speaker-info

Michael Assante

SANS ICS Leader

Michael Assante is the SANS lead for Industrial Control System (ICS) and Supervisory Control and Data Acquisition (SCADA) security. As a Senior Associate with the Center for Strategic and International Studies (CSIS) Strategic Technologies Program, Assante authors papers and provides views on policy issues.

Assante served as Vice President and CSO at American Electric Power, engaged in research to include the Idaho National Laboratory vulnerability of electric generators to destruction through remote cyber attack, and served as the first CSO at NERC. Government, intelligence, and military organizations have also relied on his leadership and counsel for more than 20 years. He has testified before the US Senate and House and was an initial member of the member of the Commission on Cyber Security for the 44th Presidency.

Assante is a frequent guest at global security events, delivering presentations such as the 2017 RSA Keynote: Seven Most Dangerous New Attack Techniques, chairs the SANS ICS Security Summit which is now on its 13th year, and presenting co-authored reports such as Outpacing Cyber Threats – Priorities for Cybersecurity at Nuclear Facilities for the Nuclear Threat Institute. His work in ICS security has been widely recognized and was selected by his peers as the winner of Information Security Magazine’s Security Leadership Award for his efforts as a strategic thinker. The RSA 2005 Conference awarded him its Outstanding Achievement Award in the practice of security within an organization.

Michael co-led the international steering committee that created the most widely respected industrial control systems security skills certification program, the GICSP, which is now held by over 1,300 practitioners in more than 30 countries. The GICSP ensures control systems engineers and IT security staff have the core skills needed for strengthening defenses against cyber attacks, serving as a benchmarking tool for practitioners and hiring managers alike.

Papers of Note:

ICS Defense Use Case 6: Modular ICS Malware

Digital Ghost: Turning The Tables

IoT, Automation, Autonomy, and MegaCities in 2025

My Sessions

Aurora 10 Years Later: Progress, Failure & What Remains to be Learned

Main Stage

In 2007 CNN showed compelling video of a cyber attack causing physical damage to a 2.25MW turbine generator. A cyber attack damaging expensive and important physical equipment. The demonstration was funded by the US Department of Homeland Security and performed by Idaho National Labs. Ten years after Aurora, we bring together some of the key […]

Panel / Debate Strategy
READ MORE