Control System-SCADA security conferences – they sure are popular

I organized the first two control system cyber security panels at ISA Expo 2001 in Houston on 9/10. At that time, control system cyber security was a reliability and economic issue and did not become a national security issue until the next day – 9/11. I held the initial Control System (SCADA) Cyber Security Conference in 2002 because with all of the cyber security conferences, there was no security conference specifically dedicated to control systems (SCADA). It is interesting to see how popular SCADA security has become. Next week, there will be two conferences, a continent apart, with significant SCADA security aspects – SANS in Orlando and Distributech in San Diego. SANS is aimed at security with Operations secondary while Distributech is aimed at Operations with security secondary. This isn’t the first time this happened and it certainly won’t be the last. Two years ago, DHS scheduled PCSF in San Diego the same week as ISA POWID in San Jose - 500 miles apart. This year, ISA POWID will be held in May in Chicago the same week as the 2009 IEEE International Conference on Technologies for Homeland Security in Boston. Additionally, the Critical Infrastructure Congress is in the Washington DC area the same week as ISA Expo in Houston.  Should this be happening – of course not. However, how many people are even aware of the other groups much less their conferences. I was also guilty of scheduling conflicts holding last year’s Applied Control Solutions Control System Cyber Security Conference in Burr Ridge (Chicago) the same week as Black Hat in Las Vegas. I didn’t realize Black Hat would take in interest in SCADA, but they are starting to. Until someone invents a 13th month, there will be conflicts. Given the scheduling morass, the next Control Systems Cyber Security Conference the week of October 19th in the Washington DC area with the conscious intent of avoiding direct conflicts with ISA, IEEE, ANS, Black Hat, control system users groups, etc. Just to set the record straight, I am not addressing the quality of any of the conferences, simply the scheduling of them. If anyone is interested, I would be willing to share my thoughts off-line. I will be sending out information on the October Conference later this week and next. If you do not get a copy and are interested, please let me know and I will add you to the list. Joe Weiss