Loading…
Attending this event?
Welcome to the Interactive Agenda for SecurityWeek’s 2017 ICS Cyber Security Conference! (View the full conference website here)  

(You can register for the conference here)
View analytic
Monday, October 23 • 8:00am - 5:00pm
Cybersecuring Control Systems [8AM-5PM]

Sign up or log in to save this to your schedule and see who's attending!

The Cybersecuring Control Systems Workshop is geared to help architects, engineers, contractors, owners, facility managers, maintenance engineers, physical security specialists, information assurance professionals—essentially anyone involved with implementing cybersecurity in the Control System (CS) life cycle—to learn the best practice techniques to better protect their CS.

The workshop provides a combination of classroom learning modules to teach control system basics, protocols, how to use the NIST Risk Management Framework and the Cybersecurity of Facility-Related Control Systems Design Guidance, and hands-on laboratory exercises using tools and methods to inventory, diagram, identify, attack, defend, contain, eradicate and report a cyber event/incident. This includes understanding and practicing hacker and defender techniques for footprinting, scanning and enumeration, exploitation, and post exploitation clean up and maintain persistence. Attendees will see how hackers use exploit tools to gain entrance into the control system, pivot through the network, establish beacon command and control channels, modify logs to mask presence, and exfiltrate data. Attendees will also learn how to use the Advanced Control System Tactics, Techniques, and Procedures (TTPs) developed by the U.S. Cyber Command (USCYBERCOM) to create a Recovery Jump-Kit to find and eradicate malware and exploits using tools such as MalwareBytes, Microsoft Internals Suite, and OSForensics to perform data collection for forensics.

Workshop Overview

  • 0800-0900    Unit 1 Overview of Control Systems, Networking and Communication Protocols, NIST/SANS/ISA/ISSO Standards & Drivers
  • 0900-1015    Unit 2 Hacker Methodology
  • 1015-1030    Break
  • 1030-1115    Unit 3 UFC 4-010-06 Cybersecurity of Facility-Related Control Systems (Enclaves, Test and Development Environment, SCAP/STIGS)
  • 1115-1200    Unit 4 Overview of ICS-CERT CSET and GrassMarlin tools
  • 1200-1300    Lunch
  • 1300-1330    Unit 5 Advanced Control System Tactics, Techniques, and Procedures 
  • 1330-1400    Unit 6 Control System Forensics
  • 1400-1430    Unit 7 Acquisition and Procurement Language for Control Systems, Wrap Up Q&A

Monday October 23, 2017 8:00am - 5:00pm
TBA

Attendees (13)