[Webinar Series]

ICS Cyber Security Maturity Journey

Hosted by RMEL

July 15th, July 29th, August 12th

Learn how to make significant improvements in your overall cyber security maturity through a programmatic approach. This series will “begin at the beginning” and explain a step by step process over three hour-long sessions how to reduce your exposure to potential attacks. The series will be relevant for those members who have been working on NERC CIP compliance for years as well as those who are just beginning their overall cyber program.

Webinar #1: Defining the Threat Landscape and Roadmap

July 15th, 10:00 am MT

In this hour-long session, the presenters will walk through the latest threat landscape and why industrial control systems are at significant – and growing – risk from attackers. They will then discuss the real challenges to securing these critical infrastructure systems. They will then walk through a practical approach to building a comprehensive roadmap to accelerate your cyber security journey. This approach will leverage many case studies and examples from utilities who have succeeded in dramatically improving their maturity in rapid fashion. It will conclude with practical suggestions of how to begin – regardless of where you stand in your current maturity.

Webinar #2: Building the Foundation With Asset Inventory & Assessment

July 29th, 10:00 am MT

In the second part of the series, the Verve team will address the most critical foundational elements of a strong security program – detailed asset inventory and vulnerability assessment. It’s hard to build a map if you don’t know from where you are starting. Every cyber security framework, therefore, begins with an “identify” or “inventory” or “assessment” phase. The presenters will walk through the components of a robust inventory, the challenges of achieving it, as well as practical suggestions of how to gather and maintain the information you need efficiently. They will then explain how to use that data to prioritize the greatest vulnerabilities and risks in your environment.

Webinar #3: Defining and Executing the Roadmap

August 12th, 10:00 am MT

Once an organization has defined its prioritized risks and vulnerabilities, the time is right to build a comprehensive roadmap and execution plan. In this third session, our Verve colleagues will walk through the common components of a roadmap and how to prioritize the elements most critical based on different assessment results. This roadmap development approach is based on practical, successful experiences with many utilities. This session will also include a practical guide to how to then execute this roadmap most efficiently and effectively given all the moving parts and sensitive control systems elements.

[Virtual Event]

SANS Oil & Gas Cybersecurity Summit

October 2nd, 2020

The SANS Oil & Gas Cybersecurity Summit will bring leading experts together to discuss industry trends, challenges, and opportunities. They’ll address recent attacks and current threats, integrated IT/OT security operations, best practices, and lessons learned to benefit the community.

Presentation by Ron Brash:

Raiders of the lost RTUs, Meters, and Valves:

While IoT/IIoT is everywhere in product catalogs today, Oil & Gas is the original Joe for connected embedded things to fulfill specific purposes such as providing telemetry remotely or to monitor the health of a well or pipeline.  And like many aspects of industrial systems, it was and still is the Wild West of security, updates (or lack of), and deployments, where it makes little economic sense to upgrade, enforces the fact that producers need to reduce any disruption or security risk for these devices – new or legacy.

With thousands of existing deployments, these devices are often forgotten, and whether for cyber-security or for merely inventory management due to divestment, an effective resource-friendly method is absolutely required to manage these types of systems.

This session walks through several areas (agnostically) with more than  35 years of experience on:

  • Discovering technical vulnerabilities/weaknesses and horror-shows buried in these devices
  • One approach to successfully enumerate, research, and support candidate devices
  • A live demonstration of a hidden surprise with a device obtained from the grey-market
  • And how to bring these devices into the fold for inventory/asset management with considerations for cyber-PHAZOPs & vulnerabilities