Presentasi ini menyoroti praktik deteksi ancaman dan tanggapan terhadap insiden di lingkungan sistem kontrol industri, dengan membedah kapabilitas ancaman penjahat siber terhadap ICS yang canggih dalam kampanye serangan baru-baru ini. Fokus sesi ini terletak pada Teknik dan Prosedur Taktik Penjahat Siber terhadap ICS (TTPs) dan bagaimana keamanan sistem kontrol industri dapat proaktif, terjangkau, dan efektif tanpa anggaran yang besar. Dean akan mengilustrasikan mengapa senjata siber dan teknik yang digunakan dalam serangan modern mungkin lebih penting daripada atribusi penjahat siber terhadap tanggapan insiden ICS taktis dan serta tindakan praktis yang dapat diterapkan pada Sektor Infrastruktur Kritis ICS/OT mana pun.
Dalam presentasinya, Dean menyampaikan pengalamannya selama lebih dari 20 tahun di bidang teknis dan manajemen. Dia telah bekerja pada Pertahanan Siber Teknologi Informasi dan Sistem Kontrol Industri (ICS) di sektor infrastruktur kritis seperti telekomunikasi, dan pembangkit listrik, transmisi, distribusi, dan kilang minyak & gas, penyimpanan, dan distribusi. Dean adalah duta dalam hal ketahanan sistem industri dan advokat untuk keamanan, keandalan, dan perlindungan dunia maya untuk infrastruktur kritis. Misinya sebagai instruktur adalah untuk memberdayakan setiap muridnya, dan dia dengan sungguh-sungguh mengajarkan bahwa “Pertahanan bisa dilakukan!” Sepanjang karirnya, pencapaian Dean termasuk membangun seluruh program keamanan ICS untuk sektor infrastruktur kritis, berhasil menahan dan memberantas infeksi malware dan ransomware di pembangkit listrik dan jaringan kontrol manufaktur, melakukan triase analisis malware dan forensik digital ICS, membangun TI/OT yang terkonvergensi tim tanggap insiden dan pemburu ancaman, dan melakukan penilaian ICS di gardu listrik, kilang minyak dan gas, manufaktur, dan jaringan telekomunikasi. Sebagai Instruktur Bersertifikat SANS, Dean mengajar ICS515: Visibilitas, Deteksi, dan Respons ICS dan merupakan rekan penulis Kursus SANS baru ICS418: ICS Security Essentials for Managers. Dean adalah anggota Dewan Penasihat SANS GIAC dan memiliki banyak sertifikasi profesional keamanan siber termasuk GICSP, GRID, GSLC, dan GCIA, serta CISSP®. (https://www.sans.org/profiles/dean-parsons/)
English
The presentation draws attention to practical threat detection and incident response in industrial control system environments, by dissecting advanced ICS adversary threat capabilities in recent attack campaigns. The focus of the session is on ICS adversary Tactics Techniques and Procedures (TTPs) and how industrial control system security can be proactive, affordable and effective without a massive budget. Dean will illustrate why the cyber weapons and the techniques used in modern attacks may be more important than adversary attribution for tactical ICS incident response and provide practical take-aways for actions in any ICS/OT Critical Infrastructure Sector.
Dean brings over 20 years of technical and management experience to the stage. He has worked in both Information Technology and Industrial Control System (ICS) Cyber Defense in critical infrastructure sectors such as telecommunications, and electricity generation, transmission, distribution, and oil & gas refineries, storage, and distribution. Dean is an ambassador for defending industrial systems and an advocate for the safety, reliability, and cyber protection of critical infrastructure. His mission as an instructor is to empower each of his students, and he earnestly preaches that “Defense is Do-able!” Over the
course of his career, Dean’s accomplishments include establishing entire ICS security programs for critical infrastructure sectors, successfully containing and eradicating malware and ransomware infections in electricity generation and manufacturing control networks, performing malware analysis triage and ICS digital forensics, building converged IT/OT incident response and threat hunt teams, and conducting ICS assessments in electric substations, oil and gas refineries, manufacturing, and telecommunications networks. A SANS Certified Instructor, Dean teaches ICS515: ICS Visibility, Detection, and Response
and is a co-author of the new SANS Course ICS418: ICS Security Essentials for Managers. Dean is a member of the SANS GIAC Advisory Board and holds many cybersecurity professional certifications including the GICSP, GRID, GSLC, and GCIA, as well as the CISSP®. (https://www.sans.org/profiles/dean-parsons/)
*You can also register to view this webcast recording in English
View English Recording >