturing, oil & gas, etc.)?
  • What are the evolving concepts (e.g. shared security services, third-party SOCs, AI augmented defense and response)?

Discussion Leader: Barak Perelman - Indegy

Before founding Indegy, Perelman led several multi-million dollar cyber security projects at the IDF and received commendation for this service and achievements. He is a graduate of the elite Talpiot military academy and has over 15 years of hands-on experience in cybersecurity and protection of critical infrastructures. Perelman holds a B.Sc. in computer science, physics and math, and an MBA from the Tel Aviv University.


Discussion Leader: Paul Forney - Schneider Electric

Mr. Forney is a founding board member of the ISA Security Compliance Institute (ISCI) which develops the conformance specifications to the ISA 99/IEC 62443 ICS cyber security standard and has held the Co-chair position for the Research and Development Sub-group of the Department of Homeland Security Industrial Control System Joint Working Group. He has been an advisor to the White House Cyber Security Office, the Department of Justice, the Department of Energy and FERC.

Paul is also a primary contributor in the ISA99 WG4 TG6 committee working on the IEC 62443-4-1 world wide standard for secure development in industrial automation (now approved by ISA and IEC). He has been a guest speaker on the subject of the Security Development Lifecycle and incident response in industrial control and cyber physical systems at national and international conferences for Microsoft, Gartner, SANS, ICSJWG, AFPM, API, RCMP, S4 and Public Safety Canada. Paul works closely with the ICS-CERT organization on ICS cyber vulnerabilities and also with cyber researchers around the globe.

Mr. Forney has been awarded eleven patents in areas such as failure prediction for upstream Oil and Gas, grid balancing for Power and Internet/intranet portal technologies; and for twenty-seven years, has been involved in the design, security and implementation of SCADA, Event Driven/Service Oriented Architecture (EDA/SOA) and distributed control software and systems for industrial automation.

Paul is an active member of the Azure Advisory Board for Azure Active Directory and Azure Service Bus and has served on the Board of Advisors for Cylance, Inc., one of the fastest growing and innovative cyber security companies in the world. He is a certified Information Systems Security Professional (CISSP), a certified Information Systems Security Architect Professional (ISSAP), a certified Secure Software Lifecycle Professional (CSSLP) and an accomplished jazz musician.


Discussion Leader: Ayman Al-Issa

Ayman is a globally recognized leader in the field of cyber security for industrial automation and control systems. Working within the fields of IT and OT Cyber Security for over thirteen years, architecting and implementing award winning innovative technologies for Oil and Gas producers in the Middle East by developing cyber security designs from FEED to EPC by following “Cyber Security by Design” methodology, he has also been acknowledged by global forums and information contributor to the ISA99/IEC62443 standard.