Security BSides Las Vegas 2025

Water is life.
In 2025, the threat landscape facing U.S. water infrastructure has grown more severe and immediate. Following the high-profile cyber intrusions of 2024—such as Volt Typhoon and Iran-linked Cyber Avengers—2025 has already seen a surge in attempted and successful breaches targeting municipal and rural water systems. These escalating threats are compounded by deteriorating trust and coordination between public and private sector stakeholders. This convergence of cyber vulnerability, regulatory fragility, and geopolitical tension creates a perfect storm—leaving our most essential infrastructure exposed at a time when resilience is most critical.

What Engineers Need to Know About Cyber and Why (and are not getting this in school).
This workshop uses a case study of a hypothetical engineering project to support discussion and application of the principles for Cyber-Informed Engineering (CIE) throughout the workshop. The scenario draws from a selection of real-world case studies, is fictional, and is crafted to support the application of CIE principles. Workshop participants get a workbook to structure their journey, capture insights and lessons learned, and provide a useful takeaway item that can further conversations after the event.
This is a hands-on workshop filled with exercises to develop understanding of the principles of Cyber Informed Engineering. This training event is designed for anyone who is interested in learning a methodology of designing out cyber-risk before a system is placed into operation.