- Trained on our vast library of engineering resources.
Register for this Webinar
On-Demand Webinar:

Preventive measures for industrial control system ransomware attacks

Ransomware attacks continue to target organizations of various sizes of all types of industries. As security vulnerabilities become commonplace, industrial plants and manufacturers have timely decisions to make regarding security training and risk-based decision making. Engineers, industrialists and technical professionals will enjoy this conversation on reducing ransomware risks in critical industries.




Date: May 13, 2022
Time: 1 PM EDT (10 AM PDT / 7:00 PM CEST)
Duration: 1 hour
Presented by:

Overview

The FBI's Internet Crime Complaint Center reported over $16.8 million in losses and over 2,084 ransomware complaints in the first six months of 2021 alone - that's 62% more reported losses than in 2020.

Ransomware attacks continue to target organizations of various sizes of all types of industries. Some of the most common vulnerabilities that lead to ransomware attacks are phishing emails, weak passwords, outdated software, poor patch management and ineffective security training.

Perhaps the most prominent, recent example of a ransomware attack to an industrial control system occurred May 2021, when a dormant VPN left Colonial Pipeline Inc. vulnerable to black hats. It resulted in fuel shortages and price hikes across large swaths of the U.S. and was a valuable lesson for critical infrastructure and industries.

As security vulnerabilities become commonplace, industrial plants and manufacturers have timely decisions to make regarding security training and risk-based decision making.

The use of passwords continues to be a challenge, but multi-factor authentication are a step forward in industrial environments. Outdated software coupled with poor patch management could pose a threat to vulnerable systems and sensitive data. Decommissioning end of life hardware and software and modernizing environments reduces the risk of cyber-attacks against vulnerable systems.

Engineers, industrialists and technical professions will enjoy this conversation on reducing ransomware risks in critical industries.

Speakers

Edgar Sotter, Senior Director, New Product Technology, CSA Group

Sotter and his team look to the technology horizon for new developments and applications that could present opportunities for CSA's Test, Inspection and Certification business. Prior to joining CSA, Sotter worked as senior director, product strategies & client solutions at Systems with Intelligence Inc. (SWI), a manufacturer of monitoring products for the electrical sector. Sotter has 20 years of combined academic, technical and business experience. He has a Ph.D in electronic engineering from Universidad Rovira I Virgili (Spain), an executive MBA from the University of Toronto (Canada) and a bachelor's of science in electronic engineering from Universidad del Norte (Colombia).

Danielle Jablanski, ISA Global Cybersecurity Alliance Member

Jablanski is a nonresident fellow at the Cyber Statecraft Initiative of the Atlantic Council's Scowcroft Center for Strategy and Security and an OT cybersecurity strategist at Nozomi Networks. She is responsible for researching global cybersecurity topics and promoting operational technology and industrial control systems cybersecurity awareness throughout the industry. Jablanski serves as a staff and advisory board member of the nonprofit organization Building Cyber Security. Jablanski has also served as the president of the North Texas Section of the International Society of Automation. She is also a member of the Cybersecurity Apprenticeship Advisory Taskforc, sponsored by the U.S. Department of Labor. Jablanski has been responsible for conducting academic and market research on emerging technologies throughout her career. She has independently consulted for the US government and a technology startup. She holds a master's degree in international security from the Josef Korbel School of International Studies at the University of Denver and a bachelor's degree in political science from the University of Missouri - Columbia.

Quade Nettles, Global Cybersecurity Services Product Manager, Rockwell Automation

Quade Nettles manages the cybersecurity services portfolio of offerings at Rockwell Automation. Quade's primary responsibility is to develop the strategic roadmap for industrial cyber security services, which include everything from consultative services like risk assessments to 24x7 managed security services. Since joining Rockwell Automation in 2012, Quade has held various positions with increasing responsibility in both technical, and management roles. Prior to his current position Quade served as a Global Cybersecurity Services Program Manager overseeing the successfully the development and rollout of cybersecurity resiliency programs across various large life science and food and beverage companies. Quade holds Bachelor of Business degree in Computer Information Systems from the University of Toledo and a Master of Business Administration degree from Cleveland State University.

David Tayouri, Deputy Director, Defense Israel, and Chairperson, IEEE Cybersecurity in Agile Cloud Computing

Tayouri has been one of the cyber activity leaders in Israel Aerospace Industries and managed the cyber intelligence department from 2013 to 2017, when the Cyber Division was established. During the last 19 years, Tayouri has been developing intelligence gathering systems for defense organizations, in different layers, mastering the cyber domain in the last 10 years by heading cyber technology and business units, and developing innovative cyber solutions. Tayouri is an experienced technology leader with business understanding, having a demonstrated history of 30 years as software developer, team leader, system engineer, project manager and system architect in various domains. He is professional with a M.S. with honors in computer science and is a Ph.D student in Ben-Gurion University of the Negev, specializing in network and system risk assessment.

Michael Hoffman, ISA Global Cybersecurity Alliance Member

Hoffman, Principal Industrial Consultant at Dragos, has over 20 years of experience focused on oil and gas, with roles in downstream, upstream and global technical leadership. His past titles have included principal ICS security engineer, controls and automation specialist, process/CEMS analyzer specialist and instrumentation and electrical technician. He has a master's degree in information security engineering from SANS Technology Institute, and is a SANS instructor in development for the ICS curriculum. Hoffman is driven to continual learning and has over 10 GIAC certifications. He is currently studying for the GIAC GSE certification.