Elizabeth Stephens
DBS Cyber LLC
Actions
The Founder: Elizabeth Stephens – A Force of Nature
Elizabeth Stephens is a proven leader with a relentless drive to overcome challenges. Her military career was marked by groundbreaking achievements, proving time and again that the impossible is simply a starting point. As a civilian executive, she honed her skills in solving complex global problems at the highest levels. Now, Elizabeth is channeling her expertise and passion into DBS Cyber, transforming the way organizations approach cyber risk.
The Builder: Daniele Henderson – She Sees the Future
Danièle Henderson is a creative powerhouse skilled in graphic design, UI/UX, product design, and branding. Her diverse portfolio showcases captivating campaigns and branded experiences. As the former Creative Director for a prominent MLM business, she spearheaded web development, branding, packaging, and marketing initiatives that drove growth and loyalty. With her innovative vision and aesthetic prowess, Danièle shapes the visual language of DBS Cyber's cutting-edge solutions.
When AI Meets SCADA: A Double-Edged Sword for Critical Infrastructure Security
Artificial Intelligence (AI) is poised to revolutionize the security landscape of Supervisory Control and Data Acquisition (SCADA) systems, the backbone of critical infrastructure. However, this transformative technology presents a dual-use dilemma: it can both enhance and undermine the resilience of industrial control systems.
This presentation will delve into the unique vulnerabilities of AI-powered SCADA environments. We will examine how adversarial AI can be used to manipulate sensor data, trigger false alarms, or even cause physical damage to industrial processes. Conversely, we will explore how AI-driven anomaly detection, threat intelligence, and real-time response can provide unprecedented protection against cyberattacks.
Through real-world case studies of AI-related incidents in industrial settings, we will uncover lessons learned and best practices for mitigating risks. Attendees will gain a deeper understanding of:
The specific threat vectors introduced by AI in SCADA environments
Practical strategies for leveraging AI to bolster SCADA security
The importance of building AI-resistant systems and human oversight
The need for collaborative threat intelligence sharing across critical infrastructure sectors
This session will provide actionable takeaways for operators, engineers, and cybersecurity professionals working to secure critical infrastructure in the age of AI.
Why This Talk is Relevant to ICS Cybersecurity Conference Attendees:
Directly addresses ICS and OT topics: This presentation focuses squarely on the security implications of AI for SCADA systems, the core technology of industrial control systems.
Original and innovative: The dual-use nature of AI in SCADA security is an emerging and under-discussed topic, making this presentation unique and timely.
Not a sales pitch: The focus is on educating attendees about the risks and opportunities of AI, not promoting any specific product or vendor.
Knowledgeable about the audience: The presentation is tailored for the industrial cybersecurity community, emphasizing real-world threats and practical solutions for critical infrastructure protection.
Presentation Outline:
Introduction
The growing importance of AI in industrial control systems
The dual-use nature of AI: both a tool and a weapon
AI-Driven Threats to SCADA Systems
Adversarial AI attacks: data poisoning, false alarms, manipulation of control logic
Case studies of AI-related incidents in critical infrastructure
Leveraging AI for SCADA Security
Anomaly detection and threat intelligence
Real-time response and incident mitigation
Best practices for implementing AI-powered security solutions
Building AI-Resistant SCADA Systems
The importance of human oversight and explainable AI
Strategies for hardening AI models against adversarial attacks
The role of threat intelligence sharing in a collaborative defense
Conclusion
Key takeaways for securing critical infrastructure in the AI era
The need for continued research and collaboration
Skynet vs. Your Data: A Cybersecurity Smackdown
This session could explore how AI is both a tool for defense and a potential weapon for attackers, offering insights into the latest research and best practices.
Abstract:
The Intersection of AI and Cybersecurity: Threats and Opportunities
The digital age is a double-edged sword, presenting immense opportunities while exposing us to an ever-evolving landscape of cyber threats. This presentation will explore the multifaceted role of Artificial Intelligence (AI) in this landscape. AI is not merely a tool for defense; it's a potential weapon for malicious actors. We'll delve into:
• The Cyber Risk Intelligence Manifesto: How AI is fundamentally reshaping how we gather, analyze, and act on threat intelligence.
• AI as a Force Multiplier: Examining how AI enhances both defensive and offensive cyber capabilities, from automated threat detection to the creation of sophisticated malware.
• Real-World Implications: Case studies illustrating AI's impact on critical infrastructure, data breaches, and the broader cyber risk landscape.
• Building a Proactive Defense: Strategies and best practices for organizations to leverage AI for risk mitigation, incident response, and resilient digital operations.
• Ethical Considerations: Navigating the ethical dilemmas arising from the use of AI in cyber warfare and defense.
Cerebro-Level Defense: A Cybersecurity Framework That Works (Cerebro is the X-Men's mutant-detecting
This interactive session could guide participants in creating a framework tailored to their organization's unique risk profile, moving beyond a checkbox approach.
From Compliance to Resilience: A Risk-Based Cybersecurity Framework for the Digital Age
Abstract:
In the ever-evolving landscape of cyber threats, a compliance-only approach to cybersecurity is no longer sufficient. Organizations must transition from a reactive, checkbox mentality to a proactive, risk-based framework that addresses their unique vulnerabilities and potential impact.
This interactive session will guide participants through the development of a tailored Cyber Risk Monitoring Plan (CRMP), drawing on principles from "The Cyber Risk Intelligence Manifesto." We'll explore:
• The Foundations: Understanding the diverse cyber threats organizations face today and the importance of proactive, intelligence-driven risk management.
• Building Your CRMP: A step-by-step methodology for assessing your cybersecurity posture, analyzing risks, and establishing mitigation strategies.
• Strategic Defense: Practical insights into technologies, tools, and best practices to combat both common and advanced cyber threats.
• Managing and Enhancing: How to assign roles, implement training, and embrace continuous improvement to ensure your CRMP remains effective against evolving threats.
• The Future: Emerging trends in cyber risk monitoring, the crucial role of adaptability, and how to build a resilient digital future for your organization.
Beyond Checklists: Building an Adaptive, Risk-Based Cybersecurity Framework for Industrial Control S
In the realm of industrial control systems (ICS), where operational continuity and safety are paramount, compliance alone is not enough. Cyberattacks targeting critical infrastructure continue to escalate, demanding a proactive, risk-based approach tailored to the unique vulnerabilities and potential impact of each ICS environment.
This interactive session will equip attendees with the knowledge and tools to move beyond a checklist mentality and develop a Cyber Risk Monitoring Plan (CRMP) specifically designed for ICS. We will delve into:
Understanding the Threats: An overview of the most pressing cyber threats facing ICS, from ransomware and supply chain attacks to targeted intrusions and insider threats.
Risk Assessment for ICS: A step-by-step methodology for identifying and prioritizing critical assets, analyzing vulnerabilities specific to ICS environments, and evaluating the potential impact of cyber incidents.
Tailored Mitigation Strategies: Practical guidance on implementing security controls, intrusion detection systems, and incident response plans that align with the unique constraints and operational requirements of ICS.
Continuous Improvement: How to integrate threat intelligence, vulnerability management, and incident response into a feedback loop that drives continuous improvement and adaptation of your CRMP.
The Human Element: Addressing the critical role of personnel training, awareness, and culture in ICS cybersecurity.
Attendees will leave this session empowered to create a living, breathing CRMP that goes beyond checking boxes and truly enhances the resilience of their industrial control systems.
Session Outline:
Introduction
Why a risk-based approach is essential for ICS cybersecurity
The limitations of compliance-only strategies
The Cyber Risk Intelligence Manifesto as a guiding framework
Understanding Cyber Threats to ICS
Common attack vectors and tactics targeting ICS
Real-world case studies of ICS cyber incidents
The evolving threat landscape and emerging risks
Developing Your ICS-Specific CRMP
Identifying critical assets and functions
Assessing vulnerabilities in ICS environments
Analyzing the potential impact of cyber incidents
Prioritizing risks and developing mitigation strategies
Implementing Your CRMP
Security controls for ICS (e.g., network segmentation, access controls)
Intrusion detection and monitoring
Incident response planning and drills
Maintaining and Evolving Your CRMP
The importance of threat intelligence and vulnerability management
Integrating lessons learned from incidents and near misses
Continuous improvement and adaptation in the face of evolving threats
The Human Element
Training and awareness programs for ICS personnel
Building a culture of cybersecurity
Addressing insider threats
Q&A and Discussion
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top