• 2021 NYSCSC: Security in a Virtual Era

    2021 NYS Cyber Security Conference

    June 8 - 9

Keynotes

Keynote - Day 1

"State of Cybersecurity"

The keynote will discuss the current threat landscape (including SolarWinds and what we learned), what enterprises are doing about cybersecurity and what is on the horizon of national security. 

Kevin Mandia has been FireEye CEO since June 2016 and a member of the FireEye Board of Directors since February 2016. He previously served as FireEye President, from February 2015 until his appointment as CEO. Kevin joined the company as Senior Vice President and Chief operating Officer in December 2013, when FireEye acquired Mandiant, the company he founded in 2004.

As CEO of Mandiant, Kevin grew the company to nearly 500 employees and more than $100 million in revenue. Widely recognized as the leading provider of security incident management products and services prior to the acquisition, Mandiant remains the core of the highly successful FireEye consulting business.

Kevin has spent more than 20 years in information security and has been on the front lines helping organizations respond to computer security breaches. Before Mandiant, he was the Director of Computer Forensics at Foundstone (acquired by McAfee Corporation) from 2000 to 2003, and he was the Director of Information Security for Sytex (later acquired by Lockheed Martin) from 1998 to 2000. Kevin was also a United States Air Force Officer, serving as a computer security officer in the 7th Communications Group at the Pentagon, and a special agent in the Air Force Office of Special Investigations (AFOSI). He holds a B.S. in computer science from Lafayette College and a M.S. in forensic science from The George Washington University.

 

Keynote - Day 2

"Beyond Ransomware - Cybersecurity is more than IT"

Control systems monitor and control all physical processes - power, water, transportation, manufacturing including food, agriculture, health care, defense, etc. Control systems consist of devices such as process sensors, actuators, drives, and analyzers that have NO cyber security, authentication, or cyber logging and are often excluded from cyber security activities; and network architecture including networks, Human Machine Interfaces (operator displays), historians, etc. that contain cyber security, authentication, and cyber logging. The personnel that are responsible for the control system devices are the engineers that generally have no cyber security training. The personnel responsible for the networks are network specialists that are trained in cyber security. Unfortunately, the engineers and network specialist often don't interface with each other and many times don't even get along. The Colonial pipeline shutdown was not a control system cyber incident but occurred because of the gap between IT and pipeline Operations. Control system cyber incidents are real. Globally, there have already been almost 12 million control system cyber incidents that have killed more than 1,500 people and caused more than $80Billion in direct impacts.  However, there is very little discussion or identification of these real incidents. Existing cyber security technologies and training would not have identified nor prevented many of these catastrophic incidents. These issues are existential as physics-related cyberattacks (no malware involved) can bring the grid down for 9-18 months. Russia, China, and Iran are aware of these deficiencies and some are being exploited as we speak. For example, Russia has had malware in our electric grids since 2014 and the SolarWinds hack can affect control systems. Meanwhile China has built-in backdoors in large electric transformers that have been installed in the US bulk electric grid. Adequately understanding and protecting control systems is existential but missing.

 

Joseph Weiss is an industry expert on control systems and electronic security of control systems, with more than 40 years of experience in the energy industry. Mr. Weiss spent more than 14 years at the Electric Power Research Institute (EPRI), the first 5 years managing the Nuclear Instrumentation and Diagnostics Program. He was responsible for developing many utility industry security primers and implementation guidelines. He was also the EPRI Exploratory Research lead on instrumentation, controls, and communications. Mr. Weiss serves as a member of numerous organizations related to control system security. He served as the Task Force Lead for review of information security impacts on IEEE standards. He is also a Director on ISA's Standards and Practices Board. He has provided oral and written testimony to three House subcommittees, one Senate Committee, and a formal statement for the record to another House Committee. He has also responded to numerous Government Accountability Office (GAO) information requests on cyber security and Smart Grid issues. He is also an invited speaker at many industry and vendor user group security conferences, has chaired numerous panel sessions on control system security, and is often quoted throughout the industry. He has published over 80 papers on instrumentation, controls, and diagnostics including chapters on cyber security for Electric Power Substations Engineering and Securing Water and Wastewater Systems. He coauthored Cyber Security Policy Guidebook and authored Protecting Industrial Control Systems from Electronic Threats. In February 2016, Mr. Weiss gave the keynote to the National Academy of Science, Engineering, and Medicine on control system cyber security. Mr. Weiss has conducted SCADA, substation, nuclear and fossil plant control system, and water systems vulnerability and risk assessments and conducted short courses on control system security. The risk assessments include utility-scale solar farms and wind turbines. He has amassed a database of more than 1,300 actual control system cyber incidents. He was a member of Transportation Safety Board Committee on Cyber Security for Mass Transit. He was a subject matter expert to the International Atomic Energy Agency on nuclear plant control system cyber security. He started the annual Industrial Control System (ICS) Cyber Security Conference in 2002. Mr. Weiss has received numerous industry awards, including the EPRI Presidents Award (2002) and is an ISA Fellow, Managing Director of ISA Fossil Plant Standards, ISA Nuclear Plant Standards, ISA Industrial Automation and Control System Security (ISA99), a Ponemon Institute Fellow, and an IEEE Senior Member. He has been identified as a Smart Grid Pioneer by Smart Grid Today. He is a Voting Member of the TC65 TAG and a US Expert to TC65 WG10, Security for industrial process measurement and control - network and system security and IEC TC45A Nuclear Plant Cyber Security. Mr. Weiss was featured in Richard Clarke and RP Eddy's book- Warning - Finding Cassandras to Stop Catastrophes. He has patents on instrumentation, control systems, and OT networks. He is a registered professional engineer in the State of California, a Certified Information Security Manager (CISM) and Certified in Risk and Information Systems Control (CRISC).