talk-data.com

To attend this event, register now at: https://attendee.gotowebinar.com/register/1577999734777013590?source=03132024Meetupevent

Industrial Cybersecurity Risk Management (ICRM) has become an increasingly visible topic with many organizations discussing it and proposing different methods to assess it. Organizations realize that they need to understand the risks to their business considering the ever more complex systems of systems and convergence of IT and OT. For large organizations or those that are subject to many of the safety-related requirements to conduct process hazards analyses, the idea of conducting risk assessments is nothing new; however, the idea of incorporating cybersecurity aspects to those risk assessments can be. In 2020, the ISA/IEC 62443-3-2 standard was released that described a method for conducting risk assessments and assigning target security levels to ICS/OT environments. This process, while straight forward, can seem daunting for many asset owners that are new to ICRM, especially for smaller to medium-sized organizations that may be resource constrained. They may turn to external third-party organizations to assist in the risk assessment process. Whether conducting a risk assessment in-house or involving a third-party assessor, there are some decisions that need to be made and some different aspects that need to be discussed during the assessment. This presentation will go through the ISA/IEC 62443-3-2 risk assessment process and discuss some of the different aspects that need to be considered along the way. Speaker: Jim Gilsinn, Technical Leader at Dragos, Adjunct Professor at George Mason University, CS2AI Fellow https://www.linkedin.com/in/jimgilsinn/

To attend this event, register now at: https://attendee.gotowebinar.com/register/1577999734777013590?source=03132024Meetupevent ------------------------------------------------------------------------------------------- ## All past seminars and symposiums are available to paid CS2AI.ORG members. Check out the Resources area of our website in the Members Portal https://www.cs2ai.org/

Becoming a paid member is easy. Join now! https://www.cs2ai.org/plans-pricing

## Certificates for Professional Development/Continuing Education Units (PDUs/CEUs) are available for all registered individuals who attend at least one hour of the event.

## If you're interested in speaking at a future (CS)2AI event\, having your organization become a Strategic Alliance Partner\, or engaging in any of the other ways available\, please contact us on our https://www.cs2ai.org/get-involved

## Please note that (CS)2AI ONLINE events are provided free of charge as educational career development content through the support of our paid members and the generous contributions of our corporate Strategic Alliance Partners. Contact information used in registering for our directly supported seminars may be shared with sponsors funding those specific events. Unless noted on the Gotowebinar registration page, all events are open for direct funding support.

To attend this event, register now at: https://attendee.gotowebinar.com/register/1577999734777013590?source=03132024Meetupevent

Industrial Cybersecurity Risk Management (ICRM) has become an increasingly visible topic with many organizations discussing it and proposing different methods to assess it. Organizations realize that they need to understand the risks to their business considering the ever more complex systems of systems and convergence of IT and OT. For large organizations or those that are subject to many of the safety-related requirements to conduct process hazards analyses, the idea of conducting risk assessments is nothing new; however, the idea of incorporating cybersecurity aspects to those risk assessments can be. In 2020, the ISA/IEC 62443-3-2 standard was released that described a method for conducting risk assessments and assigning target security levels to ICS/OT environments. This process, while straight forward, can seem daunting for many asset owners that are new to ICRM, especially for smaller to medium-sized organizations that may be resource constrained. They may turn to external third-party organizations to assist in the risk assessment process. Whether conducting a risk assessment in-house or involving a third-party assessor, there are some decisions that need to be made and some different aspects that need to be discussed during the assessment. This presentation will go through the ISA/IEC 62443-3-2 risk assessment process and discuss some of the different aspects that need to be considered along the way. Speaker: Jim Gilsinn, Technical Leader at Dragos, Adjunct Professor at George Mason University, CS2AI Fellow https://www.linkedin.com/in/jimgilsinn/

To attend this event, register now at: https://attendee.gotowebinar.com/register/1577999734777013590?source=03132024Meetupevent ------------------------------------------------------------------------------------------- ## All past seminars and symposiums are available to paid CS2AI.ORG members. Check out the Resources area of our website in the Members Portal https://www.cs2ai.org/

Becoming a paid member is easy. Join now! https://www.cs2ai.org/plans-pricing

## Certificates for Professional Development/Continuing Education Units (PDUs/CEUs) are available for all registered individuals who attend at least one hour of the event.

## If you're interested in speaking at a future (CS)2AI event\, having your organization become a Strategic Alliance Partner\, or engaging in any of the other ways available\, please contact us on our https://www.cs2ai.org/get-involved

## Please note that (CS)2AI ONLINE events are provided free of charge as educational career development content through the support of our paid members and the generous contributions of our corporate Strategic Alliance Partners. Contact information used in registering for our directly supported seminars may be shared with sponsors funding those specific events. Unless noted on the Gotowebinar registration page, all events are open for direct funding support.

To attend this event, register now at: https://attendee.gotowebinar.com/register/1577999734777013590?source=03132024Meetupevent

Industrial Cybersecurity Risk Management (ICRM) has become an increasingly visible topic with many organizations discussing it and proposing different methods to assess it. Organizations realize that they need to understand the risks to their business considering the ever more complex systems of systems and convergence of IT and OT. For large organizations or those that are subject to many of the safety-related requirements to conduct process hazards analyses, the idea of conducting risk assessments is nothing new; however, the idea of incorporating cybersecurity aspects to those risk assessments can be. In 2020, the ISA/IEC 62443-3-2 standard was released that described a method for conducting risk assessments and assigning target security levels to ICS/OT environments. This process, while straight forward, can seem daunting for many asset owners that are new to ICRM, especially for smaller to medium-sized organizations that may be resource constrained. They may turn to external third-party organizations to assist in the risk assessment process. Whether conducting a risk assessment in-house or involving a third-party assessor, there are some decisions that need to be made and some different aspects that need to be discussed during the assessment. This presentation will go through the ISA/IEC 62443-3-2 risk assessment process and discuss some of the different aspects that need to be considered along the way. Speaker: Jim Gilsinn, Technical Leader at Dragos, Adjunct Professor at George Mason University, CS2AI Fellow https://www.linkedin.com/in/jimgilsinn/

To attend this event, register now at: https://attendee.gotowebinar.com/register/1577999734777013590?source=03132024Meetupevent ------------------------------------------------------------------------------------------- ## All past seminars and symposiums are available to paid CS2AI.ORG members. Check out the Resources area of our website in the Members Portal https://www.cs2ai.org/

Becoming a paid member is easy. Join now! https://www.cs2ai.org/plans-pricing

## Certificates for Professional Development/Continuing Education Units (PDUs/CEUs) are available for all registered individuals who attend at least one hour of the event.

## If you're interested in speaking at a future (CS)2AI event\, having your organization become a Strategic Alliance Partner\, or engaging in any of the other ways available\, please contact us on our https://www.cs2ai.org/get-involved

## Please note that (CS)2AI ONLINE events are provided free of charge as educational career development content through the support of our paid members and the generous contributions of our corporate Strategic Alliance Partners. Contact information used in registering for our directly supported seminars may be shared with sponsors funding those specific events. Unless noted on the Gotowebinar registration page, all events are open for direct funding support.

To attend this event, register now at: https://attendee.gotowebinar.com/register/1577999734777013590?source=03132024Meetupevent

Industrial Cybersecurity Risk Management (ICRM) has become an increasingly visible topic with many organizations discussing it and proposing different methods to assess it. Organizations realize that they need to understand the risks to their business considering the ever more complex systems of systems and convergence of IT and OT. For large organizations or those that are subject to many of the safety-related requirements to conduct process hazards analyses, the idea of conducting risk assessments is nothing new; however, the idea of incorporating cybersecurity aspects to those risk assessments can be. In 2020, the ISA/IEC 62443-3-2 standard was released that described a method for conducting risk assessments and assigning target security levels to ICS/OT environments. This process, while straight forward, can seem daunting for many asset owners that are new to ICRM, especially for smaller to medium-sized organizations that may be resource constrained. They may turn to external third-party organizations to assist in the risk assessment process. Whether conducting a risk assessment in-house or involving a third-party assessor, there are some decisions that need to be made and some different aspects that need to be discussed during the assessment. This presentation will go through the ISA/IEC 62443-3-2 risk assessment process and discuss some of the different aspects that need to be considered along the way. Speaker: Jim Gilsinn, Technical Leader at Dragos, Adjunct Professor at George Mason University, CS2AI Fellow https://www.linkedin.com/in/jimgilsinn/

To attend this event, register now at: https://attendee.gotowebinar.com/register/1577999734777013590?source=03132024Meetupevent ------------------------------------------------------------------------------------------- ## All past seminars and symposiums are available to paid CS2AI.ORG members. Check out the Resources area of our website in the Members Portal https://www.cs2ai.org/

Becoming a paid member is easy. Join now! https://www.cs2ai.org/plans-pricing

## Certificates for Professional Development/Continuing Education Units (PDUs/CEUs) are available for all registered individuals who attend at least one hour of the event.

## If you're interested in speaking at a future (CS)2AI event\, having your organization become a Strategic Alliance Partner\, or engaging in any of the other ways available\, please contact us on our https://www.cs2ai.org/get-involved

## Please note that (CS)2AI ONLINE events are provided free of charge as educational career development content through the support of our paid members and the generous contributions of our corporate Strategic Alliance Partners. Contact information used in registering for our directly supported seminars may be shared with sponsors funding those specific events. Unless noted on the Gotowebinar registration page, all events are open for direct funding support.

To attend this event, register now at: https://attendee.gotowebinar.com/register/1577999734777013590?source=03132024Meetupevent

Industrial Cybersecurity Risk Management (ICRM) has become an increasingly visible topic with many organizations discussing it and proposing different methods to assess it. Organizations realize that they need to understand the risks to their business considering the ever more complex systems of systems and convergence of IT and OT. For large organizations or those that are subject to many of the safety-related requirements to conduct process hazards analyses, the idea of conducting risk assessments is nothing new; however, the idea of incorporating cybersecurity aspects to those risk assessments can be. In 2020, the ISA/IEC 62443-3-2 standard was released that described a method for conducting risk assessments and assigning target security levels to ICS/OT environments. This process, while straight forward, can seem daunting for many asset owners that are new to ICRM, especially for smaller to medium-sized organizations that may be resource constrained. They may turn to external third-party organizations to assist in the risk assessment process. Whether conducting a risk assessment in-house or involving a third-party assessor, there are some decisions that need to be made and some different aspects that need to be discussed during the assessment. This presentation will go through the ISA/IEC 62443-3-2 risk assessment process and discuss some of the different aspects that need to be considered along the way. Speaker: Jim Gilsinn, Technical Leader at Dragos, Adjunct Professor at George Mason University, CS2AI Fellow https://www.linkedin.com/in/jimgilsinn/

To attend this event, register now at: https://attendee.gotowebinar.com/register/1577999734777013590?source=03132024Meetupevent ------------------------------------------------------------------------------------------- ## All past seminars and symposiums are available to paid CS2AI.ORG members. Check out the Resources area of our website in the Members Portal https://www.cs2ai.org/

Becoming a paid member is easy. Join now! https://www.cs2ai.org/plans-pricing

## Certificates for Professional Development/Continuing Education Units (PDUs/CEUs) are available for all registered individuals who attend at least one hour of the event.

## If you're interested in speaking at a future (CS)2AI event\, having your organization become a Strategic Alliance Partner\, or engaging in any of the other ways available\, please contact us on our https://www.cs2ai.org/get-involved

## Please note that (CS)2AI ONLINE events are provided free of charge as educational career development content through the support of our paid members and the generous contributions of our corporate Strategic Alliance Partners. Contact information used in registering for our directly supported seminars may be shared with sponsors funding those specific events. Unless noted on the Gotowebinar registration page, all events are open for direct funding support.

Discussion on combining a maturity-level assessment of an organization's cybersecurity program with a technical assessment in OT/ICS, and translating IT-focused maturity methodologies to OT/ICS environments.

Discussion on translating IT maturity assessment methodologies to OT/ICS environments and how to conduct both maturity level and technical assessments for cybersecurity programs in OT/ICS.

Please note: Registration at this link is required to attend. https://attendee.gotowebinar.com/register/131094103726512985?source=07052023meetupeventhttps://attendee.gotowebinar.com/register/131094103726512985?source=07052023meetupevent

Very few organizations have the opportunity to create a cybersecurity program from the ground up. Often, cybersecurity programs in the OT/ICS environment start out as rough translations of the IT program into the OT/ICS environment or initiatives resulting from an audit or incident. Assessing the as-is state of an organization’s security posture is usually a combination of a maturity level assessment of their cybersecurity program along with a technical assessment of their implementation. While there have been many discussions about how to conduct a technical assessment in OT/ICS, not much has been discussed about how to conduct a maturity level assessment. Many of the existing maturity level assessment methodologies are IT-focused, developer-focused, or industry-specific, which has made it difficult to use them directly in the broader OT/ICS environment. A way to translate those into the full scope of the OT/ICS world is needed that still has a foundation in the existing methodologies.

Speaker: Jim Gilsinn is Principal ICS Consultant at Dragos and Associate Professor at George Mason University. For over 15 years, he's been working to develop better ways to measure industrial Ethernet performance and to determine how that performance affects the overall system robustness and reliability. He has also been involved in developing standards for ICS cyber security through ISA99 (http://isa99.isa.org). Jim is currently the co-chair of the ISA99 committee and ISA99 working group 2 developing end-user cyber security program requirements. Since 2012, he's been putting both of these skillsets into practice as a consultant, helping to assess, design, and validate ICS in various industries.

Please note: Registration at this link is required to attend. https://attendee.gotowebinar.com/register/131094103726512985?source=07052023meetupeventhttps://attendee.gotowebinar.com/register/131094103726512985?source=07052023meetupevent

--------------------------------------------------------------------------------------------- ## All past seminars and symposiums are available to paid CS2AI.ORG members. Check out the Resources area of our website in the Members Portal https://www.cs2ai.org/

## Certificates for Professional Development/Continuing Education Units (PDUs/CEUs) are available for all registered individuals who attend at least one hour of the event.

## If you're interested in speaking at a future (CS)2AI event\, having your organization become a Strategic Alliance Partner\, or engaging in any of the other ways available\, please contact us on our https://www.cs2ai.org/get-involved

## Please note that (CS)2AI ONLINE events are provided free of charge as educational career development content through the support of our paid members and the generous contributions of our corporate Strategic Alliance Partners. Contact information used in registering for our directly supported seminars may be shared with sponsors funding those specific events. Unless noted on the Gotowebinar registration page, all events are open for direct funding support.

Please note: Registration at this link is required to attend. https://attendee.gotowebinar.com/register/131094103726512985?source=07052023meetupeventhttps://attendee.gotowebinar.com/register/131094103726512985?source=07052023meetupevent

Very few organizations have the opportunity to create a cybersecurity program from the ground up. Often, cybersecurity programs in the OT/ICS environment start out as rough translations of the IT program into the OT/ICS environment or initiatives resulting from an audit or incident. Assessing the as-is state of an organization’s security posture is usually a combination of a maturity level assessment of their cybersecurity program along with a technical assessment of their implementation. While there have been many discussions about how to conduct a technical assessment in OT/ICS, not much has been discussed about how to conduct a maturity level assessment. Many of the existing maturity level assessment methodologies are IT-focused, developer-focused, or industry-specific, which has made it difficult to use them directly in the broader OT/ICS environment. A way to translate those into the full scope of the OT/ICS world is needed that still has a foundation in the existing methodologies.

Speaker: Jim Gilsinn is Principal ICS Consultant at Dragos and Associate Professor at George Mason University. For over 15 years, he's been working to develop better ways to measure industrial Ethernet performance and to determine how that performance affects the overall system robustness and reliability. He has also been involved in developing standards for ICS cyber security through ISA99 (http://isa99.isa.org). Jim is currently the co-chair of the ISA99 committee and ISA99 working group 2 developing end-user cyber security program requirements. Since 2012, he's been putting both of these skillsets into practice as a consultant, helping to assess, design, and validate ICS in various industries.

Please note: Registration at this link is required to attend. https://attendee.gotowebinar.com/register/131094103726512985?source=07052023meetupeventhttps://attendee.gotowebinar.com/register/131094103726512985?source=07052023meetupevent

--------------------------------------------------------------------------------------------- ## All past seminars and symposiums are available to paid CS2AI.ORG members. Check out the Resources area of our website in the Members Portal https://www.cs2ai.org/

## Certificates for Professional Development/Continuing Education Units (PDUs/CEUs) are available for all registered individuals who attend at least one hour of the event.

## If you're interested in speaking at a future (CS)2AI event\, having your organization become a Strategic Alliance Partner\, or engaging in any of the other ways available\, please contact us on our https://www.cs2ai.org/get-involved

## Please note that (CS)2AI ONLINE events are provided free of charge as educational career development content through the support of our paid members and the generous contributions of our corporate Strategic Alliance Partners. Contact information used in registering for our directly supported seminars may be shared with sponsors funding those specific events. Unless noted on the Gotowebinar registration page, all events are open for direct funding support.

Please note: Registration at this link is required to attend. https://attendee.gotowebinar.com/register/131094103726512985?source=07052023meetupeventhttps://attendee.gotowebinar.com/register/131094103726512985?source=07052023meetupevent

Very few organizations have the opportunity to create a cybersecurity program from the ground up. Often, cybersecurity programs in the OT/ICS environment start out as rough translations of the IT program into the OT/ICS environment or initiatives resulting from an audit or incident. Assessing the as-is state of an organization’s security posture is usually a combination of a maturity level assessment of their cybersecurity program along with a technical assessment of their implementation. While there have been many discussions about how to conduct a technical assessment in OT/ICS, not much has been discussed about how to conduct a maturity level assessment. Many of the existing maturity level assessment methodologies are IT-focused, developer-focused, or industry-specific, which has made it difficult to use them directly in the broader OT/ICS environment. A way to translate those into the full scope of the OT/ICS world is needed that still has a foundation in the existing methodologies.

Speaker: Jim Gilsinn is Principal ICS Consultant at Dragos and Associate Professor at George Mason University. For over 15 years, he's been working to develop better ways to measure industrial Ethernet performance and to determine how that performance affects the overall system robustness and reliability. He has also been involved in developing standards for ICS cyber security through ISA99 (http://isa99.isa.org). Jim is currently the co-chair of the ISA99 committee and ISA99 working group 2 developing end-user cyber security program requirements. Since 2012, he's been putting both of these skillsets into practice as a consultant, helping to assess, design, and validate ICS in various industries.

Please note: Registration at this link is required to attend. https://attendee.gotowebinar.com/register/131094103726512985?source=07052023meetupeventhttps://attendee.gotowebinar.com/register/131094103726512985?source=07052023meetupevent

--------------------------------------------------------------------------------------------- ## All past seminars and symposiums are available to paid CS2AI.ORG members. Check out the Resources area of our website in the Members Portal https://www.cs2ai.org/

## Certificates for Professional Development/Continuing Education Units (PDUs/CEUs) are available for all registered individuals who attend at least one hour of the event.

## If you're interested in speaking at a future (CS)2AI event\, having your organization become a Strategic Alliance Partner\, or engaging in any of the other ways available\, please contact us on our https://www.cs2ai.org/get-involved

## Please note that (CS)2AI ONLINE events are provided free of charge as educational career development content through the support of our paid members and the generous contributions of our corporate Strategic Alliance Partners. Contact information used in registering for our directly supported seminars may be shared with sponsors funding those specific events. Unless noted on the Gotowebinar registration page, all events are open for direct funding support.