Dean Parsons
Principal InstructorCEO and Principal Consultant at ICS Defense Force, Inc.
Specialities
Industrial Control Systems Security
SEC504: Hacker Tools, Techniques, and Incident Handling
SEC504Offensive Operations
ICS515: ICS Visibility, Detection, and Response
ICS515Industrial Control Systems Security
- GIAC Response and Industrial Defense (GRID)
- 6 Days (Instructor-Led)
- 36 CPEs / 36 Hours (Self-Paced)
- Labs: 25 Hours of hands-on instruction
ICS418: ICS Security Essentials for Leaders
ICS418Industrial Control Systems Security
- 12 CPEs / 12 Hours (Self-Paced)
- Labs: 12 Hours of hands-on instruction
Virtual Events
Explore content featuring this instructor’s insights and expertise.
- Slide 1 of 20
ICS Threat Landscape Update: Active Cyber Defense for Industrial Control Systems
The presentation draws attention to practical threat detection and incident response in industrial control system environments, by dissecting advanced ICS adversary threat capabilities in recent attack campaigns. A focus of the webcast is on ICS adversary Tactics Techniques and Procedures (TTPs) and Indicators of Compromise (IoCs). Dean will illustrate why the cyber weapons and the techniques used in modern attacks may be more important than adversary attribution for tactical ICS incident response. 개요 이 프레젠테이션은 최근 공격 유형들(campaigns)중에서 고급 산업 제어 시스템 (ICS)의 적대적 위협 가능성들(adversary threat capabilities)을 심층 분석하여 산업제어시스템 환경 속에서 일어날 실질적 위협을 감지하고 발생한 사고에 대응하는 것에 초점을 맞추고 있습니다. 이 웹 캐스트에서는 산업 제어 시스템의 공격자 전략과 전술, 그리고 그 과정(Adversary TTPs) 및 침해 지표 (IoCs)에 집중하여 설명 할 것입니다. 강사 Dean은 전술적 산업제어시스템의 사고 대응을 위해 왜 최근 공격에 활용되는 사이버 무기와 기술들이 적대적 속성(adversary attribute)보다 더 중요한지 그 이유를 설명 할 것입니다.
WebinarIndustrial Control Systems Security
- 8 Jul 2021
- 09:00 UTC
- Dean Parsons
- Slide 2 of 20
Cyber42 Game Day: Industrial Edition
Cyber42: Industrial Edition will put you through the paces as an industrial control system (ICS) security manager as players adapt to challenges in operational technology (OT) environments. Unlike traditional IT networks, industrial equipment is designed to impact the physical world and require special considerations when deploying security technologies. As threats continue to rise targeting these networks, many of which are vital for critical infrastructure (like power, water, and energy), it is more important than ever to understand the impacts on ICS due to a cyber security event and to invest in resilience and security that promotes both reliability and safety. Players will step into the world of Cyber42: Industrial Edition, which is being developed for the upcoming ICS418: ICS Security Essentials for Managers, and address real-world industrial cyber threats from the comfort of their own home! This Game Day will focus on balancing security program improvements that impact engineers, operations, and customers all while considering the various technical and cultural implications of an OT security program. In this simulation, you will compete for the high score across other ICS managers facing the same dilemma: How to protect industrial equipment from shut downs, failure, damage, or worse! Do you have what it takes? Find out by playing the game with us! Important Notes: Cyber42 Game Days utilize three platforms:Webcast to view presenters slides throughout the gameLog into the webcast via your SANS Portal AccountSlack to interact with other players, leaders, and SANS Staff for supportLog in information and directions to be provided a week before Game Day (and at Game Day)Cyber42 Web App online gameDirections to join will be provided at Game Day
WebinarIndustrial Control Systems Security
- 27 Jul 2021
- 10:30 UTC
- Dean Parsons
- Slide 3 of 20
Discover the NEW ICS Cybersecurity Field Manual – Vol. 1
New to the ICS/OT security area? Are you an IT Security Manager stepping over to take on responsibilities to secure critical infrastructure? Maybe you’re in an engineering role taking a more focused approach to cyber security and practical cyber defense. Or perhaps you have IT security knowledge and are looking to explore OT security.
WebinarIndustrial Control Systems Security
- 15 Jun 2022
- 13:00 UTC
- Dean Parsons
- Slide 4 of 20
Active ICS Cyber Defense: Colonel Mustard...Candlestick... Kitchen
The presentation draws attention to practical threat detection and incident response from dissecting advanced ICS adversary threat capabilities, tactics techniques and procedures. Dean will illustrate why the cyber weapons and the techniques may be more important than adversary attribution for tactical ICS incident response.
WebinarCyber Defense
- 28 Jun 2022
- 19:00 CEST
- Dean Parsons
- Slide 5 of 20
ภัยคุกคามต่อระบบ Industrial Control System และวิธีป้องกัน
การบรรยายนี้จะมุ่งเป้าที่การตรวจจับภัยคุกคามและการตอบสนองต่อภัยคุกคามในสภาพแวดล้อมของ Industrial Control System (ICS) โดยจะเจาะลึกถึงเทคนิคและความสามารถของผู้ร้ายในเคสที่เกิดขึ้นไม่นานมานี้ การบรรยายจะเน้นเรื่อง Tactics Techniques and Procedures (TTP) ของผู้ร้าย และอุตสาหกรรม ICS จะตอบสนองต่อผู้ร้ายอย่างไรโดยที่ไม่ต้องใช้งบประมาณสูง Dean จะแสดงให้เห็นว่าการวิเคราะห์เทคนิคและเครื่องมือ ที่ผู้ร้ายใช้ สำคัญหว่าการระบุตัวของผู้ร้าย ซึ่งจะทำให้การปฏิบัติงานของมีประสิทธิภาพมากขึ้นในอุตสาหกรรม ICS/OT
WebinarIndustrial Control Systems Security- 12 Oct 2022
- 09:00 UTC
- Dean Parsons
- Slide 6 of 20
산업시스템(ICS) 위협 환경 및 적극적 방어 전략
이번 웹 캐스트에서는 최근 공격 유형들(campaigns)중에서 고급 산업제어시스템 (ICS)을 대상으로 한 적대적 위협 가능성들(adversary threat capabilities)을 심층 분석하여 산업제어시스템(ICS) 환경에서 일어날 수 있는 실질적 위협을 감지하고 발생한 사고에 대응하는 것에 초점을 맞추고 있으며, 산업제어시스템(ICS)의 공격자TTP(Tactics, Techniques and Procedures/전술, 기법 및 절차) 및 효율적이고 경제적인 사전 방어기법들을 소개합니다. 특히, 강사 Dean은 최근 많은 공격에서 활용되고 있는 사이버무기와 기술들이 전술적 산업제어시스템(ICS) 침해사고대응(IR)에서 드러나는 적대적 공격속성(adversary attribution)보다 왜 더 중요한지에 대해 자세히 다룰 예정입니다.
WebinarIndustrial Control Systems Security
- 12 Oct 2022
- 09:00 UTC
- Dean Parsons
- Slide 7 of 20
タイトル:産業制御システム(ICS)の脅威の状況とアクティブデフェンス
概要:このWebcastでは、最近の攻撃キャンペーンにおける高度なICS攻撃者の脅威を分析することで、産業用制御システム環境における実践的な脅威の検出とインシデントレスポンスの対応方法についてご紹介します。このWebcastの焦点は、ICS攻撃者の戦術と手順(TTPs)、および産業用制御システムのセキュリティを、いかにプロアクティブかつ最低限のコストで、効果的に実現するかというところにあります。Deanは、近年の攻撃で使用されるツールや技術について理解することが、戦術的なICSインシデントレスポンスにおいて重要である理由を説明し、あらゆるICS/OT重要インフラ部門の業務において実践的なヒントを提供します。
WebinarIndustrial Control Systems Security- 12 Oct 2022
- 09:00 UTC
- Dean Parsons
- Slide 8 of 20
2023 ICS Security Summit Solutions Track | Two Day Event May 1st & 2nd
The focus of this two day event is to illustrate the challenges, risks, impacts of incidents in control systems, as well as actionable achievable methods we can meet these challenges head-on, and show ICS-specific trained defenders can step up to protect and defense the critical infrastructure we all rely on in our daily lives.Presentations will be a combination of thought leadership and technical use-case examples with actionable takeaways facilities can start considering to immediately deploy where it suits their safety and industrial security defense goals.
WebinarCyber Defense
- 1 May 2023
- 13:00 UTC
- Dean Parsons, Samuel Hill, Jason Ortiz + 6 more
- Slide 9 of 20
Discover the ICS Cybersecurity Field Manual Vol. 3
Join Dean Parsons in this webcast as he discusses the key takeaways of the new ICS Cybersecurity Field Manual Vol. 3.
WebinarIndustrial Control Systems Security- 10 May 2023
- 10:00 UTC
- Dean Parsons
- Slide 10 of 20
The ICS ATT&CK Map Series: Oil & Gas Sector
In this series, Dean Parsons will review observed ICS attacks in the Oil & Gas, Electric and Water sectors and map them to the MITRE ATT&CK ICS framework. Throughout this series, Dean will review the most common attacker tactics and techniques used across commonly targeted critical infrastructure sectors.
WebinarIndustrial Control Systems Security- 13 Jul 2023
- 10:00 UTC
- Dean Parsons
- Slide 11 of 20
Identify, Evaluate, and Prioritize Industrial Cyber Risk
Industrial control system (ICS) security represents one of the more challenging areas for security professionals. The typical ICS is complex and interconnected. It’s often a legacy system that wasn’t designed with security in mind and, because it’s different from traditional IT assets, it has very different security requirements. And no surprise—such systems are increasingly targeted by sophisticated cyberattackers, including ransomware gangs and nation-state actors.
WebinarCyber Defense- 24 Oct 2023
- 13:00 UTC
- Dean Parsons & Nick Cappi
- Slide 12 of 20
The ICS ATT&CK Map Series: Electric Sector
In this series, Dean Parsons will review observed ICS attacks in the Oil & Gas, Electric and Water sectors and map them to the MITRE ATT&CK ICS framework.
WebinarCyber Defense- 25 Oct 2023
- 10:00 UTC
- Dean Parsons
- Slide 13 of 20
Identify, Evaluate & Prioritize Industrial Cyber Risk
Industrial control system (ICS) security represents one of the more challenging areas for security professionals. The typical ICS is complex and interconnected. It’s often a legacy system that wasn’t designed with security in mind and, because it’s different from traditional IT assets, it has very different security requirements. And no surprise—such systems are increasingly targeted by sophisticated cyberattackers, including ransomware gangs and nation-state actors.
WebinarCyber Defense- 10 Jan 2024
- 13:00 UTC
- Dean Parsons & Nick Cappi
- Slide 14 of 20
The ICS ATT&CK Map Series: Water Sector
In this series, Dean Parsons will review observed ICS attacks in the Oil & Gas, Electric and Water sectors and map them to the MITRE ATT&CK ICS framework. Throughout this series, Dean will review the most common attacker tactics and techniques used across commonly targeted critical infrastructure sectors.
WebinarIndustrial Control Systems Security- 11 Jan 2024
- 11:00 UTC
- Dean Parsons
- Slide 15 of 20
SANS Security East 2024: Keynote - Cybersecurity Controls For ICS and Critical Infrastructure in Times of Warfare
As physical and cyber attacks on critical infrastructure and industrial control systems (ICS) have become increasingly brazen, ICS defenses must go beyond just preventative security. ICS defenses must be ICS-specific, teams need to be proactive and have ICS cyber specific knowledge and skills. This is because traditional IT security controls applied to ICS are ineffective, cause disruptions and safety interferences. ICS cyber defense is doable and necessary to protect the critical systems that support our modern way of life. These systems make, move and power our world - power grids, water management systems, critical manufacturing, etc. Join Dean Parsons as he walks through recent critical infrastructure incidents, and the related ICS defense controls to defend our critical engineering environments in times of warfare where cyber attacks and physical attacks are combined.
WebinarCyber Defense- 20 Feb 2024
- 18:30 UTC
- Dean Parsons
- Slide 16 of 20
Industrial Control Systems Summit Solutions Track 2024
Adversaries targeting critical infrastructure systems (power grids, water management systems, heavy manufacturing, oil and gas refineries and pipelines, etc.) have demonstrated detail technical knowledge of control system components, industrial protocols, and engineering operations. These skilled and brazen adversaries continue to launch a combination or Ransomware and targeted ICS tailored attacks against the safety and reliability of critical infrastructure. In doing so, they knowingly put human life and physical devices at risk.
WebinarIndustrial Control Systems Security- 17 Jun 2024
- 10:00 UTC
- Dean Parsons
- Slide 17 of 20
SANS Chicago 2024: SANS@Night - Cybersecurity Controls For ICS and Critical Infrastructure in Times of Warfare
As physical and cyber attacks on critical infrastructure and industrial control systems (ICS) have become increasingly brazen, ICS defenses must go beyond just preventative security. ICS defenses must be ICS-specific, teams need to be proactive and have ICS cyber specific knowledge and skills. This is because traditional IT security controls applied to ICS are ineffective, cause disruptions and safety interferences. ICS cyber defense is doable and necessary to protect the critical systems that support our modern way of life. These systems make, move and power our world - power grids, water management systems, critical manufacturing, etc. Join Dean Parsons as he walks through recent critical infrastructure incidents, and the related ICS defense controls to defend our critical engineering environments in times of warfare where cyber attacks and physical attacks are combined. AND 1 FREE ICS GIVEWAY at the talk.
WebinarIndustrial Control Systems Security- 14 Aug 2024
- 20:15 UTC
- Dean Parsons
- Slide 18 of 20
The Business Risks of Ignoring ICS Security
In an era where cybersecurity threats are escalating, the oversight of Industrial Control Systems (ICS) is more critical than ever. Join us for an exclusive panel discussion with SANS instructors Robert M. Lee, Tim Conway, Dean Parsons, and Jason Christopher, as they address cybersecurity leaders on the imperative of securing ICS.
WebinarIndustrial Control Systems Security- 3 Sep 2024
- 13:00 UTC
- Robert M. Lee, Tim Conway & Dean Parsons
- Slide 19 of 20
Healthcare - Industrial Control Security for Pharmaceuticals
Focusing on the industrial control side of pharmaceuticals and threats we’re seeing today, we look at the top five ICS critical controls we can deploy. We’ll hone in on the top two controls with practical examples.
WebinarIndustrial Control Systems Security- 19 Sep 2024
- 10:00 UTC
- Dean Parsons
- Slide 20 of 20
SANS 5 ICS Critical Controls for Water: Control 3 - ICS Network Visibility & Monitoring
Module 3 of the training focuses on network visibility and monitoring. The training module provides your operational and IT team with a foundational knowledge of techniques and benefits for this critical control.
WebinarIndustrial Control Systems Security
- 23 Sep 2024
- 10:30 UTC
- Dean Parsons