Course #396-13-BCMD-1

How Vulnerable Is Your Infrastructure? Supervisory Control and Data Acquisition (SCADA)

Dates: Jun-26-2013 - Jun-26-2013

Location/Hours:

Baltimore Convention Center

Baltimore, MD

Hours: 8:00 a.m. - Noon

Room #339

Fees:
$125 Government AFCEA Member
        Government Non Member
        Non-Government AFCEA Member
        Non-Government Non Member

Earn CEUs while attending AFCEA's Cyber Symposium. In addition to your class, several event sessions are pre-approved for CompTIA CEUs and may be eligible for other continuing educatio programs. Please check http://www.afcea.org/events/cyber/13/ceu.asp for details.
This course qualifies for Continuing Education Units.
Note: This course has been confirmed as scheduled. The course is provided by Cypherpath LLC (an AFCEA Educational Preferred Provider) in conjunction with the AFCEA International Cyber Symposium. Students registered for this course will also receive a one day pass for June 26 for the AFCEA International Cyber Symposium.

Course Description:

Over the last several years researchers have expressed growing concern over the possibility that the US and other major industrial nations are at risk due to vulnerabilities in a class of devices known in the engineering and manufacturing world as SCADA. SCADA devices control the invisible but necessary infrastructure of commercial enterprises from air conditioning systems to electrical grids and factory automation equipment.
The problem lies largely with the fact that many of these devices were designed to be embedded in equipment that was largely standalone and controlled using out-of-band management with laptops or directly connected terminal to configure device specific capabilities. The move to network all aspects of the corporate enterprise gradually began to include these devices which are often custom controllers programmed to provide specific functions that support a business need.  Critical Infrastructure including power plants, manufacturing facilities, hospitals and energy sectors provide a rich target for bad actors. This course will help prepare security professionals and organizations to better understand the network and security issues facing them and to be better prepared and informed.

The objectives for this course are for students to gain familiarilty with the most common SCADA device controls, Network Security, Compliance and Operational Security issues, and best practices in relation to SCADA and enterprise networks via access control, assessments and cryptography concepts.

Who Should Attend: Anyone involved with SCADA systems, SCADA supervisors, analysts, system administrators as well as SCADA vendors.

Course Outline:
 -  How does adding a SCADA device to the network make it vulnerable?
 -  What’s the threat?
 -  How should business respond to this threat?
 -  Network Security Concerns
 -  Where to go for guidance...NIST

Instructor:  Dr. Gale Pomper has over 25 years of experience installing and designing computer networks. She holds numerous certifications from Microsoft, Novell, and CompTIA, including Server+, MCT, MCSE, MCTS for SharePoint , and MCTS and EMA for Exchange 2007. She is the principal author for an exam guide for Windows 2000 Active Directory published in December 2001, and a contributing author for Windows XP Power Pack published in March 2003.

For the past 15 years, Dr. Pomper  has been an independent consultant providing network design services, customized training, and SharePoint implementation services.
 
In 2007, Dr. Pomper took a position working for the Department of Defense as a Global Exploitation and Vulnerability Analyst and is currently a Program Director for her office. She is a CISSP.