Hundreds of professionals from around the world will meet in Atlanta, Ga., on October 22-25, for SecurityWeek’s 2018 ICS Cyber Security Conference, the largest and longest-running conference dedicated to industrial and critical infrastructure cybersecurity.
The ICS Cyber Security Conference brings together industrial control systems users and vendors, security solutions providers, and government representatives to discuss critical issues facing operators of industrial networks.
Throughout the four day conference, presentations, training sessions and workshops will help participants improve their knowledge on how to efficiently protect SCADA systems, programmable logic controllers (PLCs), distributed control systems (DCS), engineering workstations, and field devices.
The exchange of technical information, details about actual incidents, insights, and best practices will help representatives of energy, manufacturing, transportation, water, utilities, and other industrial and critical infrastructure organizations address the issues they currently face.
The ICS Cyber Security Conference, set to take place at the InterContinental Buckhead Atlanta, will kick off on Monday, October 22, with a day dedicated to extended workshops and breakout sessions focusing on technology and strategy. The workshops include Red Team/Blue Team training, and a hands-on workshop by Palo Alto Networks and CyberX on defending ICS and SCADA networks.
The other sessions of day one will focus on risk assessments, vulnerability research, enhancing security using the ATT&CK Framework, pathing of critical systems, zero trust networking applied in ICS, the risk posed by physical access controls, defense strategies for robotic systems, and securing applications using a local certificate authority.
The second day begins with representatives from Rockwell Automation, Schneider Electric and Siemens discussing the current state of cybersecurity in the ICS Manufacturer’s Panel.
Next, Robert M. Lee and Marc Seitz of Dragos will present their research on Xenotime, the group that created the Triton/Trisis ICS malware. Participants will also learn from ARC Advisory Group’s Larry O’Brien about the best approach for selecting cybersecurity vendors for operation technology (OT) environments.
On Wednesday, Andrea Carcano of Nozomi Networks will share details of research into the Triton attack, and Dr. Alex Tarter of Thales will discuss how the British Ministry of Defence protects critical infrastructure through a methodology called ‘Cyber Vulnerability Investigations’. On the same day, representatives from Sony’s security team will discuss security in manufacturing environments, and Edna Conway, CSO for Cisco’s Global Value Chain, will have a fireside chat with Microsoft Cybersecurity Field CTO Diana Kelley on supply chain security.
On the last day of the conference, Colonel Mark Gelhardt, Former CIO for President Clinton, will talk about his time at the White House and the lessons learned. Attendees will also learn about the actual meaning of “anomaly detection” and “machine learning” in the context of ICS threat monitoring, and they will find out how security researchers and automation vendors can work together on reporting and patching vulnerabilities. Another interesting presentation comes from the Department of Homeland Security, whose representatives will talk about Russian cyber activity on US critical infrastructure.
Each day of the conference also features various case studies, technical sessions, and strategy sessions, including on insider threats, side-channel attacks on ICS, preventing attacks on the power grid, cybersecurity programs at nuclear plants, best practices, threat detection, and the threat posed by IT malware.
In addition to amazing content, there will be several receptions and parties to give delegates the chance to network and discuss in a relaxed environment.