Dean Parsons

Dean brings over 20 years of technical and management experience to the classroom. He has worked in both Information Technology and Industrial Control System (ICS) Cyber Defense in critical infrastructure sectors such as telecommunications, and electricity generation, transmission, distribution, and oil & gas refineries, storage, and distribution. Dean is an ambassador for defending industrial systems and an advocate for the safety, reliability, and cyber protection of critical infrastructure. His mission as an instructor is to empower each of his students, and he earnestly preaches that “Defense is Do-able!” Over the course of his career, Dean’s accomplishments include establishing entire ICS security programs for critical infrastructure sectors, successfully containing and eradicating malware and ransomware infections in electricity generation and manufacturing control networks, performing malware analysis triage and ICS digital forensics, building converged IT/OT incident response and threat hunt teams, and conducting ICS assessments in electric substations, oil and gas refineries, manufacturing, and telecommunications networks. A SANS Certified Instructor, Dean teaches ICS515: ICS Active Defense and Incident Response and is a co-author of the upcoming new SANS Course ICS418: ICS Security Essentials for Managers. Dean is a member of the SANS GIAC Advisory Board and holds many cybersecurity professional certifications including the GICSP, GRID, GSLC, and GCIA, as well as the CISSP®. He is a proud native of Newfoundland and holds a BS in computer science from Memorial University of Newfoundland.

More About Dean

Profile

For as long as Dean can remember, he has always had a passion for security, so his decision to go into the field was a natural progression. He grew up ethically hacking computer systems of all types using his own custom-compiled Linux systems and custom C code hacking tools. From a young age, he wrote security tools such as password crackers in Python, host-based intrusion detections systems, network sniffing tools, intelligent port scanners, and kernel module and exploits, among many others. Dean’s passion for this type of work is rooted in protecting the greater good. He recognizes the crucial need for more defenders in the industry as adversaries continue to specifically target ICS and critical infrastructure.

To support himself while earning his bachelor’s degree in computer science at Memorial University of Newfoundland, Dean worked as a security consultant performing Linux hardening, writing networking applications, and performing ethical hacks and vulnerability assessments for industrial marine and offshore engineering firms, among others. Dean now has more than 20 years of technical and management experience. He has worked in both Information Technology and ICS Cyber Defense in the telecommunications and electricity sectors covering generation, transmission and distribution of power for critical infrastructure in Canada, including the NERC-CIP alignment.

As an ICS Cyber Defense consultant, no day looks the same for Dean. One day you might find him dissecting packets and writing policies, while on the next he might be presenting to a board of directors or to professionals at a security conference.

Dean will be the first to tell you that ICS cybersecurity starts with safety and is driven by it. To ensure this safety, he has built ICS security teams and processes for practical defense across multiple ICS sectors. These teams have been effective in performing ICS incident response and playing key roles in preserving the safety and reliability of operational technology and ICS operations. Dean has integrated cybersecurity as mandatory ICS-physical and on-site safety training for engineering staff. This training is ever more important as adversaries make brazen moves to target the ICS safety systems designed to keep people and physical assets safe.

“I’m an ambassador for defending our industrial systems, and an advocate for safety, reliability and cyber protection of our critical infrastructure,” Dean explains. “Every ICS class I teach I empower every student to ask questions and get involved in the always up-to-date conversation. Using this approach and sharing my experiences from the field creates memorable moments to effectively deliver the course content. It prepares students for SANS GIAC certifications while simultaneously helping them retain critical knowledge long after the class ends, which is super important for practical ICS defense.”

In ICS515: ICS Active Defense and Incident Response, the course Dean teaches for SANS, he tackles common misconceptions and challenges of IT security applied to ICS security with an emphasis on safety for critical infrastructure. He takes students through incidence response, and emphasizes the main differences between traditional IT security and ICS security. One thing you will certainly hear echoed in Dean’s class is “Defense is Do-able!” He also reminds you to keep in mind Yoda’s famous expression: “Do. Or do not. There is no try.”

Dean is also the co-author of the new upcoming SANS course ICS418: ICS Security Essentials for Managers with SANS Certified Instructor Jason Christopher. ICS418 fills the identified gap among leaders working across critical infrastructure and operational technology environments. It empowers new and established ICS Security Managers with tools to address industry pressures and manage cyber threats and defenses that prioritize the business while ensuring the safety and reliability of ICS operations.

Outside of class, Dean has been invited to speak on ICS security at conferences and workshops throughout North America and the United Kingdom. He has also contributed to many SANS ICS webcasts. When Dean isn’t working, you can find him exploring the coast of Newfoundland on his jet skis, playing piano, jamming out to ‘80s music, or riding motorcycles. He is an accomplished motorcycle instructor and rider and has published some adventures in his travel book The Evergreen Rider: Newfoundland by Motorcycle Through All Seasons, All Weather.


ADDITIONAL CONTRIBUTIONS BY DEAN PARSONS:

PUBLISHED WORKS, ARTICLES & BLOGS

SANS ICS Sit Visit Plan, May 2021

ICS Cheat Sheets: It’s Not Cheating If You Have an Effective and Safe Approach!, April 2021

7 Tips For Planning ICS Plant Visits, May 2019

News article: Addressing Modern Industrial Control System Attacks, March 2019

Whitepaper: Practical Industrial Control System (ICS) Cybersecurity: IT and OT Have Converged— Discover and Defend Your Assets, September 2018

ICS Defense: It's Not a "copy-paste" from an IT playbook, April 2018

Know Thyself Better Than The Adversary - ICS Asset Identification and Tracking, February 2018

WEBCASTS & PRESENTATIONS

Top 5 ICS Assets and How to Protect Them, August 2021

Cyber42: Industrial Edition Game Day, July 2021

Top 5 ICS Incident Response Tabletops and How to Run Them, June 2021

Threat Management Made Easy: How to Protect Your ICS Network with Less Effort, June 2018

Panel Discussion: Challenges of Developing an Asset Inventory for Converged IT/OT Environments, May 2018

Canadian Webcast Series Part 3: ICS Defense: It’s Not a “Copy-Paste” From an IT Playbook, March 2018

Improving Incident Response for ICS, November 2017

Practical Industrial Control System (ICS) Cybersecurity: IT and OT Have Converged— Discover and Defend Your Assets, September 2017

CHEAT SHEETS & POSTERS

ICS Assessment Quick Start Guide – Poster

ICS Site Visit Plan – Cheat Sheet

ICS Security Program Maturity Quick Start Guide – Cheat Sheet

ICS Assessment Methodology Quick Start Guide – Cheat Sheet

ICS Common Acronyms Quick Start Guide – Cheat Sheet