This talk will give an introduction to ICS/OT followed by an in depth discussion on the changes that are taking place in the industrial world such as digital transformation as a precursor to an in-depth discussion on the threats. The talk will cover new adversary groups targeting industrial networks, the trends to watch, and make recommendations with a walkthrough of the SANS ICS five critical controls. This talk is accessible to everyone of a...

Government social service agencies deliver support to some of the most vulnerable communities there are – from children to the unhoused. However, without effective management of these programs, their potential benefits are greatly diminished. To boost the effectiveness of your social service agency, your team must explore, analyze and engage with important data. When the California Department of Social Services leveraged a data analytics...

Government organizations all over the country have a paperwork problem – their teams are responsible for regularly processing a myriad of forms and documents, paper and virtual. This can cost agencies hours of staff time and result in extended turnaround times for residents. Paperwork isn’t going away anytime soon, so what can governments do to begin to address the paperwork problem? In steps intelligent document processing (IDP),...

Higher education institutions know all about leveraging technology to advance student learning, but many institutions haven't yet adopted key technology in one crucial area: talent management. While other organizations have transitioned to more streamlined, unified systems to manage the employee lifecycle, many higher education institutions still rely on disparate, legacy systems that aren't equipped to help higher ed leaders engage and retain...

Just how effective or mature is your security program? Given the multitude of assessment, rating, and cybersecurity frameworks, it can be challenging to determine security operations readiness and resilience through a single measurement or framework. Is effectiveness based on defending against an attack or the ability to mitigate attacks in the first place? Should compliance drive our security strategy, or should our security strategy enable c...

Before you can help DevOps teams solve security problems and improve their security programs, you need to understand how they think, how they work, and the tools that they use. Join SEC540: Cloud Security & DevSecOps Automation authors and instructors Ben Allen, Eric Johnson, and Jon Zeolla to start the new year for a 4 Part Cloud Security Flight Simulator series. In Part 1, join SEC540 lead author and instructor Eric Johnson for a discuss...

Industrial control system (ICS) security represents one of the more challenging areas for security professionals. The typical ICS is complex and interconnected. It’s often a legacy system that wasn’t designed with security in mind and, because it’s different from traditional IT assets, it has very different security requirements. And no surprise—such systems are increasingly targeted by sophisticated cyberattackers, inc...

No municipality can have a fully developed policy for technology that’s evolving as fast as AI, but every municipality can be prepared for how to navigate this path from procurement to reporting. In this session, municipal leaders will share both policy and technology perspectives on actionable steps for any community, regardless of how resourced it is, to map their own way forward for responsible AI exploration and use in municipal gove...

Practice your skills in an engaging, team-based environment to improve your cyber security executive decision making proficiency. Cyber42 is a realistic leadership simulation with applicable and discussion-based outcomes. Leave with a confidence boast in a key skill senior leaders seek from their CISOs: nimble decision making. With enterprises in need of protecting against an endless and increasing onslaught of information security threats, te...

In this series, Dean Parsons will review observed ICS attacks in the Oil & Gas, Electric and Water sectors and map them to the MITRE ATT&CK ICS framework. Throughout this series, Dean will review the most common attacker tactics and techniques used across commonly targeted critical infrastructure sectors. In this final part of the series, Dean will specifically speak to the Water sector. This webcast will dive into Initial Access, Atta...