Virtual Meeting Series

All members can replay each Virtual Meeting.
Access the Resources page once you are a member!

Become a Member now to access the virtual meeting series

(CS)2AI 2018 “Virtual Meeting” Series Discussion Plan

For the benefit of all of its global members, (CS)2AI is proud to offer a 12-part (monthly) 1½ hour “virtual meeting” series on cyber security for control systems.  Participation in this first series will not by itself help a member reach a level of mastery, but it will serve as solid foundation to provide the broadest understanding of all the pieces and parts that go into the cyber security considerations for any control system.

These sessions are conceived and constructed as building blocks intended  to enable sequential learning (e.g. Industry terminology will not be re-defined once introduced) and modular skills building. And they will be recorded so that members unable to attend one or several modules will be able to catch up out of cycle. 

 

Earn 2 CPE Credits When You Attend

Are you a CISSP, CISM, or CISA certification holder?
Earn 2 continuing professional education credits (CPEs) for each Virtual Meeting 

 


The Virtual Meeting Series Summary


January 25, 2018 (10am EST)

Introduction to Control Systems

Virtual Meeting Summary:
What is considered a Control System, its fundamental characteristics?  What is Operational Technology (OT) SCADA, Building Automation Systems (BAS)....

Virtual Meeting Organizers
Virtual Meeting Organizers

Derek Harp

Martin Noufer

Discussion Leader: Dr. Michael Chipley

Dr. Chipley is the President of The PMC Group LLC and has been a cybersecurity subject matter expert supporting government and private sector clients as an independent consultant since 2006. He is a retired Air Force Civil Engineering officer and continues working with the Department of Defense developing cybersecurity policy, standards and guidelines for Facility-Related Control Systems, and assists project teams through the Risk Management Framework process. In addition to his activities with control systems, he is also deeply engaged with IT cloud services. He has taken private sector clients through the FedRAMP authorization process and currently has 5 active cloud authorizations and a sixth in final stage of approval. He is working with several control system vendors to implement cloud based solutions such as Lighting as a Service. He is the author and special contributor to numerous DHS, NIST and professional society publications, the creator and maintainer of the Whole Building Design Guide Cybersecurity website, and the creator and instructor of numerous cybersecuring control system workshops.

Discussion Leader: Billy Rios

Billy is the founder of Whitescope LLC, a startup focused on embedded device security.  Billy is recognized as one of the world’s most respected experts on emerging threats related to Industrial Control Systems (ICS), Critical Infrastructure (CI), and, medical devices. He discovered thousands of security vulnerabilities in hardware and software supporting ICS and critical infrastructure. Billy has worked at Google where he led the front line response for externally reported security issues and incidents.  Prior to Google, Billy was the Security Program Manager at Internet Explorer (Microsoft).

Discussion Leader: Larry Grate

Mr. Grate is an experienced Director of Technology with a demonstrated history working in the industrial automation industry. His skills include: process control, control systems design, SCADA, HMIs, network convergence and OT cyber security. With 30+ years of experience and a bachelors in electrical engineering from Mercer University, Mr. Grate is a strong engineering professional.

February 22, 2018

Inside the Control System – Components, Processes, and Automation

Virtual Meeting Summary:
This session covers hardware, software, systems, information flow and operations unique to these environments (to include PLC’s, HMIs, Historians, Field Devices, Controller devices...

Virtual Meeting Organizers
Virtual Meeting Organizers

Derek Harp

Martin Noufer

Discussion Leader: Bryan Singer

Bryan has an extensive background in a variety of industries including manufacturing, DoD, healthcare, and others. His proven professional skills include system architecture and design, software project management, application development, system administration, network administration, database design and administration, and multi-tier support. Previously he was the chairman of ISA-62443/ISA-99 Industrial Control Systems Security Standards body; Interim Governing Board, for the Process Control Security Forum; and an industry representative for security architecture concerns to almost every major manufacturing, utilities, and other critical infrastructure. His specialties are: 1) System Architecture and Design using methodologies including UML, Rational Unified Process, Booch, Yourdon, etc.; 2) MES, EAI, ERP, LIMS, PLC, DCS, HMI, and other manufacturing systems; 3) Client/Server development in Java, JSP, ASP, C/C++, Visual C++, VB, PERL, Shell (ksh, csh, sh, bash), SQL, PL/SQL, and HTML; 4) Physical and network vulnerability assessments, penetration testing, information assurance, and biometrics, and; 5) • PGP, SSH, VPN, WEP, SSL, WAP, 802.1x, RADIUS, etc

Discussion Leader: Emmett Moore

Emmett is the founder and CEO of Red Trident Inc.. Over the years, he has focused on Threat Intelligence, Vulnerability Research, and Security Services. He has been responsible for all aspects of the product development life cycle in the Oil & Gas Industry. As a project specialist he handled a multitude of roles, which included managing high level automation projects for the oil and gas industry, as well as being a technical specialist various other projects. https://www.linkedin.com/in/emooreiii/

March 29, 2018

What is Unique About a Control Systems Network?

Virtual Meeting Summary:
This session will profile some of the strengths (yes there are some), weaknesses, opportunities and threats unique to the networks found in control system...

Virtual Meeting Organizers
Virtual Meeting Organizers

Derek Harp

Martin Noufer

Discussion Leader: Stuart Phillips

Mr. Phillips has over 25 years of experience in cybersecurity, networking, and unified communications. He has held leadership positions in sales, marketing, and product/program management for some of the largest vendors (Cisco, Polycom, and Avaya). Stuart has extensive experience with end users in the military, government and financial markets worldwide, covering all aspects of security. He completed his B.S. in Computer Science in California. After joining Cisco he held positions of leadership in IOS Engineering and then managed Cisco security marketing for the Asia Pacific while completing his MBA in Singapore. Later he founded and ran a subcontractor Santa Barbara Labs (SBL), for the U.S. Air Force through Lockheed Martin. SBL program managed a high-security lab for developing software models to optimize secure communications over highly degraded military satellite networks. At Unisys, Stuart is focused on security technologies adoption and transition in the industrial Internet of things. He is based in Thornton, Colorado.

Discussion Leader: Kevin Van Der Veen

Kevin brings expertise in Architecture, Design, and Implementation of robust and secure Process Control Networks. He has over 20 years’ experience in network engineering, of which 11 years have been in Oil and Gas and 7 in Cybersecurity. He Brings the following relevant experience:

-Network/Security Architect for Shell Downstream Global Process Control Domain (PDC) SecurePlant Cyber Security Project
-Network/Security Engineer for PDC Secure Plant Cyber Security Project for Asia Pacific Region
-Provide onsite and remote technical and risk/gap assessments. Integrate network and security solutions for Upstream and Downstream environments
-Define and Implement Global network architecture security standards
-Perform technical assessments including site maturity, review and compliance for: network and firewall architecture, access control, portable media, operating system security patching, event log management, anti-virus, backup & restore.
-Communication analysis for multiple systems such as: 3rd Party, Internet-Based services, OPC/PI collectors/nodes, HMI’s, Safety and Engineering Workstations, SCADA, DCS controllers, PLCs and RTU’s.
-Create designs for integration of security solutions at existing assets

April 26, 2018

The Control Systems Ecosystem – Suppliers

Virtual Meeting Summary:
This session will go into who are all the players in this ecosystem.  Examples are: OEMs, suppliers, vendor, Integrators, Key consultants and their....

Virtual Meeting Organizers
Virtual Meeting Organizers

Derek Harp

Martin Noufer

Discussion Leader: Cherise Esparza-Gutierrez

Cherise Esparza-Gutierrez is the co-founder & CTO at SecurityGate, is an industry pioneer for implementation of Achilles Practice Certification PCD/ICS offshore technology cyber security for rig fleet. She is an innovative IT/ICS operations professional with 11+ years’ experience of managing IT & ICS network infrastructures, OT/PCD/ICS/IT cyber security based on (WIB/IEC 62443; NIST 800-53, ISO2700(1&2)), and operational risk management within the corporate & ICS network environments. She specializes in cyber security, enterprise telecommunications, network engineering design, ICS/SCADA/OT security, IT risk management, and Incident Response.

Discussion Leader: Graham Speake

Graham Speake, the CISO at Berkana Resources Corporation, is a senior cyber security professional with broad experience leading global Operational Technology (OT) and Information Technology (IT) cybersecurity programs for the protection of mission critical systems and infrastructure. He has established expertise in developing and delivering security and security awareness training courses and subject-matter experience in Industrial Control Systems (ICS) & SCADA cybersecurity, particularly in oil and gas majors. He has managed risk numerous large capital value projects and architected global solutions for Oil & Gas and Industrial Automation customers. He is a frequent presenter and panelist at security and industry events and has extensive experience designing and developing real time automation systems, with in depth knowledge of industry security frameworks and best practices such as: ISA-99/IEC-62443 and NIST 800-82. Graham is an active member of ISA-99 standards development programs.

Discussion Leader: Rob Garry

Rob Garry, VP Product Cyber Security at GE, is an experienced Chief Executive with a demonstrated history of working in the oil & energy industry. Skilled in Power Plants, Root Cause Analysis, Power Systems, Renewable Energy, and Engineering. Strong finance professional with a BS focused in Electrical Engineering from Union College.

May 31, 2018

The Control Systems Ecosystem – Asset Owners

Virtual Meeting Summary:
This session will go into who are all the end-user participants in this ecosystem, with a few views into some specific systems.  We will identify...

Virtual Meeting Organizers
Virtual Meeting Organizers

Derek R. Harp

Bengt Gregory-Brown

Discussion Leader: Steve Mustard

Steve Mustard, is an independent automation consultant and subject-matter expert of the International Society of Automation (ISA) and its umbrella association, the Automation Federation. He also is an ISA Executive Board member. Backed by nearly 30 years of software development experience, Mustard specializes in: the development and management of real-time embedded equipment and automation systems; and the integration of real-time processing, decision-support and other disparate systems to improve business processes. He serves as president of National Automation, Inc.

Mustard is a recognized authority on industrial cybersecurity, having developed and delivered cybersecurity management systems, procedures, training and guidance to multiple critical infrastructure organizations. He serves as the Chair of the Automation Federation's Cybersecurity Committee. Mustard is a licensed Professional Engineer, UK registered Chartered Engineer, a European registered Eur Ing, an ISA Certified Automation Professional® (CAP®) and a certified Global Industrial Cybersecurity Professional (GICSP). He also is a Fellow in the Institution of Engineering and Technology (IET) and a Senior Member of ISA.

Discussion Leader: Paul Piotrowski

Paul Piotrowski is currently an Automation Engineer in Shell’s Global PCD Integrity Organization (Process Control Domain). Paul consults globally on PCD Security issues for large global capital projects for all Shell Operating Assets. He has spent over 16 years in Shell in various security roles including network operations, risk governance and compliance, audit, incident management, forensics and project management. He has travelled extensively for Shell allowing him the opportunity to work across diverse set of cultures and landscapes which have shaped his view of the world.

Paul possesses the valuable hybrid skill set of Operations Technology (OT) and Information Technology (IT). Through visiting and working at over 50 Shell assets globally he understands how to embed practical solutions between “operations” and “corporate IT” that reduce an organization's cyber security risk while minimizing operational impact. Paul is amid becoming a certified SANS ICS Security Instructor for the GISCP course.

He holds a B.SC degree in Computer Science with a minor in management. He holds several certifications including the GICSP (Global Industrial Cyber Security Professional) and CISSP. In addition, he has participated in several executive development programmes. He is based out of the Calgary, Canada.

June 28, 2018 (10:00am EST)

Keys to an Effective Control System Security Program

Virtual Meeting Summary:
This session will identify each of the key areas that enable organizations to run effective control systems security programs.  Key to this will be...

Virtual Meeting Organizers
Virtual Meeting Organizers

Najo Ifield

Bengt Gregory-Brown

Discussion Leader: Mille Gandelsman

Mille leads Indegy’s technology research and product management activities. Prior to Indegy, Mille led engineering efforts for Stratoscale and spent several years leading cyber security research for Israel’s elite intelligence corps. Mille is a graduate of the elite Talpiot military academy and holds a Masters degree with honors in Computer Science from Tel Aviv University.

Discussion Leader: Ernest Wohnig

Mr. Wohnig is an internationally recognized cyber security and assurance leader having written, presented, and advised senior corporate and federal leadership on security and assurance issues across the energy sector and to the federal government for over 20 years. Mr. Wohnig has advised clients across several industries, helping them understand their risk posture and to develop proactive security strategies and programs resulting in clear alignment of security investments to business value. Mr. Wohnig is one of the key figures shaping the discussion and practice of cyber security in the critical infrastructure and industrial control system arenas.

Prior to joining the private sector, Mr. Wohnig served as an Air Force Intelligence Officer and worked as a Network Security Analyst for the Defense Intelligence Agency (DIA). During his tenure at DIA he authored principle portions of National Intelligence Estimates and IC position papers on cyber and security threats to critical infrastructure systems. Mr. Wohnig also briefed senior federal leaders in the Senate, State Department, and Joint Staff regarding cyber threats to the U.S. military and civilian infrastructure and was responsible for DIA coordination and leadership of community assessments related to East Asia. For his efforts during this time, Mr. Wohnig was awarded a National Intelligence Council Medallion.

Discussion Leader: Robert Bevis

Bob is the founder of Verve Industrial and leads the technical vision for the company. With over 25 years of cyber security, ICS system design, and project management, Bob’s unique ability to understand cyber security requirements (including NERC-CIP) in an operating environment enable scalable, cost effective and efficient security solutions.

Discussion Leader: Karl Perman

Karl is the Operational Technology Security Lead in KPMG’s Risk Consulting practice with over 30 years of experience delivering critical infrastructure, business protection, compliance, risk management and law enforcement consulting services. He has developed and implemented critical infrastructure protection programs, developed security technology infrastructure to protect assets, created vulnerability assessments in diverse environments, established organizational strategies and value-added security programs, and led high-level, complex investigations of criminal conduct and employee misconduct. His career includes senior level positions including Director of Security, North American Transmission Forum; Manager, Infrastructure Protection and Regulatory Compliance at Exelon Corporation; and Manager, Corporate Investigative and Protective Services at Southern California Edison.

July 26, 2018 (10:00am EST)

The Control Systems Security Workforce Challenges

Virtual Meeting Summary:
This session will dig into the control system or operating technology (OT) Cyber-security Workforce development challenges...

Virtual Meeting Organizers
Virtual Meeting Organizers

Derek R. Harp

Bengt Gregory-Brown

Discussion Leader: Samara Moore

Samara focuses on partnering across the enterprise to manage cyber and physical security and compliance risks. She joined Exelon after 10 years in the federal government. Moore was previously National Security Staff member at the White House, responsible for the NIST Cybersecurity Framework development. Prior to the White House, Samara co-led the development of the U.S. Department of Energy’s Cybersecurity Capability Maturity Model for power system utilities.

Discussion Leader: Rebekah Mohr

Rebekah Mohr is a Security Manager for Accenture, specializing in Industrial Control Systems (ICS) Security. She provides clients with services such as defining a company-wide ICS Security Program, conducting ICS Security gap assessment or risk modeling workshops, and providing materials and tools to close ICS Security gaps, complete ICS Security Remediation Programs and conduct ICS Security Run & Maintain Assurance.

Rebekah brings experience gained from 6 years working with Shell, where she was responsible for ICS Security at a Refinery, and later joined the global ICS Security Team as a Regional Technical Expert. During her time with the global team, she developed an ICS Security Risk Model, which was the first of its kind in the industry, and she designed a global ICS Security Remediation Program.

Rebekah has a Bachelor of Science degree in Math, Statistics and Computer Science from McGill University and a Master of Science degree in Statistics from University of British Columbia. Rebekah has been awarded with a Young Women in Energy and SANS “People who Made a Difference in Cyber Security” Award. Rebekah is driven to contribute as a thought leader within this space and to make a difference for the next generation of women in the technical workforce.

Discussion Leader: Andy Bochman

Mr. Bochman provides strategic guidance to senior USG and industry leaders on topics at the intersection of grid and critical infrastructure modernization and security. A frequent speaker, writer and standards developer, Andy has provided analysis on energy sector security actions, standards and gaps to DOE, DOD, DHS, FERC, NERC, NIST, NARUC, the Electricity Subsector Coordinating Council (ESCC), and state utility commissions, most recently testifying before the Senate Energy and Natural Resources Committee on energy infrastructure cybersecurity issues. He previously was Global Energy & Utilities Security Lead at IBM and Senior Adviser at the Chertoff Group in Washington, DC.

Andy is currently researching a book on applying engineering fundamentals to critical infrastructure cyber challenges. His recent publications include: “the National Security Case for Simplicity in Energy Infrastructure” (CSIS, 2015), “IoT, Automation, Autonomy and Megacities in 2025: A Dark Preview” (CSIS, 2017), "The Missing Chief Security Officer" (CXO, 2018) and "Internet Insecurity: the Brutal Truth" (HBR, 2018).

August 30, 2018 (10:00am EST)

Control Systems Security – What is the Offense Doing?

Virtual Meeting Summary:
In order to do well at cyber defense, it can be very helpful to see yourself and your org from the attackers’ point of view. This session...

Virtual Meeting Organizers
Virtual Meeting Organizers

Derek R. Harp

Bengt Gregory-Brown

Discussion Leader: Clint Bodungen

Clint has over 20 years experience as a Cybersecurity Researcher, Risk Analyst, Penetration Tester, and Developer (12+ years specialized in ICS/SCADA Cybersecurity), covering in every facet of a cybersecurity project/program and SDLC, from advanced technical development to management. As vice-president of ICS Cyber Security at Leo Cyber Security, he is responsible for building a world-class ICS Cyber Security business practice, directing the vision and philosophy of the practice, establishing great strategic partnerships and relationships, identifying technological and strategic opportunities, and hiring the most skilled and experienced staff in the industry.

Discussion Leader: Jim Gilsin

Trained as an electrical engineer specialized in controls, Jim has spent most of his career involved with computers and networking, focusing on industrial network cyber security and reliability. For the past fifteen years he's been working to develop better ways to measure industrial Ethernet performance and to determine how that performance affects the overall system robustness and reliability. Jim has also been involved in developing standards for ICS cyber security through ISA99 (http://isa99.isa.org). Mr. Gilsin is currently the co-chair of the ISA99 committee and ISA99 working group 2 developing end-user cyber security program requirements. He has been with Kenexis Consulting since 2012, I've been putting both of these skillsets into practice helping to assess, design, and validate ICS in various industries.

September 27, 2018 (10:00am EST)

Controls Systems Security – How do we Best Defend Them?

Virtual Meeting Summary:
In order to do well at cyber defense, it can be very helpful to see yourself and your org from other defenders points of view. This session will focus...

Virtual Meeting Organizers
Virtual Meeting Organizers
Virtual Meeting Organizers

Derek R. Harp

Bengt Gregory-Brown

Discussion Leader: Barak Perelman

Before founding Indegy, Perelman led several multi-million dollar cyber security projects at the IDF and received commendation for this service and achievements. He is a graduate of the elite Talpiot military academy and has over 15 years of hands-on experience in cybersecurity and protection of critical infrastructures. Perelman holds a B.Sc. in computer science, physics and math, and an MBA from the Tel Aviv University.

October 25, 2018 (10:00am EST)

Industry Regulations and Standards – Now and Emerging

Virtual Meeting Summary:
This session will introduce key aspects of both regulations and standards across multiple industries and regions of the world.    We will cover historical...

November 29, 2018 (10:00am EST)

Managing the Sustainable ICS Security Program

Virtual Meeting Summary:
This session will take a deeper dive into the key areas that enable managers to run a control systems security program day in and day out. We will...

December 20, 2018 (10:00am EST)

Future Gazing: AI, Automation & Autonomy

Virtual Meeting Summary:
In this last session of the year we will have some fun discussing what the future of Cybersecurity in the ICS, Automation...