(CS)²AI ADVISORY BOARD
System 1, Inc.
New Board Member!
New Board Member!
System 1, Inc
(in memoriam 1971- 2019)
Idaho National Laboratory
Secure Anchor Consulting
New Board Member!
Department of Defense
Georgia Institute of Technology
New Board Member!
ART CONKLIN, PH.D.
University of Huston
DOUG WYLIE, CISSP
System 1, Inc.
Mr. Abeles is a management and technology visionary, specializing in infrastructure security, cybersecurity, and process improvement. He has over 30 years of experience in the commercial and Federal Energy Sector both domestically and internationally. He is the Founder, President, and CEO of System 1, Inc., a leader in critical infrastructure and security consulting, He is a leader in paradigm and cultural change, and builds multi-faceted solutions.
Mr. Abeles’ Federal support has ranged from executive levels at the White House to various Cabinet level agencies, National laboratories, and academic institutions. He has worked to build multi-state solutions linking the Government, law enforcement, first responders, and the private sector. Mr. Abeles has been an author and speaker, and has been featured in the media, developing industry standards and publications. He works at executive level helping to establish understanding and processes to reduce organizational risk.
As the CEO of System 1, Inc., Mr. Abeles has developed best practices at a policy level for Federal organizations such as the National Institute of Standards, Department of Energy, Department of the Treasury, Department of Interior, and Department of Commerce. The seamless integration of risk leads to more cost-effective solutions. In today’s environment, Mr. Abeles emphasizes the integration of cybersecurity as a foundational cornerstone of organizational risk at the CEO or executive leadership level.
Prior to founding System 1, Inc., Mr. Abeles provide management and technical services to the utility sector. He brought his expertise on energy and utilities to the public sector. He has helped global consultancies such as Impell (Abb) and NuTech with clients domestically, in Europe, and the Pacific Rim. He then worked for a number of smaller firms where he was a participant or lead improving the performance of electric utilities.
Mike Assante (in memoriam 1971-2019)
Michael had a long an distinguished career in cybersecurity. Most recently he was the SANS lead for Industrial Control System (ICS) and Supervisory Control and Data Acquisition (SCADA) security and co-founder of NexDefense an Atlanta-based ICS security company. He also served as CSO of NERC, several high-level positions at Idaho National Labs, and CSO of American Electric Power. Mike passed away in 2019.
Georgia Institute of Technology
Prof. Beyah builds and leads teams comprised of bachelors, masters, and doctoral level researchers and developers who innovate and make fundamental breakthroughs in engineering and science in the areas of cybersecurity and computer networking. He has served or currently serves in several leadership capacities inside and outside of Georgia Tech, including serving as the Director of the Georgia Tech Summer Undergraduate Research in Engineering/Science (SURE) Program and serving on the Board of Visitors for the University of Pittsburgh’s School of Information Sciences.
He has secured millions of dollars to support his research program and has served as the Principal Investigator on dozens of projects, with demonstrated accomplishments in:
-Project formulation, initiation, grant proposal writing, and technical gap analysis with various industry stakeholders.
-Budget and expense management, and progress reporting to various sponsors (e.g., government funding agencies, corporations).
-Integration of developed systems into mission critical operational environments.
Prof. Beyah regularly communicates complex technical concepts to various stakeholders. Examples include lectures to his senior level computer networking and cybersecurity students, invited talks given to colleagues around the world, presentations to senior government officials, and presentations to leadership teams of various corporations.
Prof. Beyah has received numerous awards in his field including the NSF CAREER award. He was named to the Georgia Trend Magazine 40 Best and Brightest Under 40 (2006) and the Atlanta Business Chronicle Up & Comers 40 Under 40 (2007). He is a graduate of the United Way's Volunteer Involvement Program (V.I.P.), L.E.A.D. Atlanta, Leadership Georgia, and Leadership Atlanta, and has been named an Outstanding Atlantan.
Mr. Blask has been involved in the industrial control system and information security industries for more than 25 years. His career spans the breadth of the cybersecurity spectrum. He invented one of the first commercial firewall products, built a multi-billion-dollar firewall business at Cisco Systems, co-founded an early SIEM vendor and authored the first book on SIEM. Today he is Director of Webster University's Cyberspace Research Institute where he oversees the operation of the Knowledge Sharing Directorate.
Idaho National Laboratory
Mr. Bochman provides strategic guidance to senior USG and industry leaders on topics at the intersection of grid and critical infrastructure modernization and security. A frequent speaker, writer and standards developer, Andy has provided analysis on energy sector security actions, standards and gaps to DOE, DOD, DHS, FERC, NERC, NIST, NARUC, the Electricity Subsector Coordinating Council (ESCC), and state utility commissions, most recently testifying before the Senate Energy and Natural Resources Committee on energy infrastructure cybersecurity issues. He previously was Global Energy & Utilities Security Lead at IBM and Senior Adviser at the Chertoff Group in Washington, DC.
Andy is currently researching a book on applying engineering fundamentals to critical infrastructure cyber challenges. His recent publications include: “the National Security Case for Simplicity in Energy Infrastructure” (CSIS, 2015), “IoT, Automation, Autonomy and Megacities in 2025: A Dark Preview” (CSIS, 2017), "The Missing Chief Security Officer" (CXO, 2018) and "Internet Insecurity: the Brutal Truth" (HBR, 2018).
A critical infrastructure cybersecurity SME listed with the U.S. State Department Speakers Bureau, Andy is currently researching a book on applying engineering fundamentals to critical infrastructure cyber challenges. His most recent publications include: “The Missing Chief Security Officer" (CXO) and "Internet Insecurity: the Brutal Truth" (HBR).
Prior to joining INL, he was the Global Energy Security Lead at IBM and a Senior Advisor at the Chertoff Group in Washington, DC. Mr. Bochman received a BS degree from the U.S. Air Force Academy and an MA from Harvard University.
Executive leader and product cyber security expert with a proven track record of success supporting Energy, Industrial, Pharma & Consumer sectors with a deep technical background in product cyber security, Engineering, IT, resiliency, policy development, training, GDPR and risk management.
Fluent in cyber security standards and regulations (ISA/IEC 62443, NEI 08-09, NERC CIP, NIST 800-53, and ISO 27001) and information technology operations. Skilled at growing cross-functional high performing teams and working at all levels of an organization from board room and operations to manufacturing plant floor.
Active member in the development of cyber security standards & cyber security communities:
• International Electrotechnical Commission (IEC) - IEC 62859 US delegate
• International Society of Automation (ISA) – ISA 99 & TC65 USTAG voting member
• Nuclear Information Technology Strategic Leadership (NITSL) – member.
• Industrial Control Systems Joint Working Group (ICSJWG)
• NEI Nuclear Cyber Security Working Group member
With over 700 cyber security specialists and 5 Cyber Defence Centres across Europe, Airbus CyberSecurity protects customers in Government, Defence and Critical National Infrastructure Organisation
Turnover is in excess of 100 million Euros with operations across mainly France, Germany, UK and the Middle East.
For further information on our products and services, please check www.airbus-cyber-security.com.
Dr. Eric Cole
Secure Anchor Consulting
Secure Anchor Consulting and I offer expertise across the whole spectrum of cyber security, including perimeter defense, secure network design, vulnerability discovery, penetration testing, and intrusion detection systems. Some of the current key focus areas include advanced threats, insider threat, CISO support and security coaching. Secure Anchor also works with startups and established enterprises bringing innovative products to market, and bridges the gap between executive and technical stakeholders. I bring additional experience in positioning technology for acquisition.
I started in the cyber world as an analyst with the CIA, with computer security in its infancy, when most advanced threats manifested as physical instead of virtual. It became clear to me that this field requires constant, ongoing learning, or your knowledge and expertise will quickly expire.
From the intelligence community, I landed at the SANS Institute and developed coursework that is now the foundation of SANS information security training and security certification, building out the Cyber Defense curriculum and authoring the top selling cyber security course.
Now, my teaching, research, and the constant learning demanded by rapidly changing technology all merge to create a skill set and knowledge base that serve both individuals and corporations in their cyber security efforts. Sharing what I know, whether as a teacher or a speaker, fuels my desire to keep growing and giving each day. What can I help you understand?
Industry pioneer for implementation of Achilles Practice Certification PCD/ICS offshore technology cyber security for rig fleet. Innovative and decisive IT/ICS operations professional with 11+ years’ experience of managing IT & ICS network infrastructures, OT/PCD/ICS/IT cyber security based on (WIB/IEC 62443; NIST 800-53, ISO2700(1&2)), and operational risk management within the corporate & ICS network environments. Demonstrated success in team leadership, execution, strategic planning, stakeholdering, communication, budget management, and architecture design. Specialized in cyber security, enterprise telecommunications, network engineering design, ICS/SCADA/OT security, IT risk management, Incident Response, local and virtual remote team management. Team leader who mentors with purpose and fosters strong working relationships to create great teams and exceptional results.
Mr. Forney is a founding board member of the ISA Security Compliance Institute (ISCI) which develops the conformance specifications to the ISA 99/IEC 62443 ICS cyber security standard and has held the Co-chair position for the Research and Development Sub-group of the Department of Homeland Security Industrial Control System Joint Working Group. He has been an advisor to the White House Cyber Security Office, the Department of Justice, the Department of Energy and FERC.
Paul is also a primary contributor in the ISA99 WG4 TG6 committee working on the IEC 62443-4-1 world wide standard for secure development in industrial automation (now approved by ISA and IEC). He has been a guest speaker on the subject of the Security Development Lifecycle and incident response in industrial control and cyber physical systems at national and international conferences for Microsoft, Gartner, SANS, ICSJWG, AFPM, API, RCMP, S4 and Public Safety Canada. Paul works closely with the ICS-CERT organization on ICS cyber vulnerabilities and also with cyber researchers around the globe.
Mr. Forney has been awarded eleven patents in areas such as failure prediction for upstream Oil and Gas, grid balancing for Power and Internet/intranet portal technologies; and for twenty-seven years, has been involved in the design, security and implementation of SCADA, Event Driven/Service Oriented Architecture (EDA/SOA) and distributed control software and systems for industrial automation.
Paul is an active member of the Azure Advisory Board for Azure Active Directory and Azure Service Bus and has served on the Board of Advisors for Cylance, Inc., one of the fastest growing and innovative cyber security companies in the world. He is a certified Information Systems Security Professional (CISSP), a certified Information Systems Security Architect Professional (ISSAP), a certified Secure Software Lifecycle Professional (CSSLP) and an accomplished jazz musician.
With more than 20 years of technology experience, Najo has been focused on cyber security with a specific passion for Industrial Control Systems and critical infrastructure. Najo champions relationships within the industry bringing developers, researchers, law enforcement and security professionals around the globe together and is dedicated to ensuring safe drinking water, electricity, and pipeline operations remain uninterrupted and available in North America.
Recognizing the value of a strong community, Najo devotes much of her time to key cyber security associations and initiatives including: International Society of Automation (ISA), Canadian Cybersecurity Alliance, (ISC)² Alberta Chapter, Calgary BSides, and has most recently been added to the Global Advisory Board for Control System Cyber Security Association International (CS)²AI while also sitting as an executive committee member in Houston and Calgary. Understanding the value a diverse workforce brings, Najo also spends time looking for actionable solutions and ways to engage, develop, and advance women in cyber security.
Senior technical professional with more than 30 years global industry experience in manufacturing, instrumentation, process control, safety instrumented systems, and optimization working for companies in consumer products, petrochemical, automation, and engineering / procurement / construction industries with responsibilities covering conceptual and detailed design, cost estimating, installation, maintenance and support, training, marketing, and sales leadership.
Specialties: Control system specification development, control system procurement, testing/commissioning plan development, digital field networks (Foundation Fieldbus, HART, Profibus), asset management (FDM/AMS), safety instrumented systems (IEC 61508/61511), industrial networks/IT (Cisco), cyber security (ANSI/ISA99, NERC CIP), open systems, open source (Linux), virtualization technologies (VMware), branding/marketing, trademarks/patents.
Gavin is a principal in PricewaterhouseCoopers Cybersecurity & Privacy practice. He has served global organizations with operational technology cyber security programs including the design and execution of site risk assessments, security testing, security product deployment, and cyber analytics, in addition to serving numerous IT cyber security needs.
Samara focuses on partnering across the enterprise to manage cyber and physical security and compliance risks. She joined Exelon after 10 years in the federal government. Moore was previously National Security Staff member at the White House, responsible for the NIST Cybersecurity Framework development. Prior to the White House, Samara co-led the development of the U.S. Department of Energy’s Cybersecurity Capability Maturity Model for power system utilities.
Extensive background in a variety of industries including manufacturing, DoD, healthcare, and others. Proven professional skills include system architecture and design, software project management, application development, system administration, network administration, database design and administration, and multi-tier support.
• Previous Chairman, ISA-62443/ISA-99 Industrial Control Systems Security Standards body
• Interim Governing Board, Process Control Security Forum
• Industry representative for security architecture concerns to almost every major manufacturing, utilities, and other critical infrastructure
• System Architecture and Design using methodologies including UML, Rational Unified Process, Booch, Yourdon, etc.
• MES, EAI, ERP, LIMS, PLC, DCS, HMI, and other manufacturing systems
• Client/Server development in Java, JSP, ASP, C/C++, Visual C++, VB, PERL, Shell (ksh, csh, sh, bash), SQL, PL/SQL, and HTML.
• Physical and network vulnerability assessments, penetration testing, information assurance, and biometrics.
• PGP, SSH, VPN, WEP, SSL, WAP, 802.1x, RADIUS, etc
Gib is a seasoned cybersecurity practitioner. He has been working in the information technology industry for more than twenty-five years in both the public and private sector. He is recognized for his expertise in industrial control system security, governance, risk management, and information security compliance where has helped government and commercial customers comply with FISMA, GLBA, HIPAA, and other legal obligations and minimize their risks. Additionally, he led projects involving NERC CIP, NEI 08-09, and security assessments of electric utilities. He is a frequent speaker at cybersecurity and energy conferences on a variety of issues including compliance, continuous monitoring, incident response, smart grid, e-discovery, and many others. He has authored numerous publications, including a book on smart grid security. His efforts have led to exponential growth in new business for his business unit in the energy industry.
Gib also holds a law degree, specializing in information security and privacy issues and electronic discovery. He has been active with the American Bar Association’s Information Security Committee for several years and has contributed to publications relating to PKI, information security liability, and electronic discovery.
Specialties: regulatory compliance, certification and accreditation, electronic discovery, information security law, cloud computing security, incident response, breach notification, data life cycle management and protection, data leak protection, smart grid security, SCADA security, NEI 08-09, NERC CIP, GLBA, ISO 27001, HIPAA, NIST 800-53, DIACAP, Sarbanes Oxley, COBIT, European Data Protection Directive, penetration testing, PCI, continuous monitoring, eGRC, application whitelisting, situational awareness
A recognized domain expert in the field of cyber security for industrial computer systems, leveraging unique hybrid (IT and Engineering) skills and experiences to design, develop and implement technology solutions that can help safeguard these fragile, yet critical, computers as cyber threats increase in both frequency and sophistication around the world.
Tyler is currently Venture Principal at Shell Ventures, Shell's corporate venture capital fund which has been established to facilitate strategic investments in early-stage technology companies who are changing/disrupting the energy industry around the world.
As a member of the North America venturing team, Tyler is responsible for identifying key emerging technology trends and curating new investment opportunities in start-ups that have developed innovative solutions for use in Shell’s Unconventional Oil & Gas ( i.e. Field of The Future ) and Oil Products ( i.e. The Digital Downstream ) portfolios.
Prior to joining Shell Ventures, Tyler held two global management roles in Shell most recently as Global Technology Lead and as Group Head of Industrial Cyber Security ( PCD IT Security ).
Before joining Shell, Tyler co-founded a specialized cyber security organization (Wurldtech) focused on protecting the automation and control systems which deliver services we all rely on every day. (Oil & Gas, Power, Transportation, Manufacturing, Chemicals). Wurldtech quickly became one of the world’s leading industrial cyber security organizations, won multiple awards for technology innovation, and was acquired by GE.
System 1, I
Mr. Wohnig is an internationally recognized cyber security and assurance leader having written, presented, and advised senior corporate and federal leadership on security and assurance issues across the energy sector and to the federal government for over 20 years. As a veteran executive he is called upon by high-performing organizations for his ability to achieve, integrate, and drive deep corporate business objectives in the face of globalized competition, rapid technological advances, rapid social/demographic change, and increased sophistication of cyber adversaries. Mr. Wohnig has advised clients across several industries, helping them understand their risk posture and to develop proactive security strategies and programs resulting in clear alignment of security investments to business value. Mr. Wohnig is one of the key figures shaping the discussion and practice of cyber security in the critical infrastructure and industrial control system arenas.
Doug Wylie, CISSP
Doug has more than 22 years of experience with industrial control systems (ICS) and is a seasoned business practitioner, industry thought leader and certified security professional with extensive experience as a global market-maker for industrial products, open technologies and contemporary solutions used in mission-critical applications. Experienced, transformational executive management and certified security professional with extensive industrial market background that spans: Industrial IoT, IT/OT convergence, ICS, business management; strategic marketing, alliances and partnerships; product and program development; Crisis management; government affairs; global standards; and workforce development. Facilitates cybersecurity maturity throughout industry to safeguard people, business operations, critical control systems and supply chain.
Lior Frenkel is the CEO and co-founder of Waterfall Security Solutions, the leading provider of Unidirectional Security Gateways. With more than 20 years of hardware and software research and development experience, Mr. Frenkel leads Waterfall with extensive business and management expertise. His experience spans research, design and development of mission critical systems and national cyber security technologies and programs. He holds multiple patents and patent applications, primarily in the area of cyber security for OT and IT environments. Beyond the walls of Waterfall, he is a frequent contributor to regulatory steering committees, governmental forums, public hearings and closed-door briefings. Mr. Frenkel holds a B.Sc. in Computer Science and Statistics from Bar-Ilan University.
Daryl Haegley GICSP OCP
Department of Defense (Dod)
Office of the Principal Cyber Advisor (PCA) regularly advises the SECDEF and DepSECDEF on cyber related activities that support or enable DOD's missions in, through, and from cyberspace, in coordination with the Services, Agencies and USCYBERCOMMAND. In my new role I will also oversee implementation of the DoD Cyber Strategy, assesses cyber programming and budgeting issues, making recommendation through the Program Budget Review process; inform Department-level cyber-related budgeting and acquisition processes and forums; and initiates projects to strengthen DoD's approach to cyber activities and missions.
Specialties: Cyber policy, analysis, public speaking, vulnerability assessments, security evaluations, generating concise presentations, training, mentoring.
John Cusimano is an industrial control system (ICS) cybersecurity and functional safety expert with more than thirty years of experience. He has performed countless ICS cybersecurity vulnerability and risk assessments in the Oil & Gas, Pipeline, Chemical, Water/Wastewater, Pharmaceutical and Power industries per NIST, ISA/IEC 62443 and NERC CIP standards. He has also overseen and participated in the security testing and certification of several leading control and safety system platforms per the ISASecure™ certification scheme which he helped develop. A leader in the development of ICS cybersecurity standards and best practices, John is Chairman of the ISA 99 subcommittee that authored the recently approved ISA/IEC 62443-3-2 standard, "IACS Security Risk Assessment & Design".
Art Conklin, Ph.D.
University of Huston
Art Conklin is the Program Coordinator for the Information Security Program in the College of Technology at the University of Houston. He is also the Director or the Center for Information Security Research and Education, where he has been for over thirteen years, a Digital Forensics Examiner with Applied Cognitive Solutions, a Fellow at ISSA, and author of multiple published books on cyber security.