OWASP AppSec DC 2012/Vulnerabilities in Industrial Control Systems - Revision history

Dallendoug: updated with new bio.

2012-03-15T15:01:11Z

updated with new bio.

Mark.bristow at 00:59, 12 March 2012

2012-03-12T00:59:08Z

Dallendoug: added Kevin Hemsley bio

2012-03-10T04:02:37Z

added Kevin Hemsley bio

Mark.bristow: Created page with "{{:OWASP AppSec DC 2012 Header}} NOTOC == The Presentation == rightIn 2011 ICS-CERT experienced a dramatic increase..."

2012-03-02T20:49:51Z

Created page with "<noinclude>{{:OWASP AppSec DC 2012 Header}}</noinclude> __NOTOC__ == The Presentation == rightIn 2011 ICS-CERT experienced a dramatic increase..."

New page

<noinclude>{{:OWASP AppSec DC 2012 Header}}</noinclude>
__NOTOC__
== The Presentation ==
[[Image:Owasp_logo_normal.jpg|right]]In 2011 ICS-CERT experienced a dramatic increase in reported disclosures of vulnerabilities in industrial control system (ICS) products. Security researchers (white, gray, and black hats) across the globe are increasing their research in the ICS product arena and the potential impact to critical infrastructure. Coordinated vulnerability disclosures of control system products are increasing rapidly, but so are the instances of unanticipated or full disclosures.
<br>
The once obscure world of ICS security is now a hot topic in the media and around the water cooler. This presentation will discuss the daunting trends in the disclosure of ICS product vulnerabilities, who is disclosing new vulnerabilities, and the coordination process used by ICS-CERT. We will also discuss what concerning trends ICS-CERT is seeing, including recent hacktivist and anarchist group activity.
== The Speakers ==
Kevin Hemsly
<noinclude>{{:OWASP AppSec DC 2012 Footer}}</noinclude>

@@ Line 10: / Line 10: @@
 <td>
 ===Kevin Hemsley===
-[[Image:Owasp_logo_normal.jpg|left]]Mr. Kevin Hemsley is a Senior Critical Infrastructure Security Analyst and Vulnerability Handler within the Industrial Control Systems - Cyber Emergency Response Team (ICS-CERT).  In this role, he provides all-source research, analysis, and reporting on all aspects of threats affecting domestic critical infrastructure protection, computer network operations, and industrial control systems.
+[[Image:Owasp_logo_normal.jpg|left]]Kevin Hemsley is the Vulnerability Handling Lead for the US Department of Homeland Security's Industrial Control System Cyber Emergency Response Team (ICS-CERT). ICS-CERT provides a control system security focus to improve the cyber security posture and assist owners and operators of US critical infrastructure assets. Kevin leads the ICS-CERT Vulnerability Handling team that works with independent security researchers and control system vendors from around the world to identify and mitigate vulnerabilities in control system products. Kevin has more than 20 years experience in cyber security ranging from network security to control system and SCADA security.
 </td>
 </tr>
 </table>
 <noinclude>{{:OWASP AppSec DC 2012 Footer}}</noinclude>

@@ Line 2: / Line 2: @@
 __NOTOC__
 == The Presentation  ==
-[[Image:Owasp_logo_normal.jpg|right]]In 2011 ICS-CERT experienced a dramatic increase in reported disclosures of vulnerabilities in industrial control system (ICS) products. Security researchers (white, gray, and black hats) across the globe are increasing their research in the ICS product arena and the potential impact to critical infrastructure. Coordinated vulnerability disclosures of control system products are increasing rapidly, but so are the instances of unanticipated or full disclosures.
+In 2011 ICS-CERT experienced a dramatic increase in reported disclosures of vulnerabilities in industrial control system (ICS) products. Security researchers (white, gray, and black hats) across the globe are increasing their research in the ICS product arena and the potential impact to critical infrastructure. Coordinated vulnerability disclosures of control system products are increasing rapidly, but so are the instances of unanticipated or full disclosures.
 <br>
 The once obscure world of ICS security is now a hot topic in the media and around the water cooler. This presentation will discuss the daunting trends in the disclosure of ICS product vulnerabilities, who is disclosing new vulnerabilities, and the coordination process used by ICS-CERT. We will also discuss what concerning trends ICS-CERT is seeing, including recent hacktivist and anarchist group activity.
 == The Speakers  ==
-Kevin Hemsly
+<table>
+<tr>
-Kevin Hemsley is the Vulnerability Handling Lead for the US Department of Homeland Security's Industrial Control System Cyber Emergency Response Team (ICS-CERT). ICS-CERT provides a control system security focus to improve the cyber security posture and assist owners and operators of US critical infrastructure assets. Kevin leads the ICS-CERT Vulnerability Handling team that works with independent security researchers and control system vendors from around the world to identify and mitigate vulnerabilities in control system products. Kevin has more than 20 years experience in cyber security ranging from network security to control system and SCADA security.
+<td>
+===Kevin Hemsley===
 <noinclude>{{:OWASP AppSec DC 2012 Footer}}</noinclude>

OWASP AppSec DC 2012/Vulnerabilities in Industrial Control Systems - Revision history

Dallendoug: updated with new bio.

Mark.bristow at 00:59, 12 March 2012

Dallendoug: added Kevin Hemsley bio

Mark.bristow: Created page with "{{:OWASP AppSec DC 2012 Header}} __NOTOC__ == The Presentation == rightIn 2011 ICS-CERT experienced a dramatic increase..."

Mark.bristow: Created page with "{{:OWASP AppSec DC 2012 Header}} NOTOC == The Presentation == rightIn 2011 ICS-CERT experienced a dramatic increase..."