Loading…
Attending this event?
Welcome to the Interactive Agenda for SecurityWeek’s 2017 ICS Cyber Security Conference! (View the full conference website here)  

(You can register for the conference here)
View analytic
Monday, October 23 • 4:15pm - 5:00pm
Think Like an Attacker: Shifting from a Compliance to Risk Management Mindset Requires Privilege

Sign up or log in to save this to your schedule and see who's attending!

Attacks against utilities are becoming more targeted and damaging. Records show that in 2015, the U.S. Department of Energy was hacked successfully more than 150 times between 2010 – 2015: specifically 53 of the 159 successful intrusions from October 2010 to October 2014 were "root compromises," meaning perpetrators gained administrative privileges to Energy Department computer systems. 

In this session, Chris Maroun will deconstruct several recent ICS breaches to highlight a central theme in each attack – the exploitation of administrative or privileged credentials. Attendees will learn to “think like an attacker” and understand the sense of urgency to transition from a compliance mindset to implementing security-first, risk reduction-focused programs. Attendees will gain steps for managing privileged accounts and credentials as part of a strategic security program. This program includes steps like:

  • Control and secure well-known infrastructure accounts
  • Limit lateral movement
  • Protect third party privileged accounts
  • Manage SSH keys on critical Unix servers

This proven framework will help attendees achieve more risk reduction in less time, allowing for the organization to go steps beyond simply meeting compliance regulations to ensure they’re implementing a strategic security program that will be more effective in preventing attacks on ICS.


Speakers
BT

Brandon Traffanstedt

National Director, Sales Engineering, CyberArk
National Director, Solutions Engineers at CyberArk


Monday October 23, 2017 4:15pm - 5:00pm
TBA

Attendees (14)