CISSP CISA CISM Pasted Graphic 1 Pasted Graphic 3


THE METHOD


Customer business applications define communication requirements. Risk/Value calculations are made which further inform data systems design. Most of the "heavy lifting" for data systems architecture, infrastructure and support process has already been done for us thanks to a myriad of applicable standards and frameworks, e.g. IETF, IEEE, IEC, CISA/NIST, INL CCE, HIPAA, PCI, NERC, ISACA, ISC2, COBIT, ITIL, PMI PMBOK, and ISO.

With this significant foundation of information advising us how to design, build and operate a critical infrastructure data network, it should self-define - if we let it. To elevate the prospect of creating reliable, secure and sustainable systems from a desired outcome to a certainty…


'Follow the spec. and your data communications systems won't be a wreck.'

Cybersecurity Foundations in the Network



2021 INITIATIVES

INL Consequence-Driven Cyber-Informed Engineering (CCE) Investigate and assess value-advantage of newly released alternative cybersecurity methodology for critical infrastructure, sponsored by Idaho National Labs (INL). Evaluate possible efficacy, practicality of implementation of principles, any replication and/or enhancements of other established assessment and protection approaches for critical infrastructure.

Cyber Attack for Ransomware (CAFR) Reaction Plan (COMPLETED) In cooperation with Energy sector customer, investigate and assess requirements, methods and activities for responding to a ransomware attack. Include critical systems priorities, playbook, existing IR plan evolution, isolation techniques accounting for essential operational application flows, and negating ransom payment. Utilize public frameworks and tools wherever possible, (e.g. CISA Ransomware preparation information, INL CCE, MITRE ATT&CK® framework, etc.)

UTC Telecom & Technology Conference Presentation (COMPLETED) Joint presentation with customer to demonstrate methods and requirements used for establishing planned technical responses to a ransomware event, without paying ransom, Portland, OR, Aug. 2021

Supply Chain Cybersecurity Risk Management Survey Response Template (COMPLETED)
– Develop new process to assist company with responding to various customer surveys resulting from NERC CIP 013 Supply Chain Risk Management requirement. This process allows rapid response when qualifying for new engagements. Customer submitted survey may be of any form, depth or breadth. Therefore, response process must be able to provide sufficient assurance of risk reduction and information protections against variable frameworks. Process will require inclusion of Sales, Delivery Teams, Corporate Cybersecurity, Corporate Legal, with automated request initiation and status tracking, cross-division acceptance/implementation, and a client-results feed-back loop for continuous improvement.


REPRESENTATIVE PROGRAM and PROJECT EXPERIENCE

Extensive experience working directly for software and hardware producers, OEM's and services organizations as a consultant helping governments and businesses design and deploy secure, reliable and sustainable critical information networks.

Project Team Technical Coordinator - Develop utility sector very large-scale field demonstration criteria for implementation and validation for 17 site MPLS VPN SCADA/AMI data network with data flow filtering protections that include wired, private radio spectrum and microwave wireless infrastructure. Will examine interaction requirements of IP network team and RF team seeking to optimize overlapping responsibilities and tasks for provisioning, validation testing and turn up - March 2021
Project Team Principle Consultant Cybersecurity North American Reliability Corporation - Critical Infrastructure Protection (NERC CIP) procedures documentation standardization project for large electric provider. Provide review, validation and verification for series of practical process/procedures guide documents aligned with NERC CIP rule set - August, 2020
Project Team Principle Consultant Cybersecurity – North American Reliability Corporation - Critical Infrastructure Protection (NERC CIP), BCA Low Impact Electronic Access Point (LEAP) Assessment. Developed Statement of Work (SoW), led Design and Deployment – pursuant to rapidly evolving DoE directives for Critical Infrastructure Protection compliance requirements, active project to assess vulnerability in approximately 100 electric grid field sites through inventory and logical assessment, detecting and analyzing all NERC CIP LEAP's and cyber assets and including simultaneous deployment of additional application flow filtering protection systems - February, 2019
Project Team Principal Consulting Cybersecurity Engineer Energy Markets network, large-scale firewall rule set refresh (1000+ ACL's) for multi-tiered and virtualized security architecture. Work was performed during production hours for the Market necessitating extreme care for rule validation and change activities
Lead Product Evaluator – Led product field evaluation team to analyze and record Human Factors observation through user interviews and use-case functional testing of utility industrial networks purpose-built intrusion detection appliance, DNP3 and related signature detection. Developed Statement of Work (SoW) for service. Product was examined during Proof-of-Concept deployment within operational production network - June, 2017
Human Resourcing Consultant Requested by private energy generation, transmission and distribution utilities to assist in identification and qualification of Smart Grid technical resources for very large-scale O.T. network modernization projects. Interview and rated candidates with urgent timeline requirements - November, 2019
Team Leader Cybersecurity Conceptual Design Proof-of-Concept Lab - led creation and execution of OEM switch/route/firewall proof-of concept test to evaluate best design solution employing MPLS network virtualization, data path encryption and traffic flow filtering. Testing was in support of very large-scale critical infrastructure for an electric utility. Tasks included test plan documentation, lab provisioning, inventory controls, test monitoring, results evaluation and outcomes memorandum - July, 2018
Principal Network Operations Consultant
Assessment of Network Operations capabilities for large multi-state SouthEast U.S. utility. Duties included current state analysis, gap analysis, CMMI maturity modeling of energy network monitoring operation to track progress toward future state goals. Areas of study covered include application requirements and data flow, network health, alert monitoring, tools, staffing and cybersecurity integration - April, 2018
Participant/Coordinator Cybersecurity Exercise Utility sector Live-Fire effort, developed statement of work (SoW) assist with design and execution of organization-wide cybersecurity intrusion(s) exercise including Identification, Incident Response and Mitigation for generation/transmission/markets multi-state electric cooperative; included master security event list (MSEL) development and exercise injects for human engineering site access, EMS SCADA-Master packet payload modification and natural disaster events, assessing business continuity impacts - January, 2017
Principal Network and Cybersecurity Architect Telecom Master Plan for very large scale Generation, Transmission and Distribution, I.T. infrastructure, South East U.S. energy co-op; defining new highly secure and reliable Smart Grid data transport infrastructure supporting AMI, HMI, RTU, DNP3 SCADA-monitored and managed field network flows. Work produced Current State, Futures State, Solutions Analysis and Roadmap
Team Leader Quality Assurance
Software and Hardware products Quality Assurance group, both shrink-wrap and integrated code. Conceived and applied interactive hardware/software product black-box functional verification / validation and User-Experience testing procedures and techniques; led development of localization dialog comparison process; led alpha and beta field test programs; identified and documented human-factors gap in user interfaces, developed and populated bug database attributes and entries, etc.
Team Leader Quality Assurance Business Intelligence Web Application Quality Assurance group, working with Development teams, Marketing, Sales and Management while leading efforts that ensured rapid-to-market delivery of complex business intelligence products. Conceived and applied interactive hardware/software product black-box functional verification / validation and User-Experience testing procedures and techniques. Worked with off-shore code development teams
Principal Network Architect State government capitol legislative network modernization - developed Statement of Work, team lead for modernization program including VoIP, Legislative wired and wireless network and assess recommend cybersecurity controls - environment listed on National Register of Historic Places
Principal Consulting Network Engineer National credit union IS provider, security infrastructure project with PCI Compliance factors: Deployed Cisco MARS SIEM (Security Information and Event Management), tuned through learning modes and false-positives, trained local staff
Contributing Architect and Engineer Multi-year engagement advising state government I.T. organizations. Hands-on network architect, infrastructure engineer and team leader for federated state government, all-agency $5,000,000+ network transition project: “green field” virtualized, tiered and modularized: 1000+ router nodes; 37,000+ ports, 100+ user groups; future-proofing designs providing high availability UC foundation, flexible growth trajectories and investment preservation
Principal Cybersecurity Consulting Engineer National jewelry chain, PCI (Payment Card Industry) DSS self-assessment PCI questionnaire project: Analyzed network architecture and identified risk factors relative to achieving PCI compliance
Principal Cybersecurity Consulting Engineer Regional credit union, security infrastructures project: Scoped, deployed and configured Cisco ACS, (Access Control Server) and “hardening” of related infrastructure devices, trained staff
Senior Network Consulting Engineer Global BPO IS provider, security infrastructure project: Scoped, deployed and configured MARS (Monitoring, Analysis and Response System) SIEM, including learning mode evaluation and false-positive tuning, trained staff
Senior Cybersecurity Consulting Engineer Global pharmaceutical corporation, security infrastructure project with HIPAA Compliance factors: Deployed and configured MARS (Security Monitoring, Analysis and Response System), including learning modes and false-positive tuning, provided staff training for SIEM operation
Principal Network and Cybersecurity Architect Very large-scale energy distribution co-op Operations Control Center network architecture redesign including multi-tiered multi-vendor Firewall architecture with NERC CIP regulatory compliance factors addressed: Logging; DMZ; Access Controls; Interactive Remote Access; Change Control Reporting
Senior Network and Cybersecurity Consulting Engineer Regional health services provider, security strategy assessment and development project with HIPAA Compliance factors: team member for comprehensive data security strategy, risks, review and recommend
Consulting Engineer Cybersecurity National BPO back-office application services provider, security strategy assessment and development project: Team member for comprehensive security strategy, review and recommend
Network Consulting Network Engineer Global entertainment corporation, rapid data center build-out project: Deployed and configured secure terminal access and content load-balancing
Senior Consulting Engineer Cybersecurity (Alexander Open Systems) Multi-year critical account assignment, on-site supporting named account to help ensure customer success with product line in large-scale multi-year MPLS deployment
Senior Consulting Engineer Cybersecurity
(Calence) Senior cybersecurity posture assessments, PCI compliance, HIPAA compliance, trusted network and cybersecurity advisor to named accounts, (State of Kansas), expensive hands-on secure infrastructure design and implementation of SIEM's, IDS's, Firewalls, etc.
Critical Accounts Field Engineer (Cisco Systems) Assigned to remediate Cisco Critical Accounts Program client experience complex network instability. Assignment evolved in to multi-year on-site network architecture consultation
Team Lead Quality Assurance (Farallon/Netopia)
Network and Web Application Software Quality Assurance Engineer working with Development, Marketing, Sales and Management teams while leading quality assurance efforts that ensured rapid-to-market delivery of complex network management products.
Technical Assistance Center Engineer (Cisco Systems) Working in OEM networking hardware and software customer support group, handling tier 1, 2, and 3 support calls for entire product line including networking switches, routers, network configuration and management software, etc.
Technical Assistance Center Engineer (Farallon) Working in OEM networking hardware and software customer support group, handling tier 1, 2, and 3 support calls for entire product line including networking switches, software routers, network configuration and management software, screen-sharing applications, etc.
U.S. Army Flight Operations Coordinator – Scheduled transport and tactical missions (cabin, flight-plan, tactical load out, fuel, etc.) of military flights throughout operating theater, including Medivac, VIP and Hazardous Duty assignments at Ft. Rucker AL, Taegu RoK, Dongduchon RoK, Aberdeen Proving Ground MD, TOP SECRET clearance


KNOWLEDGE SHARING and PROFESSIONAL CONTRIBUTIONS

Paid consultants with technology 'experts' typically engage just long enough to solve an immediate issue or deliver a design…and then collect the fee. At that point it's up to the owner/operator to keep things going. For critical infrastructure this is not an acceptable approach. Transferring solution sustainment knowledge is essential for helping to ensure effective processes are in place after the engagement is completed. Contributions in this section exemplify this philosophy.

Contributing Author/Developer, Strategy Engine Assist in creation of model for support of critical infrastructure Telecom Network Master Planning activities. Provides repeatable process for creation, tracking and evaluation of infrastructure and security project Key Performance Indicators (KPI's) and technical project Key Objectives (KO's). Co-developed with an electric utility customer and made compatible with existing best-practice network/security infrastructure assessment, and implementation execution processes, e.g., PAADIO - May, 2020
Principle Author, Customer Cyber-secure Information Handling Briefing Document Develop and produce a briefing document for a large technology consulting organization helping define operations tools that protect client program and project information during execution. Protections address best-practice approaches for general information sharing access controls; Microsoft SharePoint use; Cloud-based project tool information processing. December, 2020
Contributing Author
'Utilities Must Constantly Be On Offense in Cat-and-Mouse Game Against Hackers'. Black & Veatch Insights Group Strategic Directions Report, Utilities - June 2020
Standards Contributor NERC CIP Critical Infrastructure Protection Committee (CIPC), participant for committee on Supply Chain Security. Formed to help North American Electric Reliability Corporation (NERC) advance the physical and cyber security of the critical electricity infrastructure of North America. The committee consists of both NERC-appointed regional representatives and technical subject matter experts
Contributing Author 'NERC CIP Low-Impact Compliance Drives Opportunity to Improve Operational Technology Security', Black & Veatch Insights Group Strategic Directions, Utilities - February 2019
Co-Presenter 'Low Impact Assessment and Protections - Case Study', refined case-study examination of a successful NERC CIP Low Impact inventory and qualification-assessment involving 80 locations across a state, and thousands of devices. Work included implementation of over 40 industrial firewalls at select field locations, national North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Committee meeting, Minneapolis, MN - Sept. 2018
Co-author
'Do You Want to Play a Game?', refined case-study examination for a hybrid live-fire cybersecurity exercise performed in cooperation with multi-state electric utility cooperative in 2017, presented at DistribuTech, San Antonio, TX - 2018
Requested Reviewer'Energy Sector Asset Management for Electric Utilities, Oil and Gas Industry', National Institute of Standards and Technology (NIST) National Cybersecurity Center of Excellence (NCCoE) pre-publication release for public comment working draft - December 2017, publication proposed - 2018
Contributing Author ‘2017 Strategic Directions: U.S. Smart City/Smart Utility Report - Maximizing Smart Grid Deployments Through Communications and Network Infrastructure', Black & Veatch Insights Group, February 2017
Invited Panelist – Utilities Technology Council National Meeting, Security Summit, 'Mission Critical Security - Getting it Secure, Keeping it Secure', Charlotte, North Carolina - May 2017
Contributor/Participant National Institute of Standards and Technology (NIST), National Cybersecurity Center of Excellence Partnership (NCEP), promoting mutual cooperation for collaboration to enhance trust in U.S. IT communications, data, and storage systems, lower risk for companies and individuals in the use of IT systems, and encourage development of innovative, job-creating cybersecurity products and services
Project Execution Process Co-developer and Custodian I.T. and O.T. project planning, design and implementation process, "PAADIO". Methodology builds upon ISO, PMI, Carnegie Mellon and other world-class contributors for promoting value-engineering project planning and execution, including CMMI principles and CAPEX / OPEX predictor inputs
Network Coursework Co-developer and Custodian Customer-facing IP modernization education workshops, providing information and training on proven network and cybersecurity project and technology practices with practical fit, function and organizational impact perspectives. Assists business operations teams in developing their strategic telecommunications plans, execution and sustainment efforts
Invited Panelist North American Electric Reliability Corporation ("NERC") GridSecCon, NIST National Cybersecurity Center of Excellence (NCCoE), Cybersecurity Portfolio and Framework panel member, w/Utilities Technologies Council, Quebec City, CAN - October 2016
Contributing Author ‘2016 Strategic Directions: U.S. Smart City/Smart Utility Report - Looming Security Rules Raising Urgent Questions for Utilities', Black & Veatch - February 2016
Organizer/Moderator Joint review and comment forum for Special Publication 1800-2 Identity Access Management for Electric Utilities: Utilities Technologies Council (UTC), Customer Representation, Black & Veatch with IEEE contributor, and NIST National Cybersecurity Center of Excellence Overland Park, KS - March 2016
Invited Panelist – North American Reliability Corporation, Critical Infrastructure Protection, NERC CIP, 'Practical Implementations and Beyond', Utilities Telecom Council, US National Conference, Denver, Colorado - May 2016
Official Reviewer – National Institute of Standards and Technology (NIST) National Cybersecurity Center of Excellence (NCCoE) SP 1800-2 - Identity and Access Management Practice Guide for Electric Utilities, WERB Draft - February 2016
Contributing Author ‘IP Transitions’ White Paper, MPLS and network modernization topics, Utilities Telecom Council, February, 2015
Contributor/Co-presenter
'NERC Critical Infrastructure Protection (CIP) v5/6 Transitions', UTC Region 6 Meeting, Overland Park, KS, April 2016
Participant NIST National Cyber Security Center of Excellence - Energy Provider Community, Situational Awareness Case Studies Review and Prioritization - 2015
Contributor/Co-presenter Building a Practical Cyber Security Practice', Utility Telecom Council, Region 6, Overland Park, KS - March 2015
Participant NIST National Cyber Security Center of Excellence - Energy Provider Community, Identity Access Management Case Studies - 2015
Presenter ‘Practical IT/OT Convergence for Utility Networks’, UTC Canada National Conference, Calgary - September 2014
Author‘Network Virtualization in a Physical World’ - Utility Sector White Paper - 4th Qtr 2013 (Unpublished)
Author‘Deploying Effective Port Security in Utility Networks’, UTC Journal - 4th Qtr 2012
Invited Panelist/Presenter
- ‘Smart Grid Convergence Using Multi-protocol Label Switching (MPLS)’, UTC National Conference, Orlando, Florida - May 2012
Presenter'Foundations for MPLS VPN’s’, UTC Region 4, Indianapolis, IN - October 2012
Author'Converging Utility Data Networks with MPLS VPN’s’, UTC Journal - 4th Qtr, 2011
Author/Presenter'Network Migration Architectures and Strategies', State of Kansas Technology Advisory Board (ITAB), Topeka, KS, - 2010
Invited Panelist/Presenter'Network Infrastructure, Kansas Legislative Systems Strategic Plan (e-Democracy Strategies)', United States House of Representatives Executive Staff briefing, Topeka KS - December 2008

This site uses no tracking mechanisms of any kind - your privacy is assured