This event has ended. Visit the official site or create your own event on Sched.
Welcome to the Interactive Agenda for SecurityWeek’s 2018 ICS Cyber Security Conference! (View the full conference website here)  (You can Register for ICS Cyber Security Conference Here
Monday, October 22 • 9:45am - 10:30am
Top-Down or Bottom’s Up: Comparing ICS Cybersecurity Risk Assessment Methodologies

Sign up or log in to save this to your schedule and see who's attending!

There are probably as many approaches to assessing the cybersecurity of existing ICS systems as there are organizations who offer them.  Many organizations, particularly those with a background in IT security, typically start from the top (e.g. the enterprise/business network) and work down to the ICS network and endpoints.  These assessments typically focus on levels 2 to 3.5 of the Purdue model with an emphasis on networks and Windows endpoint security.  Other organizations, particularly those with a background in automation systems, typically start from the bottom (e.g. level 0 & level 1) and work up.

This presentation will discuss the pro’s and con’s of each approach, provide examples from the field and offer guidance on specifying an ICS cybersecurity risk assessment that will actually identify and rank all risks to the organization.

avatar for John Cusimano

John Cusimano

Director of Industrial Cybersecurity, aeSolutions
John Cusimano, CISSP, GICSP, CFSE, is the Director of Industrial Cybersecurity for aeSolutions. John is an industrial control systems cybersecurity and functional safety expert with more than twenty years of experience. He leads the cybersecurity group for aeSolutions, a process safety... Read More →

Monday October 22, 2018 9:45am - 10:30am
Windsor DE