The National Electric Sector Cybersecurity Organization (NESCO) is charged by the Department of Energy with providing an industry emphasis on information and resource sharing, collaboration, situational/tactical awareness, rapid notification, forensics and applied research.
As part of fulfilling this mandate NESCO organizes and supports efforts to develop solutions to Electrical Cybersecuity challenges, and communicates the lessons learned to the electrical utility community.
NESCO has performed a demonstration project in partnership with AlienVault, Tofino Security, N2NetSecurity and Trusted Metrics to provide Electric Cooperatives with proven, incremental guidelines for addressing cybersecurity.
In this webinar the process and results are described by the NESCO, AlienVault, Trusted Metrics and subject co-operative staff involved in organizing and performing the project.
The project described in this webinar included the following steps:
- Documenting the existing cybersecurity capabilities deployed at the Co-operative,
- Installing Open Source security visibility tools (the Open Source SIEM, OSSIM) and documenting the delta experienced in cybersecurity capabilities
- Implementing a commercial security visibility solution and documenting the delta experienced in cybersecurity capabilities
- Installing a commercial industrial firewall and documenting the delta experienced in cybersecurity capabilities
- Installing Open Source Host Intrusion Detection (HIDS) software on a SCADA server at the facility and documenting the delta experienced in cybersecurity capabilities
Steve Parker, NESCO Lead, will be hosting the session along with AlienVault's VP ICS Group, Chris Blask and Trusted Metrics' CEO Michael Menefee. Attendance is limited, please register now!
Chris Blask has been involved in control systems and information security for more than twenty years. His experience ranges from Control Systems Engineer for General Electric to inventing one of the first commercial firewalls, building the multi-billion dollar Cisco firewall business, founding Control Systems Consultancy Lofty Perch and authoring the first book on Security Information and Event Management.
Today Chris is Vice President of AlienVault's Industrial Control Systems Group, on faculty at the Institute for Applied Network Security and serves on committees in such industry organizations as the Department of Homeland Security's ICS Joint Working Group and Department of Energy's NESCO
Steven Parker, CISA, CISSP, is Vice President of Technology Research and Projects at Energy Sector Security Consortium (EnergySec). He was part of the grassroots effort that led to the formation of EnergySec, and has served on its board of directors since 2008.
Steven’s experience includes more than a decade of full-time security work at critical infrastructure organizations including the Western Electricity Coordinating Council, PacifiCorp, and US Bank. He has contributed to a broad range of security projects covering areas such as e-commerce, identity management, intrusion detection, forensics, and security event monitoring.
Michael Menefee if the founder and Principal Consultant for Wirehead Security, a security consulting firm based in Raleigh, NC. One of WireHead's primary focuses is on Industrial Control Systems in the electrical, water treatment and delivery, and waste-water treatment industries. WireHead Security is the publishing team behind Infosec Island and the primary owners of Trusted Metrics, a new Managed Services company, supporting AlienVault SIEM deployments in ICS environments.
Prior to co-founding WireHead in 2009, Mike was the co-founder and principal consultant for Secure Solve, Inc from 2005-2009, and Director of Managed Security Services for US Networks, Inc from 2001-2004. He served as the founding member and Chapter Leader of the North Carolina OWASP Chapter from 2005-2010 and is a Team Member at the Institute for Security and Open Methodologies (ISECOM), focusing on the concept of Trust. He regularly gives seminars and speeches on how Trust relates to Risk, and its operational measurement and management in today's hyper-connected online world.