Dean Parsons: Cyber Security for OT and ICS

With ransomware and other highly disruptive attacks on the rise, there are few systems more important to defend than our critical infrastructure and ICS equipment. How should we think about defending these systems vs our typical IT network though? In this episode, Dean Parsons is here to give us that answer. Our Guest - Dean ParsonsDean brings over 20 years of technical and management experience to the classroom. He has worked in both Information Technology and Industrial Control System (ICS) Cyber Defense in critical infrastructure sectors such as telecommunications, and electricity generation, transmission, distribution, and oil & gas refineries, storage, and distribution. Dean is an ambassador for defending industrial systems and an advocate for the safety, reliability, and cyber protection of critical infrastructure. His mission as an instructor is to empower each of his students, and he earnestly preaches that “Defense is Do-able!” Over the course of his career, Dean’s accomplishments include establishing entire ICS security programs for critical infrastructure sectors, successfully containing and eradicating malware and ransomware infections in electricity generation and manufacturing control networks, performing malware analysis triage and ICS digital forensics, building converged IT/OT incident response and threat hunt teams, and conducting ICS assessments in electric substations, oil and gas refineries, manufacturing, and telecommunications networks. A SANS Certified Instructor, Dean teaches ICS515: ICS Visibility, Detection, and Response and is a co-author of the new SANS Course ICS418: ICS Security Essentials for Managers. Dean is a member of the SANS GIAC Advisory Board and holds many cybersecurity professional certifications including the GICSP, GRID, GSLC, and GCIA, as well as the CISSP®. He is a proud native of Newfoundland and holds a BS in computer science from Memorial University of Newfoundland.Follow Dean ParsonsTwitter: https://twitter.com/deancybersecLinkedIn: https://www.linkedin.com/in/dean-parsons-cybersecurity/Resources mentioned in this episodeOSINT / Site-visit Cheat Sheethttps://www.sans.org/posters/ics-site-visit-plan/ICS Cyber Kill Chain Whitepaper:https://www.sans.org/white-papers/36297/?msc=blog-ics-libraryICS specific Network Security Monitoring:https://www.sans.org/posters/industrial-network-security-monitoring/Top 5 ICS Incident Response Tabletopshttps://www.sans.org/blog/top-5-ics-incident-response-tabletops-and-how-to-run-them/My weekly ICS Defense Force LiveStreamhttps://www.youtube.com/playlist?list=PLjoUWqjR7qXhdZIcC8LgEBogrTyeoKqRTLearn more about SANS' SOC courses at sans.org/soc

Om Podcasten

Are you a cyber defender looking to keep up on the newest tools, technology, and security concepts? Then BLUEPRINT is the podcast for you! Tune in to hear the latest in cyber defense and security operations from blue team leaders and experts. With a focus on learning, BLUEPRINT includes interviews with today’s top security practitioners defending the world’s most respected brands, and in-depth explanations on the newest technologies, protocols, and defensive tools. BLUEPRINT, is a podcast hosted by John Hubbard and brought to you by the SANS Institute. BLUEPRINT - your one-stop shop for taking your defense skills to the next level!