“Most organizations believe they are not a target because they are “too small,” “don’t do anything important,” and “are unknown to anybody”—or they simply think they’re not a target because “they said so.” This is, in my view, the biggest myth in security, which makes most of the hacks possible.”

Twitter: @Marmusha

Marina Krotofil is an experienced ICS/SCADA professional who has spent almost a decade on offensive industrial control systems (ICS) security—discovering and weaponizing unique attack vectors, engineering damage scenarios, and understanding attacker techniques when exploiting ICS. Marina’s offensive security skills serve her well during forensic investigations, ICS malware analysis, and when engineering defenses. She previously worked as a principal analyst and subject-matter expert within the Cyber-Physical Group at FireEye (USA), as a lead cybersecurity researcher at Honeywell (USA), and as a senior security consultant at the European Network for Cyber Security (Netherlands). Between her industrial positions, Marina joined academia to pursue a doctoral degree and teach security courses at Hamburg University of Technology, Germany. She has authored more than 20 academic papers and book chapters on ICS security and is a frequent speaker at the leading security events around the world. She holds an MBA in technology management, an MSc in telecommunication, ...