The webinar describes a new approach to securing critical industrial infrastructure called consequence-driven cyber-informed engineering (CCE).
Andy Bochman, a nationally recognized cybersecurity expert with extensive experience in securing our national infrastructure, outlines the four major steps to the CCE method — identifying your crown jewel processes, mapping the digital terrain, illuminating the likely attack paths, and generating options for mitigation and protection.
Among its many duties, the Idaho National Lab (INL) is responsible for conducting vital research that allows us to sustain and develop nuclear energy technologies, scale other clean energy technologies, protect critical infrastructure, support national defense and Homeland Security, bolster cybersecurity and make sure nuclear materials do not fall into the wrong hands.
About Andy Bochman
Senior Grid Strategist for National & Homeland Security at the INL (Twitter: @andybochman)
Andy is the senior grid strategist at the Idaho National Lab. He provides strategic guidance on topics at the intersection of critical infrastructure security and resilience to senior U.S. and international government and industry leaders. His career began with the U.S. Air Force, and before joining INL, was in several cybersecurity startups, was global energy & utilities security lead at IBM, and a senior advisor at the Chertoff Group in Washington, D.C. A member of the global advisory board for the Control Systems Cyber Security Association International (CS2AI), Mr. Bochman is on the advisory committee to the SANS security training institute and a cybersecurity subject matter expert listed with the U.S. State Department Speakers Bureau. In 2018, his publications include “The Missing Chief Security Officer” (CXO), “Internet Insecurity: The Brutal Truth” (HBR), and “Supply Chain in the Software Era” (Atlantic Council).
This post was originally published on CCE — INL’s New Approach to Securing Critical Industrial Infrastructure on CyberX.- CyberX - Field-proven industrial cybersecurity