This event has ended. Visit the official site or create your own event on Sched.
Welcome to the Interactive Agenda for SecurityWeek’s 2017 ICS Cyber Security Conference! (View the full conference website here)  (You can register for the conference here)
View analytic
Tuesday, October 24 • 11:00am - 11:45am
Incident Response Programs – Lessons from NASA’s Mission Control

Sign up or log in to save this to your schedule and see who's attending!

Nearly every industry authority or governmental agency that has commented on data security has recommended an Incident Response Plan (IRP), and though these same bodies often loosely suggest the contents of said plan, few provide a concrete structure and even fewer address the unique environment of ICS/SCADA.

This session explores, as a model for ICS incident response, NASA’s Mission Control framework related to the International Space Station (ISS), which itself boasts 52 onboard computers, 1.8 million lines of code, 100 data networks, and over 400,000 sensors/signals, all onboard an orbiting space vehicle that can never be shut down. During the session, we will break an IRP into Policies, Procedures, Rules/Directives, and Dataset Repositories, and discuss development, uses, and document control management of each. We will also touch upon the organization of the Mission Control room itself, the unique communication structure between its members, and we will show a behind-the-scenes video of how Mission Control handled a vehicle launch incident – all of which provide valuable insight into effective incident response. Your host is a former NASA flight controller, certified to fly both the ISS and the Space Shuttle, and an attorney charged with developing modern incident response programs.

Shared Materials

Attendees will be provided with a sample set of NASA Flight Data File Flight Rules and Flight Procedures. In applying this framework to incident response, we will also provide a sample set of Rules/Directives and Procedures geared toward incident response. In conjunction with our discussion on incident response team structure and communication, attendees will also receive a sample team layout graphic, showing one method for streamlining roles, responsibilities, and communication protocols for the incident response team at a given company.

Key Takeaways

  • Overview of an incident response framework that has been in existence for over 50 years
  • Incident response plan structure and development process for organizations of all sizes
  • Building and strengthening incident response team communication skills

avatar for Clint Bodungen

Clint Bodungen

VP, ICS Cybersecurity Research & Development, Leo Cybersecurity
Clint is an industry recognized ICS cybersecurity expert, and has been an active part of this ICS Cybersecurity Community since 2003. He has more than 20 years of overall professional experience in cybersecurity, with more than a decade focused exclusively on ICS security. Throughout his career, Clint has specialized primarily in ICS cybersecurity research, penetration testing, and risk analysis with notable organizations such as the United States Air Force, cybersecurity vendors Symantec, and Kaspersky Lab, and major consulting firms such as Booz Allen Hamilton. The majority of his clientele has consisted of many of the... Read More →
avatar for Seth Jaffe

Seth Jaffe

VP, Incident Response Practice, LEO Cyber Security
Seth Jaffe is Vice President of the Incident Response Practice at LEO Cyber Security. In his role at LEO, Seth assists clients in the preparation, maturation, testing, and training of all things incident response, leveraging his fifteen years’ experience in NASA’s Mission Control to bring a unique perspective to the industry. Prior to LEO, Seth held the position of technology attorney at a major U.S. airline, where he was the lead Legal team member on the Incident Response Team, tasked with developing incident response procedures and policies, facilitating effective emergency communication with other team members, | and responding to actual incidents. Seth also sat on an executive steering committee charged with making strategic decisions about the company incident response plan and socializing cyber security issues to executives. Earlier in his career, Seth worked in Mission Control at... Read More →

Tuesday October 24, 2017 11:00am - 11:45am
Windsor Ballroom CDE