TAC Subscription Webinar

•

1 like•261 views

The webinar discussed the Tactical Analysis Center (TAC) subscription service provided by the National Electric Sector Cybersecurity Organization (NESCO). The TAC provides timely threat information, analysis reports, and notifications to electric utilities on cybersecurity issues. Subscription options include daily diaries, indicators of compromise, threat briefings, and executive overviews. All electric asset owners can subscribe regardless of size.

Technology Economy & Finance

Panelists

Chris Jager
Director, NESCO TAC

Jack Whitsitt
Principal TAC Analyst

Steve Parker
V.P. Technology Research Powered by
and Projects

8/31/201 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
2 with funding assistance from the U.S. Department of Energy 2

Format
Today's webinar is intended to be
interactive, so feel free to ask questions.

Agenda
• Background
• Subscription Service Overview
• Discussion / Q&A

8/31/201 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
2 with funding assistance from the U.S. Department of Energy 3

Timeliness
Today’s cyber threats move at internet
speeds. To keep pace, defenders must have
access to timely information about threats,
vulnerabilities, incidents, and mitigations.

8/31/201 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
2 with funding assistance from the U.S. Department of Energy 4

Context
Security and operations staff are often
flooded with information and data regarding
security issues. Identifying the subset of
information that is relevant to their specific
circumstances is a daunting task.

8/31/201 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
2 with funding assistance from the U.S. Department of Energy 5

Ground Truth
In most circumstances, the best information
is that which is sourced from, analyzed by,
and delivered to the community it is intended
to serve.

8/31/201 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
2 with funding assistance from the U.S. Department of Energy 6

What Is The TAC?

The NESCO Tactical Analysis Center (TAC)
is led by EnergySec staff and informed by
industry volunteers and other partners. Its
role is to provide community-based analysis
of security issues and timely dissemination
of relevant, actionable information to
industry.

8/31/201 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
2 with funding assistance from the U.S. Department of Energy 7

Subscription Offerings
Operational Information
• Daily Diaries
• Attack Signatures, Indicators Of Compromise
• Rapid Notification System

Planning and Analysis
• Monthly/Quarterly Reports
• Threat Briefings
• Executive overviews

8/31/201 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
2 with funding assistance from the U.S. Department of Energy 8

Details
 Who can subscribe?
– All asset owners regardless of size or
regulatory coverage

 Where do I sign-up?
– http://grids.ec/tacsubscribe

 Where do I get more information?
– http://www.us-nesco.org/tac
– Email us at: tac@us-nesco.org

8/31/201 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
2 with funding assistance from the U.S. Department of Energy 9

Discussion

Chris Jager
Director, NESCO TAC

Jack Whitsitt
Principal TAC Analyst

Steve Parker
V.P. Technology Research Powered by
and Projects

8/31/201 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec
2 with funding assistance from the U.S. Department of Energy 10

Similar to TAC Subscription Webinar

EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...

TheAnfieldGroup

Bridging the Gap: Between Operations and IT

EnergySec

EISS Cybersecurity Briefing

EnergySec

Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...

EnergySec

NESCO Year 2 Overview

EnergySec

What's "Smart" Got to Do With It?: A technical overview of Advanced Metering ...

EnergySec

Next Generation Information Sharing for the Electric Sector

EnergySec

The Expanding Web of Cybersecurity Requirements

EnergySec

NESCO: A Closer Look

EnergySec

Emerson Ovation User Group BOD Meeting

EnergySec

NESCO Overview: Emerson Ovation User Group BOD Meeting

EnergySec

Don't Get Hacked! Cybersecurity Boot Camp

EnergySec

EnergySec and the NESCO overview

EnergySec

Capstone Paper

Thomas Kaczmarek

Today is a good day for CIGRE Science & Engineering, as with the February 2018 issue you are about to start reading, our Journal celebrates a mini-Jubilee: this is the 10th issue in its still young but vibrant existence. To make the numbers round, we should have 10 papers in this issue, but at the last moment, a very interesting paper on innovative research work came in from my alma mater, ETH Zurich, which I could not resist sharing with you. But, in compliance with our strict review procedure, all the other papers are also, of excellent quality, and I am confident they will spark your curiosity, as they cover a plethora of important subjects. Specifically, and true to our policy of making this Journal a forum for the best papers from the many CIGRE events around the globe, you will find two papers form the 4th International Colloquium “Transformer Research and Asset Management” by SC A2 and two papers from the 2017 bi-annual Colloquium of SC D2, both very successful and well-attended CIGRE meetings.

Innovation in the Power Systems industry

Power System Operation

The value of cyber security is increasing every day and, with the progressive role that information technologies are playing in the global economy, its weight will increase more and more in the following years. In the focus of national cyber security strategies are the essential services for the whole society and the need to implement all the actions and measures for their secure operation, including the capacity to be resilient to evolving cyber threats and to respond to new attacks. A number of cyber security standards and regulations have been recently issued, that refer to the establishment of processes and activities supporting the public and private cooperation for the exchange of critical information and incident/ crisis management. An information security governance that aims to meet compliance with those practices must develop a combination of capabilities encompassing organizational processes and technical cyber security solutions. In line with the regulatory frameworks and in continuation with previous similar initiatives of the Cigré Study Committee D2, this paper is reporting on the outcome of the information sharing that has occurred between Cigré and IEC working groups addressing the cyber security for the power industry.

Innovation in the Power Systems industry CIGRE

Power System Operation

Building A Stronger And Smarter Electrical Energy Infrastructure IEEE-USA

John Ragan

offers this policy framework to chart a path forward on the imperative to modernize the grid to take advantage of opportunities made possible by modern information, energy, and communications technology. This framework is premised on four pillars: 1. Enabling cost-effective smart grid investments 2. Unlocking the potential for innovation in the electric sector 3. Empowering consumers and enabling them to make informed decisions, and 4. Securing the grid. Each pillar supports a set of policy recommendations that focus on how to facilitate a smarter and more secure grid. Progress in all four areas, as part of an overall grid modernization effort, will require sustained cooperation between the private sector, state and local governments, the Federal Government, consumer groups, and other stakeholders. Such progress is important for the United States to lead the world in the 21st century economy, be at the forefront of the clean energy revolution, and to win the future by encouraging American innovation.

White House Smart Grid Strategy for 21st Century

UCSD-Strategic-Energy

Security From the Ground Up

EnergySec

Security From the Ground Up

EnergySec

Similar to TAC Subscription Webinar (20)

EnergySec & National Electric Cyber Security Organization (NESCO) Overview by...

Bridging the Gap: Between Operations and IT

EISS Cybersecurity Briefing

Hype, Hope and Happenstance: Cyber Threats and Opportunities in an Age of Aut...

NESCO Year 2 Overview

What's "Smart" Got to Do With It?: A technical overview of Advanced Metering ...

Next Generation Information Sharing for the Electric Sector

The Expanding Web of Cybersecurity Requirements

NESCO: A Closer Look

Emerson Ovation User Group BOD Meeting

NESCO Overview: Emerson Ovation User Group BOD Meeting

Don't Get Hacked! Cybersecurity Boot Camp

EnergySec and the NESCO overview

Capstone Paper

Innovation in the Power Systems industry

Innovation in the Power Systems industry CIGRE

Building A Stronger And Smarter Electrical Energy Infrastructure IEEE-USA

White House Smart Grid Strategy for 21st Century

Security From the Ground Up

More from EnergySec

When we talk about cyber security, we recognize that it is part of a holistic approach to security and critical infrastructure protection. Tools and technology are not enough to ensure that mission critical systems provide capabilities needed for the military, continuity of government and commercial enterprises to continue operations in the face of emerging threats. Recognizing the unique nature of our location on the Hawaiian Islands in the middle of the Pacific, we also understand the importance of collaboration and alignment of critical infrastructure protection among the military, state government, commercial and public stakeholders. A comprehensive approach needs to include innovative capabilities, a thorough analysis of operational dependencies, and the organizational collaboration required to protect critical capabilities. In this session, we will discuss our innovate approach to developing a holistic cyber security approach for critical infrastructure and share a case study to help you think differently about your own approaches for security.

Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense

EnergySec

Over the past few years, penetration testing has gotten easier. What used to take a week of scanning, analysis, and exploit research now happens in one day on average in a common IT environment. The efficiency of compromise has increased based on several factors including increased knowledge sharing, more robust computing, and automated exploitation tools. OT environments are often utilizing the same operating systems and are prone to many of the same attacks. The main differences are the presence of custom protocols, embedded systems, and lack of formal security programs to address the gaps created by two-way data communication networks. This talk will show the most common attacks which our team currently uses to gain access and control over the networks and systems we test. More importantly, we will discuss the “top 10” things an organization can do to mitigate, remediate, and have active visibility into critical systems.

Slide Griffin - Practical Attacks and Mitigations

EnergySec

Innovative and disruptive technologies are enhancing and invading our traditional industrial business model. Future organizations will need more data to operate efficiently and succeed in the brave new interconnected world. The diversity of new technologies and data will fuel more diversity in business opportunity. Everyone expects more OT, more IoT, and more IT – and all of it is supposed to be highly reliable and secure. These factors (and more) lead to a landscape shift for the mission-critical cybersecurity risk profile. In this session, hear ways to recognize the problems and gain some clarity on possible solutions through historic lessons, made up words, and practical front-line experience.

Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...

EnergySec

Almost 70 years since the first computer bug was discovered, there has been decades of research done on Information Security theory and practice. Yet, despite vast amounts of money being spent, innumerable academic papers, mainstream media obsession, and entire industries being formed, we are left with the impression that the risk is growing, not receding. Why? Some argue a lack of data, but data clearly exists. We’re likely generating it, in some areas, faster than humans will ever be able to process it. Perhaps, after all of this effort, we’ve managed to box ourselves into metaphors and first principles that might be inappropriately constraining how we think about “Information Security Risk”. In fact, it’s worth noting that we can’t even agree if there is a space between “Cyber” and “Security” when it’s written out. This talk will take an anecdotal look at “Information Security Risk”, “What IS Cyber Security?”, and use that perspective to suggest areas of research that are either lacking or should be made more accessible to the markets, industries, and individuals driving risk management change. In an industry filled with data, perhaps an examination of empty space might be helpful.

Jack Whitsitt - Yours, Anecdotally

EnergySec

In our modern world, we’ve learned to take for granted the universal availability of things like running water and electricity, and more recently, the Internet. As technology progresses, we are rapidly approaching a future in which nearly everything is digitally connected to nearly everything else. At the same time, we are learning to accept that all digital devices are broken from a security perspective. How we respond and adapt to this reality could well determine whether our future is utopian or dystopian. In In this interactive session, we will explore novel avenues of attack using digital “soft-targets”, and discuss how we might hold things together in the face of persistent vulnerability.

Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...

EnergySec

Daniel Lance - What "You've Got Mail" Taught Me About Cyber Security

EnergySec

The NERC CIPv5 deadline is fast approaching, and it’s not too late to be prepared. Join Mark Prince, Manager Operational Technology Fossil, from Entergy, Karl Perman, VP Member Services from EnergySec and Tim Erlin, Director from Tripwire to discuss achieving and maintaining NERC CIPv5 compliance in a fossil generation plant. We’ll cover some of the challenges that Entergy has experienced in their NERC CIPv5 compliance journey. Specifically, we will discuss configuration change management and how to leverage technologies for these requirements and consider what life would be without them.

Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management

EnergySec

Regulated entities should consider the RSAW templates when preparing evidence of compliance with the NERC CIP Standards. There are a number of implicit requirements in CIP v5 which an entity needs to fulfill to be compliant, which are not specifically identified in the actual requirements. In this webinar, our experts will discuss such implicit requirements. Key learning's from this session would be: RSAW format Implicit requirements of CIP RSAWs Leveraging technology for RSAW management

Explore the Implicit Requirements of the NERC CIP RSAWs

EnergySec

Presenter: Daniel Lance, Layered Integration After years of installing wireless sensor networks in homes and businesses we are now faced with a question “How is this all secure? Or is it?” A look into WSN (Wireless Sensor Networks) history and original design concepts that paved the road to us using these in our every day life. This presentation will be a deep dive into wireless and reveal new challenges we have in protecting our perimeter when all of our core monitoring devices are riding a wave into the public space as most industrial control providers look to capitalize on fast installation times and inexpensive adaptive solutions. This research shows us start to finish how anyone with a laptop and SDR (Software Defined Radio) can hack into and take control of WSN’s from outside the front gate. The presentation will demonstrate how a device inside your facility might reveal itself through spectrum analysis than how a hacker might flank the security of the device and own the network with very simple replay attacks that can grant them physical access, and how social engineering pre-installation and post-installation will cause you to disregard warning signs that someone is tampering with the network. A high level understanding of radio is no longer needed for packet analysis with open source tools, proper implementation has never been more important as even a encrypted device can be compromised by the last mile before installation. We will talk about the tools security professionals are lacking from the manufactures of these devices to scan for a compromised device and what can be done in the future to protect WSN’s.

Wireless Sensor Networks: Nothing is Out of Reach

EnergySec

Presenter: Mikael Vingaard, EnergiNet.dk The goal of having a Honeypot (a fake ‘vulnerable’ IT-system/ service) is to learn more about your attackers and the methods they will use to breach your ICS/SCADA systems – but how can the Energy Sector actual benefit from using a Honeypot? The Danish information security researcher, Mikael Vingaard has taken various free open source software to deploy ICS/SCADA Honeypot systems, and will share his experiences from the research and present interesting findings from the collected informations. The talk will be discuss the pros and cons of honeypots, how to use honeypots as an early-warning system and add some interesting points seen from the energy sector of using Honeypot systems. The presentation will showcase that gaining access to actual ICS threat intelligence can be done – even in budget constrained organizations.

Please, Come and Hack my SCADA System!

EnergySec

Presenter: Mike Firstenberg, Waterfall Security Solutions NIST, NERC CIP, the ISA/IEC and other authorities are adjusting their advice for secure industrial networks to include at least one layer of hardware-enforced unidirectional communications. Many security practitioners are familiar with specific applications of Unidirectional Security Gateway technology, but fewer have seen how widely the technology is being deployed throughout the electric sector. Join us to review comprehensive unidirectional network architectures for generation, transmission, distribution, high-voltage substations, and control centers/TSO’s/balancing authorities. In each vertical we review use cases, examine NERC CIP compliance implications and cost savings, and compare the strength of each architecture with legacy firewall-based designs.

Unidirectional Network Architectures

EnergySec

Presenter: Joseph Loomis, Southwest Research Institute (SwRI) Asset Owners face challenges as they strive towards implementing the NERC-CIP V5 requirements. Meeting the requirements often require documentation and technical knowledge of how an asset operates that can only be provided by a Vendor. Vendors, likewise, may be unclear about how the NERC-CIP requirements affect them, and are unsure about how to meet the technical requirements. In this presentation we detail the lessons learned from a recent project where SwRI worked with a Vendor to determine how the requirements apply to them and what the Vendor needs to have to help support an Asset Owner in an audit.

NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role

EnergySec

Presenter: Patrick Miller, EnergySec (President Emeritis) Innovative and disruptive technologies are enhancing and invading our traditional industrial business model. Future infrastructure organizations will need more data to operate efficiently and succeed in the brave new interconnected world. The diversity of new technologies and data will fuel more diversity in business opportunity. Everyone expects more OT, more IOT, and more IT – and all of it is supposed to be highly reliable and secure. These factors (and more) lead to a landscape shift for the industrial cybersecurity risk profile. In this session, hear ways to recognize the problems and gain some clarity on possible solutions through historic lessons, made up words, and practical front-line experience.

Industrial Technology Trajectory: Running With Scissors

EnergySec

Presenters: Robert Landavazo, PNM Resources and Katherine Brocklehurst, Tripwire With countless hours of work to go, PNM was far from ready for its coming audit in just 18 months. Confidence levels in its existing manual, and incomplete security controls, were at an all-time low; and the visibility into control center environments for quantifying its status and progress towards compliance was immeasurable. With Tripwire, PNM’s preparation of the looming CIPv3 audit noticeably improved. With efficient reporting and automation, PNM’s now positioned to hold itself accountable for CIP auditable compliance of more than 3,500 explicit and supporting control points, satisfying CIP-002-3, CIP-004-3, CIP-005-3, CIP-007-3 and CIP-009-3. In addition, enhanced visibility and better control gave PNM the ability to effectively communicate meaningful and measurable initiatives to executive teams – resulting in increased support for their funding needs. In this session, PNM – New Mexico’s largest electricity provider – will share a case study on its journey towards achieving continuous NERC CIP compliance despite a highly limited headcount, how it saved countless hours of labor-intensive manual effort, and the essential role that automation played in its success.

The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...

EnergySec

Presenter: David Zahn, PAS Industrial control systems represent the brass ring for hackers who want to disrupt plant operations and negatively impact safety and productivity. The problem for cybersecurity professionals is that plants have highly vulnerable proprietary control systems where configuration data is not visible via standard WMI or SNMP calls. Yet, it is this same configuration data, such as I/O cards, firmware, installed software, and more, that hackers work hard to attain as it aids them in gaining control over industrial systems within plants. As the saying goes, “you can’t manage what you can’t measure.” Taking inventory of this hidden configuration data and doing so for all control assets is difficult. Plants as a result fall short of achieving centralized, automated inventory – a cybersecurity best practice and a necessary precursor to effective change management. So how do you address change management when important security data is kept locked within each vendor’s distributed control systems, programmable logic controllers, and remote terminal units? In this session, we’ll explore the types of inventory data that comprise a best practices cyber security plan. Next, we will dive into cost effective, accurate automation opportunities for inventory discovery and maintenance of heterogeneous proprietary and non-proprietary control assets. Finally, we’ll present a case study for implementing best practices for hardening ICS cyber security and automating management of change. Agenda: Building and Maintaining an Accurate ICS Inventory Best Practices in Inventory Automation Case Study

ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...

EnergySec

Presenter: Damiano Bolzoni, SecurityMatters What if cyber attacks were not the most prominent threat to industrial networks and systems? Although malware is still a major point of interest, the sword of Damocles for industrial networks is represented by insider threats such as system misuse performed by disgruntled employees, contractors and vendors, unintentional operator mistakes, as well as network and system misconfiguration and uncontrolled configuration changes; all this could lead to the divergence or failure of critical processes. In this talk we reshape the concept of ICS security and demonstrate through case studies in different critical infrastructure sectors that the real value of industrial network monitoring goes beyond the detection of cyber attacks, but includes above all the need to maintain awareness about network and process operations, and obtain actionable intelligence that allows to preserve their overall health. We will show how the use of innovative network monitoring approaches can support security, operations, and network managers to: Gain IT visibility of OT networks and full situational awareness of the network and process Detect complex and advanced cyber attacks against industrial networks Mitigate operational mistakes and misconfiguration

Where Cyber Security Meets Operational Value

EnergySec

Presenter: Chris Sistrunk Why haven’t we seen more ICS-focused attacks? Perhaps it’s because we’re not looking for them. The current state of security in Industrial Control Systems is a widely publicized issue, but fixes to ICS security issues are long cycle, with some systems and devices that will unfortunately never have patches available. In this environment, visibility into security threats to ICS is critical, and almost all of ICS monitoring has been focused on compliance, rather than looking for indicators/evidence of compromise. The non-intrusive nature of Network Security Monitoring (NSM) is a perfect fit for ICS. This presentation looks at using NSM as part of an incident response strategy in ICS, various options for implementing NSM, and some of the capabilities that NSM can bring to an ICS cyber security program.

Where Are All The ICS Attacks?

EnergySec

After a brief introduction by Mr. Humphreys, Henry Bailey will talk a few minutes about SAP’s roadmap for utilities. This will be followed by a discussion led by Chris Humphreys about the evolutionary transition from disparate point solutions to enterprise-wide, end-to-end, Regulation Management where controls are consolidated and leveraged such that compliance is a byproduct of industry best practices. Finally, Mr. Rice and Chris Humphreys will end the hour with a presentation expanding on the concept of controls consolidation and compliance as a byproduct focused on NERC CIP Ver 3-5 and NIST transitional capabilities of Regulation Management.

SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...

EnergySec

It’s never too early to start thinking about where the standards are going and where your program should be heading. This presentation will discuss how energy organizations should consider furthering alignment to NIST 800-53 Rev 4; focusing on security maturity opportunities such as threat management; addressing third parties and vendors and developing processes to help satisfy control-based security objectives.

Industry Reliability and Security Standards Working Together

EnergySec

What the Department of Defense and Energy Sector Can Learn from Each Other

EnergySec

More from EnergySec (20)

Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense

Slide Griffin - Practical Attacks and Mitigations

Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...

Jack Whitsitt - Yours, Anecdotally

Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...

Daniel Lance - What "You've Got Mail" Taught Me About Cyber Security

Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management

Explore the Implicit Requirements of the NERC CIP RSAWs

Wireless Sensor Networks: Nothing is Out of Reach

Please, Come and Hack my SCADA System!

Unidirectional Network Architectures

NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role

Industrial Technology Trajectory: Running With Scissors

The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...

ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...

Where Cyber Security Meets Operational Value

Where Are All The ICS Attacks?

SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...

Industry Reliability and Security Standards Working Together

What the Department of Defense and Energy Sector Can Learn from Each Other

Recently uploaded

Corporate and higher education. Two industries that, in the past, have had a clear divide with very little crossover. The difference in goals, learning styles and objectives paved the way for differing learning technologies platforms to evolve. Now, those stark lines are blurring as both sides are discovering they have content that’s relevant to the other. Join Tammy Rutherford as she walks through the pros and cons of corporate and higher ed collaborating. And the challenges of these different technology platforms working together for a brighter future.

Corporate and higher education May webinar.pptx

Rustici Software

The value of a flexible API Management solution for Open Banking Steve Melan, Manager for IT Innovation and Architecture - State's and Saving's Bank of Luxembourg Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The value of a flexible API Management solution for O...

apidays

Keynote 2: APIs in 2030: The Risk of Technological Sleepwalk Paolo Malinverno, Growth Advisor - The Business of Technology Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

apidays

Tracing the root cause of a performance issue requires a lot of patience, experience, and focus. It’s so hard that we sometimes attempt to guess by trying out tentative fixes, but that usually results in frustration, messy code, and a considerable waste of time and money. This talk explains how to correctly zoom in on a performance bottleneck using three levels of profiling: distributed tracing, metrics, and method profiling. After we learn to read the JVM profiler output as a flame graph, we explore a series of bottlenecks typical for backend systems, like connection/thread pool starvation, invisible aspects, blocking code, hot CPU methods, lock contention, and Virtual Thread pinning, and we learn to trace them even if they occur in library code you are not familiar with. Attend this talk and prepare for the performance issues that will eventually hit any successful system. About authorWith two decades of experience, Victor is a Java Champion working as a trainer for top companies in Europe. Five thousands developers in 120 companies attended his workshops, so he gets to debate every week the challenges that various projects struggle with. In return, Victor summarizes key points from these workshops in conference talks and online meetups for the European Software Crafters, the world’s largest developer community around architecture, refactoring, and testing. Discover how Victor can help you on victorrentea.ro : company training catalog, consultancy and YouTube playlists.

Finding Java's Hidden Performance Traps @ DevoxxUK 2024

Victor Rentea

CNIC Information System with Pakdata Cf In Pakistan

danishmna97

Three things you will take away from the session: • How to run an effective tenant-to-tenant migration • Best practices for before, during, and after migration • Tips for using migration as a springboard to prepare for Copilot in Microsoft 365 Main ideas: Migration Overview: The presentation covers the current reality of cross-tenant migrations, the triggers, phases, best practices, and benefits of a successful tenant migration Considerations: When considering a migration, it is important to consider the migration scope, performance, customization, flexibility, user-friendly interface, automation, monitoring, support, training, scalability, data integrity, data security, cost, and licensing structure Next Wave: The next wave of change includes the launch of Copilot, which requires businesses to be prepared for upcoming changes related to Copilot and the cloud, and to consolidate data and tighten governance ShareGate: ShareGate can help with pre-migration analysis, configurable migration tool, and automated, end-user driven collaborative governance

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

sammart93

In this keynote, Asanka Abeysinghe, CTO,WSO2 will explore the shift towards platformless technology ecosystems and their importance in driving digital adaptability and innovation. We will discuss strategies for leveraging decentralized architectures and integrating diverse technologies, with a focus on building resilient, flexible, and future-ready IT infrastructures. We will also highlight WSO2's roadmap, emphasizing our commitment to supporting this transformative journey with our evolving product suite.

Platformless Horizons for Digital Adaptability

WSO2

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

Zilliz

The Good, the Bad and the Governed - Why is governance a dirty word? David O'Neill, Chief Operating Officer - APIContext Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

apidays

Angeliki Cooney has spent over twenty years at the forefront of the life sciences industry, working out of Wynantskill, NY. She is highly regarded for her dedication to advancing the development and accessibility of innovative treatments for chronic diseases, rare disorders, and cancer. Her professional journey has centered on strategic consulting for biopharmaceutical companies, facilitating digital transformation, enhancing omnichannel engagement, and refining strategic commercial practices. Angeliki's innovative contributions include pioneering several software-as-a-service (SaaS) products for the life sciences sector, earning her three patents. As the Senior Vice President of Life Sciences at Avenga, Angeliki orchestrated the firm's strategic entry into the U.S. market. Avenga, a renowned digital engineering and consulting firm, partners with significant entities in the pharmaceutical and biotechnology fields. Her leadership was instrumental in expanding Avenga's client base and establishing its presence in the competitive U.S. market.

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

Angeliki Cooney

Scaling API-first – The story of a global engineering organization Ian Reasor, Senior Computer Scientist - Adobe Radu Cotescu, Senior Computer Scientist - Adobe Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

apidays

Passkeys: Developing APIs to enable passwordless authentication Cody Salas, Sr Developer Advocate | Solutions Architect - Yubico Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

apidays

Whatsapp Number Escorts Call girls 8617370543 Available 24x7 Mcleodganj Call Girls Service Offer Genuine VIP Model Escorts Call Girls in Your Budget. Mcleodganj Call Girls Service Provide Real Call Girls Number. Make Your Sexual Pleasure Memorable with Our Mcleodganj Call Girls at Affordable Price. Top VIP Escorts Call Girls, High Profile Independent Escorts Call Girls, Housewife Women Escorts Call Girl, College Girls Escorts Call Girls, Russian Escorts Call girls Service in Your Budget.

Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model

Deepika Singh

ICT role in 21st century education and its challenges

rafiqahmad00786416

Strategies for Landing an Oracle DBA Job as a Fresher

Remote DBA Services

AWS Community Day CPH - Three problems of Terraform

Andrey Devyatkin

Dubai, known for its towering skyscrapers, luxurious lifestyle, and relentless pursuit of innovation, often finds itself in the global spotlight. However, amidst the glitz and glamour, the emirate faces its own set of challenges, including the occasional threat of flooding. In recent years, Dubai has experienced sporadic but significant floods, disrupting normalcy and posing unique challenges to its infrastructure. Among the critical nodes in this bustling metropolis is the Dubai International Airport, a vital hub connecting the world. This article delves into the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Orbitshub

Elevate Developer Efficiency & build GenAI Application with Amazon Q

Bhuvaneswari Subramani

The microservices honeymoon is over. When starting a new project or revamping a legacy monolith, teams started looking for alternatives to microservices. The Modular Monolith, or 'Modulith', is an architecture that reaps the benefits of (vertical) functional decoupling without the high costs associated with separate deployments. This talk will delve into the advantages and challenges of this progressive architecture, beginning with exploring the concept of a 'module', its internal structure, public API, and inter-module communication patterns. Supported by spring-modulith, the talk provides practical guidance on addressing the main challenges of a Modultith Architecture: finding and guarding module boundaries, data decoupling, and integration module-testing. You should not miss this talk if you are a software architect or tech lead seeking practical, scalable solutions. About the author With two decades of experience, Victor is a Java Champion working as a trainer for top companies in Europe. Five thousands developers in 120 companies attended his workshops, so he gets to debate every week the challenges that various projects struggle with. In return, Victor summarizes key points from these workshops in conference talks and online meetups for the European Software Crafters, the world’s largest developer community around architecture, refactoring, and testing. Discover how Victor can help you on victorrentea.ro : company training catalog, consultancy and YouTube playlists.

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

Victor Rentea

Discover the innovative features and strategic vision that keep WSO2 an industry leader. Explore the exciting 2024 roadmap of WSO2 API management, showcasing innovations, unified APIM/APK control plane, natural language API interaction, and cloud native agility. Discover how open source solutions, microservices architecture, and cloud native technologies unlock seamless API management in today's dynamic landscapes. Leave with a clear blueprint to revolutionize your API journey and achieve industry success!

WSO2's API Vision: Unifying Control, Empowering Developers

WSO2

Recently uploaded (20)

Corporate and higher education May webinar.pptx

Apidays New York 2024 - The value of a flexible API Management solution for O...

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

Finding Java's Hidden Performance Traps @ DevoxxUK 2024

CNIC Information System with Pakdata Cf In Pakistan

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Platformless Horizons for Digital Adaptability

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model

ICT role in 21st century education and its challenges

Strategies for Landing an Oracle DBA Job as a Fresher

AWS Community Day CPH - Three problems of Terraform

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Elevate Developer Efficiency & build GenAI Application with Amazon Q

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

WSO2's API Vision: Unifying Control, Empowering Developers

TAC Subscription Webinar

1. TAC Subscription Overview August 30, 2012

2. Panelists Chris Jager Director, NESCO TAC Jack Whitsitt Principal TAC Analyst Steve Parker V.P. Technology Research Powered by and Projects 8/31/201 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 2 with funding assistance from the U.S. Department of Energy 2

3. Format Today's webinar is intended to be interactive, so feel free to ask questions. Agenda • Background • Subscription Service Overview • Discussion / Q&A 8/31/201 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 2 with funding assistance from the U.S. Department of Energy 3

4. Timeliness Today’s cyber threats move at internet speeds. To keep pace, defenders must have access to timely information about threats, vulnerabilities, incidents, and mitigations. 8/31/201 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 2 with funding assistance from the U.S. Department of Energy 4

5. Context Security and operations staff are often flooded with information and data regarding security issues. Identifying the subset of information that is relevant to their specific circumstances is a daunting task. 8/31/201 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 2 with funding assistance from the U.S. Department of Energy 5

6. Ground Truth In most circumstances, the best information is that which is sourced from, analyzed by, and delivered to the community it is intended to serve. 8/31/201 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 2 with funding assistance from the U.S. Department of Energy 6

7. What Is The TAC? The NESCO Tactical Analysis Center (TAC) is led by EnergySec staff and informed by industry volunteers and other partners. Its role is to provide community-based analysis of security issues and timely dissemination of relevant, actionable information to industry. 8/31/201 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 2 with funding assistance from the U.S. Department of Energy 7

8. Subscription Offerings Operational Information • Daily Diaries • Attack Signatures, Indicators Of Compromise • Rapid Notification System Planning and Analysis • Monthly/Quarterly Reports • Threat Briefings • Executive overviews 8/31/201 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 2 with funding assistance from the U.S. Department of Energy 8

9. Details  Who can subscribe? – All asset owners regardless of size or regulatory coverage  Where do I sign-up? – http://grids.ec/tacsubscribe  Where do I get more information? – http://www.us-nesco.org/tac – Email us at: tac@us-nesco.org 8/31/201 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 2 with funding assistance from the U.S. Department of Energy 9

10. Discussion Chris Jager Director, NESCO TAC Jack Whitsitt Principal TAC Analyst Steve Parker V.P. Technology Research Powered by and Projects 8/31/201 The National Electric Sector Cybersecurity Organization (NESCO) is operated by EnergySec 2 with funding assistance from the U.S. Department of Energy 10

TAC Subscription Webinar

Recommended

Recommended

More Related Content

Similar to TAC Subscription Webinar

Similar to TAC Subscription Webinar (20)

More from EnergySec

More from EnergySec (20)

Recently uploaded

Recently uploaded (20)

TAC Subscription Webinar