HACK the SHIP - the Security, Functionality, Usability Triangle Gone Wrong

MTUG Events Pierce Atwood Thomas College

Wed., Sep. 30, 2020, 11am to Noon

Online at http://mtug.webex.com

No downloads available for this session (yet).

Please join MTUG for one of our top workshop proposals of the 2020 Season: "HACK the SHIP: An overview of Shipboard ICS Cybersecurity, or the Security, Functionality, Usability Triangle Gone Wrong."

In this session, presenters Joshua Moss and Jockel Carter explore the lack of applied security across the Maritime Transportation System (MTS). Merchant shipping is especially vulnerable due to the insecure protocols used in the Industrial Control Systems (ICS) aboard large merchant ships. Josh walks users through the network layout of a merchant ship, and discusses how a malicious attacker can take control of ships similar to the large, liquid natural gas, and bulk carriers that come to port here in Portland, Maine. The lack of “baked in” security is then used as an analogy and a reminder to Maine technology users to have foresight when designing processes and technologies, and ensure that security is always a thought, not an afterthought.

Participants will be exposed to a common security situation that is typical for naval systems, industrial controls systems, and other infrastructure that is often considered beyond the reach of cyber-attack but is not.

MTUG thanks our volunteer board member Kristen Kucera, who coordinated this event's speakers and topic.

MTUG Thanks our ExecTech Webinar Series Sponsors for September!

Please help us appreciate our ExecTech Sponsors this month - you may click below to visit their websites and learn more about their organizations. MTUG's programming and tech community resources are made possible by these generous supporters:

Thank you!

For the Autumn 2020 Season MTUG will present the “Best-of-the-Best” of our constituents’ Workshop Proposals that couldn't be presented at the canceled 2020 Summit. These will be online Webinars, free to the public, and recorded for continued constituent access (unlike traditional Summit Workshops). These Webinars will touch on the key issues executives in Maine businesses must consider in this rapidly changing technology and security landscape.

ExecTech Sponsorships are available for this series. This is an excellent opportunity to show your support of MTUG’s mission while gaining great visibility to the leaders among the Maine tech professional community. If you are interested in being an ExecTech Sponsor, please check out our ExecTech Sponsorship Info Sheet at this link [PDF], and Contact Us if you have any questions.


Joshua Moss, OSCP, GXPN, GWAPT, GPEN, CEH, Sec+

Cyberspace Operations Officer, U.S. Coast Guard Reserve

Lieutenant Junior Grade Josh Moss is a Coast Guard Reserve Cyberspace Operations Officer and former US Cyber Command Operator with over ten years of technical experience in the offensive security domain. He leads a team of security experts to secure Coast Guard and National Maritime Transportation System infrastructure.

His certifications include Offensive Security Certified Professional (OSCP), GIAC Exploit Researcher and Advanced Penetration Tester (GXPN), GIAC Web Application Penetration Tester (GWAPT), GIAC Penetration Tester (GPEN), EC Council Certified Ethical Hacker (CEH), and Comptia's Security Plus (Sec+).

When not hacking for the Coast Guard, Josh is a Senior Cloud Security Consultant for a top-of-industry cloud provider where he leads teams of consultants and customers to deliver security outcomes. He is a frequent speaker at local security groups, participant in local and national Capture the Flag (CTF) challenges, and a cat enthusiast.


Senior Cybersecurity Advisor, Tyler Cybersecurity, Tyler Technologies

Jockel Carter is an experienced Cybersecurity professional. He has worked multiple Cybersecurity domains with a focus on technology, incident response, and governance for thirteen years. Before that he worked in information technology for twelve years. He has earned multiple certifications and currently holds the CISSP, CCSP, PCIP, PCI-ISA, and CISA designations. These certifications cover cybersecurity, cloud security, Payment Card Industry audits and assessments, and IT System Auditing. He earned a Master of Science in Information Technology in 2006.

Jockel is active in the Cybersecurity community. He is founding president of the (ISC2) chapter in Maine and held that position from 2009 until 2017. He is the InfraGard Member Alliance Maine Chapter Secretary.

He is currently a senior advisor for clients at Tyler Cybersecurity. In that role he provides guidance on security programs, performs assessments, IT Audits, and training for senior managers and Boards. He is the subject matter expert at Tyler Cybersecurity for multiple technologies and frameworks.

To reserve your place, please complete the registration form by clicking on the button below.