Security Researchers will Present Case Studies that Illustrate Security Gaps Associated with Using Traditional Vulnerability Assessment Techniques in ICS Environments
SUNNYVALE, Calif. and ALBUQUERQUE, N.M. – March 28, 2018 – RiskSense®, Inc., the pioneer in intelligent threat and vulnerability management, today announced that two of its security researchers will present a session on ICS/SCADA security risk assessment challenges at the upcoming Industrial Control Systems Joint Working Group (ICSJWG) Spring Meeting in Albuquerque, New Mexico.
WHO: Zach Harding, senior security analyst at RiskSense, is a penetration testing expert who has reversed engineered leaked NSA exploit code.
Benjamin Mixon-Baca, Ph.D., research scientist at RiskSense is an expert on threat modeling and develops vulnerability assessment automation prototypes.
WHAT: Industrial Control System (ICS) device failures can result in potentially catastrophic consequences for operational processes, the environment and human lives. So while it is vital to fully assess cyber security risks in industrial environments, most ICS/SCADA systems are fragile to current vulnerability and penetration testing methodologies. In this session, RiskSense security researchers will use two separate case studies to illustrate the challenges associated with using traditional pen-testing and vulnerability assessment approaches in ICS networks. They will explain why relying primarily on automated or passive techniques leads to gaps in security visibility, and present alternative methodologies that provide a more comprehensive view of risks and security vulnerabilities in ICS environments.
WHEN: Thursday, April 12, 2018, 11:20 AM – 12:05 PM MDT
WHERE: Albuquerque Marriott, 2101 Louisiana Boulevard NE, Albuquerque, New Mexico
HOW: To schedule a conversation with RiskSense, contact Marc Gendron at firstname.lastname@example.org or +1 781.237.0341. For more information and to register, visit: https://ics-cert.us-cert.gov/Industrial-Control-Systems-Joint-Working-Group-ICSJWG
RiskSense Vulnerability Discovery Service: http://bit.ly/2ubNeGZ
RiskSense Attack Surface Validation Service: http://bit.ly/2FYcpTa
RiskSense Platform Overview: http://bit.ly/2yIJ1YE
White Paper on Operationalizing Cyber Risk: http://bit.ly/2gaurSX
Webinar on Cyber Risk Management: What’s Holding Us Back?: http://bit.ly/2xTE2ba