Establishing Standards and Impacting Economic and Workforce Development
Objectives: To establish a workshop and follow-on activities that brings together a community of practice focused on industrial cybersecurity education, training and workforce development efforts to include government, academia, and industry. We will be leveraging some of INL’s existing research to align training frameworks and assessment frameworks, currently expressed in our CYBER-CHAMP© maturity model and other recent analysis and industry pilots. The workshop is designed to integrate stakeholders and practitioners with similar interest in a consolidated framework, develop common views on career pathways in OT cyber security, and map foundational pedagogical paradigms to educate and train our workforce.
- Foster creation and maintenance of industrial cybersecurity education and training standards.
- Establish a repository of existing training and education materials.
- Document gaps for further development (based on preliminary studies and assessments of curriculum and standards).
- Exchange ideas to implement training and education standards.
- Build and maintain relationships of trust for standards creation and maintenance across diverse institutions and educators including DHS, DOE, DOD, academia, and commercial entities.
Tuesday, November 10, 2020
9:00 AM-3:30 PM MST
(11:00 AM-5:30 PM EST)
Virtual online event
Once registration is confirmed, virtual links
and information will follow.
REGISTRATION HAS CLOSED!
For additional information, contact: firstname.lastname@example.org
Zachary (Zach) Tudor is the associate laboratory director of Idaho National Laboratory’s National and Homeland Security (N&HS) directorate. INL’s N&HS is a major center for national security technology development and demonstration, employing 550 scientists and engineers across $300 million in programs. N&HS is responsible for INL’s Nuclear Nonproliferation, Critical Infrastructure Protection, Defense Systems and Homeland Security missions. These missions include safeguarding and securing vulnerable nuclear material, enhancing the overall security and resilience of the nation’s infrastructure, and providing protective system solutions and heavy manufacturing of armor for national defense. N&HS supports major programs for the Department of Defense (DOD), Department of Homeland Security (DHS) and the Intelligence Community.
Tudor was previously a program director in the Computer Science Laboratory at SRI International, where he served as a management and technical resource for operational and research and development cybersecurity programs for government, intelligence and commercial projects. He supported DHS’ Cyber Security Division on projects including the Linking the Oil and Gas Industry to Improve Cybersecurity consortium, and the Industrial Control Systems Joint Working Group. He has served as a member of the (ISC)2 Application Security Advisory Board and the NRC’s Nuclear Cyber Security Working Group, and vice chair of the Institute for Information Infrastructure Protection at George Washington University.
Prior to SRI, Tudor led a team of cybersecurity engineers and analysts directly supporting the Control Systems Security Program at DHS, whose mission is to reduce the cybersecurity risk to critical infrastructure systems. Past assignments include on-site deputy program manager for the National Reconnaissance Office’s worldwide operational network, information security manager for the Secretary of Defense Chief Information Officer Enterprise Operations Support Team; security management support for the Centers for Medicare and Medicaid Services; and several seniorl-evel consulting positions including vice president of SAIC’s Enabling Technology Division, and senior manager for DOD programs at BearingPoint’s Security Practice.
A retired U.S. Navy Submarine Limited Duty Electronics Officer and chief data systems technician, Tudor holds an M.S. in information systems concentrating in cybersecurity from George Mason University, where he also was an adjunct professor teaching graduate courses in information security.
His professional credentials include the Certified Information Systems Security Professional, Certified Information Security Manager, and Certified Computer Professional.
Senator Jim Risch
Jim Risch, currently serving a second term as Idaho’s 28th Senator, holds a longstanding commitment to public service and a passion for good government. Known for “pragmatic decision-making,” Risch is what his peers call a “no-nonsense, get-the-job-done leader” with more than four decades of experience in elected office. He has been recognized by the National Journal as the “Most Conservative” Senator in the United States Senate.
Risch brings his pragmatic, results-focused approach to governance to the Senate Foreign Relations Committee, where he serves as chairman for the 116th Congress. As the lead Republican on the committee, Risch is focused on protecting the security and interests of the American people, in addition to continuing to advance U.S. prosperity and leadership in the world. He is confronting many issues that hit home across Idaho, like advancing the interests of Idaho citizens and businesses in international trade and investment, promoting Idaho exports, guarding Idaho interests in the Columbia River Treaty talks, supporting human rights and confronting the problem of sex trafficking.
During the 115th Congress, Risch served as chairman of the Senate Committee on Small Business and Entrepreneurship where he successfully passed several initiatives to improve cybersecurity resources for small businesses, cut red tape and reduce regulations, and improve small business access to capital. He will continue working for Idaho’s small businesses as an active member of the committee during the 116th Congress.
Risch also represents Idaho’s interests on the Energy and Natural Resources Committee, giving Idaho a voice in legislation that dramatically shapes the West, and he serves on the Select Committee on Intelligence and the Select Committee on Ethics.
During his service as Idaho’s 31st governor, Risch lowered property taxes by 20 percent providing much-needed tax relief to Idaho taxpayers, while setting aside $100 million in a rainy day fund for schools. He also designed a plan to manage Idaho’s roadless areas and supervised the adoption of a rule that effectively prohibits the construction of traditional mercury-releasing pulverized coal power plants. Both measures earned Risch bipartisan acclaim for his pragmatic approach to natural resource issues and land management.
As governor, Risch also accomplished a number of initiatives to create a streamlined and effective government. He transformed Idaho’s executive office by opening regional offices throughout the state, enhancing communication and responsiveness to Idahoans. Risch also succeeded in a major reorganization of Idaho’s Department of Health and Welfare that allowed for more efficient administration and cost savings.
As a twice-elected lieutenant governor, Risch earned a reputation as an advocate for smart economic development. He continues to work with businesses-new and old alike-to ensure continued prosperity for the people and places of Idaho.
Senator Risch began his career in public service at the age of 27, when he was elected to two terms as Ada County prosecuting attorney. Following his tenure as president of the Idaho Prosecuting Attorneys Association, he served 11 elected terms in the Idaho State Senate. His time as senator was highlighted by his quick election to the leadership positions of majority leader and Senate president pro tempore, serving in the top two positions of Senate leadership for 19 of his 22 years.
Senator Risch earned a Bachelor of Science degree in Forestry from the University of Idaho, and a Juris Doctor degree from the University of Idaho, College of Law. He served on Law Review and the College of Law Advisory Committee at the University of Idaho and has taught criminal law at Boise State University. He was a small business owner, a rancher/farmer and senior partner in the Risch Goss Insinger Gustavel Law firm at the time of his election to the U.S. Senate.
Senator Risch and his wife Vicki have been married for 50 years. Their commitment to Idaho and their work together earned them the distinction of being selected as Idaho’s Healthy Marriage Ambassadors in 2007. They have three married sons and nine grandchildren. They live on a ranch outside of Boise and maintain an apartment in Washington, D.C.
Sean Plankey is the Principal Deputy Assistant Secretary for Office of Cybersecurity, Energy Security, and Emergency Response (CESER) at the Department of Energy.
Prior to joining the Department of Energy, Mr. Plankey served on the National Security Council as the Director for Maritime and Pacific Cybersecurity Policy, where he designed national security policy to address threats from cyberspace. He has also served as the Global Cyber Intelligence Advisor for BP, and as the Deputy Chief Information Officer for U.S. Navy Intelligence.
Mr. Plankey served 13 years as an officer in the U.S. Coast Guard, including a tour as the Offensive Weapons & Tactics Chief at US Cyber Command. During this time, he completed a deployment to Afghanistan, where he was the first U.S. Coast Guard Officer deployed to Afghanistan to conduct offensive cyber operations. He also held the role of Operations Officer and Law Enforcement Boarding Team Leader for two Coast Guard Cutters, one deployed on the Great Lakes and the other in the Bering Sea and Gulf of Alaska.
Mr. Plankey is a graduate of the U.S. Coast Guard Academy and of the University of Pennsylvania’s School of Engineering and Applied Sciences. He holds multiple professional cybersecurity and information technology certifications.
Workshop Steering Committee Members:
– Sean McBride
Sean McBride is the Industrial Cybersecurity Program Coordinator within the College of Technology at Idaho State University and Joint Appointee with Idaho National Laboratory. Within Idaho State University’s Energy Systems Technology Education Center (ESTEC) and functioning as a joint appointee with the Idaho National Laboratory, Sean McBride infuses engineering technology students with critical cybersecurity skills.
Sean joined ISU after leaving FireEye, where he developed the firm’s Industrial Control Systems (ICS) security business strategy. Sean’s professional accomplishments include pioneering work in threat and vulnerability intelligence, which evolved into the DHS ICS-CERT, and co-founding Critical Intelligence to focus on the unique intelligence needs of industrial entities.
Over the past decade, Sean has written extensively for his customers, provided expert analysis for the popular press, and briefed the results of his work at leading professional conferences such as RSA and S4.
Sean earned an MBA in the NSA Scholarship for Service Program at ISU in 2006. He earned a Masters in Global Management from Thunderbird – Arizona State University in 2010. He is a doctoral candidate at La Trobe University.
– Shane Stailey
Shane Stailey is a Senior Industrial Control Systems Cybersecurity Professional with three decades of success in learning, teaching, broadening, and applying information across multiple business streams with a spectrum of technical variety. Shane specializes in combining creative thinking, outside the box analysis, and practitioner level application to solve real world problems. As a first generation Master’s and Doctoral level educated professional he is well aware of the value that can come from merging ‘pure work’, ‘consistent learning’, and ‘determined perseverance’, despite life’s adversities, to reach professional and personal goals and accomplishments.
Undergraduate degree in Electrical Engineering Technology from NMSU. Graduate degrees include: Computer Information Systems, University of Phoenix; Master of Science in Management – Information Systems Security, Colorado Technical University. Post-graduate degree is Doctor of Computer Science – Information Assurance.
Credentials. ISC2: (CISSP) Certified Information Systems Security Professional-2010; EC-Council: (CEH) Certified Ethical Hacker-2014; Project Management Institute: (PMP) Project Management Professional-2019
– Diane Burley
Diana L. Burley, Ph.D., is Vice Provost for Research at American University (AU) where she is also Professor of Public Administration and Policy and Professor of IT & Analytics.
Named one of SC Magazine’s Eight Women in IT Security to Watch in 2017 and the 2017 SC Magazine ReBoot awardee for educational leadership in IT security, Dr. Burley is a cybersecurity expert who regularly conducts cybersecurity training for executives across North America, Asia, Europe and the Middle East on managing cybersecurity risk, assessing the threat environment, and strengthening organizational cybersecurity posture.
She has testified before Congress, is a member of the US National Academies Board on Human-Systems Integration, and an affiliated researcher with the Cyber Operations Group of the Johns Hopkins University Applied Physics Laboratory. Prior to AU, Dr. Burley was a professor at George Washington University where she directed the Institute for Information Infrastructure Protection (I3P) – a 26-member national consortium dedicated to strengthening the cyber infrastructure of the United States. She led the Cyber Corps program and managed a multi-million-dollar computer science education and research portfolio for the US National Science Foundation, and has written over 90 publications on cybersecurity, information sharing, and IT-enabled change; including her 2014 co-authored book “Enterprise Software Security: A Confluence of Disciplines.”
Honors include: 2016 Woman of Influence- by the Executive Women’s Forum in Information Security, Risk Management and Privacy; the 2014 Cybersecurity Educator of the Year; and a 2014 Top Ten Influencer in information security careers. She is the sole recipient of both educator of the year and government leader of the year awards from the Colloquium for Information Systems Security Education and has been honored by the U.S. Federal CIO Council for her work on developing the federal cyber security workforce.
She holds a BA in Economics from the Catholic University of America; M.S. in Public Management and Policy, M.S. in Organization Science, and Ph.D. in Organization Science and Information Technology from Carnegie Mellon University where she studied as a Woodrow Wilson Foundation Fellow.
– Drew Hamilton
John A. “Drew” Hamilton, Jr., Ph.D., is a professor of Computer Science and Engineering and Director of Mississippi State University’s Center for Cyber Innovation. Previously he served as Alumni Professor of Computer Science and Software Engineering at Auburn University where he established Auburn’s Cyber Security program. He is a Fellow and former President of the Society for Modeling & Simulation, International (SCS), and former Chair of ACM’s Special Interest Group on Simulation (SIGSIM).
During his active duty career in the United States Army, he commanded HQs & HQs Battery, 1st Bn. 5th Field Artillery, Battery A, 8th Bn., 8th Field Artillery, Service Battery, 1st Bn, 8th Field Artillery and Battery F (sep), 7th Field Artillery and qualified in nuclear/chemical targeting. Dr. Hamilton served as the first Director of the Joint Forces Program Office at SPAWAR working command & control interoperability and on the Electrical Engineering & Computer Science Faculty of the United States Military Academy, as well as Chief of the Ada Joint Program Office. Dr. Hamilton is a graduate of the Naval War College with distinction.
– Frank J. Cilluffo
Frank J. Cilluffo is the director of Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security. Cilluffo is a member of the Cyberspace Solarium Commission and the Department of Homeland Security’s Advisory Council, and he’s routinely called upon to advise senior officials in the executive branch, U.S. Armed Services, and state and local governments on an array of matters related to national and homeland security strategy and policy. In addition to briefing Congressional committees and their staffs, he has publicly testified before Congress on numerous occasions, serving as a subject matter expert on policies related to cyber threats, counterterrorism, security and deterrence, weapons proliferation, organized crime, intelligence and threat assessments, emergency management, and border and transportation security. Similarly, he works with U.S. allies and organizations such as NATO and Europol. He has presented at a number of bi-lateral and multi-lateral summits on cybersecurity and countering terrorism, including the U.N. Security Council.
Following the Sept. 11, 2001 terrorist attacks, Cilluffo was appointed by President George W. Bush to the newly created Office of Homeland Security. There, he was involved in a wide range of homeland security and counterterrorism strategies, policy initiatives and served as a principal advisor to Director Tom Ridge, directing the president’s Homeland Security Advisory Council.
Cilluffo then joined George Washington University in 2003, establishing the Center for Cyber and Homeland Security as a prominent nonpartisan “think and do tank” dedicated to building bridges between theory and practice to advance U.S. security. He served as an associate vice president where he led a number of national security and cybersecurity policy and research initiatives. He directed the Center for Cyber and Homeland Security and, with the School of Business, launched the university’s World Executive MBA in Cybersecurity program.
Prior to his White House appointment, Cilluffo spent eight years in senior policy positions with the Center for Strategic and International Studies, a Washington-based think tank. There, he chaired or directed numerous committees and task forces on homeland defense, counterterrorism and transnational organized crime, as well as information warfare and information assurance.
He has published extensively in academic, law, business and policy journals, as well as magazines and newspapers worldwide. His work has been published through ABC News, Foreign Policy, The Journal of International Security Affairs, The National Interest, Parameters, Politico, Studies in Conflict and Terrorism, USA Today, U.S. News & World Report, The Washington Quarterly and The Washington Post. He currently serves on the editorial advisory board for Military and Strategic Affairs, and has served as an on-air consultant for CBS News and as a reviewer for a number of publications and foundations.
– Amy Shaw
Amy Shaw is the Director of Compliance, Risk and Security at Idaho Power Company. As Idaho Power’s Compliance, Risk & Security Director, Amy oversees the teams focused on the risk management, cyber security, physical security, regulatory compliance, and environmental compliance activities of the company.
Amy has been with Idaho Power for over 15 years. Prior to joining Idaho Power, she worked in public accounting for Deloitte & Touche. Amy has a Bachelor of Science in Business with a focus in Accounting from the University of Idaho, and is a Certified Public Accountant and a Certified Information System Auditor. Amy serves on the University of Idaho Accounting Advisory Board as well as the Steering Committee for the Western Interconnection Compliance Forum, an information sharing organization for utilities in the Western Interconnection.
Idaho Power is headquartered in Boise, Idaho and has an employee base of @ 2,000 people and as an electric utility is engaged in generation, transmission, distribution, and the sale and purchase of electric energy. The bulk of Idaho Power’s generating ability comes from 17 hydroelectric power plants and is one of the nation’s few investor-owned utilities with such a significant hydroelectric generation base.
– Wayne Austad
Wayne Austad is the Chief Technology Officer for the National and Homeland Security Directorate at Idaho National Laboratory (INL) and Chief R&D Officer for CyManII, a Manufacturing USA institute focused on economically viable and pervasive cybersecurity in automation and supply chain.
Wayne leads the Secure & Resilient Physical Systems Initiative was previously the Technical Director of INL’s Cybercore Integration Center and created the original Cybercore Program Office and led outreach to national labs and academic institutions to build a collaborative, interdisciplinary teaming environment. He is the founding Chair of the Cyber Partnership for Advancing Resilient Control Systems (CyberPARC), a formal, self-organized collaboration between INL, Pacific Northwest National Laboratory, and Sandia National Laboratories.
Previously, as Director of INL’s Mission Support Center, he led a senior technical group that developed new methods for analysis of targeted cyber threats, provided technical context for mitigation priorities, and created new paradigms for information sharing between industry infrastructure owners, threat analysis teams, and government leaders. He also served as the Director of the Special Programs Division, which developed special technology and analysis for Defense and Intelligence agencies in advanced materials, trace detection, nuclear nonproliferation, electronic warfare modeling, information operations, and wireless communications systems.
Mr. Austad was the founding program manager for communications research programs at INL, coordinating multi-customer efforts to create the industry-scale Wireless Test Bed to evaluate the interoperability, performance, and security of new technologies within INL’s Critical Infrastructure Test Range Complex. As a past group lead for INL’s cybersecurity R&D organization, he was technical consultant to Department of Homeland Security Control Systems Security Test Center (pre-cursor to ICS-CERT) and the DOE’s Supervisory Control and Data Acquisition (SCADA) Test Bed; and led several discretionary research projects to systematically assess vulnerabilities in power SCADA systems and design innovative protective solutions. He started his career at INL in Artificial Intelligence & Simulation, working on hybrid neural network / expert systems, machine health monitoring, and 3D simulation environments for real-time robotic control.
Mr. Austad graduated with a MSEE and BSEE from the University of Wyoming with emphasis in Digital Signal Processing and Computer Engineering.
– Dongyan Xu
Dongyan Xu is a Samuel D. Conte Professor of Computer Science and Director of CERIAS, Purdue’s cybersecurity research center. His research focuses on cyber and cyber-physical security. He has also made early contributions to the areas of cloud computing and peer-to-peer media streaming/distribution. He is part of the Purdue System Security Lab (PurSec).
For computer system security, Xu and his students have been developing virtualization-based systems for capturing, investigating, and defending against stealthy computer malware (e.g., worms, rootkits, bots, and APTs). His team is also developing reverse engineering techniques for the analysis of binary artifacts such as binary programs and memory images. For cloud computing, Xu and his students have been developing advanced techniques for the creation, management, and performance optimization of virtual networked infrastructures on top of physical cloud infrastructures.
Xu received six Seed for Success Awards from Purdue University, a CAREER Award from the National Science Foundation (2006), and seven Best Paper/Best Student Paper Awards from the International Symposium on Recent Advances in Intrusion Detection (RAID 2008), ACM Symposium on Cloud Computing (SoCC 2011), IEEE/ACM International Conference on Automated Software Engineering (ASE 2013), USENIX Security Symposium (2014, Best Student Paper), ACM Conference on Computer and Communications Security (CCS 2015), Network and Distributed Systems Security Symposium (NDSS 2016), and USENIX Security Symposium (2017). He served on the Editorial Board of the ACM Transactions on Autonomous and Adaptive Systems (TAAS) and has served on program committees of major security and cloud computing conferences (e.g., CCS, NDSS, S&P, USENIX Security, and SOCC). He was selected a University Faculty Scholar in 2012 and has received the College of Science Undergraduate Advising (2008), Graduate Advising (2014), Leadership (2013, 2016), Research (2015), and Team (2015, 2017) Awards. Past and current sponsors of Xu’s research include the AFOSR, AFRL, Army CERDEC, DARPA, IARPA, NSA, NSF, ONR, Sandia National Labs, Cisco Systems, DOCOMO USA Labs, ETRI, Microsoft Research, Northrop Grumman, Vencore Labs, Southwest Research Institute, and Purdue Research Foundation. He has been involved in research grants totaling more than $30 million and has been the PI of research projects totaling more than $18.5 million.
Program Committee Members:
Joshua Duersch, Interim Dept. Chair of IT Services and Cyber Security Programs, College of Eastern Idaho
Michael Haney, Assistant Professor of Computer Science, Center for Secure and Dependable Systems, University of Idaho
Larry Liebrock, Visiting Professor, College of Science/Engineering (COSE), Idaho State University
Sin Ming Loo, Professor, Department of Electrical and Computer Engineering, Director of the Cyber Lab for Industrial Control Systems (CLICS), Boise State University
Paris Stringfellow, leads CyMANII Trustworks and is Program Director for the Risk Engineering and System Analytics Center, Clemson University
Geanie Umberger, Executive Director of P-CAP (Purdue Cyber Apprenticeship Program) and Clinical Professor, Purdue University