Control System Cyber Security Association International

We are dedicated to the growth and expansion of local and global networking opportunities and professional development for everyone involved in the Control System Cyber Security field.

We are a catalyst for professional development for the (CS)² industry.

(CS)²AI (“See-Say” for short), is a rapidly growing global nonprofit association with                                 worldwide.

(CS)²AI (“See-Say” for short), is a rapidly growing global nonprofit association with                                 worldwide.

17,000+ MEMBERS

Our singular purpose is to create and nurture vibrant, influential peer-to-peer networks focused on (CS)² industry development, enhancement and growth.

100+ CHAPTERS
17,000+ MEMBERS
EXPERTS
SPOTLIGHT

NOTICE:
Due to guidance from health professionals,
(CS)²AI is not currently advising holding in-person gatherings. Members and followers are encouraged to make use of online resources and virtual meeting technologies wherever possible to continue professional networking and development activities.

Accordingly, the (CS)²AI Global team is increasing our efforts to expand resources available online:

  1. Creating our first ICS Cyber Security Virtual Summit

  2. Immediately opening our signature ongoing ICS Cyber Security Virtual Meetup events to all levels of cs2ai.org site members

  3. Launching our ICS SME Podcast series (Interview recordings are in editing presently)

OPERATION: Poison Supply Chain

  • Monta Elkins: FoxGuard Security Architect & Hacker-in-Chief

Date: June 25, 2020

https://attendee.gotowebinar.com/register/7609698392797651216?source=HmPg

 

Description: 

In October 2018, it was reported that a Chinese supply-chain attack had added non-spec chips to Supermicro motherboards used in servers for Amazon, Apple, and more than 20 other companies to monitor activity, exfiltrate data and potentially control them.

In this session Monty will recount how he replicated the attack, building and installing an implant chip on an industry-standard firewall, allowing the creation of privileged accounts, network access, and covert notification of successful compromise, all on a shoestring budget.

This talk will lead the audience through the chip selection process, the tools required to develop the attack (both hardware and software), and their use.  Discussion will include possible defenses and how to decide if you should be concerned about this class attack in your environment. While the attack demonstration will use a standard firewall, Monty will also explain how the techniques can be used on a variety of I.T. and O.T. equipment.

More about Monta: https://www.linkedin.com/in/montaelkins/

Register now at: https://attendee.gotowebinar.com/register/7609698392797651216?source=HmPg

OPERATION: Operator Jail Breakout

  • Dieter Sarrazyn - SECUDEA: Founder, SCADA/ICS/OT security consultant

  • Frank Lycops - Asvalis: Security Consultant

Date: May 28, 2020

https://attendee.gotowebinar.com/register/9218993088507324685

 

Description: Operator stations are one of the first systems/stations to interact with a distributed control system (DCS) or other industrial control systems. These operator stations often have some protection built in to restrict what the operator can do within the SCADA software and/or on the operating system itself. Within this session, we will show and explain some of the most easily discovered ways to set up operator jails and how these can be (ab)used to gain a further foothold within the environment.

Attendees will learn more on the shortcomings of most operator jail solutions and what could be done to step up this game to secure this properly. A key takeaway obtained by attendees through this session is that operator jails cannot be assumed to prevent attackers from gaining access to the operating system itself and, thus, potentially exploiting the whole DCS environment.

Did You Know?

You can receive 1 continuing education and/or development credit for each (CS)²AI Virtual Meetup Series event? Members who attend for at least 75% of a session will receive an email with a certificate of attendance.

Palo Alto Networks SPONSORED

Under Pressure: Establishing Secure Remote Access into ICS/OT Networks

  • Lieuwe Jan Koning - On2IT: Founding Partner, Chief Technical Officer

  • George Cordeiro - Palo Alto Networks: Cyber-security Solutions Manager, Accenture Partnership

  • Dharminder Debisarun - Palo Alto Networks: Industry Security Architect for Transport (Automotive, Airlines and Railway), Internet of Things, Manufacturing

Date: May 14, 2020

https://attendee.gotowebinar.com/register/535132715813099533

 

Description: Establishing secure remote access into industrial control systems, operational technology and IT environments has long been an ongoing effort for many of us, and the current shelter-in-place and work-from-home orders under which much of the world is now functioning has greatly ratcheted up the demand to make this happen yesterday. 
Part of the security equation involves how operational assets are accessed and managed and how the cyber security posture of IT and OT can be impacted if the management of remote access is not understood by business or is conducted poorly.
Companies of all sizes are struggling to adapt to telework demands, facing challenges of limited bandwidth, un- or insufficiently-vetted devices, workforce training needs and, in many settings, regulatory compliance requirements. 
 
Join the discussion with our panel of subject matter experts to learn how they and their clients have addressed these demands in the past for example Zero Trust Security principles for OT and IT , when time was less pressured, and what they recommend for current conditions. 

Lieuwe Jan Koning.jpg
George Cordeiro.jpg
Dharminder Debisarun.jpg

UPCOMING CHAPTER MEETUP EVENTS*

*Due to the global health crisis, CS2AI does not support in-person meetings at this time.

UPCOMING VIRTUAL MEETUP SESSIONS

Interested in being a speaker for one of our Virtual Meetup Sessions? Click Here.
We set aside time at the end of every virtual meetup session for our participants to ask our speaker questions about a topic of their choosing.* 
*questions will be submitted during the speaker presentation and curated afterward.