Don Weber

Don C. Weber has devoted himself to the field of information security since 2002. His most recent experiences include providing penetration assessment, architecture review, detailed hardware security assessment, wireless and radio implementation analysis, and incident response management for a wide range of industries including those in the financial, retail, media and energy markets.

Don's Smart Grid experience includes end-to-end AMI assessments for several energy-related clients and he has provided guidance on several Smart Grid-related standards committees and during Smart Grid conferences.

Jack of All Trades. Extensive experience in physical and information technology penetration testing, web assessments, wireless assessments, architecture review, incident response/digital forensics, product research, hardware research, code review, and security tool development. For the past three years he has leveraged these skills to assist Warner Bros. as a Senior Manager, Incident Response (IR) and, for an eight-month period, as the acting-Director, Risk and Vulnerability Management (RVM). Responsibilities included ensuring WB’s preparedness to identify and respond to suspicious and malicious activities across all internal and cloud-based assets. RVM duties included providing security guidance during the development, implementation, and evolution of a variety of Internet-accessible media-related applications and services.

Previous to WB, he focused on hardware research specifically in the technologies surrounding products comprising the SMART GRID with a focus on implementing various communication protocol API's and microprocessor disassemblers/emulators for research, testing, and risk assessment. Don is also a faculty member of the SANS Technology Institute, an NSA Center of Academic Excellence in Cyber Defense and multiple winner of the National Cyber League competition.

Hear Don teach about analyzing OT Radio Implementations for Attack Surface here:

Additional Contributions By Don Weber:

YOUTUBE SERIES:

• Check out and subscribe to Don's YouTube channel, Simply ICS Cyber 

WEBCASTS

• ICS Concepts Webcast Series on SANS ICS YouTube
• ICS Hot Take videos on SANS ICS YouTube
• Responding to Incidents in Industrial Control Systems (ICS): Identifying Threats, Reactions and Developing the IR Process, May 2020
• SANS @MIC Talk - Prioritizing OT Security Efforts: The Five Tactical Things to Accomplish While Leadership Defines a Security Program, May 2020
• Industrial Control System ICS Security Analyst interview with Don Weber, April 2020
• How Operational Technology (OT) Security is Redefining the CISO Role, April 2020
• SANS SANS@MIC - Pen Testing ICS and Other Highly Restricted Environments, April 2020
• Securing ICS Using the NIST Cybersecurity Framework and Fortinet: Best Practices for the Real World, February 2020
• Yes, IT and OT Are Converging. So How Does This Affect Compliance?, September 2019

BLOG

• Learning Ghidra Basics Analyzing Firmware
• Questions from SANS Pen Test HackFest 2019
• WWHF2019: Architecting Secure ICS Environments
• Conducting Security Program Maturity Evaluations of ICS Environments