Dragos at RSA 2019
Dragos Executives and Analysts Speaking at RSA 2019
Dragos spoke at the RSA Conference 2019, the annual cybersecurity conference. Four speakers, Robert M. Lee, CEO, Sergio Caltagirone, VP of Threat Intelligence, Selena Larson, Intelligence Analyst and Joe Slowik, Adversary Hunter were selected by conference organizers to share their insights, research and analysis on cybersecurity as it pertains to industrial control systems (ICS).
Below are slideshares and summaries of the presentations given by Dragos representatives at RSA 2019.
Sessions and Presentations:
Unraveling Detection Methodologies: Indicators vs. Anomalies vs. Behaviors
When: Tuesday, March 5, 2019, 3:40 – 4:30 pm
Who: Joe Slowik, Adversary Hunter
Cyber-defense centers on “what” a technology is designed to look for, with capabilities and limitations depending on the method. Three distinct approaches have emerged: traditional IOCs, anomaly detection and behavioral analytics. Unfortunately, marketing has muddied these terms beyond recognition. In this presentation, Joe Slowik, Adversary Hunter at Dragos will critically examine each approach and its capabilities.
Debunking the Hacker Hype: The Reality of Widespread Blackouts
When: Wednesday, March 6, 2019, 11:20 – 11:50 pm
Who: Selena Larson, Intelligence Analyst
There have been public narratives about the US being on the precipice of a nationwide hacker-caused blackout. What is the reality of adversary activity and the potential or likelihood of a cyber attack that could disrupt the electric grid? What are hackers currently doing in ICS networks? In this presentation, Selena Larson, Intelligence Analyst at Dragos will separate fact from (science) fiction.
How Long to Boom: Understanding and Measuring ICS Hacker Maturity
When: Thursday, March 7, 9:10 – 9:40 am
Who: Sergio Caltagirone, VP Threat Intelligence
The industrial control system threat is growing quickly. But ICS hackers do not start by disrupting electric grids. Instead, they mature predictably leading them from things that go bad, to things that go boom. In this presentation, Sergio Caltagirone will explain how using ICS threat intelligence Dragos has developed an ICS hacker maturity model enabling us to determine how much risk a threat poses and predict how long until they reach maximum risk.
Operationalizing Threat Intelligence in Network Defense
When: Thursday, March 7, 12:40 P.M. – 01:30 P.M.
Who: Joe Slowik, Adversary Hunter, Dragos
Threat intelligence is a popular topic, but often consists of either lists of indicators or written reports that must be translated or imported into the security environment. How should practitioners best utilize threat intelligence, and what expectations should exist for this resource in modern security operations? Attendance is strictly limited to allow for a small group experience.
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks
When: Friday, March 8, 2019, 9:50 – 10:40 am
Who: Robert M. Lee, CEO
Most industrial security best practices are essentially enterprise security best practices copy/pasted into industrial networks. Yet that is not an effective way to reduce risk against industrial-specific threats. Instead, we can learn from ICS attacks that have occurred. In this presentation, Robert M, Lee, CEO and co-founder of Dragos will provide first-hand insights into industrial threats and the lessons learned for industrial security.