/Jim Gilsinn

About Jim Gilsinn

Jim Gilsinn joined Kenexis in 2012 as a Senior Investigator after starting his career in the Engineering Lab at the U.S. National Institute of Standards and Technology (NIST). Jim has more than 25 years of electrical engineering, networking, and programming experience. For the last 15 years, he has specialized in industrial control systems (ICS) performance, reliability, and cyber security. At Kenexis, he is responsible for designing, assessing, and validating reliable and secure ICS and supervisory control and data acquisition (SCADA) networks. He has conducted both standards-based conformance assessments as well as technical vulnerability assessments and penetration tests for ICS/SCADA customers. He has also helped ICS/SCADA customers develop security programs based upon ISA-62443, ISO/IEC 27001 and 27002, NIST SP800-53/82, and NIST Cybersecurity Framework. He is developing the Dulcet Analytics test tool for Network Reliability Monitoring of ICS/SCADA, which uses analytical and statistical methods to determine communication stream performance to determine the health and reliability of ICS/SCADA networks. He has a variety of industry experience, especially in the manufacturing, oil & gas, chemical, and food industries. Jim is the co-chair of the ISA99 committee on Security for Industrial Automation and Control Systems (IACS), developing the ISA/IEC 62443 standard series and the co-chair of the ISA99 working group developing a security program for IACS based upon the existing ISO/IEC 2700x series. Jim speaks regularly at conferences on ICS performance, reliability, and cyber security. You can find his presentations posted to SlideShare (http://www.slideshare.net/gilsinnj). He is also on the organizing committee of the BSidesDC conference (http://www.bsidesdc.org).

What’s Your Backup and Recovery Strategy?

By |2018-08-22T17:28:36+00:00August 22nd, 2018|ICS Cybersecurity, ICS Design and Implementation, Jim Gilsinn|

While reading the Wired article, titled The Untold Story of NotPetya, the Most Devastating Cyberattack in History, I thought a lot about backups. Backing up your data and systems in order to maintain critical services is a cornerstone of any disaster recovery program (DRP). I hadn’t realized how fast NotPetya spread through some organizations. From [...]

Comments Off on What’s Your Backup and Recovery Strategy?

Beware of USB Charging Stations

By |2017-06-25T19:58:09+00:00August 15th, 2016|ICS Cybersecurity, Jim Gilsinn, News|

As a consultant, I travel on a regular basis. When I travel, I usually have multiple devices with me: a personal phone, a work phone, one or more computer, test equipment, and other devices. All of these are power hungry, especially the phones. It is tempting to charge them anywhere I can, but as a [...]

Comments Off on Beware of USB Charging Stations

Teaching to Learn

By |2017-06-25T19:58:13+00:00April 2nd, 2015|ICS Cybersecurity, Jim Gilsinn|

Being an expert at something doesn’t always mean that you truly understand something. Until you can explain that topic to someone else, you can’t really prove that you know it that well. Sure, you can spout some jargon and show some really complicated process. But, until you can breakdown that explanation and/or process into simpler [...]

Comments Off on Teaching to Learn

Kenexis ICS Training Class @ S4x15

By |2017-06-25T19:58:13+00:00December 26th, 2014|Author, ICS Cybersecurity, Jim Gilsinn, News|

Jim Gilsinn and Bryan Singer, from Kenexis, will be teaching one of the advanced training courses at the S4x15 conference, titled “Why Does the Red Team Get All the Fun?” (http://www.cvent.com/events/s4x15-week/custom-22-6527b763e4b94569a3612510327b7278.aspx) This class will allow students to participate in an industrial control system (ICS) cyber security red/blue exercise during the course. The emphasis will be [...]

Comments Off on Kenexis ICS Training Class @ S4x15

The Changing Face of ICS/SCADA

By |2017-06-25T19:58:13+00:00December 16th, 2014|Author, ICS Cybersecurity, Jim Gilsinn, News|

What constitutes an industrial control system (ICS) or supervisory control and data acquisition (SCADA) system and the environments in which they operate has changed drastically over the last decade or so. Traditionally, ICS were used in discrete and batch manufacturing, process control, packaging, and infrastructure. Some may argue the fine points of that list, however, [...]

Comments Off on The Changing Face of ICS/SCADA