Cybersecurity Track

Supply Chain Security, Protection Against Ransomware Attacks, and Safety and Integrity of Automated Systems

In today’s interconnected world, the aerospace, automotive and maritime industries increasingly rely on automation to drive efficiency and innovation. With this increased connectivity comes new cybersecurity risks. Explore the unique challenges and best practices for securing automation in these critical sectors with insightful sessions that cover supply chain security, protection against ransomware attacks and ensuring the safety and integrity of automated systems.

Cyber Track icon - dive-ase

DIVE deeper into secure-by-design principles and explore effective strategies for conveying cybersecurity requirements to vendors.

Cyber track icon - explore-ase

EXPLORE the cybersecurity challenges posed by the digitalization of the maritime industry and the critical role of cybersecurity experts in developing risk mitigation strategies to ensure safe and secure operations at sea and in port.

Cyber track icon - unlock-ase

UNLOCK the latest advancements in machine learning and generative AI, including their applications in automotive part production, aerospace manufacturing, supply chain, international port security and cybersecurity threat tracking.

Wednesday, 2 October

08:30-09:15
Keynote - Beyond the Stars: How Digital Transformation is Shaping the Future of Space Exploration
Houston Green - 100x100Carolina Ballroom | Francis Marion Hotel
Houston Green, Space Exploration Engineer, The Aerospace Corporation, NASA Johnson Space Center
 
NASA’s Johnson Space Center (JSC) in Houston, Texas, is a hub of human spaceflight activity and plays a pivotal role in many of NASA’s key programs. This presentation will delve into the critical role that digital transformation is playing within challenges and solutions of advanced lunar surface initiatives and astronaut training at JSC, all central to NASA's vision for the future of space exploration and human presence beyond Earth.

Houston Green is the Human Surface Mobility and Extravehicular Activity Program Technical Leader for reduced gravity environments at NASA Johnson Space Center (JSC). He manages cost, schedule, and upgrades for the Active Response Gravity Offload System (ARGOS) Project used in testing of the Lunar Terrain Vehicle (LTV) and space suits associated with the xEVAS contract and is currently writing system requirements for a host of new and innovative gravity offload capabilities to be used for testing and training of Astronauts within upcoming Artemis missions. Houston was previously a Designer and Operator on the ARGOS Project, where his team designed and are currently assembling the Next Generation ARGOS (AX3S) in the Building 9 Highbay at JSC.
09:15-09:30
Break
09:30-10:00
Navigating Evolving Cyber Threats: The Imperative for AI Integrated Security Operations for Critical Infrastructure

Presented by  Fortinet-logo-350

Rod Locke - 100x10010Carolina Ballroom | Francis Marion Hotel
Presenter: Rod Locke, Director, Product Management, Operational Technology

In the face of continually evolving cyber threats, industrial organizations are compelled to adopt automated analysis, orchestration, and response technologies, including the capabilities brought by Machine Learning (ML) and Generative AI. Integrating AI into security operations reduces alert fatigue and enables more efficient analysis and response to incidents. Leveraging AI integrated into a security platform enhances threat detection, incident response, and compliance assurance while lowering the total cost of ownership for SecOps infrastructure. 

 Rod Locke has been in the OT security industry for over 15 years, working in vulnerability testing, OT-specific network security, and embedded product security in past roles at Wurldtech, GE Digital and Sierra Wireless. Rod is a Director of Product Management at Fortinet, focused on OT threat protection.
10:00-10:30
Beyond the Defense in Depth: The Artificial Intelligence Role in ICS Defense

Felipe Costa - 100pxCarolina Ballroom |  Francis Marion Hotel
Presenter: Felipe Costa, Sr. Product Marketing Manager, Moxa

Amidst the swift advancement of cyber threats, adopting Artificial Intelligence (AI) and Machine Learning (ML) within cybersecurity measures has transitioned from a mere advantage to an absolute necessity. This presentation will provide some of the current challenges and innovative solutions in the realm of industrial cybersecurity. Anchored on critical updates and insights from the latest industry trends and standards, this presentation emphasizes proactive defense mechanisms and effective incident response, with ISA/IEC 62443 as a foundational framework. The session will explore how AI and ML revolutionize threat detection and response.
 
Felipe Costa is the Cybersecurity Director and an official ISA/IEC 62443 industrial cybersecurity instructor at ISA (International Society of Automation) and EC Council (world's largest cyber security technical certification body). Additionally, he is a Sr. Product Marketing Manager at Moxa Americas, responsible for networking and cybersecurity in the US, Canada, and LATAM. He is also an international speaker, technical article writer, and SME (subject matter expert) in cybersecurity and artificial intelligence (AI). 
10:30-10:45
Break
10:45-11:15
Cyber Simulation in a Nuclear Power Plant

Victor Alvarez - 100x100Carolina Ballroom | Francis Marion Hotel
Presenter: Victor Alvarez, Information Security Analyst, TI Safe

The Xphir4 project is a sophisticated cyber-physical simulator developed by TI Safe Lab, designed to replicate the operational and security aspects of a nuclear power plant. Based on a Pressurized Water Reactor (PWR) model, the Xphir4 simulator integrates various hardware components, including Siemens PLCs (S7-1200), Scalance switches (XC208), and Fortigate firewalls (F60), utilizing communication protocols such as S7-COMM and Profinet. The project adheres to the ISA/IEC 62443 standards for securing Industrial Automation and Control Systems (IACS), ensuring that all phases of the plant's lifecycle—from design to operation—are covered under stringent cybersecurity measures. 
 
 Victor Alvarez is a Computer Engineer and Industrial Automation Technician, specializing in automation processes for robotic systems and cybersecurity development.
11:15-11:30
Break
11:30-12:00
Crowdstrike Event: What Lessons the OT Industry Can Learn From an IT Event

Carolina Ballroom | Francis Marion Hotel

The crowdstrike event has significantly impacted businesses worldwide, highlighting the importance of robust cybersecurity measures and operational resilience. Our presenters will cover lessons learned from the breach and its implications for operational technology (OT). It will cover critical lessons learned, including the need for business continuity plans, testing and deployment within the OT environment and critical systems affected.

Moderator:

Sunil Doddi - 100px Sunil Doddi, Senior Principal Process Controls Engineer, Air Products and Chemicals, Inc.



Presenters:

Patrick Obrien - 100pxPatrick O'Brien, Cybersecurity Team Lead, exida

 

 

Chris-Choquette---100x100Chris Choquette, Senior Cyber Security Consultant, FM Global

 

 

Sunil Doddi currently works as a Senior Principal Process controls engineer for Hydrogen Refuel Systems (HRS) group at Air products & chemicals Ltd. He leads functional safety and cybersecurity functions for HRS group. Sunil specializes in developing and designing fully automated process plants. He serves as Exida process safety advisory board member. Sunil is ISA Certified Automation Professional CAP®, ISA99/IEC62443 Cyber Security Fundamentals Specialist and Exida Certified Functional Safety Expert (CFSE). He has over 20 years’ experience and worked at various roles in process controls field i.e. basic to detail engineering, DCS&PLC programming to site supervision and start-up & commissioning support.

Patrick O'Brien is a Cybersecurity Team Lead at exida, LLC, where he drives cybersecurity certification and assessment services for service providers and industrial asset owners. He has led cybersecurity risk assessments, training courses, and other lifecycle activities for many different applications, including oil and gas, specialty chemical, machinery, and robotics. In addition to his cybersecurity role, he also provides consulting services in the areas of process safety, functional safety, and machine safety.

Chris Choquette is a Senior Cyber Security Consultant for the Eastern Division at FM where he works with clients to improve their resilience to cyber threats on their IT & OT networks. Chris has over 25 years of experience implementing and managing cyber security programs in banking, insurance, and healthcare.

12:00-13:00
Lunch and State of the Society Address
Carolina Ballroom | Francis Marion Hotel
13:00-14:00
Connecting Intelligence with Technology

Carolina Ballroom | Francis Marion Hotel

Moderator:

David Shultz - 100pxDavid Schultz, Senior Consultant, Spruik Technologies

 

 

Panelists:

Jeffrey Schroeder - 100x1007Jeffrey Schroeder, Product Manager, HighByte

 
 
 
Russell Gregg - 100x10011Russell Gregg, Director of Manufacturing Solutions, Canary Labs

 
 
 
Robert Graves - 100x100Robert Graves, Technical Solutions Program Manager, Sales Engineering, Inductive Automation

 
 
 
Dan White - 100x1005Dan White, Director of Technical Marketing, Opto 22

 
 
 
Josh Schadel - 100x100Josh Schadel, General Manager & CTO, Signalfire

 

 

Arlen Nipper - 100x100Arlen Nipper, President & CTO, Cirrus Link

 

 

Jeffrey Schroeder is a product manager at HighByte, focused on guiding the company’s product strategy. His areas of responsibility include market research, product positioning, product road mapping, and ecosystem integration strategy. Jeffrey is an experienced technologist who has more than a decade of experience in technology leadership roles in the automotive and discrete manufacturing industries. He brings deep domain expertise and perspectives in information technology, operations, and management for industrial organizations.
 
Robert Graves joined Inductive Automation in 2019 as a Technical Sales Representative and previously served as the Technical Sales Manager. Before joining Inductive Automation, Robert worked in the ethanol industry for 9 years and led a variety of IT infrastructure, virtualization, ERP and OT projects. He has two bachelor’s degrees: History and Administrative Studies from UC Riverside and Electrical Engineering from Arizona State. He also has a Master's in Information Systems from the University of San Francisco and is certified as a Project Management Professional.
 
Dan White has worked at Opto 22 for over a decade. His Tufts Engineering background, MBA in International Business and prior industrial controls experience give him a unique edge on automation. Dan enjoys staying active through biking, basketball, skiing and keeping up with his three young kids!
 
As the General Manager and CTO of SignalFire Wireless Telemetry, Josh Schadel leads the company’s innovation and growth in the field of wireless automation solutions for industrial applications. He has over 25 years of expertise in high-tech instrumentation, specializing in embedded systems and low-power wireless sensor networks. He was a key contributor to SignalFire’s product development and technology since he joined the company in 2008 as the Director of Engineering. Josh graduated from Worcester Polytechnic Institute with a bachelor’s degree in electrical and computer engineering.
 
Arlen Nipper is President and CTO of Cirrus Link Solutions. With over 45 years of experience in the SCADA & IIoT industry, Arlen has broad experience covering design and manufacture of embedded computer systems to complete SCADA system infrastructure implementations for many companies. As a leading expert on the Internet of Things and as co-inventor of MQTT – a publish-subscribe network protocol that has become the dominant messaging standard in IoT – Arlen has been involved in many activities including writing publications, keynoting and producing executive presentations about digital transformation and OT methodologies for organizations such as TEDx, IBM, Intel, AWS and more.
14:00-14:30
Technology Demonstration

Carolina Ballroom | Francis Marion Hotel
Presenter: TBA

14:00-14:30
Savannah River National Laboratory: Cyber Assurance & Advanced Technology Proving Ground

Colin Chinn - 100x100Carolina Ballroom | Francis Marion Hotel
Presenter: Colin Chinn, Cyber Assurance and Resiliency Group Lead, Savannah River National Laboratory

The exigent threats posed by our adversaries across all domains – including cyber – could not be more concerning than they are today. The United States is now in a race to find, identify, and expel malicious cyber actors we know reside in our critical infrastructure. The Savannah River National Laboratory (SRNL) is aggressively pursuing these tough challenges in the national security and energy security spaces for the Department of Defense (DoD), Department of Energy (DOE), industry partners, and others. Focused on unique values of our geographic location, meteorological and topographic environment, and tenancy on the Savannah River Site (SRS), SRNL is focused on repurposing Federal legacy infrastructure and leveraging strong regional government, academic, and industry partnerships to accelerate solutions.

Colin Chinn is an executive leader in National Security, Defense, Intelligence, and Cyber operations focused on leading complex, diverse and highly technical organizations. With over 27 years of experience in the US Navy as a cryptologic warfare officer on a US Fleet Cyber Command, he has deep expertise in driving large-scale operations, strategic and crisis planning, signals intelligence (SIGINT), cyber, and information operations. He also recently received the National Intelligence Exceptional Achievement Medal from Director Haines for amazing efforts of NSA team to support the Ukraine Crisis and epitomizing the core values of a team sport.

14:30-15:00
Does AI Dream of Electric Substations? Generative AI and the Frontiers of AI Safety Principles for Critical Infrastructure Systems

Jessa Davis 100x100Carolina Ballroom | Francis Marion Hotel
Presenter: Jessa Davis, Security Consulting Manager, Accenture Security

As the use of artificial intelligence (AI) in industry increases, technology and cybersecurity professionals must focus on engineering intrinsically safe and inherently secure AI systems—especially when used in operational technology (OT) environments, where a system failure or cybersecurity incident could result in serious injury and loss of life, environmental harm, or the interruption of critical infrastructure services. From this context, three core principles of AI safety engineering adapted to IEC 61508 and ISA/IEC 62443 standards will be presented to address the unique needs of OT processes—prioritizing both safety and reliability in operations—with use cases highlighting the ethical, cybersecurity and risk management challenges of implementing AI within electric utilities’ OT networks.

Jessa Davis (she/her) is a Security Consulting Manager at Accenture, specializing in cyber-physical systems (CPS) and operational technology (OT) cybersecurity for electric utilities clients. Before joining Accenture, Jessa worked as an industrial controls system engineer in the oil and gas industry and as a blockchain software developer with the United Nations Office for Project Services in Kathmandu, Nepal. Her research interests include resolving EV charging infrastructure and vehicle-to-grid (V2G) cybersecurity challenges and supporting cyber resilience strategies for the smart grid. She lives in Seattle, WA.

15:00-15:15
Break
15:15-15:45
62443 Application Differences: Brownfield v. Greenfield Facilities

Chris Monchinski - 100pxCarolina Ballroom | Francis Marion Hotel
Presenter: Chris Monchinski, CTO, InflexionPoint

This presentation will explore the key similarities, differences and lessons learned in applying the ISA/IEC 62443 standard within greenfield and brownfield industrial environments. In greenfield (new) projects, where systems can be designed from the ground up, there is a unique opportunity to integrate cybersecurity measures into the architecture from the earliest stages. Chris will discuss strategies for leveraging this opportunity, including best practices for designing a secure infrastructure, selecting compatible technologies, and ensuring seamless integration of security controls. Conversely, brownfield (existing) projects present distinct challenges, particularly when dealing with legacy systems that were not originally designed with cybersecurity in mind. The presentation will address these challenges, offering practical approaches to retrofitting existing systems with modern security measures, managing vulnerabilities inherent in outdated technologies, and balancing operational continuity with the need for enhanced security.

 

Chris Monchinski is CTO at InflexionPoint where he provides is 30+ years of experience to clients through thought leadership, strategy, design and implementation involving Digital Transformation. Chris is chair of the ISA 95 committee on Enterprise-to-Control System Integration, convenor of IEC/ISO JWG5 and past Vice President of the ISA S&P board (2019-20). Chris is chair of the MESA Knowledge Committee. Chris holds a BSEE and an MSCS.

Thursday, 3 October

08:30-09:15
Keynote - Security by Design

James Clark - 100pxCarolina Ballroom | Francis Marion Hotel
James Clark, Vice President, Information Technology, South Jersey Industries Information Security 

Jamie will present a success story on delivering a secure solution allowing data to traverse OT to IT to gain central visibility across our entire portfolio of farms generating renewable energy.  It is a very challenging project designed from the ground up, emphasizing cyber security for safety and compliance.

With 22 years of experience leading IT teams and 15 years in building cybersecurity programs across the chemical, medical, and utility industries, Jamie Clark is a visionary technologist who bridges the gap between security, IT, SCADA, and business teams. Currently, Jamie leads the Information Security (IT/OT) & GRC programs for South Jersey Industries (SJI), where he also manages the OT Solution Services Team. SJI is a leader in delivering safe, reliable, and affordable energy solutions. Jamie holds a BS in Computer Information Systems (CIS), an MBA, and certifications including Certified Information Systems Security Professional (CISSP) and Global Industrial Cyber Security Professional (GISCP).

09:15-09:30
Break
09:30-10:00
Downstream Energy Training Needs Analysis

Tim Hardwood - 100x100Carolina Ballroom | Francis Marion Hotel
Presenter: Tim Harwood, CEO, Siker

Many businesses strive for improved OT process efficiency and reliability for their customers, which often results in increased connectivity to enterprise technologies and the Internet. This convergence has the potential to increase system vulnerabilities but can be addressed by adopting sound risk management principles, which are the same regardless of the underlying system type. A significant risk mitigation strategy is ensuring that the OT workforce has appropriate key cyber security skills and knowledge to perform roles and tasks effectively and competently. Many OT environments, including those within the downstream gas sector, form part of the UK’s CNI, so disruption to services that they control is potentially of concern. Thus, a report was commissioned to study concurrent training needs analysis (TNA), and exercise needs analysis (ENA) within the UK’s downstream energy sector. This presentation will discuss the TNA, the outcomes and the recommendations.

Tim Harwood specializes in security strategy, framework design, and awareness. He developed a professional development framework for a top global oil and gas company, trains for QA and Firebrand, and frequently speaks at industry conferences. In 2013, Tim contributed to the GIAC GICSP certification, creating exam questions and the skills framework. Recently, Tim has delivered ICS security training for CPNI/NCSC, ENISA, national governments, and global companies. He lectures on Business Risk at the University of Buckingham. Tim is a Full member of CIISec, a Fellow of the Chartered Management Institute, a Senior member of the International Society of Automation, and holds GIAC GSLC and GSEC Certifications. From 2017 to 2018, he was on the Board of Directors for the Institute of Information Security Professionals.

10:00-10:30
Case Study: Applying ISA/IEC 62443 to the Manufacturing Environment

Eddie Baur - 100x100Carolina Ballroom | Francis Marion Hotel
Presenter: Edgar Baur, Manager—Engineering Digitalization, Robert Bosch LLC

This presentation will focus on a real-world case study of applying the ISA/IEC 62443 standard in a manufacturing environment. The ISA/IEC 62443 is a comprehensive framework that provides guidelines and best practices for securing industrial automation and control systems (IACS).
 
The presentation will address the challenges encountered by Bosch USA plants, as well as worldwide, and how the adoption of ISA/IEC 62443 helped mitigate these issues. It will explore how this comprehensive approach effectively addresses cybersecurity challenges, ensuring business continuity and achieving strategic business objectives, particularly when dealing with heterogeneous manufacturing and IT environments, both regionally and globally.
 
Edgar (Eddie) Baur has been deeply involved in digitalization, automation and transformation throughout his career at Robert Bosch GmbH. Currently serving as Manager in Digitalization and as IT/OT Security regional representative in the Americas for the Corporate division, he is based in South Carolina. With 28 years of experience at Bosch, starting in Corporate Research and the internal Automation and Manufacturing Special Machinery division, he has gained extensive expertise in the manufacturing domain, particularly in Automation, Advanced Manufacturing and the Information Technology sector.
 
Eddie is currently focused on supporting and guiding business units and plants in their preparation and deployment for Bosch's significant transformation journey, enhancing Data-Driven Operations, Smart Manufacturing, Digitalization, ERP system upgrades and promoting process standardization and harmonization, while also ensuring a secure and state-of-the-art IT/OT landscape.
10:30-10:45
Break
10:45-11:15
ISASecure Site Assessment (ACSSA) Program - Industry Perspectives & Updates

Carolina Ballroom | Francis Marion Hotel

Since announcing the Automation and Control Systems Security Assurance (ACSSA) initiative, the ISA Security Compliance Institute (ISCI) has engaged with certification bodies, industry experts, and asset owners to build a robust site assessment process that meets the growing cybersecurity demands of OT environments.
 
Join us for this exclusive panel of SMEs working on the standard to hear firsthand what the industry can expect, including release dates, preparation documents, and upcoming training opportunities.
 
Moderator:

Sean Haynes100x100Sean Haynes, Chief Marketing Officer, SecurityGate.io

 

 

Panelists:

Brandon Price - 100x100Brandon Price, Sr. Principal, Industrial Cybersecurity, ExxonMobil Technology & Engineering Company

 

 

Kenny Mesker - 100x100Kenny Mesker, OT Cybersecurity Strategist, Chevron

 
 
 
Patrick Obrien - 100pxPatrick O'Brien, Cybersecurity Team Lead, exida
 
 
  
 
 Sean Haynes has over 30 years of experience in Technology, Marketing, and Product Design & Development roles in the Fin-tech, Insurance, healthcare, and education sectors from early-stage to mature organizations. In his current role as Marketing Lead at ISASecure, Haynes is focused on leading the development of strategies and operational plans that advocate for the global adoption of ISASecure and ISA/IEC 62443 family of standards to secure and certify automation in critical infrastructure.
 
Brandon Price is Senior Principal Engineer for ICS Cybersecurity at ExxonMobil with responsibility for sustaining ExxonMobil's ICS cybersecurity strategy for its Upstream, Downstream and Midstream businesses. He has over 20 years of experience in leadership, security and business controls for protecting information, information systems and operational technology. He graduated from the University of Alabama with a degree in Management Information Systems and holds a CISSP certification.

With over 25 years of experience in OT systems architecture, cybersecurity, software development, and engineering, Kenny Mesker is an accomplished operational technology leader with a proven track record in all facets of system design and implementation. As a Chevron Distinguished Engineer and the OT Cybersecurity Strategist, Kenny is responsible for developing the corporate OT cybersecurity technology strategy. He currently holds the positions of Vice Chair of the ISA Secure Compliance Institute board of directors and co-Vice Chair of the Association of Fuel and Petrochemical Manufacturers cybersecurity subcommittee. Kenny is an Electrical Engineering graduate of Texas A&M University with post-graduate research in fault tolerance and resilient engineering.

Patrick O'Brien is a Cybersecurity Team Lead at exida, LLC, where he drives cybersecurity certification and assessment services for service providers and industrial asset owners. He has led cybersecurity risk assessments, training courses, and other lifecycle activities for many different applications, including oil and gas, specialty chemical, machinery, and robotics. In addition to his cybersecurity role, he also provides consulting services in the areas of process safety, functional safety, and machine safety.
11:15-11:30
Break
11:30-12:00
Securing the Flow: Safeguarding Water Infrastructure

Steve Mustard - 100pxCarolina Ballroom | Francis Marion Hotel
Presenter: Steve Mustard, President & CEO, National Automation, Inc.

Our entire way of life is dependent on reliable water and wastewater services. In the past few years, a number of high-profile incidents in this sector has raised concerns about cybersecurity posture and incident readiness. Many nations have taken action to manage this risk, but how well prepared are our water and waste water systems today? This presentation will highlight some of the unique challenges in the sector and provide some recommendations to address this unshakable risk to our society.
 
Steve Mustard is an independent automation consultant and a subject matter expert of the International Society of Automation (ISA). Backed by more than 30 years of engineering experience, Mustard specializes in the development and management of real-time embedded equipment and automation systems. He serves as president of National Automation, Inc., and served as the 2021 president of ISA.
12:00-13:00
Lunch
Carolina Ballroom | Francis Marion Hotel
13:00-13:45
Asset Owner Perspective: Cybersecurity Challenges - Strategies for Effective and Efficient Mitigation

Carolina Ballroom | Francis Marion Hotel

Cybersecurity is now a part of daily life for organizations who own, operate, or maintain industrial sites. As more asset owners focus on securing their industrial networks, many questions arise as to how to implement cybersecurity standards and technologies effectively in the plant environment. This discussion will cover pressing cybersecurity challenges, effective strategies for addressing these challenges, and the biggest lessons learned from our panel of cybersecurity experts.

Moderator: 

Patrick Obrien - 100pxPatrick O'Brien, Cybersecurity Team Lead, exida

 

 

Panelists: 

Chris DaCosta 2 - 100x100Chris DaCosta, ICS Cybersecurity Director, Air Products and Chemicals, Inc.
 
 
 

Brandon Price - 100x100Brandon Price, Sr., Principal, Industrial Cybersecurity, ExxonMobil Technology & Engineering Company

 
 
 
Eddie Baur - 100x100Edgar Baur, Manager—Engineering Digitalization, Robert Bosch LLC

 

 

Patrick O’Brien is a Cybersecurity Team Lead at exida, LLC, where he drives cybersecurity certification and assessment services for service providers and industrial asset owners. He has led cybersecurity risk assessments, training courses, and other lifecycle activities for many different applications, including oil and gas, specialty chemical, machinery, and robotics. In addition to his cybersecurity role, he also provides consulting services in the areas of process safety, functional safety, and machine safety.

Chris DaCosta is currently the Director of Global OT Cybersecurity at Air Products & Chemicals, Inc. As a Air Products Distinguished Engineer, he has responsibility for developing corporate strategy and managing the cybersecurity lifecycle for all IACS of the company’s global fleet of over 600 facilities. He has well 25 years of experience deploying, maintaining and optimizing industrial automation systems and over 10 years in OT cybersecurity. He is a graduate of Brown University with a degree in Chemical Engineering and Masters Degree in Chemical Engineering from Villanova University. Chris is active in AIChE, American Chemistry Council (ChemITC) and as a voting member for ISA/IEC 62443.

Brandon Price is Senior Principal Engineer for ICS Cybersecurity at ExxonMobil with responsibility for sustaining ExxonMobil's ICS cybersecurity strategy for its Upstream, Downstream and Midstream businesses. He has over 20 years of experience in leadership, security and business controls for protecting information, information systems and operational technology. He is a graduate of The University of Alabama with a degree in Management Information Systems and holds a CISSP certification.

Edgar (Eddie) Baur has been deeply involved in digitalization, automation and transformation throughout his career at Robert Bosch GmbH. Currently serving as Manager in Digitalization and as IT/OT Security regional representative in the Americas for the Corporate division, he is based in South Carolina. With 28 years of experience at Bosch, starting in Corporate Research and the internal Automation and Manufacturing Special Machinery division, he has gained extensive expertise in the manufacturing domain, particularly in Automation, Advanced Manufacturing and the Information Technology sector.
 
Eddie is currently focused on supporting and guiding business units and plants in their preparation and deployment for Bosch's significant transformation journey, enhancing Data-Driven Operations, Smart Manufacturing, Digitalization, ERP system upgrades and promoting process standardization and harmonization, while also ensuring a secure and state-of-the-art IT/OT landscape.
13:45-14:00
Break
14:00-14:30
Technology Demonstration

Carolina Ballroom | Francis Marion Hotel
Presenter: TBA

14:30-15:00
The Business Need for a Cyber Workforce Inventory

Carolina Ballroom | Francis Marion Hotel

Presenters:

Sean McBride 100x100Sean McBride, Director, Informatics Research Institute, Idaho State University

 

 

Shane Stailey 100x100_1Shane Dale Stailey, Co-CEO, Cyber Workforce Center




Many organizations are struggling to find skilled cybersecurity workers to meet their business needs. Part of this struggle for an organization, after years of research by Dr. Stailey in applied workforce, is the discovery that organizations don't know what they don't know about their current cyber workforce. As such this makes it extremely difficult when hiring cyber personnel to really know what skills are needed. Most often, organizations do not consider operational technology to be part of cyber processes or initiatives. This presentation will introduce the concept of a workforce inventory with an introduction to some tools and resources that will help an organization, from the C-Suite to HR to line leaders and front-line managers, understand cyber competencies that exist across the organization. The information shared in this presentation is being utilized as a backdrop for work in ISA/IEC WG's 10 and 15 to help uncover the professional roles that should be considered when implementing an IACS, which will in the future be, potentially, additions to ISA/IEC 62443 standards. Once an organization identifies the business need for these professional roles, 62443 standards can help the realization of the premise for what a cyber-ready team should consist of. Then, based on their unique business size, type, industry focus and business requirements, an organization can appropriately and continually align and hire future cyber personnel.
 
Sean McBride is the Director of the Informatics Research Institute at Idaho State University, where, since 2017 he has developed the nation’s only hands-on Industrial Cybersecurity degree program. He joined ISU from FireEye/Mandiant, where he oversaw the firm’s Industrial Control Systems (ICS) security business strategy. Sean’s previous professional accomplishments include pioneering work in threat and vulnerability intelligence, which evolved into the DHS ICS-CERT, and co-founding Critical Intelligence to focus on the unique intelligence needs of industrial entities. He holds a PhD from LaTrobe University (Australia), a Masters of Global Management from Thunderbird/Arizona State University, and a Masters of Business Administration from Idaho State University.

Shane Dale Stailey is an inventor, author, and multi-technical practitioner educated and trained in multiple facets of security including OT, IT, Physical Security and Cybersecurity. He specializes in cybersecurity workforce development combining years of field experience with designing, teaching and applying technical and cyber curriculum at multiple universities and colleges since 2013 while working in full-time technical and/or cyber jobs.

15:00-15:15
Break
15:15-15:45
Applying ISA/IEC 62443 to a Unified Name Space

Carolina Ballroom | Francis Marion Hotel

Presenters:

David Shultz - 100pxDavid Schultz, Senior Consultant, Spruik Technologies

 
 
 
Mike Gorman - 100x100 Mike Gorman, Head of Operations and CISO, NetFoundry
 
 
 
 
The Unified Namespace (UNS) is a popular approach for systems integration. It has been claimed that it is inherently secure due to its pub/sub technology. This claim has resulted in concerns over how secure the approach is. This session will have two parts. The first will provide an overview of the UNS and how to design one. The second is how to apply ISA/IEC 62443 to a UNS and present security considerations.
 
 David Schultz is a senior consultant with Spruik Technologies. He works with manufacturers to help them develop and execute strategies for their digital transformation and asset management initiatives. He has 25 over years of automation and process control experience across many market verticals, with a focus on continuous and batch processing. He is the Director for the SMIIoT Division of ISA and serves on several technical committees. He is also a member of the Society of Maintenance and Reliability Professionals (SMRP) and Project Management Institute (PMI).
 
Mike Gorman has been in various engineering roles for 30 years. Most of that time was spent in data service engineering and management at Verizon Wireless where he engaged in a wide variety of solutions and systems internally and working with customers on interesting connectivity projects. In 2016, Mike joined NetFoundry as a newly formed startup. In 2018, he took the newly minted role of Head of Security and Compliance and created a formal security program. In 2022, Mike added the leadership of the Operations team to his portfolio and took the title of CISO. Mike holds a CISSP and CCSP from ISC2, sits on the advisory board for the cybersecurity program at UNCP, and volunteers with CyberPatriots, a middle and high school program of cybersecurity competition.
15:45-16:00
Break
15:45-16:15
ISA Standards Overview
Charley Robinson - 100x1004

Carolina Ballroom | Francis Marion Hotel
Presenter: Charley Robinson, Senior Director, Standards Administration, ISA

ISA’s international standards play a vital role in promoting safety, cybersecurity and efficiency across global industry. This workshop will provide an overview of ISA’s international standards program and its relationship to and collaboration with the International Electrotechnical Commission (IEC). A panel of experts representing standards stakeholders will then answer questions from the audience.

16:15-16:45
ISA Standards Panel

Carolina Ballroom | Francis Marion Hotel

This panel is an extension of the ISA Standards Overview and will have time for audience Q&A.

Moderator:

Scott Reynolds - 100x100Scott Reynolds, Security Engineering Manager - ITD, Johns Manville

 

Panelists:

Ed Manns - 100x100Ed Manns, Managing Director, External Relations, ISA

 

 

Charley Robinson - 100x1004Charley Robinson, Senior Director, Standards Administration, ISA

 

 

Steve Mustard - 100pxSteve Mustard, President & CEO, National Automation, Inc.

 

 

Dennis-Brandl---100x100Dennis Brandl, Chief Consultant, BR&L Consulting

 

 

Steve Mustard is an independent automation consultant and a subject matter expert of the International Society of Automation (ISA). Backed by more than 30 years of engineering experience, Mustard specializes in the development and management of real-time embedded equipment and automation systems. He serves as president of National Automation, Inc., and served as the 2021 president of ISA.

Cybersecurity Track Program Committee

Patrick Obrien - 100px 
Patrick O'Brien, Chair
Felipe Costa - 100px
Felipe Costa
generic head shot icon
John Morrow
Chris Monchinski - 100px
Chris Monchinski
Sunil Doddi - 100px
Sunil Doddi

This program track is under development.

Subscribe to ISA events emails to get the latest updates.