Shayne Casavant
Shayne is passionate about Cybersecurity and can apply his unique blended background of multiple disciplines to produce creative solutions to common industry problems. With more than 14 years of experience in ICS Cybersecurity and engineering, his general approach is to develop robust solutions to complex problems, adapt to project specific needs, and to provide quality deliverables in a timely manner.
Shayne actively participates in projects primarily focusing on OT (Operational Technology) / ICS (Industrial Control System) in various industries such as utilities, oil & gas, mining & metals, and power. He has a broad range of experience in ICS Cybersecurity ranging from complete program development to implementation of technology solutions to assessments and tabletops. Currently, Shayne works as an ICS Cybersecurity Specialist at BBA as part of the ICS Cybersecurity department. He leads and manages various projects and activities, both to external clients and internal initiatives.
2024 Talk
Talk Title: The Power of Incident Response Tabletops
Talk Abstract:
Industrial organizations are too often hit with a reality check when they find themselves unprepared for handling a cybersecurity incident. While Incident Response (IR) tabletops are not a new concept, not all organizations have regular exercises scheduled and some are not performed effectively. Industrial Control System (ICS) IR presents additional challenges as compared to a typical IT IR, since it requires involvement from multiple business units and teams, and can have physical impacts (e.g. safety of people, environmental impacts, or damage to equipment).
Attendees will be exposed to a flexible strategy that can be applied to their organizations and operations, along with important elements to focus on to have an effective and powerful IR tabletop. This includes the scenario selection and technical elements, but also delves into the critical realities like psychological states. The ability to self-regulate and lead through a crisis is paramount. Self-regulation drives effective decision-making, communication, and collaboration. Part of this presentation will dive deeper into the neuroscience of stress.
Another critical facet is the backbone of the IR plan, structure, roles and responsibilities, and interfaces with other business units. A free resource (IACS Cyber Security Incident Response Playbook) will also be introduced that BBA developed by receiving funding from Natural Resources Canada’s Cyber Security and Critical Energy Infrastructure Program (CCEIP). This framework can be used for both IT and ICS.
This presentation highlights just how powerful IR tabletops can be in terms of mitigating business risk and operational impacts. This knowledge is shared based on experience gained in preparing and facilitating IR tabletops for clients, ranging from small to large organizations.