Control Systems Cybersecurity USA (8th annual live) Control Systems Cybersecurity USA (8th annual live)

Securing the ICS Software Supply Chain (Virtual)

Stream and Physical Kenzies

Eric Byres (Virtual pres)
aDolus Technology Inc, CEO

Eric Byres is widely recognized as one of the world’s leading experts in the field of industrial control system (ICS) and Industrial Internet of Things (IIoT) cybersecurity. He is the inventor of the Tofino Security technology – the most widely deployed ICS-specific firewall in the world – licensed by industry giants Honeywell, Schneider Electric, and Caterpillar. Eric's many accomplishments include founding the BCIT Critical Infrastructure Security Centre, providing guidance to government security agencies and major energy companies on critical infrastructure protection, chairing the ISA SP-99 Security Technologies Working Group, representing Canada for the IEC TC65/WG10 standards effort, and testifying to the US Congress on the Security of Industrial Control Systems in National Critical Infrastructures. He has received numerous awards from international organizations and was made an ISA Fellow in 2009. In 2013 he received ISA’s highest honor: Excellence in Leadership. Today Eric leads aDolus Technology Inc.

Thanks first to the Solarwinds attack and then Executive Order 14028 -  Improving the Nation’s Cybersecurity, the security of the software supply chain has become the hot topic of the year. The Colonial Pipeline ransomware attack made critical infrastructure security front page news. This talk will look at the intersection of these two challenges - why securing the supply chain for critical OT environments is now an urgent priority for asset owners, suppliers and government agencies. In this session you will learn:

  • Why supply chain and ransomware attacks are dramatically increasing 
  • The new obligations set out in EO14028 that industry will need to follow
  • How EO14028 requirements will ripple far beyond government contracts
  • How Software Bill of Materials (SBOMs) will help secure software supply chains
  • What asset owners should be demanding from their OEM Vendors to secure OT systems
  • Why AI will be crucial for locating and prioritizing product vulnerabilities