Featured
ICS cyberthreats in 2023 – what to expect
Evgeny Goncharov, Head of Kaspersky ICS CERT
Cybersecurity incidents were plentiful in 2022 – and most significant changes in the ICS threat landscape are mostly determined by geopolitical trends and the subsequent macroeconomic factors. In the webcast, Evgeny Goncharov, Head of Kaspersky ICS CERT, will share predictions of what we should expect to happen in cybersecurity of industrial organizations and OT systems in 2023.
These predictions are the sum of the opinions of Kaspersky’s ICS CERT team based on their collective experience in researching vulnerabilities, attacks, and incident response, as well as the experts’ personal vision of the main vectors driving changes in the threat landscape.
Contents:
• Year 2022 - key takeaways
• Developments in the APT world
• Risk factors due to geopolitical ebb and flow
• Additional technical and technological risk factors
• Most noteworthy techniques and tactics in future attacks
Speaker:
Evgeny Goncharov,
Head of Kaspersky ICS CERT
All episodes
-
The State of Industrial Cybersecurity: From Top Priority to Clear Roadmap
Ekaterina Rudina and Dr. Jesus Molina
In conversation with Dr. Jesus Molina, Director of Business Development at Waterfall Security Solutions, Ekaterina Rudina, System Analysts Team Lead at Kaspersky ICS CERT, will discuss the findings from Kaspersky's 2019 State of Industrial Cybersecurity report, as well as highlight real-life examples to help understand what is driving stakeholders to pay more attention to cybersecurity. The goal is to help industrial facilities create the best approach; to move from ad-hoc security investment to clear, well-defined OT cybersecurity processes.
-
How to effectively detect, prevent & respond to threats with threat intelligence
Artem Karasev, Product Marketing Lead; Nikita Nazarov, Malware Analyst Team Lead; Vladimir Kuskov, Head of Threat Exploration
The threat landscape is changing rapidly. It’s becoming incredibly challenging to effectively respond to emerging complex and advanced cyberthreats without a 360-degree view of the tactics, techniques and procedures used by threat actors. Immediate access to relevant and reliable threat intelligence (TI) makes your incident response and SOC teams more efficient and effective, arming them with the threat context required to quickly respond to cyberattacks.
In this webinar, you will see a demonstration of the incident investigation process with the help of different Kaspersky threat intelligence services. Kaspersky experts will present:
• How to validate specific suspicious activities or artefacts
• Analyses of the relationships between objects to see the attack spread path
• How to get more context about observables and understand if they can be attributed to a known threat actor
• How relevant TI context can speed up incident response process -
Good, Perfect, the Best: how an analyst can boost penetration testing results
Olga Zinenko, Senior Security Services Expert at Kaspersky
Today pentest challenges don’t boil down to discovering some hype vulnerabilities like XSS, CSRF, SQLl, and RCE in clients’ cybersecurity systems. While pentesters search for them and put effort into finding and demonstrating possible attack vectors, there is one more project member whose role remains unclear to a customer – the cybersecurity analyst.
These specialists take a helicopter view of the target system to properly assess existing “holes”. They offer customers a comprehensive picture of penetration testing results combined with an action plan on how to mitigate risks. Moreover, analysts help prove the need for a cybersecurity solution to c-suite and management teams, who are directly involved in cybersecurity processes and budgeting.
In this webinar, we showcase the role of analysts in penetration testing and security assessment projects. You will learn:
- What is the most mature manner of running such projects
- How an analyst’s view of a project can be useful to both technical specialists and management representatives
- What are the differences between pentesters and analysts, and why it’s important to have both on your project
- Is it possible to manage pentesting and security assessment without an analyst?The webinar will be conducted by Olga Zinenko, Senior Security Services Expert at Kaspersky. Olga has 10 years’ experience in the information security analytics field, conducting dozens of audits, pentests and security assessments. She is a regular media contributor to publications on a variety of cybersecurity topics.
-
EPP vs EDR: difference, use cases, adoption
Nikita Zaychikov, Senior Product Marketing Manager at Kaspersky
Global Endpoint Detection and Response adoption is on the rise, making it a de-facto standard for many organizations.
Everybody has heard about it, but sometimes it’s hard to determine what you need for a particular task: EPP or EDR.
In this webinar, we’ll explore what EDR is really about, how it is different from EPP and when it’s best to use it.
Join us to learn about the basics of these technologies and their key concepts:
• EDR and EPP: what is the difference
• Why we need or don’t need EDR: exploring options for different organizations
• EDR myths
• EDR adoption in the world
• Types of EDRWe’ll be glad to answer any questions you have about Endpoint Detection and Response!
-
IIoT cybersecurity threats: how to run complete protection at gateway level
Sekou Roland Sako, Security Researcher at ICS CERT Kaspersky and Andrey Sazonov, Project manager at Aprotech
Today Industry 4.0 is transforming from a concept to an everyday reality. Industrial internet of things (IIoT) is a key contributor to this evolution. Despite the clear benefits, its technological complexity and rapid development opens more ways for threat actors to exploit IIoT vulnerabilities. Among the looming threats for IIoT adopters are network attacks, software configuration changes, unauthorized access, cloud storage hacking and many others.
During this webinar, experts will talk about the most relevant threats, as well as dedicated solutions that help to protect the Internet of Things at its key element - the gateway level.
You will learn about:
- Common weaknesses in IoT and how they can be exploited
- Vulnerabilities’ case studies: insecure communication protocols and Denial of Service
- Kaspersky IoT Secure Gateway for creation of end-to-end services – key features (Siemens MindSphere, KasperskyOS, KISG, etc.)
- Use cases: industrial IoT, video surveillance, integration with ERP systems
- General recommendations on how to protect IoT infrastructure using cyber immune devicesThis webinar is for large and niche industrials, OT/IT security managers and engineers – broadly, for those who want to save the time and money by avoiding IIoT cybersecurity incidents.
-
ICS cyberthreats in 2023 – what to expect
Evgeny Goncharov, Head of Kaspersky ICS CERT
Cybersecurity incidents were plentiful in 2022 – and most significant changes in the ICS threat landscape are mostly determined by geopolitical trends and the subsequent macroeconomic factors. In the webcast, Evgeny Goncharov, Head of Kaspersky ICS CERT, will share predictions of what we should expect to happen in cybersecurity of industrial organizations and OT systems in 2023.
These predictions are the sum of the opinions of Kaspersky’s ICS CERT team based on their collective experience in researching vulnerabilities, attacks, and incident response, as well as the experts’ personal vision of the main vectors driving changes in the threat landscape.Contents:
• Year 2022 - key takeaways
• Developments in the APT world
• Risk factors due to geopolitical ebb and flow
• Additional technical and technological risk factors
• Most noteworthy techniques and tactics in future attacksSpeaker:
Evgeny Goncharov,
Head of Kaspersky ICS CERT