|Galina Antova, Chief BDO

Galina Antova is the Co-founder and Chief Business Development Officer at Claroty. Prior to co-founding the company, she was the Global Head of Industrial Security Services at Siemens overseeing the development of its portfolio of services that protect industrial customers against cyber attacks. While at Siemens, she was also responsible for leading the Cyber Security Practice and the Cyber Security Operations Center providing managed security services for industrial control systems operators. Previously, Galina was with IBM in Canada in various roles in the Provisioning and Cloud Solutions business. She holds a BS in Computer Science from York University in Toronto, and an MBA from IMD in Lausanne, Switzerland.
Leveraging ICS attacks for economic warfare
The last two years showed us that the “red lines” that conventional wisdom once held would prevent disruptive or destructive attacks against critical infrastructure have now been crossed numerous times, and are very likely to be crossed again. The notion of cold-war era “Mutually Assured Destruction” as a deterrent force has dimmed and nation-states, jihadists and cyber-criminals have taken notice. While ICS attacks could be used as a component of geo-political conflict, the much more likely, and troubling scenario is one where nation states or criminals orchestrate targeted ICS attacks to engage in pointed, economic warfare, doing so in a covert way. Similar to the way in which, allegedly, Russia engaged in social media manipulation to influence the US election. Such strategy, if applied to disruption of ICS networks across a specific sector, geography, could have tremendous economic impact. Ransomware campaigns could be used as a false flag to inflict economic damage against an adversary or a particular industry, or a crime actor uses ransomware to hold these companies hostage. In this session, we’ll look into some of the technical details of recent ICS attacks that give us insights into the scale/skills of operations needed to execute them, and what conclusions we can draw in terms of most effective defense. The unintended spill-over of WannaCry and NotPetya into the ICS networks give us a glimpse at the defense readiness of many of the large owners/operators of ICS networks. The security risk to ICS networks is systemic and not determined by vulnerabilities alone, making them much harder to defend.
Schedule of Events