Virtual Meeting Series

All members can replay each Virtual Meeting.
Access the Resources page once you are a member!

Become a Member now to access the virtual meeting series

(CS)2AI 2018 “Virtual Meeting” Series Discussion Plan

For the benefit of all of its global members, (CS)2AI is proud to offer a 12-part (monthly) 1½ hour “virtual meeting” series on cyber security for control systems.  Participation in this first series will not by itself help a member reach a level of mastery, but it will serve as solid foundation to provide the broadest understanding of all the pieces and parts that go into the cyber security considerations for any control system.

These sessions are conceived and constructed as building blocks intended  to enable sequential learning (e.g. Industry terminology will not be re-defined once introduced) and modular skills building. And they will be recorded so that members unable to attend one or several modules will be able to catch up out of cycle. 


Earn 2 CPE Credits When You Attend

Are you a CISSP, CISM, or CISA certification holder?
Earn 2 continuing professional education credits (CPEs) for each Virtual Meeting 


The Virtual Meeting Series Summary

January 25, 2018 (10am EST)

Introduction to Control Systems

Virtual Meeting Summary:
What is considered a Control System, its fundamental characteristics?  What is Operational Technology (OT) SCADA, Building Automation Systems (BAS)....

Virtual Meeting Organizers
Virtual Meeting Organizers

Derek Harp

Martin Noufer

Discussion Leader: Dr. Michael Chipley

Dr. Chipley is the President of The PMC Group LLC and has been a cybersecurity subject matter expert supporting government and private sector clients as an independent consultant since 2006. He is a retired Air Force Civil Engineering officer and continues working with the Department of Defense developing cybersecurity policy, standards and guidelines for Facility-Related Control Systems, and assists project teams through the Risk Management Framework process. In addition to his activities with control systems, he is also deeply engaged with IT cloud services. He has taken private sector clients through the FedRAMP authorization process and currently has 5 active cloud authorizations and a sixth in final stage of approval. He is working with several control system vendors to implement cloud based solutions such as Lighting as a Service. He is the author and special contributor to numerous DHS, NIST and professional society publications, the creator and maintainer of the Whole Building Design Guide Cybersecurity website, and the creator and instructor of numerous cybersecuring control system workshops.

Discussion Leader: Billy Rios

Billy is the founder of Whitescope LLC, a startup focused on embedded device security.  Billy is recognized as one of the world’s most respected experts on emerging threats related to Industrial Control Systems (ICS), Critical Infrastructure (CI), and, medical devices. He discovered thousands of security vulnerabilities in hardware and software supporting ICS and critical infrastructure. Billy has worked at Google where he led the front line response for externally reported security issues and incidents.  Prior to Google, Billy was the Security Program Manager at Internet Explorer (Microsoft).

Discussion Leader: Larry Grate

Mr. Grate is an experienced Director of Technology with a demonstrated history working in the industrial automation industry. His skills include: process control, control systems design, SCADA, HMIs, network convergence and OT cyber security. With 30+ years of experience and a bachelors in electrical engineering from Mercer University, Mr. Grate is a strong engineering professional.

February 22, 2018

Inside the Control System – Components, Processes, and Automation

Virtual Meeting Summary:
This session covers hardware, software, systems, information flow and operations unique to these environments (to include PLC’s, HMIs, Historians, Field Devices, Controller devices...

Virtual Meeting Organizers
Virtual Meeting Organizers

Derek Harp

Martin Noufer

Discussion Leader: Bryan Singer

Bryan has an extensive background in a variety of industries including manufacturing, DoD, healthcare, and others. His proven professional skills include system architecture and design, software project management, application development, system administration, network administration, database design and administration, and multi-tier support. Previously he was the chairman of ISA-62443/ISA-99 Industrial Control Systems Security Standards body; Interim Governing Board, for the Process Control Security Forum; and an industry representative for security architecture concerns to almost every major manufacturing, utilities, and other critical infrastructure. His specialties are: 1) System Architecture and Design using methodologies including UML, Rational Unified Process, Booch, Yourdon, etc.; 2) MES, EAI, ERP, LIMS, PLC, DCS, HMI, and other manufacturing systems; 3) Client/Server development in Java, JSP, ASP, C/C++, Visual C++, VB, PERL, Shell (ksh, csh, sh, bash), SQL, PL/SQL, and HTML; 4) Physical and network vulnerability assessments, penetration testing, information assurance, and biometrics, and; 5) • PGP, SSH, VPN, WEP, SSL, WAP, 802.1x, RADIUS, etc

Discussion Leader: Emmett Moore

Emmett is the founder and CEO of Red Trident Inc.. Over the years, he has focused on Threat Intelligence, Vulnerability Research, and Security Services. He has been responsible for all aspects of the product development life cycle in the Oil & Gas Industry. As a project specialist he handled a multitude of roles, which included managing high level automation projects for the oil and gas industry, as well as being a technical specialist various other projects.

March 29, 2018

What is Unique About a Control Systems Network?

Virtual Meeting Summary:
This session will profile some of the strengths (yes there are some), weaknesses, opportunities and threats unique to the networks found in control system...

Virtual Meeting Organizers
Virtual Meeting Organizers

Derek Harp

Martin Noufer

Discussion Leader: Stuart Phillips

Mr. Phillips has over 25 years of experience in cybersecurity, networking, and unified communications. He has held leadership positions in sales, marketing, and product/program management for some of the largest vendors (Cisco, Polycom, and Avaya). Stuart has extensive experience with end users in the military, government and financial markets worldwide, covering all aspects of security. He completed his B.S. in Computer Science in California. After joining Cisco he held positions of leadership in IOS Engineering and then managed Cisco security marketing for the Asia Pacific while completing his MBA in Singapore. Later he founded and ran a subcontractor Santa Barbara Labs (SBL), for the U.S. Air Force through Lockheed Martin. SBL program managed a high-security lab for developing software models to optimize secure communications over highly degraded military satellite networks. At Unisys, Stuart is focused on security technologies adoption and transition in the industrial Internet of things. He is based in Thornton, Colorado.

Discussion Leader: Fred Gordy

Fred Gordy is an industry expert within building intelligence data analysis for building control and power monitoring systems with emphasis on cyber security. His control systems knowledge gives him insight on challenges of interlacing traditional IT environments with control systems for a cohesive and secure operational technology platform. With over 16 years in the BAS space, over 5 years of BAS cyber security and 20 years in the IT space Fred is nationally recognized as a cyber-security thought leader. Fred was Chairperson of the Cyber Security Committee for the InsideIQ 55 international member companies, Security Steering Committee Member for S.E.A.T. (Sports & Entertainment Alliance in Technology), founding member of Cyber Security for Control Systems Association International (CS2AI), past president and current president emeritus the Atlanta CS2AI Chapter.

April 26, 2018

The Control Systems Ecosystem – Suppliers

Virtual Meeting Summary:
This session will go into who are all the players in this ecosystem.  Examples are: OEMs, suppliers, vendor, Integrators, Key consultants and their....

May 31, 2018

The Control Systems Ecosystem – Asset Owners

Virtual Meeting Summary:
This session will go into who are all the end-user participants in this ecosystem, with a few views into some specific systems.  We will identify...

June 28, 2018

Keys to an Effective Control System Security Program

Virtual Meeting Summary:
This session will identify each of the key areas that enable organizations to run effective control systems security programs.  Key to this will be...

July 26, 2018

The Control Systems Security Workforce Challenges

Virtual Meeting Summary:
This session will dig into the control system or operating technology (OT) Cyber-security Workforce development challenges...

August 30, 2018

Control Systems Security – What is the Offense Doing?

Virtual Meeting Summary:
In order to do well at cyber defense, it can be very helpful to see yourself and your org from the attackers’ point of view. This session...

September 27, 2018

Controls Systems Security – How do we Best Defend Them?

Virtual Meeting Summary:
In order to do well at cyber defense, it can be very helpful to see yourself and your org from other defenders points of view. This session will focus...

October 25, 2018

Industry Regulations and Standards – Now and Emerging

Virtual Meeting Summary:
This session will introduce key aspects of both regulations and standards across multiple industries and regions of the world.    We will cover historical...

November 29, 2018

Managing the Sustainable ICS Security Program

Virtual Meeting Summary:
This session will take a deeper dive into the key areas that enable managers to run a control systems security program day in and day out. We will...

December 20, 2018

Future Gazing: AI, Automation & Autonomy

Virtual Meeting Summary:
In this last session of the year we will have some fun discussing what the future of Cybersecurity in the ICS, Automation...