Contact Us   |   Your Cart   |   Sign In   |   Join
Cybersecurity for Building Control Systems Workshop Series

From residential heating and automated entry systems to commercial facility monitoring systems of all kinds, buildings in the United States have seen a rise in the use of "smart" systems to improve their functionality in the past several years. Yet, with this increasing reliance on operational technology, very few people are aware of the potential threats from hackers and others with malicious intent. In a world where companies and individuals are increasingly at risk of having their personal data and assets compromised, it is imperative that building owners also protect their properties and building occupants from cyber threats and potential harm.

The Introduction to Cybersecuring Building Control Systems Workshop, the Advanced Cybersecuring Building Control Systems Workshop and the Cybersecuring DoD Control Systems Workshop are geared to help architects, engineers, contractors, owners, facility managers, maintenance engineers, physical security specialists, information assurance professionals—essentially anyone involved with implementing cybersecurity in the facility life cycle—to learn the best practice techniques to better protect their facilities.

Both the introductory and advanced workshops are built around key federal guidelines that have come out in recent years, including:

  • Executive Order 13636—Improving Critical Infrastructure Cybersecurity (Issued February 19, 2013)
  • National Institute of Standards and Technology (NIST) Cybersecurity Risk Management Framework (Issued February 12, 2014)
  • NIST Special Publication (SP) 800-82 Rev. 2 Industrial Control Systems Security Guide (Issued May 2015
  • U.S. Department of Homeland Security (DHS) Interagency Security Committee "Securing Government Assets through Combined Traditional Security and Information Technology" White Paper (Issued February 2015)

The Introduction to Cybersecuring Building Control Systems Workshop is geared to those professionals new to the world of building cybersecurity. This workshop provides a combination of classroom learning modules to teach control system basics, protocols, how to use the information assurance risk management framework and hands-on laboratory exercises using tools and methods such as the DHS Cybersecurity Evaluation Tool (CSET) to inventory, diagram, identify, attack, defend, contain, eradicate and report a cyber event.

The Advanced Cybersecuring Building Control Systems Workshop is geared towards building and information assurance professionals who have experience in IT or control systems cybersecurity but need to learn how to apply those skills to building control systems. This workshop provides a more technical, in-depth training solution geared towards developing security professionals with the ability to approach security with an attacker mentality. This includes understanding and practicing hacker and defender techniques for footprinting, scanning and enumeration, exploitation, post exploitation, containment and eradication, and reporting. Attendees will use Kali Linux and other exploit tools to gain entrance into the control system, pivot through the network, establish beacon command and control channels, modify logs to mask presence and exfiltrate data. Attendees will then contain and eradicate the exploit and prepare artifacts, event logs and develop an incident report.

The Cybersecuring DoD Control Systems Workshop is designed to support the U.S. Department of Defense (DoD) facility managers and other facilities-related personnel to better prepare against cyber threats. It is geared to help architects, engineers, contractors, owners, facility managers, maintenance engineers, physical security specialists, information assurance professionals—essentially anyone involved with implementing cybersecurity in the facility life cycle—to learn the best practice techniques to better protect DoD facilities.

Presenter: Michael Chipley, The PMC Group LLC

2016 Schedule

(All workshops are held from 8:00 am until 5:00 pm)

Tues., April 12
Wed., April 13
Thurs., April 14

Introduction to Cybersecuring Building Control Systems Workshop
Advanced Cybersecuring Building Control Systems Workshop
Cybersecuring DoD Control Systems Workshop

Tues., July 19*
Wed., July 20*
Thurs., July 21*

Introduction to Cybersecuring Building Control Systems Workshop
Advanced Cybersecuring Building Control Systems Workshop
Cybersecuring DoD Control Systems Workshop

Tues., Oct. 18
Wed., Oct. 19
Thurs., Oct. 20

Introduction to Cybersecuring Building Control Systems Workshop
Advanced Cybersecuring Building Control Systems Workshop
Cybersecuring DoD Control Systems Workshop

 *Workshop moved to an off-site location in Arlington, Virginia, due to construction.

 

For each workshop, attendees will need a laptop with administrative privileges to load software. They will receive the course content, tools and lab exercises on a CD at the beginning of the course.

Seating for each workshop is limited to 20 students per day. Click on the workshop title for the desired dates to register.

For an expanded description, including an agenda for each workshop, select the specific date for which you would like to register.

Community Search
Latest News
Calendar

8/11/2016
BSSC Webinar: Seismic Isolation Design with the 2015 NEHRP Recommended Provisions

8/24/2016 » 8/26/2016
DesignDC: From the Ground Up

8/25/2016
Webinar: Getting the Most out of Off-Site Construction - Implementation Strategies Part 2

9/15/2016 » 9/16/2016
Deep Energy Retrofit of Buildings; Technical and Business Strategies