40+ Cyber Security Courses at SANSFIRE in Washington DC! Save up to $350 thru 4/24.

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

NIST Recommendations for ICS & IIoT Security

  • Thursday, February 28th, 2019 at 3:30 PM EST (20:30:00 UTC)
  • Phil Neray, Michael Powell, Jim McCarthy, Tim Zimmerman
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsor

  • CyberX

You can now attend the webcast using your mobile device!

Overview

WannaCry, NotPetya, and TRITON demonstrate that ICS and IIoT networks continue to be soft targets for cyberattacks, increasing the risk of costly downtime, safety failures, environmental incidents, and theft of sensitive intellectual property.

NIST and the NCCoE recently published a NIST Interagency Report (NISTIR) demonstrating how off-the-shelf, ICS-aware behavioral anomaly detection (BAD) effectively reduces cyber risk for manufacturing organizations, without impacting OT networks, as well as risk from equipment malfunctions.

The report was the product of a close collaboration between NCCoE, CyberX, and other technology providers such as OSIsoft.

In this joint webinar with NIST and CyberX, you'll learn about:

  • Mapping the security characteristics of BAD to the NIST CSF
  • Using NIST's reference architecture for your own ICS & IIoT environment
  • How CyberX detected 15 examples of high-risk anomalies in NIST's testbed environment, including unauthorized devices; unauthorized remote access; plain-text credentials; network scans using ICS protocols; and unauthorized PLC logic downloads

We'll also discuss how CyberX's agentless platform helps you:

  • Auto-discover your ICS & IIoT assets, protocols, and network topology
  • Identify critical OT vulnerabilities and risks
  • Prioritize risk mitigation for your most valuable processes (crown jewels)
  • Enable rapid ICS threat detection, response, threat hunting, and prevention
  • Implement converged IT/OT security in your corporate SOC via certified apps for IBM QRadar, Splunk, ServiceNow, Palo Alto Networks, and other integrations with your security stack

Speaker Bios

Phil Neray

Phil is the VP of Industrial Cybersecurity for CyberX, whose notable customers include 2 of the top 5 US energy providers; a top 5 US chemical company; a top 5 global pharmaceutical company; and national electric and gas utilities across Europe and Asia-Pacific. Prior to CyberX, Phil held executive roles at IBM Security/Q1 Labs, Symantec, Veracode, and Guardium. Phil began his career as a Schlumberger engineer on oil rigs in South America and as an engineer with Hydro-Quebec. He has a BSEE from McGill University, is certified in cloud security (CCSK), and has a 1st Degree Black Belt in American Jiu Jitsu.


Michael Powell

Michael Powell is a Cybersecurity Engineer at the National Cyber-Security Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) in Rockville, Maryland.†His research focuses on cybersecurity for the manufacturing sector, particularly how it impacts industrial control systems.

Mr. Powell joined the NCCoE in 2017.†In his previous positions, he was responsible for the management/oversight of building and commissioning US Navy DDG-51 class ships.†He also served in the United States Navy for over 20 years, retiring as a Chief Petty Officer.††He holds a bachelorís degree in Information Technology from University of Maryland University College, A Masterís degree in Public Administration from Bowie State University, and a masterís degree in Information Technology from University of Maryland University College.†Mr. Powell is currently in the final stages of completing his Doctorate degree in Computer Science at Pace University in West Chester, New York.


Jim McCarthy

Jim McCarthy is a senior security engineer at the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST). He currently

serves as the Federal lead for Energy Sector projects. The NCCoE collaborates with members of industry, government, and academia to build open, standards-based, modular, and practical example reference designs that address cybersecurity challenges in key economic sectors. The center benefits from formal partnerships with market leaders, including several Fortune 50 companies.

Mr. McCarthy joined the NCCoE in 2014, after serving at the U.S. Nuclear Regulatory Commission. He also worked in various cybersecurity roles at the U.S. Department of Transportation. In his previous positions, he was responsible for the management and operation of the cybersecurity incident response teams for these agencies. He also performed security assessments on components of the nationís critical infrastructure systems. He holds a bachelorís degree from Providence College and masterís degree from the Johns Hopkins Carey Business School.


Tim Zimmerman

Timothy Zimmerman is a Computer Engineer in the Intelligent Systems Division at the National Institute of Standards and Technology (NIST), Gaithersburg, Maryland. His research focuses on cybersecurity for the manufacturing sector, especially its impact on industrial control systems and robotics.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.