Image
AusCERT 2022 Cyber Security Conference
Lesley Carhart
Cybersecurity expert and Director of Incident Response at Dragos
- Named a “Top Woman in Cybersecurity” by Cyberscoop news and voted DEF CON Hacker of the Year in 2020
- Has spent more than two decades in IT and cybersecurity fields
- Protects clients against digital theft, hackers, and infections every day and regularly shares their insights with audiences around the world
Play Video
View Fees
Lesley Carhart is the Director of Incident Response for North America at the industrial cybersecurity company Dragos, Inc., leading response to and proactively hunting for threats in customers’ Industrial Control Systems (ICS) environments. Their mission at Dragos is to protect the world’s most critical infrastructure from adversaries who wish to do it harm. Dragos helps defend industrial organizations that provide us with the tenets of modern civilization: running water, functioning electricity, and safe industrial working environments.
Lesley is recognized as a subject matter expert in cybersecurity incident response, regularly speaking on the topic at industry conferences and universities, as well as to news media. Following four years as a Principal Incident Responder for Dragos, Lesley now manages a team of incident response and digital forensics professionals across North America who perform investigations of commodity, targeted, and insider threat cases in industrial networks. Lesley is also a certified instructor and curriculum developer for Dragos’ incident response and threat hunting courses.
Prior to joining Dragos, Lesley was the incident response team lead at Motorola Solutions. Following four years as a Principal Incident Responder for Dragos, Lesley now manages a team of incident response and digital forensics professionals across North America who perform investigations of commodity, targeted, and insider threat cases in industrial networks. Lesley is also a certified instructor and curriculum developer for Dragos’ incident response and threat hunting courses.
Lesley is honored to be retired from the United States Air Force Reserves, and to have received recognition such as “DEF CON Hacker of the Year”, “SANS Difference Maker”, and “Power Player” from SC Magazine.
In their free time, you may find Lesley volunteering at events for cybersecurity job seekers by organizing resumé and interview clinics. When not working, Lesley also enjoys being a youth martial arts instructor.
Speaker Video
What Every Pen Tester Needs to Know About ICS
100 Seconds with Lesley Carhart
Cybersecurity Executive Interview
The Industrial Cybersecurity Landscape. Critical infrastructure, such as water, electric power, oil and gas, and manufacturing are crucial to our modern society. Unfortunately, the cyber threats facing them are increasing - from state actors pre-positioning for future attacks, to ransomware gangs out for the money, to disgruntled insiders. As industrial technology (ICS) has converged with information technology and become increasingly connected, these systems are increasingly ripe for abuse. Lesley has spent a career responding to and conducting forensic investigations of intrusions into industrial computer networks, and will discuss the current threat landscape, proper preparation for cyberattacks against industrial networks, and what we must do as a society to improve the cybersecurity of our most critical systems.
Building the Cybersecurity Talent Pool. The Cybersecurity industry is facing a critical shortage of skilled talent, as cyberattacks and their costs to businesses increase dramatically. Additionally, these positions are well-paying, interesting, and deeply impactful to society. Unfortunately, swathes of talent are not being reached - from underprivileged communities, to underrepresented minorities, to veterans. Lesley has been hiring, mentoring, and training cybersecurity talent for over a decade, and runs career and résumé clinics for prospective cybersecurity professionals across the United States. Learn how to select a cybersecurity niche, choose the right training, and seek a balanced and enjoyable cybersecurity career!
Building an Incident Response Program. We do our best to build defenses to prevent cyberattacks in our organizations, but the reality is that any organization can be the victim of a cyberattack. It is always important to prepare for a worst case scenario, and that includes cybersecurity incidents. Lesley has spent a career responding to and investigating diverse cyberattacks, and professionally trains and tests the capabilities of incident response teams. This talk will discuss how to build a successful and healthy incident response program from a strategic, logistical, and tactical level - from constructing essential documentation, to engaging appropriate resources, and measuring and testing success.
Understanding Modern Cyberattacks: Thinking Like an Adversary. Why do we have to complete cybersecurity awareness training? Why does our organization block specific websites? it's not just to frustrate us. There's really an important purpose! Lesley will break down the basics of modern cyberattacks - who conducts them, their typical lifecycle, and what the general objectives of adversaries are. To understand defense, we have to understand the adversaries we face in defending our homes and businesses. We will take a journey together into thinking like a cybercriminal, in order to understand why we put important cybersecurity measures in place in both our personal lives and in our work lives.
