REGISTRATION IS STILL OPEN
2024 “Cyber” Security for Industrial Automation & Control Systems Series
Event 1: Identify & Protect
Date & Time: Thursday, August 22, 2024 @ 6:00-8:00 PM MST
Location: Online (via MS Teams) or In-Person at Applied Control Engineering
Applied Control Engineering: 4251 Kipling St., Suite 370, Wheat Ridge, CO 80033
Food & drinks will be provided at the in-person session
*Please notify the ISA Denver team of any dietary restrictions*
Register for this event by August 16th through the QR Code
For questions email ISA Denver Secretary Jennifer Ryan (ryanj@ace-net.com)
______________________________________________________________
Presenters Bio:
Timothy P. Mullen, Applied Control Engineering OT Cybersecurity Team Lead
Timothy Mullen is the OT Cybersecurity Team Lead at Applied Control Engineering, Inc. (ACE). At ACE, Tim leads a multi-disciplinary team through projects to assess and remediate cyber vulnerabilities that impact industrial control systems (ICS) and other Operational Technologies (OT) used in many industries. Prior to ACE, Tim worked in commercial nuclear power performing cybersecurity assessments of plant control upgrades. Tim holds a BS in Computer Engineering from the Johns Hopkins University, an MS in Computer Engineering from Villanova University, is a Global Industrial Cyber Security Professional (GICSP), and a Professional Engineer (Control Systems) in the State of MD. Tim’s writings on cybersecurity have been published in Control Engineering magazine and other outlets.
Presentation Abstract: Identify & Protect
To kick off the ISA Denver Section's 2024 “Cyber” Security for Industrial Automation and Control Systems Series, we will provide an understandable introduction to the NIST CSF Framework while orienting with other standards like ISA 62443. Then, we will dive into the Identify and Protect functions and ways automation and controls engineers are well equipped to strengthen these capabilities in their organization.
OT cybersecurity has become a bigger topic the past few years with many new products and vendors have emerged to address technical gaps in cybersecurity posture. The largest segment of tools focus on asset inventory, management, and monitoring. As the maxim goes, you can't protect what you don't know about. Many engineers do know the assets that are in their systems but listening to the conversations between OT cybersecurity vendors and enterprise IT departments, you would never know it.
Starting with tools that are already used by automation engineers to support OT assets, we will discuss how to leverage these for the Identify function. We will also discuss the legitimate gaps in what these tools provide compared to tools used in IT environments, which contributes to miscommunication around the state of identification in OT. We will end by covering how to drive the Protect function with the inputs provided by the Identify function.
2024_Denver_ISA_Cyber_Series_Event_1.pdf