When EHS and Cyber Collide

Joseph Pierini
(AppSec BSI)

Ripped from the headlines: September 2019: The United States carried out cyber operations against Iran in retaliation for Iran’s attacks on Saudi Arabia’s oil facilities. The operation affected physical hardware. March 2019: Denial of service attack against parts of the Western US power grid Date Unknown 2019: Siegeware attack on Building Automation System threatens to shut out company from building unless ransom is paid. Cyber attacks have been part of the risk landscape for many years, but as our technologies begin to intersect more and more with the physical world, the threat to our property and personnel has increased exponentially. In this talk, we will review the need for ESH and Cyber Security professionals to work in tandem and what, ultimately the goal of this partnership might be. Lessons Learned (Audience Takeaways)

  1. Understand the possible risks to property and personnel exposed by a cyber attack.
  2. Discuss a Security Testing Maturity Framework that can be applied for both ESH and Cyber
  3. Identify some effective first steps conference participants can take when they return to their organizations.

Back to Private: SESHA 42nd Annual Symposium (2021)



Already have an account?