Control systems are all around us, working in the background of our lives providing us light, water, heat, transportation, and many good things. These systems are becoming more digital and more connected than ever before, so we must consider control system security just like we do with IT systems.
We certainly have seen a jump in control system vulnerabilities in the Age of Stuxnet, but why haven’t we seen more attacks? If your control system had a breach, would you be able to detect it, and what would you do? Are there threats attacking control systems more often than we hear about or are we just living on luck?
This talk will discuss state of control system security today, and where it should be headed in the future. You will also learn about current control system threats, what the risks are, and how your organization can prepare for the inevitable with the right training and tools
Chris Sistrunk is a Senior Consultant at Mandiant, focusing on cyber security for industrial control systems (ICS) and critical infrastructure. Prior to joining Mandiant, Chris was a Senior Engineer at Entergy (over 11 years) where he was the Subject Matter Expert (SME) for Transmission & Distribution SCADA systems. Chris helped organize the first ICS Village, which debuted at DEF CON 22 and was featured at RSAC and SANS ICS Summit. He is a Senior Member of IEEE, member of the DNP Users Group, President of Mississippi Infragard, and also is a registered PE in Louisiana. He holds a BS in Electrical Engineering and MS in Engineering and Technology Management from Louisiana Tech University. Chris also founded and organizes BSidesJackson, Mississippi’s only cyber security conference.