The Claroty Blog

The ICS Guide to the RSA Conference

| Patrick McBride

The theme for next week’s RSA® Conference (RSAC) in San Francisco is Now Matters, and we couldn’t agree more.  For businesses whose industrial control systems (ICS) are mission-critical, cybersecurity has never been more important. Now matters. 

The RSAC agenda has long been dominated by IT security.  But driven by the increasing convergence of IT and OT, and demand for industrial cybersecurity education and solutions, this year's conference has more to offer OT professionals than ever before.

With that in mind, we’ve put together a guide to the ICS security-related tutorials, seminars and other activities to help you get the most from what’s available in OT security while at RSAC.  The online RSA Conference 2018 Program Guide is also a useful reference for the full conference activities.

Here is a list of what’s happening in ICS cybersecurity each day:

Monday, April 16

The Growing Need to Protect the Grid: Industrial Control Systems

  • 9:40-10:00 AM | Four Seasons Hotel San Francisco
  • Cybertalks delivers TED-like presentations for the cybersecurity community (note: this event is separate from RSAC)
  • Claroty co-founder Galina Antova will join a panel discussion focused on securing the power grid and ICS.

Ransomware and Destructive Attacks – SEM-M03

  • 8:30 AM-5:00 PM | Moscone West 2001
  • As part of this all-day seminar focused on ransomware and its multi-faceted implications, Claroty co-founder Galina Antova will present 900 Million Warning Signs—The Growing Threats to Industrial Networkswhich discusses the implications of ransomware on ICS environments.

Tuesday, April 17

 Industrial Cyberattacks: A Quest for Nuance with Lessons from the Field

  • Time & Location: 1:00-1:45 PM | Moscone South 207
  • Industrial (ICS/IIoT) cyberattacks rightfully gain attention: the 2017 probing of the US power grid, the 2016 attack that turned out the lights in Kiev and the 2015 attack that took down portions of Ukraine’s power grid. But nuance is needed to extract lessons learned. This presentation will contain firsthand accounts of these and other cases with actionable recommendations for defense.

Wednesday, April 18

Mind the Air-Gap: Exfiltrating ICS Data via AM Radios and Hacked PLC Code

  • 9:15 - 10:00 AM | Moscone South 314
  • Critical industrial infrastructure is a juicy target for cyber attackers seeking ransom, trade secrets or geopolitical intimidation. But many organizations assume they’re safe because their ICS/SCADA networks are air-gapped. This live hack will show how to exfiltrate reconnaissance data from air-gapped networks with AM radios and specially crafted code injected into programmable logic controllers.

ICS Sandbox

  • April 18 8:00 AM- 5:00 PM, Thurs. April 19 8:00 AM - 3:30 PM | Marriott Marquis, Yerba Buena 8
  • A unique environment within RSAC, this exhibition is solely focused on ICS security. The ICS Sandbox will have several ICS networks running where visitors can see various technologies in operation and interact with subject matter experts to get in-depth knowledge of how these systems work and how to defend them.  The Sandbox will also feature talks by well-known ICS security experts.  Presentations include:

April 18

April 19

 I look forward to seeing you there!

Subscribe to the Blog