Ever just had it with the state of modern security? Cloud and container security just too much? Good news, everyone! You too can join the industrial security workforce, and deal with such amusing challenges as Windows 98 systems that can't be shut off, annual patch windows, and protocols that haven't been documented since 1994! It initially sounds straightforward to walk into the industrial space and fix vulnerabilities, but the reality is much more complex. This talk will discuss the differences between practicing security operations and response in IT environments versus operational technology (ICS) environments, the basics of building OT security into broader security operations, and tackle some common misconceptions that security professionals frequently amplify about the niche.

Lesley Carhart is a Principal Threat Analyst at the industrial cyber security company Dragos, Inc. She is recognized as a subject matter expert in cybersecurity incident response and digital forensics, regularly speaking on the topic at conferences and universities. She has spent the last 11 years of her 20+ year IT career specializing in information security, with a heavy focus on response to nation-state adversary attacks.

@hacks4pancakes

Back to Derbycon 2019 video list