Skip navigation
All Places > Security > Blog > Authors Brian

Security

8 Posts authored by: Brian Employee

We're doing it again.  This time in Dallas!  On November 13th, OSIsoft is hosting the Texas Regional Seminar in Dallas, TX.  There will a be a good mix of talks on our product roadmap and customer success stories.

 

As a FREE pre-event session on November 12th from 1:00 to 5:00 PM, we are hosting a Cyber Security workshop on the PI System with emphasis on Software Supply Chain Security.  It will be a lively afternoon with guest speakers, Jonathan Butts, Chief Technology Officer, aDolus Inc., and Jeff Edwards, Co-Founder, TSI Group.  We'll demonstrate tools and techniques to defend supply chain attacks and top the day with a table top exercise.

 

The brochure for the security workshop is attached below.  You can view the full agenda for the Texas Regional Seminar here.  We invite you to join us!

 

We hope to see you there!

We share this special invitation to the Digital Bond S4x19 ICS Security Conference sponsored by OSIsoft, LLC.

 

The S4x19 conference is taking place in Miami Beach, January 15-17, 2019.  The three-day event brings together the top researchers, thought leaders and influencers in the industrial control system (ICS) community to discuss advance topics in cyber security and operations technology. You'll find the agenda and other event information on the S4x19 Conference site.  To see previous talks and learn what S4 is about, check out the S4 Events YouTube Channel.

 

OSIsoft is proud to announce, for the fourth year running, we are sponsoring the S4 Capture The Flag (CTF) competition. The "Killer Robots, Inc." PI System submitted by OSIsoft is designed to be an interactive, fun source of industrial security challenges.  We’ll take a PIe in the face if you don’t learn something new about PI System security.

 

As a hands-on, "practice by doing" experience, CTF is a proven way to develop mastery of cyber security. The competition also provides a safe opportunity to flip the “evil-bit” to explore where misuse and abuse can turn software against its intended purpose. Open to first-time teams or those with more experience, hunting flags with our subject matter experts on hand provides a unique deep-dive into PI System security.  Those with PI System skills have a distinct advantage in the quest for the grand prize, an S4 Black Ticket, free entry for a lifetime for the S4 event in Miami Beach.

 

Whether or not you decide to take the CTF challenge, please come and experience the community, join the conversation and learn from the best in ICS security. Also, for those new to ICS security, the S4 ONRAMP Training day is a great way to get started.

 

As an added incentive, if you or anyone else on your team are able to attend, please reach out to me and receive a 10% discount as a customer or partner of OSIsoft. 

 

"Good Flag Hunting!" from the OSIsoft Security Advisors.

Brian

Security Workshop in D.C.

Posted by Brian Employee Aug 8, 2018

Coming this month on August 21-22, OSIsoft is hosting a Super Regional Seminar.  This is a special two day event taking place in Washington D.C.  There will a be a good mix of talks on our product roadmap, customer stories as well as guests speakers from the Department of Energy (DoE) and the Nation Institute for Standards and Technology (NIST).

 

There are two pre-events to the super-seminar. A PI System 101 learning session and cyber security workshop on the PI System with emphasis on Software Supply Chain Security.  It will be a lively afternoon with guest speakers, Allan Friedman, Director of Cybersecurity at National Telecommunications and Information Administration in the US Department of Commerce, and Ben Miller, Director, Threat Operations Center at Dragos, Inc.  We'll demonstrate tools and techniques to defend supply chain attacks and top the day with a table top exercise.

 

The brochure for the security workshop is attached below.  You can view the full agenda for the Super Regional 2018 here.  We invite you to join us!  If you would like to only attend the afternoon security workshop, please register with the code, "SuperReg18Security"

 

We hope to see you there!

PI World 2018 is just around the corner.  The kick-off reception is one week from this evening.  As we do each year, we would like to share the security related activities that are happening during the conference.

 

The most important opportunity is to talk one-on-one with our security team at the Cyber Security Expo Booth.  Our booth will be open every day along with the Partner Expo.  Please stop by and chat about securing the PI System, protecting your industrial systems, new regulations, current events and "what's with those wooden bow-ties?"

 

Other activities are listed in the follow table.

Agenda.png

For details on these talks and labs, please see the PI World agenda.

 

We would also like to draw your attention to a number of security related partners that will have booths in the Partner Expo.  Please be sure to stop at each of these great partners to see what they have to offer.

Partners.png

 

Safe traveling. We'll see you next week!

The OSIsoft Security Advisors and Champions team

The OSIsoft Users Conference 2017 was a great event.  If you weren't able to attend, all of the papers are available online for you to see.  I'd like to highlight those with cyber security related information.  Please review them and share.  Feel free to comment or post questions here in the forum.  We'd enjoy your feedback and discussion.

 

We are busy preparing for the OSIsoft Users Conference next week. Hoping to see you there, we would like to share the security related activities happening during the conference.  Here are some suggestions for your conference agenda:

 

Day

Time

Agenda

Tue

2:30 PM

Security Discussion Forum

Tue

4:15 PM

Security in Your IoT Networks

Wed

2:15 PM

NIST / NCCoE Cyber Security Portfolio – Jim McCarthy

Thu

11:30 AM

How to Secure Your PI System: Security Baselining

Thu

2:15 PM

Lab: Extending the PI Security Audit Tools to Meet Your Needs

Thu

2:15 PM

Lab: Locking Your PI System Without Locking Down Your PI System

Thu

2:15 PM

Locking Down Your PI System Without Locking Down Your PI System

Thu

4:30 PM

What’s New in PI Security?

T-Th

12:30 PM -

Cyber Security booth in the Product Expo

 

In particular, we would like to point out two sessions dedicated to our new security self-assessment tool, the PI System Security Audit tool.

 

Protecting the PI System against malicious activities and incidental misconfiguration can be a demanding job. Industry standards, support KBs, and system utilities are available to assist, but it can be a challenge to collect, analyze and correlate this information effectively. Armed with all these tools and information, how do you tie it all together to effectively baseline the security of your PI Systems?  How do you evaluate which defenses should be prioritized? 

 

In How secure are your PI Systems? A primer for PI System security baselining we will explore the best practices to guard a modern PI System and how to get there.  The PI Security Audit Tools are featured as a low effort, repeatable method to acquire actionable information about a PI System that can be implemented based on your operational reality. 

 

The PI Security Audit Tools are a framework for security configuration auditing of PI System components in the form of a PowerShell module.  The hand-on lab Using and Building the PI Security Audit Tools, a tool to baseline your PI System security that teaches administrators how to leverage the tools, as well as showing system integrators and developers how to take advantage of the extensibility of the framework to meet the unique needs of their environment. 

 

We are looking forward to seeing you next week,

OSIsoft Security Team

Brian

OSIsoft Users Conference 2017

Posted by Brian Employee Nov 21, 2016

The OSIsoft Users Conference 2017 is the premiere opportunity to share experiences with the PI System and expand personal networks of fellow users. We’ve expanded the UC content to provide more opportunities to collaborate and strategize – register early to take advantage of the Discussion Forums and TechLabs that have attendance limits. And plan your UC experience to take advantage of the expanded Partner & Product Expo. The conference site is up and running and you can see the agenda and register here.  Early bird pricing will end on January 15, 2017.

 

Call for papers is open!  Share your innovative practices and initiatives using the PI System.  We want to hear from you - submit your story by December 12, 2016. Cyber security themed presentations are welcome from architecture to security operations and supply chain. Last year's examples include Exploring partnership with Chevron for effective incident response and Bow Tying It All Together.

 

If you have any questions or suggestions, please reply below or contact me directly.

Brian

Digital Bond S4x17

Posted by Brian Employee Nov 8, 2016

Digital Bond S4x17

OSIsoft is proud to announce that for the second year running, we are sponsoring the Capture The Flag, CTF, competition at the annual Digital Bond S4x17 ICS Security Conference. Hunting flags with our subject matter experts on hand provides a unique deep-dive into PI System Security.  Those with PI System skills have a jump start on winning the grand prize, an S4 Black Ticket, free entry for a lifetime for the S4 event in Miami Beach.

 

The S4x17 conference will take place in Miami Beach, January 10-12, 2017.  The three-day event brings together the top researchers, thought leaders and influencers in the industrial control system (ICS) community to discuss advance topics in cyber security and operations technology. To see more about S4 and what it is about, check their S4 Events YouTube Channel.

 

Admiral Michael S. Rogers, United States Navy, Commander, United States Cyber Command, Director, National Security Agency/Chief, Central Security Service will provide one of the morning keynotes. Admiral Rogers is in a unique position to speak on critical infrastructure security as he leads two organizations tasked with offensive and defensive activities in the cyber realm for the US Government.

 

You'll find the agenda and other event information on the S4x17 Conference site.  If you (and your CTF team) are able to attend, please reach out to me for a special discount code that you can use as a customer/partner of OSIsoft.