Welcome to the Interactive Agenda for the 2016 ICS Cyber Security Conference! (View the full ICS Cyber Security Conference website here)  This agenda is currently a work in progress, please check back often as our team is making upates DAILY. (You can register for the conference here)
Back To Schedule
Monday, October 24 • 3:30pm - 4:15pm
Understanding the Role of Privilege in ICS Cyberattacks

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

The Industrial Control System – Cyber Emergency Response Team (ICS-CERT) has highlighted the increased frequency of attempted attacks against Industrial Control Systems (ICS). According to a DHS/FBI/NSA joint publication “Seven Steps to Effectively Defend Industrial Control Systems,” of the 295 breaches reported in the previous year, 98 percent could have been prevented if certain basic security protocols had been in place.

As evidenced by the Ukraine Power Grid Attack and other recent breaches, privileged accounts are on the attackers critical path to success 100% of the time in every attack. Let’s elevate the conversation and talk about how this attack vector is taking the industrial world by surprise. In this session, Alex Leemon will present the case studies of two companies that have put in place proactive controls to safeguard industrial control systems from malicious insiders or external threats by implementing privileged account security controls as recommended by the DHS/FBI/NSA publication.

Attendees will also learn how to mitigate the risks associated with the increased connectivity between IT and OT through the implementation of controls that can be used to isolate, control and monitor interactive remote access sessions which connect to ICS.

With cyber-attacks posing an increasing threat to critical infrastructure, a change of mindset is needed – one that presumes an attacker will inevitably infiltrate the network. It only takes one vulnerable system to be exploited for an attacker to cause significant damage that could compromise system performance and even their operation. It is therefore essential that industrial organizations proactively safeguard their systems with a practical set of steps that includes securing all privileged accounts existing in their networks.

Learning Objectives:

In this session, attendees will learn how organizations have applied the steps recommended by the DHS/FBI/NSA publication to safeguard industrial control systems. Attendees will learn how to lock up the “keys to the kingdom” through the implementation of a privileged account security solution while safeguarding critical assets from potentially malicious activity.

Attendees will also learn how to:

  • Reduce the attack surface area
  • Help prevent the spread of malware to critical systems
  • Implement Secure Remote Access
  • Monitor and  Respond

avatar for Yariv Lechner

Yariv Lechner

Senior Product Manager, Operational Technologies (OT), CyberArk
Yariv Lenchner is the Senior Product Manager, Operational Technologies (OT), for CyberArk Software. Over the past 15 years he has served in various product marketing, product management and system engineering capacities in the fields of Security, VoIP, IP networking and enterprise... Read More →

Monday October 24, 2016 3:30pm - 4:15pm EDT
Workshop 2 (Salon 4)