Title: Beyond ransomware, cyber security is more than just IT incidents
Joseph Weiss is an industry expert on control systems and electronic security of control systems, with more than 40 years of experience in the energy industry. Mr. Weiss spent more than 14 years at the Electric Power Research Institute (EPRI), the first 5 years managing the Nuclear Instrumentation and Diagnostics Program. He was responsible for developing many utility industry security primers and implementation guidelines. He was also the EPRI Exploratory Research lead on instrumentation, controls, and communications. Mr. Weiss serves as a member of numerous organizations related to control system security. He served as the Task Force Lead for review of information security impacts on IEEE standards. He is also a Director on ISA’s Standards and Practices Board. He has provided oral and written testimony to three House subcommittees, one Senate Committee, and a formal statement for the record to another House Committee. He has also responded to numerous Government Accountability Office (GAO) information requests on cyber security and Smart Grid issues. He is also an invited speaker at many industry and vendor user group security conferences, has chaired numerous panel sessions on control system security, and is often quoted throughout the industry. He has published over 80 papers on instrumentation, controls, and diagnostics including chapters on cyber security for Electric Power Substations Engineering and Securing Water and Wastewater Systems. He coauthored Cyber Security Policy Guidebook and authored Protecting Industrial Control Systems from Electronic Threats. In February 2016, Mr. Weiss gave the keynote to the National Academy of Science, Engineering, and Medicine on control system cyber security. Mr. Weiss has conducted SCADA, substation, nuclear and fossil plant control system, and water systems vulnerability and risk assessments and conducted short courses on control system security. The risk assessments include utility-scale solar farms and wind turbines. He has amassed a database of more than 1,300 actual control system cyber incidents. He was a member of Transportation Safety Board Committee on Cyber Security for Mass Transit. He was a subject matter expert to the International Atomic Energy Agency on nuclear plant control system cyber security. He started the annual Industrial Control System (ICS) Cyber Security Conference in 2002. Mr. Weiss has received numerous industry awards, including the EPRI Presidents Award (2002) and is an ISA Fellow, Managing Director of ISA Fossil Plant Standards, ISA Nuclear Plant Standards, ISA Industrial Automation and Control System Security (ISA99), a Ponemon Institute Fellow, and an IEEE Senior Member. He has been identified as a Smart Grid Pioneer by Smart Grid Today. He is a Voting Member of the TC65 TAG and a US Expert to TC65 WG10, Security for industrial process measurement and control – network and system security and IEC TC45A Nuclear Plant Cyber Security. Mr. Weiss was featured in Richard Clarke and RP Eddy’s book- Warning – Finding Cassandras to Stop Catastrophes. He has patents on instrumentation, control systems, and OT networks. He is a registered professional engineer in the State of California, a Certified Information Security Manager (CISM) and Certified in Risk and Information Systems Control (CRISC).
Book: Protecting Industrial Control Systems from Electronic Threats
Control systems monitor and control all physical processes – power, water, transportation, manufacturing including food, agriculture, health care, defense, etc. Control systems consist of devices and networks. Control system devices such as process sensors, actuators, drives, and analyzers have no cyber security, authentication, or cyber logging and are often excluded from cyber security activities. Meanwhile, network architecture including networks, Human Machine Interfaces (operator displays), historians, etc. include cyber security, authentication, and cyber logging. The personnel that are responsible for the control system devices are the engineers that generally have no cyber security training. The personnel responsible for the networks are network specialists that are trained in cyber security but not facility operations. Control system cyber incidents are real. Globally, there have already been almost 12 million control system cyber incidents that have killed more than 1,500 people and caused more than $90BillionUS in direct impacts. However, the focus is on ransomware and other IT incidents with little discussion or identification of control system cyber incidents. The presentation will address control system-unique cyber security issues and provide recommendations for securing control systems that will also improve reliability and safety.
Title: The Secret Powers of Yara
Vitaly started as a developer at Kaspersky in 2005. Soon after that he realized that his passion was in digital forensics, malware analysis and cybersecurity research. In 2008 he was appointed Senior Antivirus Expert, before becoming a director of EEMEA research center in 2009. In 2010 he relocated to Japan to lead local research team. In 2014 he was seconded to Singapore to become a cybersecurity expert at INTERPOL, where he spent two years working in INTERPOL Digital Forensic Lab focusing on malware reverse engineering, digital forensics and cybercrime investigation. Currently Vitaly is based in Singapore and leads a team of regional threat researchers for Kaspersky APAC.
If you deal with malware infected systems, or have ever tried custom pattern searches during your forensic analysis, then you should already know Yara tool. While it has rather simple syntax, it can be very powerful if used right. This presentation intends to set a new standard by example of using conventional tool in non-conventional way. This applies to other tools in our work too, but let’s see first what secret powers Yara hides within.
Title: Computational Forensics with Deep Learning algorithms: the Opportunities and Challenges
Jonathan Pan leads the Disruptive Technologies Office of the Home Team Science and Technology Agency (HTX), Singapore. This office explores the frontiers of Science and Technologies, like Artificial Intelligence and Quantum, for homeland security application through their applied Research and Development endeavours. Jonathan also conducts his own research in computational forensics. He is also an Adjunct Associate Professor with Nanyang Technological University Singapore where he teaches Cyber Security and Artificial Intelligence courses.
Dr Jonathan Pan will be sharing his recent research work in Computational Forensics specifically in applying Deep Learning algorithms to analyse video footage and network traces. He will discuss the opportunities and challenges wit the use of such algorithms when they are applied to digital forensics.