In ICS (industrial control systems) or OT (operational technology) security, there is an endless list of ‘security’ issues that could be ‘remediated’.  Many industrial organisations, much less IT/OT stakeholders don’t know where to start.

This half-day tutorial leverages concepts and material from SANS ICS418 (ICS Security Essentials for Managers) and ICS515 (ICS Visibility, Detection, and Response).  In addition, Peter will feed in insights from his work across ANZ and drivers from the five ICS cybersecurity critical controls. This workshop will go more in depth in the material that Peter will be presenting on Thursday to the AusCERT audience (the latest high-ROI actions that industrial organisations should be taking to address ICS/OT security risk).

Peter will tailor this session for a technical audience – those in ICS/OT security technical roles and/or those coming into ICS/OT security with technical experience/expertise in corporate/enterprise security.  Practitioners will be enabled in their mission to support safe, secure, reliable plant operations with security as an enabler, with a nuanced approach to ICS/OT security and considerations for pragmatic people, process, and technology.

The tutorial will be run as a workshop with engagement and an exercise or two from the SANS material.  Note: there will be overlap in the content between the morning and afternoon sessions.

Peter is an experienced ICS/OT security practitioner. He leads the SGS ECL team of industrial cyber specialists (engineers/consultants). His background includes control/safety systems experience, as a TÜV-certified Functional Safety Engineer. When he’s not leading the ECL Cyber team, Peter is an instructor for SANS ICS515 (ICS Visibility, Detection, and Response) and runs the NZ ICS Cyber Technical Network.

Technical Level:  Medium – High