SANS ICS

Here’s my new World Economic Forum blog discussing the growing inability for infrastructure (OT/ICS) companies to gain root cause analysis after incidents as digitization and automation become more complex - and how that becomes a dangerous issue when cyber threats are involved. https://lnkd.in/e--WKcNC

☁️ The conversation around cloud in OT isn’t theoretical anymore. It’s here. 🚨 Justin Searle walks through what Owner/Operators need to know to design defensible architectures that accommodate cloud-based services, without sacrificing safety or uptime. 🎥 Watch the webcast on YouTube: https://lnkd.in/eJHkU3m8 ✍️ Ready for a deeper dive? Learn more with ICS410: https://lnkd.in/e_mdGriY #ICS #OTsecurity #CloudSecurity #CriticalInfrastructure

💻 Is a Windows or Linux system always an IT asset? Not in ICS. In fact, some of the most critical engineering applications like HMIs, data historians, and alarm servers, run on Windows or Linux inside OT environments. 🛡🏭 Dean Parsons 🏭🛡 shares WHY context matters, and how mature organizations classify assets based on function, impact, and safety. #ICS #OTSecurity #Cybersecurity

Really looking forward to teaching SANS Institute ICS515 in DC this December and bringing more OT incident responders into the world. We cover a lot of real-world applicable material that you can go back to the office the next week and implement immediately and I always punctuate with some anecdotes and stories. Come join me and ask about the time I had to take a helicopter to do forensic collect! https://lnkd.in/eikf-kA8

Come join me at SANS Cyber Defense Initiative in Washington DC and learn about security controls for critical infrastructure.  We'll have a blast! ;)

👀 Less than half of ICS networks are being monitored in real time. 👉 According to the 2024 SANS ICS Cybersecurity Survey, only 52% of facilities have ICS-aware monitoring in place. 🛡🏭 Dean Parsons 🏭🛡 shares this and more in this 60-second breakdown 📣 Get ready for this year's survey results! Register for the 2025 ICS/OT Survey Webcast & Forum with Jason Christopher: https://lnkd.in/eBT8SBy2 #ICS #OTSecurity #CyberAwareness

📣 Registration is open! The SANS ICS Security Summit 2026 is IN-PERSON ONLY Build the skills and relationships that make defenders stronger: in-depth talks, workshops, and unmatched networking with the ICS/OT community, followed by world-class training In Person or Live Online. 🗓 Summit: June 8–10, 2026 (In-Person Only) ✍️ Training: June 11–16, 2026 (In-Person & Live Online) 📍 Disney’s Contemporary Resort, Orlando, FL ⭐️ Summit Co-Chairs: Tim Conway & Robert M. Lee 💸 Save $900 with code EarlyBirdNA by Nov. 19th 🔗 Details & registration: https://lnkd.in/eyTAkCEX #ICSSummit #IndustrialSecurity #OTSecurity #ICSSecurity

🤔 There’s leadership training out there, but how much of it is built for leading ICS? Most cybersecurity leadership programs skip the operational realities of industrial environments. ICS418 changes that. Co-authored by ICS pros Jason Christopher and 🛡🏭 Dean Parsons 🏭🛡, this course is made for: ✔️ IT professionals stepping into ICS ✔️ Engineers moving up to leadership ✔️ Anyone tasked with managing ICS risk 👉 Learn how to take your ICS leadership skills to the next level with ICS418: https://lnkd.in/eYM9sM7K #ICS #OTSecurity #SANSTraining #Cybersecurity

🚨NEW CHEAT SHEET ALERT! ⏱️ Downtime in OT environments costs more than money. It can impact lives, safety, and entire industries. 🔥 This free OT Disaster Recovery Quick Start Guide from SANS Certified Instructor Michael Hoffman and Saltanat Mashirova helps you prepare with clear recovery phases, RTO/RPO metrics, and next steps. 📄 Download your copy today: https://lnkd.in/eRzQNfVv #ICS #OTSecurity #CriticialInfrastructure

I'm excited to share that I passed the GIAC Critical Infrastructure Protection (GCIP) certification last week! After previously earning the GICSP and GRID, this was the last Industrial Control Systems security-specific GIAC Certifications exam on my to-do list. That said, there are still several awesome SANS ICS courses without certifications that I hope/plan to attend in the future! This also brings me within one course of completing my SANS Technology Institute Graduate Certificate in Industrial Control Systems Security. After wrapping up my Cloud Security graduate certificate earlier this year, I’m hoping to finish the ICS Security graduate certificate either late this year or early 2026. The most valuable lesson I took away from my studies was that beyond the NERC CIP-specific use case for ICS456 (the related SANS course), there is much to learn from studying the CIP standards that is applicable across any ICS/OT vertical. In other words, I believe that understanding how to build/manage/assess a security program that adheres to NERC CIP can help any ICS/OT practitioner or leader improve their ability to build/manage/assess their own security program regardless of industry. Shout out to Tim Conway, both for co-authoring a great course and for taking the time to openly discuss the course content with me. Those discussions led me to take this course with a focus on the broader applicability of the material, and I’m glad I did!