Nick Weber
Managing Partner,
Archer
Nicholas (Nick) Weber is a seasoned security leader who has been in military and security leadership roles since 2002. He is a Critical Infrastructure Protection (CIP) professional who has held a Top Secret/Secret Compartmentalized Information (TS/SCI) Clearance. He has served in physical and cyber security management roles at Grant Public Utility District, Western Electricity Coordinating Council (WECC), the US Department of Homeland Security, and the US Army. He has been recognized for his leadership with accolades such as the Security Systems News 20 Under 40 award and the Bronze Star Medal.
About Nick Weber
Follow Nick Weber
Managing Partner,
Archer
Amanda Theel
Workforce Development Group Lead
Argonne National Laboratory on behalf of the Department of Energy’s CyberForce® Program
Amanda Theel currently is the Workforce Development Group lead at Argonne National Laboratory and the Program Director for the Department of Energy’s CyberForce® Program. Within the CyberForce Program, she leads the cybersecurity workforce development effort for the Department of Energy (DOE) Office of Cybersecurity, Energy Security and Emergency Response (CESER) CyberForce® Program that oversees several collegiate cybersecurity efforts to build the ever-growing pipeline. Additionally, she provides expertise to DOE, the Department of Homeland Security (DHS), and the Cybersecurity and Infrastructure Security Agency (CISA) as a lead analyst on cybersecurity methodology and cyber guidance. She conducts cybersecurity assessments and surveys with the intent to evaluate the cybersecurity posture of critical infrastructure. She has a triad Bachelors of Science degree in Accounting, Information Security & Risk Management, and Management Information Systems along with a Distinguished Honors diploma. In May 2013, she received her Masters of Science degree in Information Security.
https://cyberforce.energy.gov/
About Amanda Theel
Follow Amanda Theel
Workforce Development Group Lead
Argonne National Laboratory on behalf of the Department of Energy’s CyberForce® Program
Andrew Ginter
VP Industrial Security
Waterfall Security Solutions
Andrew Ginter is the VP Industrial Security at Waterfall Security Solutions, where he leads a team of experts that work with the world's most secure industrial sites. Before Waterfall, he led the development of high-end industrial control system products at Hewlett-Packard, of IT/OT middleware products at Agilent Technologies, and of the world's first industrial SIEM at Industrial Defender. Andrew is the author of two textbooks on industrial security, and a co-author of the IIoT Security Framework and the UITP guide to rail system cybersecurity procurement. He co-hosts the Industrial Security Podcast, is a lecturer at the Industrial Security Institute, and contributes regularly to industrial security standards and best-practice guidance.
https://WWW.WATERFALL-SECURITY.COM
About Andrew Ginter
Follow Andrew Ginter
VP Industrial Security
Waterfall Security Solutions
Brian Proctor
Director of Energy Solutions
Finite State
Brian Proctor is Director, Energy Solutions at Finite State. In his role, Brian brings 13+ years of experience as an ICS/OT cybersecurity engineer and architect to assist early-adopter and leading-edge customers in confronting the software supply chain risk that threatens critical infrastructure’s OT devices and embedded systems.
Previously, as an ICS/OT cybersecurity engineer and architect, Brian worked for two progressive California Investor-Owned Utilities (IOUs) and focused on developing and executing ICS cybersecurity strategies to mature ICS cybersecurity programs across natural gas and electric environments.
Brian holds several technical certifications, including the Global Industrial Control System Professional (GICSP), Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC); has presented with the Critical Infrastructure Private Sector award from Securing our eCity, a San Diego based cybersecurity non-profit organization; and was a co-inventor of a R&D magazine top 100 award winner for one of the top inventions of the year, relating to a GPS anti-spoofing mitigation technology.
Brian has published articles with the Institute of Electrical and Electronics Engineers (IEEE) on “securing and monitoring the GRID edge” and has been a speaker on the subject at several industry events.
https://finitestate.io/
About Brian Proctor
Follow Brian Proctor
Director of Energy Solutions
Finite State
David Nowak
Principal, Cyber Risk Services
Deloitte
Dave is a Principal in Deloitte Advisory’s Cyber Risk Services, serving the Power & Utility industry. He works closely with utility sector clients to improve cybersecurity posture, protect the grid, and research and implement industry leading cybersecurity solutions. Recently he has transformed utilities cyber operations program to identify, engage and meditate cyber threats faster across IT, OT, and cloud. He works with client executives and Boards advising them on current cybersecurity concerns, threats, and trends, and has acted as an executive level cybersecurity advisor for clients, helping them source their Chief Information Security Officer.
https://www.deloitte.com
About David Nowak
Follow David Nowak
Principal, Cyber Risk Services
Deloitte
David Reinecke
Corporate Cyber Security Analyst
S&C Electric Company
David Reinecke is a NERC CIP and Cyber Security leader with over 30 years in technology and 26 years in the electric utilities space. He has been involved with NERC CIP compliance since 2008 and has participated as a key stakeholder during the initial implementation at municipal entity, as a CIP Standard Owner at a large IOU, and more recently implemented a brand-new CIP Program at a large Cooperative. He has managed multiple infrastructure and cyber security teams during his career and is currently helping mature the enterprise cyber security program at S&C Electric.
About David Reinecke
Follow David Reinecke
Corporate Cyber Security Analyst
S&C Electric Company
David Bernstein
Principal Consultant
BSI Consulting Services
Mr. Bernstein has over 15 years of experience in emergency response, emergency management, and business continuity and resilience planning. As a healthcare resilience professional, he has overseen planning and response initiatives for multi-facility health networks and acted as a strategic advisor for multi-agency initiatives and healthcare coalitions. He continues to be a valued strategic planning partner outside of the healthcare space for clients with local and global footprints on emergency planning and business continuity initiatives.
http://www.bsigroup.com/ehs
About David Bernstein
Follow David Bernstein
Principal Consultant
BSI Consulting Services
Dennis Skarr
IT Security Instructor
Everett Community College
Dennis Skarr is tenured faculty at Everett Community College (EvCC) where he teaches Information Technology. Dennis enjoys creating classes for his students which include tabletop and capstone exercises replicating real world experiences in cybersecurity, misinformation, and ethical hacking. His teaching endeavors resulted in receiving the 2019 Exceptional Faculty Award from EvCC. Dennis is currently building an Industrial Security Program for EvCC that includes classes, workshops, and Capture the Flag competitions.
Dennis has an extensive background in performing security assessments on a variety of industrial control systems. While Dennis was with the National Guard he created a two-week training program for cyber operators to receive special qualifications for missions involving cyber-physical systems. Dennis spent over 10 years performing assessments for the National Guard on critical systems that included building automation systems, electrical utilities, and voting systems. In 2016, Dennis’ work at the Guard contributed to US Secretary of Defense Ash Carter visiting his unit for a briefing on their capabilities and achievements.
About Dennis Skarr
Follow Dennis Skarr
IT Security Instructor
Everett Community College
Derek Burns
Control System administrator at LCRA Transmission Services Corporation
Lower Colorado River Authority
Derek Burns has been with LCRA (Lower Colorado River Authority) in Austin, Texas for seven years. He currently serves as the SOCC Systems Compliance Program Manager and Supervisor over the Substation Wide Area Network group. In this role, he is responsible for ensuring compliance with industry standards and regulations related to LCRA's impact systems and managing the Substation Wide Area Network group. Previously, Derek held the roles of EMS/Control System Administrator, coordinating and documenting compliance for all LCRA Impact Systems, performing IP management, and maintaining remote access to LCRA BES Cyber Assets. Derek’s earlier experience also includes his work as Substation SME lead for the substation environment as well as an acting role of compliance program manager in EMS and SubWAN environments during the last NERC audit in 2022.
About Derek Burns
Follow Derek Burns
Control System administrator at LCRA Transmission Services Corporation
Lower Colorado River Authority
Eddy Mullins
Program Manager
Department of Energy's CyberForce® Program
Eddy Mullins is currently the Program Manager for the Department of Energy's CyberForce® Program. He has worked in various positions at the Argonne National Laboratory for the past six years, from security operations to security training management. At the Program Manager, he leads the project coordination for the Department of Energy (DOE) Office of Cybersecurity, Energy Security, and Emergency Response (CESER) CyberForce Competition® as well as other key stakeholder events. Before coming to Argonne, Eddy was a law enforcement officer for seven years in south Florida.
About Eddy Mullins
Follow Eddy Mullins
Program Manager
Department of Energy's CyberForce® Program
Karl Perman
Board Member
EnergySec
Mr. Perman has held security leadership positions in the energy sector including Exelon Corporation and Southern California Edison. Karl developed a security practice during his service as the first Director of Security for the North American Transmission Forum. He served in law enforcement roles at the municipal and federal levels prior to entering the private sector. He also served in military intelligence and military police units in the U. S. Army Reserves.cMr. Perman has a Master’s Degree in Public Safety Administration from Lewis University and a Bachelor’s Degree in Public Law and Government from Eastern Michigan University.
About Karl Perman
Follow Karl Perman
Board Member
EnergySec
Kathryn Wagner
Vice President, Industry Solutions, Energy & Utilities
AssurX, Inc.
Kathryn has 10 years’ experience at AssurX working in complex environments in the utilities sector, helping customers implement solutions for NERC and other quality and compliance requirements. Kathryn is responsible for the development and evolution of product offerings for NERC compliance and related systems that focus on reliability and resilience. In addition, Kathryn guides strategic vision and expansion opportunities into other regulated markets within the energy sector. She is responsible for developing and managing AssurX partnerships and representing AssurX at industry events and conferences as a subject matter expert. Kathryn has a B.S. in Mechanical Engineering, an M.S. in Software Development & Management, and nearly 30 years’ experience in manufacturing systems integration and compliance.
https://www.assurx.com/energy-utilities/
About Kathryn Wagner
Follow Kathryn Wagner
Vice President, Industry Solutions, Energy & Utilities
AssurX, Inc.
Kelly Stich
Chief Cyber Security Architect
SUBNET Solutions
Kelly Stich is Chief Cyber Security Architect at SUBNET Solutions Inc. He is a registered Professional Engineer in British Columbia, Canada. Kelly has expertise in the domains of protection, control, automation, and OT cybersecurity. He worked at BC Hydro for over 16 years where he held roles such as Technical Lead for Transmission NERC CIP compliance and Specialist Engineer in Protection and Control Planning. Kelly has developed system architectures for secure remote access, arc flash mitigation, distribution protection and automation using GOOSE messaging, and established the programs for substation security patching and change management. At SUBNET, he is currently supporting NERC CIP, IEC 62443, and NIST CSF implementations.
About Kelly Stich
Follow Kelly Stich
Chief Cyber Security Architect
SUBNET Solutions
Mike Almeyda
Senior Account Manager
Force 5
Mike Almeyda is the Senior Account Manager of Force 5, Inc., an advanced technology company that develops enterprise-level solutions which drastically reduce risk profiles for power utility companies in North America. In this role, he works with power utility executives to deploy turnkey Enterprise Visitor Management solutions that combine hardware and software to automatically enforce physical-entry requirements and compliance for every entry point for the power utility. Mike’s experience is rich in enterprise risk management and power utility compliance. He served as a Critical Infrastructure Protection (CIP) Compliance Auditor with SERC Reliability Corporation for two years, and in that position, he led audit teams in execution of CIP Compliance Audits and Spot-Checks, ultimately participating in over 25 CIP Audits.
Mike’s extensive experience navigating regulations spans both sides of the regulatory table. At Florida Power & Light, Mike served as Manager of Power Delivery Reliability Standards & Compliance and Manager of Training & Execution Assurance. He provided direct oversight to compliance sustainability and quality assurance for the Power Delivery Business Unit, spanning across all NERC Reliability Standards. He also led compliance activities, ensuring full compliance with all legislative and regulatory initiatives, as well as reviewed cyber security and infrastructure protection compliance protocols/procedures, ensuring complete alignment with national/regional regulatory requirements (NERC CIP Standards/FERC Orders).
Mike later returned to SERC to serve as the Manager of Business Process & Risk Assessment, where he provided strategic leadership and tactical planning for the organization, developed the regulatory risk profile for SERC’s area of responsibility, and implemented continuous process improvement methodologies across the corporation.
Mike received his Bachelor of Science Degree in Computer Science from the United States Military Academy at West Point in 2005 and Master of Science Degree in Enterprise Risk
Management from New York University in 2016. He is also a certified Coach, Speaker, and Trainer with Maxwell Leadership. Mike is a decorated combat veteran and US Army Ranger who served two combat deployments in Iraq. His experience includes military service, regulatory compliance, public speaking, executive coaching, and corporate work in the utility sector.
https://www.force5.com
About Mike Almeyda
Follow Mike Almeyda
Senior Account Manager
Force 5
Rob Carson
CEO
Semper Sec
Rob Carson is the Founder and Chief Executive Officer of Semper Sec. With over a decade working in information security management, Rob has held positions as Vice President of Operations at InteliSecure, Director of Security at Cherwell Software and Director of Programmatic Services at Celsus Advisory Group. In addition to his private sector experience, Rob served as an infantry officer in the United States Marine Corps for seven years. Rob built and led high performing teams, resulting in mission accomplishment through troop welfare. His passion for excellence was shaped by his time in the Marines, where he was taught discipline, persistence, and the value of simplifying complex tasks to drive success.
Rob has built highly successful information security management systems, implementing, and maintaining certifications for ISO 27001:2005/2013, PCI and HIPPA. He has achieved a Bachelor of Science from Texas A&M and a Master of Science from the University of Maryland University College; He holds the following certifications, CISSP, CISA, and CCSK.
http://sempersec.com/
About Rob Carson
Follow Rob Carson
CEO
Semper Sec
Robert Rodriguez
Vice President, Sales
CIMCOR
Robert Rodriguez is the Vice President of Sales at Cimcor, where he leads go-to-market efforts for CimTrak, the industry's only patented real-time File Integrity Monitoring and System Assurance solution. With over 30 years of experience in Information Technology and Intelligence, Robert's career includes serving as a Senior Director of Engineering at a CyberSecurity Software company, managing Cyber Security for a Fortune 500 Utility, and IT management at the largest privately held bank in the US. Robert's distinguished background also includes 9 years in the Marine Corps as an Intelligence Collector and Instructor at the US Army Intelligence Center. When he's not working, Robert enjoys spending time with his wife and three sons.
https://www.cimcor.com/
About Robert Rodriguez
Follow Robert Rodriguez
Vice President, Sales
CIMCOR
Scott Klauminzer
CIP Program Manager
Tacoma Power
Scott is currently the CIP Program Manager for Tacoma Power, and has 30 years of IT and Security experience. He is currently participating in the development of the DOE’s ESC2M2 2.0 update, and serves on the NERC CIP Standards
Drafting Team. He has participated in the development of the NIST Cyber Security Framework and the ISO 27019 ICS Security Controls. He has extensive experience in developing and delivering security programs for NERC CIP, HIPAA,
PCI, and ISO 27001/2. Scott holds a CISSP, and a Master’s Degree in Cybersecurity and Leadership from the University of Washington. He loves to tinker with technology, but being outdoors with family, and coaching and paddling with dragon boat and outrigger canoe teams is what keeps him happy.
About Scott Klauminzer
Follow Scott Klauminzer
CIP Program Manager
Tacoma Power
Steven Parker
President
EnergySec
Steven Parker is a seasoned security and compliance consultant who has been in the energy industry since 2001. He has extensive expertise in critical infrastructure protection within the energy sector. He was part of the original audit team that established the NERC CIP audit program at the Western Electricity Coordinating Council (WECC). He designed, developed, and has taught NERC CIP education courses to thousands of professionals. His experience includes a broad range of security disciplines including e-commerce, identity management, intrusion detection, forensics, incident response and investigations, security event monitoring, and NERC CIP compliance.
https://www.energysec.org
About Steven Parker
Follow Steven Parker
President
EnergySec
Stacy Bresler
Vice President
EnergySec
Stacy Bresler is a seasoned security and compliance consultant who has been involved with the energy sector since 1996. He is a former bank cybersecurity consultant, former electric utility employee, former Corporate Information Security Officer (PacifiCorp) and served as a NERC Critical Infrastructure Protection (CIP) Compliance Auditor. He was one of the first CIP auditors hired by the Western Electricity Coordinating Council (WECC). As a Senior Compliance Engineer, he was a key participant in the development of security regulations related to the electrical grid. He is a NERC-certified lead auditor for both NERC Operations and Planning (693) and the CIP reliability standards. He has led and/or participated in more than 60 formal NERC Audits and has been a trusted security consultant for many different industries.
Mr. Bresler, as a Principal Investigator at EnergySec, was instrumental in helping lead a unique industry-specific security organization toward sustainability as part of a Department of Energy (DOE) collaborative agreement. The project was to build a national electric sector cyber security organization which became what EnergySec is today. In addition to his NERC auditor certifications, Stacy has held credentials as a Certified Information System Auditor (CISA) and Certified Information Systems Manager (CISM), Certified Information System Security Professional (CISSP), SANS GIAC Security Essentials Certification (GSEC), Microsoft Certified Professional (MCP) and Microsoft Certified Systems Engineer (MCSE).
About Stacy Bresler
Follow Stacy Bresler
Vice President
EnergySec
Trevor Dearing
Global Director of Critical Infrastructure
Illumio
Trevor has worked in networking and security for over 40 years. He has attended the birth of nearly all the technologies that we now take for granted including, Ethernet Switching, VPNs, Firewalls and virtual networks. Originally an engineer working on some of the first industrial control systems. He is now the Global Director of Critical Infrastructure Solutions for Illumio.
https://www.illumio.com/solutions/energy-utilities
About Trevor Dearing
Follow Trevor Dearing
Global Director of Critical Infrastructure
Illumio
Tobias Whitney
VP Strategy and Policy
Fortress Information Security
Tobias Whitney is a recognized leader in control systems security solutions with over 20 years of critical infrastructure security experience. For six years, Whitney led the compliance and Standards for NERC’s Critical Infrastructure Protection program.
Most recently, Whitney spent two years as Technical Executive at the Electric Power Research Institute (EPRI), evaluating risks in Supply chain cybersecurity for utilities, developing Solutions to address security architecture for Utility cloud-based solutions, as well as Researching emerging technologies, such as electric vehicle charging and supply chain Security.
“Implementing effective, automated security and compliance while minimizing business Disruption and cost is no small feat. I look forward to helping our customers do just that.” -Tobias Whitney
https://www.fortressinfosec.com
About Tobias Whitney
Follow Tobias Whitney
VP Strategy and Policy
Fortress Information Security
Wally Magda
Senior Standards Instructor & Advisor
EnergySec
Wally Magda brings his passion and energy to the Summit as an internationally recognized security expert for Industrial Control Systems (ICS). His deep security experience spans military nuclear missile command and control systems, intelligence agencies, enterprise security and industrial control systems. Wally’s involvement with the NERC CIP standards goes back to the Urgent Action Cyber Security standards of 2003. As a former WECC NERC CIP auditor he has performed over 100 NERC CIP on and off site audits in the roles of Audit Team Lead and team member. He started out in the utility business from the ground up as an Instrumentation, Control and Electrical Tech. He then progressed to managing ICS as a process control engineer. Seeing the need for experienced security professionals to assist Information, Operations and Physical Technology business units, he stepped into the enterprise level security realm. Wally is an active member of the NERC Supply Chain Working Group and Security Integration and Technology Enablement Subcommittee. He holds several professional certifications including ISA Certified Automation Professional (CAP), SANS GIAC Global Industrial Cyber Security Professional (GICSP), ASIS Physical Security Professional (PSP), ISC2 Certified Information Systems Security Professional (CISSP) and ISACA Certified Information Systems Auditor (CISA).
About Wally Magda
Follow Wally Magda
Senior Standards Instructor & Advisor
EnergySec
Ryan Ferran
Manager CyberSecurity Assessment Services, Senior Penetration Tester
BPM CyberSecurity Assessment Services
Ryan holds degrees in Mathematics and Computer Science, which has provided the basis for his career in multiple technical fields, including over 10 years in IT system administration. After moving to offensive security in 2016, Ryan has specialized in several facets of cyber security. As a senior penetration tester Ryan has worked to complete hundreds of highly technical penetration tests across a wide variety of industries including government, utilities, financial, healthcare, manufacturing, and higher education. He leads the physical security team and performs in-person social engineering testing and rigorous physical security audits. Ryan also has a focus on Industrial Control Systems (ICS) assessments and he has spent years mastering a thorough and delicate methodology to safely test organizations with ICS considerations such as power companies, water treatment facilities, waste water facilities, and industrial manufacturing. These areas of specialization are his passion, helping to secure critical infrastructure that supports the everyday lives of all people provides the largest impact for the skills he has developed throughout his career.
About Ryan Ferran
Follow Ryan Ferran
Manager CyberSecurity Assessment Services, Senior Penetration Tester
BPM CyberSecurity Assessment Services
