Register for this Webinar
On-Demand Webinar:

Protecting industry and infrastructure from advanced persistent threats

Proactive threat hunting is necessary to identify new, unknown threat actors. With the growing number of threat actors, nation-sponsored attacks and hacker groups, dedicated threat hunting programs to identify and mitigate threats are necessary to enhance industrial defense capabilities. The webinar will examine common threat hunting techniques, and how to organize and leverage the results for better industrial cybersecurity.




Originally presented: May 18, 2022
Duration: 1 hour
Presented by:

Overview

Cyberattacks are less often carried out by individuals acting alone. They are frequently executed by a collective group of remote individuals, who have learned to organize and optimize their efforts to extend their nefarious reach. And often enough, these criminals are backed by hostile countries or companies. Once these cyber attackers have gained access to the right network, they can cripple utilities and infrastructure, or hold markets hostage.

These are the shadowy battlefields where industrial control systems are exposed. And they are extremely important to protect.

Proactive threat hunting is necessary to identify new, unknown threat actors. With the growing number of threat actors, nation-sponsored attacks and hacker groups, dedicated threat hunting programs to identify and mitigate threats are necessary to enhance industrial defense capabilities.

Threat hunting helps organizations address sophisticated attacks that automated tools may not identify. It compliments active and passive vulnerability scanning, penetration testing efforts, as well as logging provided by security information and event management (SIEM) capabilities. With threat hunting, critical industries can combine the expertise and talent of their IT workforce with existing cyber systems to understand where serious threats might be present within the network.

The webinar will examine common threat hunting techniques, and how to organize and leverage the results for better industrial cybersecurity.

Speakers

Edgar Sotter - Moderator, Senior Director, New Product Technology, CSA Group

Sotter and his team look to the technology horizon for new developments and applications that could present opportunities for CSA's Test, Inspection and Certification business.

Prior to joining CSA, Sotter worked as senior director, product strategies & client solutions at Systems with Intelligence Inc. (SWI), a manufacturer of monitoring products for the electrical sector.

Sotter has 20 years of combined academic, technical and business experience. He has a Ph.D in electronic engineering from Universidad Rovira I Virgili (Spain), an executive MBA from the University of Toronto (Canada) and a bachelor's of science in electronic engineering from Universidad del Norte (Colombia).

Eduardo Di Monte, Cybersecurity Strategic Growth Leader, Rockwell Automation

Di Monte is a telecommunications engineer and MBA at the EuroMBA Consortium. Additionally, he is an expert in industrial cybersecurity (IoT) and business continuity. With over 17 years of experience, for the last 10 he has focused in the cybersecurity aspects related to automatization systems and industrial controls systems, specifically critical infrastructures.

Syam Madanapalli, Director of IoT at NTT Data Services and Chairperson, IEEE P1931.1, IEEE

Madanapalli chairs IEEE P2994 - Standard for Security Assessment Framework for Internet of Things (IoT) Application Deployments, and works for NTT DATA Services as IoT solutions/services line director. He won the IoT Thought Leadership award in 2018 at India IoT Congress by IET. Madanapalli co-authored a book on All IP Networks, has 18 granted patents, has written eight RFC standards for the Internet at IETF (first to write an IETF draft from India), contributed to various standards at IEEE, and other SDOs. He led the team that developed the world's first IPv6-ready logo-certified TCP/IP stack. Madanapalli is also the chair of IEEE P1931.1.

David Tayouri, Deputy Director, Defense Israel, and Chairperson, IEEE Cybersecurity in Agile Cloud Computing

Tayouri has been one of the cyber activity leaders in Israel Aerospace Industries and managed the cyber intelligence department from 2013 to 2017, when the Cyber Division was established. During the last 19 years, Tayouri has been developing intelligence gathering systems for defense organizations, in different layers, mastering the cyber domain in the last 10 years by heading cyber technology and business units, and developing innovative cyber solutions. Tayouri is an experienced technology leader with business understanding, having a demonstrated history of 30 years as software developer, team leader, system engineer, project manager and system architect in various domains. He is professional with a M.S. with honors in computer science and is a Ph.D student in Ben-Gurion University of the Negev, specializing in network and system risk assessment.

Richard K. Peters, ISA Global Cybersecurity Alliance Member

Peters, CISO, Operational Technology at Fortinet, brings the Fortinet OT-CI team more than 37 years of cybersecurity and global partnering experience working across foreign, domestic, and commercial industry sectors at the National Security Agency (NSA). In his role, he delivers cybersecurity defense solutions and insights for the OT/ICS/SCADA critical infrastructure environments. Prior to Fortinet, he led development of cyber capability across endpoint, infrastructure, and industrial control system technologies at the agency. Previously, Peters also served as an executive leader supporting the information assurance directorate at the NSA. Earlier in his career, he served in a broad range of leadership and engineering roles, including chief of staff for the NSA Cyber Task Force and a five-year forward liaison charged with directing integration of cyber and cryptologic solutions for U.S. Air Force Europe, Ramstein AFB, Germany.

Seth Lacy, ISA Global Cybersecurity Alliance Member

Seth Lacy is a Principal Adversary Hunter on the Dragos intelligence team. Seth draws on twelve years of government and commercial experience across a number of cybersecurity functions to hunt innovative adversary tactics, techniques, and procedures to inform the defense of operational technology networks within industrial infrastructure. Seth also maintains certifications as an Offensive Security Certified Professional (OSCP) and GIAC Certified Penetration Tester (GPEN).