Skip to main content
Event

Six Steps to Effective ICS Threat Hunting

Friday, November 22nd, 2019 at 1:00 PM EST

On November 22 Dragos Principal Threat Analysts Dan Gunter and Marc Seitz will be joined by Tim Conway, Technical Director – ICS and SCADA Programs at SANS, to introduce a 6-step ICS threat hunting model. They’ll demonstrate how to apply it to real-world threat hunting scenarios, pinpoint adversary behavior patterns, and stop ICS threats from going undiscovered.

What Youll Learn:

  • Why proactive threat hunting is necessary for ICS cybersecurity defense
  • How to complete effective threat hunting
  • What adversary behavior patterns look like
  • How to apply the model to real world threat hunting scenarios
  • How to measure the effectiveness of threat hunts
Speaker Bios

Tim Conway

Technical Director – ICS and SCADA programs at SANS. Responsible for developing, reviewing, and implementing technical components of the SANS ICS and SCADA product offerings. Formerly, the Director of CIP Compliance and Operations Technology at Northern Indiana Public Service Company (NIPSCO). Responsible for Operations Technology, NERC CIP Compliance, and the NERC training environments for the operations departments within NIPSCO Electric. Previously, an EMS Computer Systems Engineer at NIPSCO for eight years, with responsibility over the control system servers and the supporting network infrastructure. Former Chair of the RFC CIPC, current Chair of the NERC CIP Interpretation Drafting Team, member of the NESCO advisory board, current Chair of the NERC CIPC GridEx Working Group, and Chair of the NBISE Smart Grid Cyber Security panel.

Marc Seitz

Mark coordinates industrial control system cyber test lab functions and performs ICS threat hunting services for Dragos customers.

He designs and implements innovative simulated industrial environments to provide a safe and realistic training and attack simulation experience for internal and external analysts. He also conducts onsite vulnerability assessments and threat hunting services. Marc studied Cyber Operations while at the United States Naval Academy where he was exposed to a wide variety of topics including networking, programming, legal, and cyber warfare.

Dan Gunter

Dan Gunter is a Principal Threat Analyst and discovers, analyzes and neutralizes threats inside of ICS/SCADA networks. He performs threat hunting, incident response, and malware analysis mission for the industrial community. Previously he served in a variety of Information Security roles as a Cyber Warfare Officer in the US Air Force and as a technical advisor on security and acquisition issues. Dan is a graduate of the Department of Defense’s elite Computer Network Operations Development Program (CNODP) and the Air Force Research Lab’s Advanced Course in Engineering Cyber Security Boot Camp (ACE). He has spoken at Blackhat, Shmoocon and local information security events.

Meet Dragos experts at our next event

VIEW MORE EVENTS
See our ICS cybersecurity experts in action at our upcoming events and webinars.
Event
S4x25
Location Icon

Miami, Florida

Calendar Icon
Event
Gartner Security & Risk Management Summit ANZ 2025
Location Icon

Sydney, Australia

Calendar Icon
Event
DistribuTech 2025
Location Icon

San Antonio, TX

Calendar Icon
Conor McLaren
Rick Kramer
Mark Heard
Talk to a Dragos Expert

Want to speak with a Dragos analyst or business development representative at an upcoming event? Email us at info@dragos.com to schedule an appointment.

Can't wait for the next event to hear from our team?

Read our blog and the latest frontline content to satisfy your cybersecurity needs.