Claroty is proud to be a sponsor of ICS Village, a non-profit organization dedicated to education and training on ICS cybersecurity topics. We sat down with founder Tom VanNorman this week so he could share details of the organization and some of the outreach programs for the coming year.
Claroty: Can you give some background on ICS Village and its charter?
Tom: Sure, ICS Village equips industry and policymakers to better defend industrial equipment through experiential awareness, education, and training. It was started at a popular infosec con in Las Vegas almost 5 years ago by a small group of industry experts as well as a few eager infosec professionals looking to give back to the community. We are a non-profit organization run by Bryson Bort, Beau Woods, Larry Vandenaweele, and myself and operate totally off of the generous donations from sponsors and countless hours volunteers put in.
Claroty: What kinds of programs do you run to support the ICS cybersecurity industry?
Tom: Depending on the venue we run various programs. This year we have several challenges around forensics, an IOT/ smart house, several hands-on workshops, many presentations on things from ICS, medical, IOT and industry trends/technologies. Our next big event is the ICS Sandbox at the RSA Conference in San Francisco starting April 16.
We will also have several networks running where people can see various technologies in operation, attendees will be able to interact with subject matter experts as well as the networks to get in-depth knowledge of how these systems work and how to defend them.
Claroty: What can visitors expect at the ICS Sandbox kick-off event at RSA?
Tom: This year the ICS Sandbox will be bigger and better than any other year. This year we have talks by well-known industry experts as well as several live demos. For those who want to try something a little different this year, they can test their skills on our various challenges that we will have running or they can hang out and mingle with our sponsors as well as SME's. Our theme this year is SOC technologies for OT, this is a very wide topic so we picked a few of the technologies to show.
Claroty: What are some of the presentation topics and exhibits at the ICS Sandbox?
Tom: This year we have eight excellent talks at RSAC, some of our talks this year include:
My Life as a CISO given by Ken Keiser who is the Director of OT Cybersecurity at Parsons. Ken's talk will explain the real-life issues facing the CISO of a large organization with IT and OT cybersecurity issues. Specifically, the OT cybersecurity realities will be reviewed and how resources are prioritized between IT and OT.
No IOUs with IoT by Bryson Bort who is the founder and CEO of Scythe. Bryson will talk about showing folks how a smart thermostat can take over your home, this session will present “Howdy Neighbor,” a miniature model home: “smart” from kitchen to garage. It’s a test-bed for reverse engineering and hacking distinct consumer-focused smart devices and to understand how the (in)security of individual devices can impact the safety of your home which we’ll demonstrate in real time.
Researchers from Uptake will present a live demo on SCADA 101. For this presentation, Uptake’s security researchers will walk the general public through the differences between IT and OT, and a selection of top SCADA protocols. The presentation will culminate in a live attack simulation against a programmable logic controller, complete with play-by-play explanation.
Think Like a Hacker but Act Like an Engineer by Marty Edwards. During this talk, Marty will describe how cyber-informed engineering is an evolving concept to use cyber-risk in designing control systems and associated protection systems.
For exhibits, we will have our ICS range setup with current products from several of our sponsors as well as other technology that people can stop by and receive a demo, see how it works and how it would fit into their environment. Two of the latest technologies that are making its appearance into OT environments are Software Defined Networking and Moving Target Defense networks. Both of these technologies will be in operation for people to see and ask questions.
Claroty: What other events do you have scheduled this year?
Tom: We have several events confirmed and many more that we are finalizing. I’ll touch on two for you. The first one is HackNYC. HackNYC is a new conference for us and we teamed up with I Am The Calvary to bring several workshops and talks to this event. Between Bryson Bort, Beau Woods and myself we will be covering healthcare hacks, an IOT aka “Howdy Neighbor” workshop, an ICS workshop and a policy talk. Later in the year, we are back at Defcon. Defcon this year will have an official Defcon CTF, several village talks, more hands-on workshops and lots of time to check out our updated ICS range.
Claroty: Where are the events and how do visitors get admittance?
Tom: RSAC will be held in San Francisco April 17th - 19th. The ICS Sandbox will be at the Marriott Marquis, just a block away from the exhibition center. You can register here for the show.
Hack NYC is held at 11 Times Square in the heart of midtown Manhattan on May 8th-10th and tickets are available here. Defcon will be August 9th - 12th at Caesars Palace in Las Vegas. As always, Defcon passes can be purchased in person with cash at the conference.
Claroty: Anything else our readers should know?
Tom: Everyone involved with the ICS Village is doing this to offer an alternative way for people to learn about ICS/IOT, be exposed to various technologies without a high-pressure sales pitch and we are always looking for additional sponsors/volunteers to help with this effort. We offer a non-biased environment atmosphere based on our personal experiences that are not driven by sales quotas. People can email us at firstname.lastname@example.org or visit us at www.icsvillage.com