CUUG Upcoming Meetings

Last update: $Date: 2015-05-06 00:06:21-06 $

May General Meeting

Stuxnet 5 Years Later -- Did We Learn The Right Lessons?

Speaker: Andrew Ginter, Vice President of Industrial Security, Waterfall Security Solutions

Andrew Ginter

It has been 5 years since Stuxnet came into public view. What have we learned? Did we look for lessons where the light was brightest? Or did we look in the dark corners where our need was greatest?

The bright light shining was "best practice violations." Which best practice though? IT-style best practices were held up to us as the gold standard for industrial control system security, if we could just, finally, figure out how to apply them to our wretched control systems. What was the result? 100% IT-best-practice-compliant control system networks that are singularly vulnerable to attack.

What we should have learned? The difference between industrial control systems and IT systems is, not surprisingly, control. Control systems control large, complex and often dangerous physical equipment. When a turbine is damaged through mis-operation, we can't simply "restore it from backup." ICS-centric defense-in-depth standards are finally emerging that recognize this fundamental difference.

Join us to explore the mistakes we made and how the newest best-practice advice is evolving.

Andrew Ginter is the Vice President of Industrial Security at Waterfall Security Solutions. Andrew spent 25 years leading the development of commercial products for a variety of computer networking, industrial control system and industrial cyber-security vendors. Andrew is currently the co-chair of the ISA SP-99 WG1 working group, and represents Waterfall Security Solutions to NIST, NERC-CIP, other ISA SP-99 working groups, as well as other cyber-security standards bodies. Andrew writes and speaks frequently on industrial control system cyber-security topics. He holds degrees in Applied Mathematics and Computer Science from the University of Calgary, as well as ISP, ITCP, and CISSP accreditations.

Tillyard Conference Centre

715 - 5 Ave. S.W.

5:30 PM, Tuesday, May 26, 2015

Snacks at 17:30. Meeting begins at 18:00.

Building doors are locked at 18:00, so please try to arrive early.

There is $2 parking after 16:00 across the street in the underground parkade (McDougall Centre).

Everyone is welcome to attend.

June General Meeting

Raspberry Pi

Door prize! You must be a CUUG member to win this one!

Location TBA

5:30 PM, Tuesday, June 23, 2015

Snacks at 17:30. Meeting begins at 18:00.

Everyone is welcome to attend.

See the main CUUG web page for general information about CUUG.