Keynote - Day 1
"State of Cybersecurity"
The keynote will discuss the current threat landscape (including SolarWinds and what we learned), what enterprises are doing about cybersecurity and what is on the horizon of national security.
Kevin Mandia has been FireEye CEO since June 2016 and a member of the FireEye Board of Directors since February 2016. He previously served as FireEye President, from February 2015 until his appointment as CEO. Kevin joined the company as Senior Vice President and Chief operating Officer in December 2013, when FireEye acquired Mandiant, the company he founded in 2004.
As CEO of Mandiant, Kevin grew the company to nearly 500 employees and more than $100 million in revenue. Widely recognized as the leading provider of security incident management products and services prior to the acquisition, Mandiant remains the core of the highly successful FireEye consulting business.
Kevin has spent more than 20 years in information security and has been on the front lines helping organizations respond to computer security breaches. Before Mandiant, he was the Director of Computer Forensics at Foundstone (acquired by McAfee Corporation) from 2000 to 2003, and he was the Director of Information Security for Sytex (later acquired by Lockheed Martin) from 1998 to 2000. Kevin was also a United States Air Force Officer, serving as a computer security officer in the 7th Communications Group at the Pentagon, and a special agent in the Air Force Office of Special Investigations (AFOSI). He holds a B.S. in computer science from Lafayette College and a M.S. in forensic science from The George Washington University.
Keynote - Day 2
"Beyond Ransomware - Cybersecurity is more than IT"
Control systems monitor and control all physical processes - power, water, transportation, manufacturing including food, agriculture, health care, defense, etc. Control systems consist of devices such as process sensors, actuators, drives, and analyzers that have NO cyber security, authentication, or cyber logging and are often excluded from cyber security activities; and network architecture including networks, Human Machine Interfaces (operator displays), historians, etc. that contain cyber security, authentication, and cyber logging. The personnel that are responsible for the control system devices are the engineers that generally have no cyber security training. The personnel responsible for the networks are network specialists that are trained in cyber security. Unfortunately, the engineers and network specialist often don't interface with each other and many times don't even get along. The Colonial pipeline shutdown was not a control system cyber incident but occurred because of the gap between IT and pipeline Operations. Control system cyber incidents are real. Globally, there have already been almost 12 million control system cyber incidents that have killed more than 1,500 people and caused more than $80Billion in direct impacts. However, there is very little discussion or identification of these real incidents. Existing cyber security technologies and training would not have identified nor prevented many of these catastrophic incidents. These issues are existential as physics-related cyberattacks (no malware involved) can bring the grid down for 9-18 months. Russia, China, and Iran are aware of these deficiencies and some are being exploited as we speak. For example, Russia has had malware in our electric grids since 2014 and the SolarWinds hack can affect control systems. Meanwhile China has built-in backdoors in large electric transformers that have been installed in the US bulk electric grid. Adequately understanding and protecting control systems is existential but missing.
Joseph Weiss is an industry expert on control systems and electronic security of control systems, with more than 40 years of experience in the energy industry. Mr. Weiss spent more than 14 years at the Electric Power Research Institute (EPRI), the first 5 years managing the Nuclear Instrumentation and Diagnostics Program. He was responsible for developing many utility industry security primers and implementation guidelines. He was also the EPRI Exploratory Research lead on instrumentation, controls, and communications. Mr. Weiss serves as a member of numerous organizations related to control system security. He served as the Task Force Lead for review of information security impacts on IEEE standards. He is also a Director on