Aaron Wise, ZeroNorth Director of Engineering, will be speaking about “Bringing DevSecOps to ICS,” Monday, October 21, 2:15pm ET. Contact us if you would like to meet with Aaron at the conference.
Abstract: Bringing industrial control systems and critical infrastructure into the modern age will require more than just software updates. It’ll require continuous software updates. The challenge is that every time new updates to software powering applications or infrastructure are introduced, so too is the potential for new vulnerabilities. Every little change of code creates the potential for a new vulnerability that attackers can exploit, and the demand for updates to be delivered faster and faster only increases the security challenges. Any business that relies on software as a competitive differentiator – in other words, every business today – is facing this issue and trying to figure out ways to deal with it. But for industrial control systems that are already playing catch-up and trying to adapt to a connected world, these challenge will be that much more daunting.
This session will provide an overview of DevOps and DevSecOps cultures to help the people using and managing industrial control systems understand how these practices fit into their organizations. It will empower those tasked to secure critical infrastructure with the knowledge they need to ensure that comprehensive discovery and remediation of software vulnerabilities are in place so they can proactively manage risk.