SANS ICS Security Summit 2021

Guest post from the ICS cyber security blog:
SANS ICS Security Summit 2021

06 March 2021 – icscybersec

Every spring, SANS organizes a major ICS-themed event, usually 6-8 days long, traditionally in Florida. This year, due to COViD-19, this was an unconventional event and like the other SANS Security Summits 2021, the ICS Security Summit on 4-5 March was free of charge.

The event itself kicked off on March 3 with a SANS-Dragos ICS CTF, which unfortunately I didn’t have the opportunity to attend this year (although I’m not a big hacker/forensics guru, these CTFs are never the last resort for fun and learning).

However, the two real days of the Summit were one huge, almost continuous 30 hours of presentations, panel discussions and awards.

There were a number of interesting presentations to highlight, but I’ll just write about the keynote where Anne Neuberger, newly appointed Deputy Assistant Secretary for Cybersecurity Affairs and member of the National Security Committee by the Biden administration, spoke about the state of cybersecurity and the importance of ICS. Not only was it interesting to discover that he understands the gravity of the subject, but also to ask questions after his presentation and the answers to the questions showed that he has a clear understanding of the issues.

I wonder when we will get to the stage in this country where the leaders responsible for the security of our national critical infrastructure (and national cyber security in general) will approach the professional community with such an attitude.

The full programme of the 2021 ICS Securty Summit is available here, and I thought it was again a very well organised and interesting event. If the epidemic is such a constraint on our lives, it is good that there is at least an opportunity for professional development and information in this situation.

Update: Anne Neuberger’s keynote and her answers to the questions afterwards can be viewed here.


The original guest post was published on the ICS cyber security blog.

Translated by DeepL.