Preparing for Incident Handling and Response within Industrial Control Networks

BSidesCharm 2018

Presented by: Mark Stacey
Date: Saturday April 28, 2018
Time: 11:30 - 11:50
Location: Track 2

Most Industrial Control System (ICS) networks require Incident Response (IR) procedures. Generally, these procedures fulfill regulatory requirements and do little to actually prepare the organization for handling an incident. This lecture will concentrate on concepts that decrease required resources for IR, arm responders, and facilitate a return to operations.

Mark Stacey

@lzeroki Mark Stacey is currently a Principal Threat Analyst with Dragos Inc where he delivers incident response, threat hunting, and adversary research for Industrial Control Systems worldwide. Prior to joining Dragos, Mark was a member of RSA's Incident Response team for 5 years where he provided incident response, discovery, and forensic services globally for private industry, financial institutions, law firms, foreign and domestic governments. Mark spent 7 years with the Department of Energy (DOE) performing cyber and intelligence analysis for various government clients. He has functioned in both cybersecurity operations and research within the intelligence community and frequently provides community education through outreach programs with federal agencies.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats