14th Annual Security
& Compliance Summit
Abstracts and Bios
& Compliance Summit
We are pleased to welcome our 2018 presenters and speakers! Click each title to view the abstract and speaker bios.
Summit 2018 - Speaker
The digitalization of utilities promises to optimize the supply and demand of electricity, manage the increasing number of renewable sources of energy and micro grids while offering efficiency improvements for consumers. Furthermore, the large volumes of data generated, combined with predictive analytics allows utilities to transition to a proactive mode of asset management. Such a far-reaching digital transformation comes with many challenges for critical infrastructures, with cyber security near the top of the list. Although NERC CIP compliance is essential to ensure a common baseline across the industry, it cannot be the only measure used by power utilities to manage their security risks. To keep the electric grid secure and reliable, a proactive security program must be put in place, taking full advantage of modern technology, up to date processes and a highly trained workforce.
As part of his 30 years of experience in all aspects of security, Gaétan has held several senior positions in the Canadian Federal Government, including Chief Engineer Communications Security with the Department of National Defence, Director Corporate Security with the Department of Foreign Affairs and Consul at the Canadian Embassy in Peru, following the 1996-97 terrorist crisis in Lima.
In the private sector, he has worked as Chief Security Officer for several multinational corporations such as Bombardier Aerospace, Airbus Group (Paris, France) and Bell Canada, where he personally wrote the security plan to protect the telecom infrastructure for the 2010 Winter Olympics in Vancouver. In 2016, after having worked for four years as the National Cybersecurity Practice Leader for Ernst & Young Canada, Gaétan joined SNC Lavalin as the Principal Security Architect where he and his team help clients in the energy industry protect their critical infrastructure.
Gaétan has a Bachelor’s degree in Electrical Engineering from the Royal Military College of Canada and an MBA from the Jones International University. He is a member of the Professional Engineers of Ontario, and is also an active member of the IEC TC57 WG 15, an international working group dedicated to the development of advanced security standards used by power utilities.
Historically, NERC CIP compliance has been a manually intensive, complex process. This talk will share ideas on how to ease the process of patch and vulnerability management and outline how asset owners can automate asset inventory (identification of device part number, firmware version, vendor, model, serial number) in a passive way for all their substation assets, thus eliminating site visits and manual processes, while ensuring a more accurate inventory without the risk of data entry errors.
Brian has spent most of his career (13+ years) as a ICS/SCADA cybersecurity engineer and cybersecurity team lead working for two progressive California Investor Owned Utilities (IOUs). He holds a variety of technical certifications, including the Global Industrial Control System Professional (GICSP), Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), and is certified in project management from University of California at Irvine. In 2013, Brian was presented with the Critical Infrastructure Private Sector award from Securing our eCity, a San Diego based cybersecurity non-profit organization. In 2016, Brian was a co-inventor of a R&D magazine top 100 award winner for one of the top inventions of the year relating to a GPS anti-spoofing mitigation technology.
Brandon Workentin joined SecurityMatters as an ICS Security Engineer in 2017. Prior to that, Brandon worked for EnergySec, where he started as an intern in 2014 and finished as a Cybersecurity Analyst II. At EnergySec, Brandon focused on security regulations, including the NERC CIP cybersecurity standards, as well as threats, research, and news affecting the electric industry. He was also involved in the creation of the EnergySec Information Sharing and Analysis Organization (ISAO), as well as a member of multiple ISAO Standards Organization Working Groups. Prior to joining the cybersecurity field, Brandon spent several years teaching math and English in Idaho and Oregon.
Brandon also enjoys public speaking, having presented at BSides Tampa 2017, regularly providing briefings to electric industry groups, and working with !NTERRUPT, a non-profit focused on introducing cybersecurity to high school students. He has a Bachelors of Arts in Mathematics and English Education from Northwest Nazarene University and an Associates of Science in Cybersecurity and Networking from Mt. Hood Community College.
Top Concerns for the ICS manager: What’s missing in ICS environments? Top security gaps in an ICS network.
1. Understanding what you have in your network
2. Threat Detection in the OT environment
3. Blindspots of physical access to devices
Barak Perelman, CEO
Before founding Indegy, Perelman led several multi-million dollar cyber security projects at the IDF and received commendation for this service and achievements. He is a graduate of the elite Talpiot military academy and has over 15 years of hands-on experience in cybersecurity and protection of critical infrastructures. Perelman holds a B.Sc. in computer science, physics and math, and an MBA from the Tel Aviv University.