Managing the Sustainable ICS Security Program

November 29, 2018 (10:00am EST)

Abstract:

This session will take a deeper dive into the key areas that enable managers to run a control systems security program day in and day out.  We will continue to reinforce an understanding of how prioritization is accomplished.

This session will answer questions like:

  • How and when do I communicate with my direct supervisor senior executives and board?
  • How do I interact with my functional leads/peers (internal and external to the firm), regulatory and law enforcement agencies, etc.?
  • How do I get the budget I need?

Discussion Leader: MARCO AYALA - SENIOR LIFECYCLE SERVICES MANAGER AT AE SOLUTIONS

Marco (Marc) Ayala is a Senior Industrial Cybersecurity Project Manager with aeSolutions. Marc has over 20 years of experience in process automation and safety and is active in the Chemical Sector and Oil and Gas cybersecurity effort working alongside DHS for securing the private sector. He has trained extensively with INL Idaho National Labs with colleagues focusing on ICS-CERT and has worked as an end user from I&E and I&C throughout his career, where he has handled advanced process control, maintained and designed enterprise historians, and has worked with enterprise-IT to perfect a direct balance of ICS/SCADA Industrial-IT and demarc with Enterprise-IT.

Marc is deeply engaged in ICSJWG, ACC-ChemITC and is an active member on ISA 99/62443, FBI – Infragard, ICS-CERT/US-CERT. Marco is a Senior Industrial Cybersecurity Project Manager for aeSolutions, a process safety consulting, engineering and automation company that provides process safety lifecycle solutions and tools.


Discussion Leader: KARONN BLUE - PRINCIPAL AND ICS CYBER SECURITY CONSULTANT AT L.L. BLUE SOLUTIONS

Karon Blue has been involved in SCADA & industrial control systems(ICS) for over 15 years and enjoys helping companies plan, secure, & integrate these complex projects successfully. Mentored by a senior team of Instrument & Control technicians who helped him master the concepts of controls systems engineering. Continually seeking new challenges, he pursued the largest and most complex assignments to work on. Recognizing that a large electric utility offered a wide range of projects and excellent opportunities to develop a broad set of ICS engineering skills, he went to work at Southern Company. While there, he has designed and commissioned projects in Cybersecurity, SCADA, DCS, EMS, Building Automation, & implemented the latest NERC CIP frameworks.


Discussion Leader: JAY WILLIAMS - SENIOR MANAGER OF OT CYBERSECURITY PRACTICE AT EY

Jay Williams is a Senior Manager at EY and leads the OT Cybersecurity practice. He has over 26 years of industry experience in OT cybersecurity, industrial control systems, data analytics and industrial control automation. Williams is a subject matter resource on critical infrastructure, manufacturing, O&G, P&U, pharmaceuticals, and industrial automation.

Prior to joining the firm, Williams was the Global Vice President of Critical Infrastructure Protection at Parsons Corporation spearheading and leading the CIP cybersecurity division. Williams was instrumental in developing business with key accounts, creating the product offering and services, co-developing all collateral, growing the team, and establishing Parsons’ strategic partnership with FireEye.

Williams is a frequent speaker at OT and ICS industry events like ICIT’s televised cybersecurity panel for securing the electric grid, Transitech, and GiSEC. His background in industrial control systems and cybersecurity gives him the ability to assist clients in the challenging and often hard to understand OT cyber market.

Williams holds a Bachelor of Science in Electrical Engineering from Rochester Institute of Technology. He is a member of the Syracuse Schools Cybersecurity Advisory Council in Syracuse, N.Y.