"Elephants in the Room - Control System Security"
CEU TYPE: Technical
WEBINAR TYPE: Technical
SUMMARY: Control system security has a number of "elephants in the room." The ICS-CERT no longer issues vulnerability announcements for control system components which use plain-text communications and are trivially compromised as a result. The majority of critical infrastructure control systems do not update anti-virus signatures regularly, nor do they apply security updates/patches. Control system software is notoriously riddled with vulnerabilities. Security researchers report finding a half dozen zero-day remote code execution vulnerabilities in every product they examine, after only a couple of hours of examination. Why is there even a "responsible disclosure" debate for critical ICS vulnerabilities when anyone who cares can find their own critical zero-day vulnerabilities with a couple hours effort?
It is clear that all of this must change, and soon. It is equally clear that little of this is in fact changing any time soon. This presentation reviews these elephants in the room in light of recent incidents and announcements. Each of these issues is put into perspective within the overall spectrum of security threats to critical infrastructure control systems, and compensating measures for each of the "elephants" are discussed. Join us for an overview of the issues nobody is talking about, but all ICS security systems must somehow address.
Mike Firstenberg, Waterfall Security
Mike Firstenberg is the Director of Industrial Security for Waterfall Security. Mike brings more than a decade in Control System Security, specializing in Control System Cyber Security. With a proven track record as a hands-on engineer – researching, designing, and implementing strategic security solutions, Mike has an established background working with governmental institutions, regulatory authorities, and Industrial utilities.
Mike has a Bachelor’s Degree in Computer Science with a focus on Chemical Engineering and Mathematics from the University of Pennsylvania, and has served as a speaker and panelist at various control system security conferences and events.
REGISTRATION & HOURS: This webinar will begin at 12:00pm and conclude by 1:00pm CST. Earn up to 1 PDH or RTC hour. After registering with Illinois Section AWWA, attendees will be furnished via email with all materials and links needed to participate in the webinar. Questions? Call 866-521-3595 Ext. 3
|Registration Type||ISAWWA Member Rate||Non ISAWWA Member Rate|
|Regular (ends 01/22/14)||$0.00||$30|
|After 01/22/14 or Day of Webinar|
Online registration closed.
Call 866-521-3595 ext.3 to register.