Traditional Sessions — RSAC 365 Virtual Seminar: Securing Cyber-Physical Systems

This half day virtual seminar explores the strategic challenges security leaders are facing with securing cyber physical systems. These three sessions provide different approaches on a range of topics from navigating noise and preparing for ransomware attacks in OT environments to developing a workforce to protect critical infrastructure.

Session 1: Test Your Assumptions Before You Test Your OT

You're worried about your OT security, so you want a penetration test. But what is an OT penetration test and how does it differ from IT? Do existing paradigms even bring value to your OT security program? This presentation considers the challenges of OT penetration testing by asking some hard questions and suggests answers based on rigorous examination of foundational concepts.

Speakers: Ric Derbyshire, Senior Security Researcher, Orange Cyberdefense and Charl van der Walt, Head of Security Research, Orange Cyberdefense


Session 2: In the Event of an Emergency: Investigating Break Glass Technologies

As demonstrated during the ‘Shields Up’ initiative, there is value in increasing organizational security postures in times of crisis. This presentation will identify different types and classes of break glass technologies and procedures. It will also share some examples of how this approach can be implemented within an asset owners environment.

Speaker: Sarah Freeman, Principal Cyber Engagement Operations Engineer, MITRE/CIPIC


Session 3: Intro to Industrial Control Systems—Why Is It Running Windows XP?

Industrial control systems run our world: water, electricity, manufacturing. How and why do they work they do? Why should you care if you're "only in IT"? And most importantly, how can we defend them?

Speaker: Bryson Bort, CEO, Scythe

https://www.rsaconference.com/library...