The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

Bob Cheripka - Deloitte

Students: Fall 2024, unless noted otherwise, sessions will be virtual on Zoom.

Advanced Testing Assessments in the Power & Utilities Industry

Sep 13, 2017

Download: Video Icon MP4 Video Size: 135.4MB  
Watch on Youtube Watch on YouTube

Abstract

This first portion of the presentation will explore the emerging cyber threats facing the industrial control systems network environments with a focused look at the Power & Utility industry. It will then discuss the challenges faces advanced technical testing (i.e., Attack & Penetration Testing and Red Teaming) within this environment. The first section concludes with a discussion of current testing approaches and in the face of the above challenges, why testing remains an important capability in this space.
  The second portion of the presentation will present a proposed approach for performing Advanced Testing Services in this environment as well as discussing the legal and security implications of testing in this environment.

About the Speaker

Bob is a Senior Manager in Deloitte Advisory's Cyber Risk Services and has been with the firm for over six years, coming to us with over 13 years of experience in Computer Network Defense Operations and over 5 years of Intelligence Operations, while working for the United States Army. Bob's area of expertise is highly diversified and includes both technical and operational experience across the following areas:
• Attack and Penetration Testing (Including Network, Application, Wireless, Social Engineering, Red Teaming, and Physical Security)
• InformationSecurityandAssurancePlanning/Implementation
• Security Maturity Assessments
• Public Key Infrastructure Program Implementation
• Cyber Watch Center Operations, Design, and Implementation
• Log Management and Security Information Event Monitoring (SIEM) Implementation and
Management
• Crisis Action Team Design, Planning, Implementation, and Execution
• Cyber Threat Intelligence and Defense Program Development/Implementation.


Ways to Watch

YouTube

Watch Now!

Over 500 videos of our weekly seminar and symposia keynotes are available on our YouTube Channel. Also check out Spaf's YouTube Channel. Subscribe today!