The Control Systems Ecosystem – Asset Owners

May 31, 2018


This session will go into who are all the end-user participants in this ecosystem, with a few views into some specific systems.  We will identify an extensive list of industry verticals, which deploy control networks to include Oil, Gas, Natural Gas, Chemical, Electric (big to rural collective), Gas Distribution, Manufacturing (multi-subvert), Water, Transportation, Waster Water, Communications, Buildings, Healthcare and Military Systems.

This session will address questions to include:  Who owns these systems?  Who uses them? And who is responsible for security?

NOTE: This meetup has already taken place.  Paid members are able to access the recorded content at

Discussion Leader: Steve Mustard

Steve Mustard, is an independent automation consultant and subject-matter expert of the International Society of Automation (ISA) and its umbrella association, the Automation Federation. He also is an ISA Executive Board member. Backed by nearly 30 years of software development experience, Mustard specializes in: the development and management of real-time embedded equipment and automation systems; and the integration of real-time processing, decision-support and other disparate systems to improve business processes. He serves as president of National Automation, Inc.

Mustard is a recognized authority on industrial cybersecurity, having developed and delivered cybersecurity management systems, procedures, training and guidance to multiple critical infrastructure organizations. He serves as the Chair of the Automation Federation's Cybersecurity Committee. Mustard is a licensed Professional Engineer, UK registered Chartered Engineer, a European registered Eur Ing, an ISA Certified Automation Professional® (CAP®) and a certified Global Industrial Cybersecurity Professional (GICSP). He also is a Fellow in the Institution of Engineering and Technology (IET) and a Senior Member of ISA.

Discussion Leader: Paul Piotrowski

Paul Piotrowski is currently an Automation Engineer in Shell’s Global PCD Integrity Organization (Process Control Domain). Paul consults globally on PCD Security issues for large global capital projects for all Shell Operating Assets. He has spent over 16 years in Shell in various security roles including network operations, risk governance and compliance, audit, incident management, forensics and project management. He has travelled extensively for Shell allowing him the opportunity to work across diverse set of cultures and landscapes which have shaped his view of the world.

Paul possesses the valuable hybrid skill set of Operations Technology (OT) and Information Technology (IT). Through visiting and working at over 50 Shell assets globally he understands how to embed practical solutions between “operations” and “corporate IT” that reduce an organization's cyber security risk while minimizing operational impact. Paul is amid becoming a certified SANS ICS Security Instructor for the GISCP course.

He holds a B.SC degree in Computer Science with a minor in management. He holds several certifications including the GICSP (Global Industrial Cyber Security Professional) and CISSP. In addition, he has participated in several executive development programmes. He is based out of the Calgary, Canada.