Name: (ISC)2 Security Congress: Anatomy Of A Targeted Industrial Ransomware Attack
Start: 2020-11-16T12:00:00Z
End: 2020-11-16T12:01:05.000Z
Location: BrightTALK
Rating: 4.5

SCADAfence is the global technology leader in OT & IoT cybersecurity. We offer a full suite of industrial cybersecurity products that provide full coverage of large-scale networks, offering best-in-class network monitoring, asset discovery, governance, remote access, and IoT device security. 
We enable organizations in critical infrastructure, manufacturing, and building management industries to operate securely, reliably, and efficiently.

If you are cybersecurity professional living in today’s shark-infested cyber-world, your mission is to stay ahead of the bad guys and keep your organization safe. This starts by understanding your vulnerabilities, knowing the many ways your defenses can be breached, and then putting in place the protections needed to maintain a secure, resilient cybersecurity posture. It’s a big job and critically important to the well-being of your enterprise.

Your OT (operational technology) environments require constant attention to fast-changing security needs, as the attack surface rapidly increases. In order to manage OT security effectively, you need to know about the most common cyber attacks on industrial networks.
Join us on this webinar which is co-presented by SCADAfence and Logic, Inc., and learn about the common themes in industrial cyber attacks.

During this technical webinar, we will present the topics of the OT threat landscape, the latest MITRE ATT&CK for ICS systems, technical analysis of the 6 most common industrial cyberattacks, and you will see a live demo of how these attacks are detected in an OT Security platform.

In this technical webinar you will learn: 

-The OT Threat Landscape – MITRE ATT&CK Analysis Framework
-MITRE ATT&CK for Industrial Control Systems (New in 2020)
-Industrial attack components – A technical analysis of 6 common cyber attacks
-Common themes in industrial attacks
-Attack Detection Demo
-Q&A Session

Industrial Attack Components - A Technical Analysis Of 6 Common Cyber Attacks

Many manufacturers lack visibility into assets on their industrial network, making it difficult to secure the network and complicating threat detection and risk mitigation. With the combination of OT and Industrial IoT devices rapidly increasing and manufacturing organizations covering their IT & OT networks it has yielded impressive results both in terms of efficiency and cost savings, but they are not without risk. 

During this webinar you will learn:
• Outline the challenge of network and asset visibility for manufacturers
• Manufacturing industry’s threat landscape
• The 6 most common attacks on manufacturing networks and what lessons we can learn from them
• Share how Rapid7 & SCADAfence help manufacturing organizations plan ahead and reduce the impact of cyberattacks on their networks
• Showcase real examples and customer case studies
•	Present a true story of a targeted ransomware attack on a manufacturing facility

How To Prevent Cyber Attacks in Manufacturing Environments

Water utilities are just the latest industry to experience high-profile cyber incidents. Recent years have seen an increase in attacks in this sector, often resulting in a serious disruption to business processes or operations. The recent attacks on Oldsmar, Florida water facility as well as other cyberattacks targeting critical infrastructure have shed new light on how simple it is for even novice attackers to penetrate OT networks.

While new connected devices, such as smart meters, deliver great benefits—they also introduce new vulnerabilities to be exploited. The best thing water utilities can do is address the challenge head-on, with a comprehensive approach to cybersecurity. In this webinar, we will cover in detail the attack vector that was used in Oldsmar, how organizations can reduce the risk of such an attack taking place, and how to quickly respond to it in real-time.

During this webinar you will learn:

- Overview of the Threat Landscape
- Deep Dive into the Oldsmar Water Attack
- Defensible Actions at Each Step of an Attack
- Proactive Measures That Should Be Taken to Reduce the Risk of an Attack
- Showcase Real Examples and Customer Case Studies
- Live Demo

Mitigating Security Risks for Water Utilities

Industrial organizations have been running cybersecurity programs for years. These programs rarely reach the results that were originally hoped for as they take time to implement and require more resources than originally planned. 

With greater understanding and better-developed strategies, the funding for a cyber-security program is easier to obtain and your program is much more likely to succeed. 

Join this webinar to learn more about:

-Understand the adversaries’ perspective on your organization.
-Propose a checklist with measurable KPIs for an industrial cyber security management program.
-Discuss which tools are available in the market to reach these KPIs – Including: Threat detection, network mapping, network segmentation, asset -management, vulnerability management, etc.
-See a Demo of some of the high-ROI tools that are available for you.
-Review an efficient industrial cyber security program and discuss how it delivers quick results for your organization.

Efficient Cyber Security - Quick Results Without Draining Your Resources

Watch this on-demand virtual event by Rapid7, Mimecast, IntSights and SCADAfence to learn about the current attack landscape of threat intelligence and cyberattacks while tasting uniquely crafted beers.

In this interactive virtual event, you will find out which effective means and technologies we use to uncover and fight attacks by digital criminals. See how we can professionally and effectively increase our customers’ resilience to cyber threats in this hyperconnected world.

Includes interactive beer tasting

Join an experienced beer sommelier as he teaches you everything you always wanted to know about beer. This interactive beer tasting experience focuses on specific elements related to the taste, look, smell, and mouthfeel of 5 different crafted beers.

[Virtual Event] Beer & Bad Guys

To Patch or Not to Patch in OT / ICS? 

Watch this on-demand technical webinar by Rapid7 and SCADAfence to learn about the different costs and benefits of patching industrial devices and vulnerability discoveries on them. We will share our conclusions of industrial device patching and provide real-life examples from our customer case studies. 

You will be provided with three excellent tools that will help you with the decision-making process if “to patch, workaround or do nothing.”

Join this technical webinar to learn about:
 
-The risks of not patching industrial devices
-The benefits of patching industrial devices
-New insights on vulnerabilities that were discovered in industrial devices
-Get actionable conclusions to take with you

The Industrial Device Patching Masterclass

According to Kaspersky Research, during the first half of 2021, IoT cyberattacks more than doubled. There were 1.51 billion breaches of IoT devices between January and June, compared with 639 million during the equivalent period in 2020. 

These numbers have a real and measurable impact on an IoT business’ bottom line, disrupting connectivity, affecting business continuity, and causing irreparable brand damage and harm. How can today’s IoT enterprises keep their landscape secure?

During this webinar, you will learn:

-How access to your IoT networks enables remote attacks.
-Keeping your IoT secure.
-What should be on your IoT connectivity supplier's checklist.

Securing your Global IoT Network - SCADAfence & floLIVE

As the threat landscape for industrial organizations continues to evolve it has created many new security risks for manufacturers. The biggest risk is the lack of visibility into assets on their industrial network, making it difficult to secure the network and complicating threat detection and risk mitigation. 

As manufacturers increase their deployment of OT and Industrial IoT devices into their operational environments, they need to have continuous visibility and security into their  IT & OT networks to fight off the attackers.  

During this webinar, you will learn:
• Introduction to the Euro One Offering
• The Evolving OT Threat Landscape 
• The OT Security Journey 
• Live demo and Showcase a Customer Case Study

How to Prevent Cyber Attacks in Manufacturing Environments

The threatscape is fast-changing and keeping up with transformation in the cybersecurity space is key to staying ahead of the evolving threats that lie ahead. In fact, according to Cyber Crime Magazine, cyber attacks are now the fastest growing crimes globally. But what will these threats look like in 2022? How will the threatscape have evolved from 2021, and how can we prepare for this change? 

From a rise in web application breaches, to an increase in ransomware and phishing attacks, it is clear that 2022 could represent severe disruption for business globally if steps are not taken preemptively to secure your business. 

Join us in this session as we discuss: 

-  How the role of the CISO will evolve in 2022
-  The shifting threatscape 
-  The key trends we expect to see in the year ahead 
-  How to address these threats for a more secure enterprise

Moderated by: 
Stuart Wilson, BrightTALK

Panelists: 
Michael Yehoshua, VP of Marketing, SCADAfence
Stan Davidson, Principal Solutions Architect, EMEA, SonicWall
Kevin Eley, VP of Sales, UK and Europe, LogRhythm
Jessica Charter, EMEA Security Principal, Trustwave

Panel: Preparing for The 2022 Threatscape

Many manufacturers lack visibility into assets on their industrial network, making it difficult to secure the network and complicating threat detection and risk mitigation. With the combination of OT and Industrial IoT devices rapidly increasing and manufacturing organizations covering their IT & OT networks it has yielded impressive results both in terms of efficiency and cost savings, but they are not without risk. 

During this webinar you will learn:
• Outline the challenge of network and asset visibility for manufacturers
• Manufacturing industry’s threat landscape
•	The 6 most common attacks on manufacturing networks and what lessons we can learn from them
•	Share how Rapid7 & SCADAfence help manufacturing organizations plan ahead and reduce the impact of cyberattacks on their networks
•	Showcase real examples and customer case studies
•	Present a true story of a targeted ransomware attack on a manufacturing facility

In recent years, there has been a growing demand for standards and guidelines to manage the risk exposure of OT infrastructures. This includes industrial plants, distribution centers, automated warehouses, building management systems, data center infrastructures, and other similar networks.

Hear from the CEO of Ampere Industrial Security, Patrick Miller, Keysight's Director of  Industrial Solutions, Network Apps & Security, Eric Floyd and SCADAfence’s Director, Technical Sales Engineering, Carl Eshelman as they will cover how to measure compliance over time for standards such as NIST, NERC-CIP, IEC 62443, among others.

In this webinar you will learn about: 
- The state of critical infrastructure cybersecurity 
- The OT compliance policy journey 
- How Keysight & SCADAfence helps organizations to achieve compliance in industrial environments
- How to measure compliance over time for standards such as NIST, NERC-CIP, IEC-62443 & others
- Customer case studies on industrial compliance in sectors such as electric power, water, chemical, and oil & gas.

Integrating Compliance into OT Security

Learn Insights on Costs vs. Benefits of patching from the SCADAfence Research Lab. Three customizable decision-making tools will also be provided within the webinar.
Agenda:
In this webinar, Ofer Shaked, CTO & Co-Founder of SCADAfence discusses the costs of patching industrial devices and vulnerability discoveries on them.
- Learn some of our customer case studies and what our research team has discovered.
- Look at the benefits of patching devices, and see new insights from SCADAfence’s research lab with the vulnerabilities that we discovered. We also explain our conclusions, which are all actionable.
- Get three excellent tools that will help you with the decision-making process if “to patch, workaround, or do nothing.”
- Feel free to print the tools, fill them out, and share them with your workers & friends after the webinar. https://www.scadafence.com/resource/public-preview-a-comprehensive-guide-to-industrial-device-patching-2/

The Comprehensive Guide To Industrial Device Patching

Cyber security in the oil & gas industry has escalated the headlines as new advanced cyber threats are targeting operational technology (OT) networks. Over the past five years, different attacks on the industry have shown there is a major gap when it comes to having proper cyber security. A recent example is the Colonial Pipeline ransomware attack, where one of the largest fuel pipelines in the US, was forced to stop all operations due to falling victim to a ransomware attack.

To truly understand what is happening in the OT network, oil & gas producers need a complete picture of their OT network to detect and mitigate any security risks or vulnerabilities. As more oil and gas organizations increase their digital transformation with the convergence of IT and OT networks, improved threat protection and remote connections management, they need to immediately improve the visibility and security of their OT networks.

Watch this on-demand webinar to learn about:

The distinction of IT-OT convergence within the oil & gas sector

Common security risks and threats across the oil & gas industry

How organizations can secure oil & gas pipelines

Show how Rapid7 & SCADAfence can help oil & gas organizations plan ahead and reduce the impact of cyberattacks on their networks

Showcase different oil & gas customer case studies

The Unique OT Security Challenges For Oil & Gas Pipelines - SCADAfence & Rapid7

As a result of IT/OT convergence, OT systems become exposed to cyber security threats that traditionally only affect IT systems.  In order to be prepared for this added complexity, organizations must develop a core team in order to successfully support and drive an OT Cyber Security framework and focus. Join leaders from the OTCSA as we explore the key foundational areas to consider building out an organization focused on OT Cyber Security. 

We will discuss:

How understanding the complexities of the threat landscape is critical to building a team that understands the risks, plans mitigations, monitors the environment, and responds to anomalies.

The intricacies of creating a vision for your organization that bridges the traditional OT/IT silos.

Why a hybrid of soft skills and technical skills is key to ensuring technical requirements are met while also driving collaboration across the organization. 

Speakers

·         Frank LaPlante (WESCO|Anixter) 

·         Russell Kempley (Cyber Owl) 

·         Nicholas Antonelos (Coca-Cola Hellenic Bottling Company) 

·         Elad Ben-Meir (SCADAfence) 

·         Michael Yehoshua – MODERATOR (SCADAfence)

Building an Organization to Support OT Cyber Security

The Purdue Enterprise Reference Architecture (PERA) was developed in the 1990’s. The associated Purdue Reference Model describes the relationship between end-users, business networks, control systems networks, and the security boundaries between them. In the decades since its creation, the manner in which computing resources are used in industrial settings has changed dramatically. As a result, the lines between Operational Technology (OT) and Information Technology (IT) continue to blur, and are often being broken outright. The speaker will share his observations of this evolution through a real-world case study, and provide insight into how successful organizations can embrace these changes in a manner that improves efficiency without increasing risk unnecessarily.

The target audience is professionals who manage or integrate with Industrial Control Systems (ICS) networks, and the speaker will provide examples of why the discussion should not focus on the concepts of OT vs IT, but rather the careful utilization of data.

Specific topics include:

- History of the Purdue Model
- Limitations of the Model
- Economic forces driving change
- Technological forces driving change
- Case study of modified L3/L4 integration
- Convergence of OT/IT

Integrating Industrial and Business Networks

According to Gartner, there are 5.8 billion IoT devices, and they’re growing at a rate of 21%-30% per year. Some examples are badge readers, printers, scanners, video surveillance, VoIP equipment, projectors, Smart TVs, light controllers, and others.
Research has indicated that these devices are insecure and pose a growing, unmanaged risk on the enterprise. In this webinar, we will explore the risks on Enterprise IoT devices by reviewing original research made by NCC Group and SCADAfence.
Join Ofer Shaked, the CTO and Co-Founder of SCADAfence & Matthew Lewis, the Research Director of NCC Group to hear about “The Blind Spots That Exist in Enterprise IoT”.

The Blind Spots That Exist In Enterprise IoT - With NCC Group

As Operational Technology (OT) environments continue to become digitally connected, they are increasingly more exposed and vulnerable to substantial cybersecurity risks. Security teams tasked with protecting these environments lack both the required visibility into their OT and IoT devices and the tools to manage them. Gaining this visibility is not only critical for understanding where security risks may exist, but it is also a fundamental step to securely enable smart manufacturing and smart grids across production facilities and the supply chain.

Join Rapid7’s Senior Security Solutions Engineer and Internal OT SME, Ben Garber, and SCADAfence’s CEO, Elad Ben-Meir, as they cover the current state of the OT landscape, the gaps in visibility that often plague traditional IT systems that are part of an OT network, and how technology like adaptive learning can keep pace with your business.

Is vulnerability your cup of OT?

In this webinar on-demand, we discuss malicious activity that involved SCADAfence’s incident response team, which assists companies during industrial cybersecurity emergencies. Listeners will learn how ransomware infected the victim organization’s network and how the incident response team gathered evidence, including where to look first. Then, we’ll explain how the evidence was analyzed; what the initial findings were; and how the attackers were caught. Finally, we’ll discuss additional attack methods used by cybercriminals so everyone can take appropriate steps to prevent such attacks within their organizations.
Learning Objectives:

1) Learn how industrial networks get infected with targeted ransomware.

2) Discover where to look for evidence; how to analyze it; and how to find attackers hiding in the network.

3) Understand additional types of attack methods used by cybercriminals in industrial networks, as well as best practices to protect those and all other networks.

(ISC)2 Security Congress: Anatomy Of A Targeted Industrial Ransomware Attack

Cyber Attacks

Cyber Threats

Operational Technology Security

Ransomware

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The IT project management community on BrightTALK includes thousands of IT project and portfolio management professionals. Find relevant webinars and videos on agile methodologies, scrum strategy, project management processes and more. Attend live webinars or view on demand content presented by recognized thought leaders in the IT project management industry.

IT Project Management

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

(ISC)2 Security Congress: Anatomy Of A Targeted Industrial Ransomware Attack

Presented by

About this talk

More from this channel