Skip to main content
Cutaway Security
Cutaway Security

Publications

Presentations and White Papers
#

SANS White Paper: Effective Implementation of the NIST Cybersecurity Framework with Fortinet
#

Cutaway Security has teamed up with the SANS Vendor: Analyst Program and Fortinet to produce the white paper “Effective Implementation of the NIST Cybersecurity Framework with Fortinet.” This paper, written by Don C. Weber, is a product overview that looks at one approach to updating an ICS network by leveraging a combination of the National Institute of Standards and Technology (NIST) Cyber Security Framework (CSF), the SANS ICS410 Reference Architecture model, and Fortinet Security Fabric technologies. It examines some of the tactical choices a team can make when addressing security concerns within an ICS environment and explores how some of Fortinet’s product line could assist with these tactical decisions.

This paper is a companion piece to the implementation guide “Security by Design: A Systems Road Map Approach,” written by Barbara Filkins.

Securing ICS Using the NIST Cybersecurity Framework and Fortinet: Best Practices for the Real World
#

Cutaway Security teamed with the SANS Analyst Program and Fortinet to discuss “Securing ICS Using the NIST Cybersecurity Framework and Fortinet: Best Practices for the Real World.” This webcast featured Barbara Filkins, Don C. Weber, and Peter Newton.

Conference Presentations
#

Wild West Hacking Fest 2019: Architecting Secure ICS Environments
#

Presented at Wild West Hacking Fest 2019 in Deadwood, SD on Oct 24, 2019.

Criminals are hacking Industrial Control Systems (ICS). Their motivations are as diverse as the environments where ICS solutions and devices are found. Businesses are taking notice and asking the hard question: “how do we secure systems that are intended to run continuously?” The personnel operating these environments need to understand IT security as much as IT security professionals need to understand the concepts and requirements of an ICS implementation. The purpose of this presentation will be to, briefly, introduce the concepts and security considerations for ICS devices and solutions.

Pen Test HackFest 2019: Pen Testing ICS and Other Highly Restricted Environments
#

Presented at Pen Test HackFest Summit 2019 in Bethesda, MD on Nov 18-19, 2019.

“Congratulations, you have been selected to conduct a penetration test of our industrial control system (ICS) environment. Please remember, you cannot scan anything, you cannot install anything, and you cannot break anything.” This is not a joke. More and more companies are requesting penetration tests of their ICS assets. This presentation discusses how to scope and conduct this type of assessment.

Slide Decks
#

  • CutSec WWHF 2019 - Architecting Secure ICS Environments
  • SANS @Night - Assessments in Active ICS Environments
  • CutSec Hackfest November 2019
  • WWHF 2020 - Analyzing Radio Transmissions Using URH

There are no articles to list here yet.