Agenda
Note: Subject to change
Theme: Navigating change, uncertainty and threats to energy and beyond: Safeguarding critical infrastructure from cyber-physical attacks
Monday, June 2, 2025
9:00 am - 5:00 pm
EC Council Workshop: Introduction to ICS/SCADA Cybersecurity
A full-day hands-on course hosted by EC Council covering fundamentals of ICS/SCADA threat analysis, network design, and incident response within a realistic simulated ICS environment.
> View agenda
Tuesday, June 3, 2025
8:00 - 9:00 am
Welcome Continental Breakfast & Coffee
9:00 - 10:15 am
Addressing the Culture Chasm Between CISO and Ops: Who is in Charge of OT Cybersecurity?
This session brings together OT cybersecurity experts to explore the cultural and operational divide between traditional IT security leadership and on-the-ground operations teams in the realm of OT cybersecurity. Panelists will examine how the differing priorities and mindsets of CISOs and operational teams contribute to a persistent "culture chasm" and discuss innovative strategies for bridging these gaps. By delving into real-world challenges and case studies, the session will clarify who should be accountable for OT cybersecurity and outline actionable approaches for aligning risk management, operational resilience, and effective decision-making across organizational boundaries.
Joe Weiss
Managing Partner
Applied Control Solutions, LLC
profile
Founder & CEO
Tinkerer Borg LLC
profile
Sr. Manager of Threat Hunting
Forescout Technologies
profile
10:15 - 10:45 am
Networking Coffee Break
10:45 - 12:15 pm
Cybersecurity for Operational Technology
This panel delves into the unique challenges and evolving threat landscape facing industrial environments and critical infrastructure. Experts will explore best practices for securing OT networks -- from robust asset management and network segmentation to real-time monitoring and tailored incident response strategies -- while addressing the complexities of integrating IT and OT security cultures. Attendees will gain practical insights into mitigating risks associated with legacy systems, regulatory compliance, and operational constraints, equipping them with actionable strategies to enhance the resilience and continuity of their critical operational systems.
Brian Burnett
Director of Cybersecurity, Business Information and Technology Services
North Carolina's Electric Cooperatives
profile
Director, Center for Securing Digital Energy Technology
Idaho National Laboratory
profile
Senior Cybersecurity Researcher
National Renewable Energy Laboratory (NREL)
profile
12:15 - 1:15 pm
Lunch Break
1:15 - 2:15 pm
Gen AI and Agentic AI Usage in ICS Cybersecurity
This session discusses the use of GEN AI and Agentic AI in industrial control systems cybersecurity. GenAI can be used to simulate attacks, generate threat scenarios, and assist with policy and vulnerability management. Agentic AI focuses on autonomous tasks and their orchestration in cybersecurity systems. Large Language Models and Digital Twins are the backbone of these systems. After setting this background, we will focus on how Microsoft is dealing with common AI attacks that occur in GEN AI and Agentic AI systems. Through live demos, we will explain how an organization should safeguard against AI-driven risks in Gen AI and Agentic AI applications.
Chief Technology Officer
CybsecBCML, Inc
profile
Sr. Technical Specialist
Microsoft
profile
2:15 - 2:45 pm
AI-Powered Cloud Security: Defending Cloud Workloads from Next-Gen Cyber Threats
As AI-powered cloud workloads continue to scale, so do sophisticated cyber threats targeting AI models, cloud infrastructure, and data pipelines. Adversarial AI attacks, cloud misconfigurations, and automated malware are evolving, forcing security teams to rethink their defensive strategies. This session will highlight real-world attack scenarios and defense mechanisms, including securing generative AI models against adversarial attacks, AI-driven threat detection, and Zero Trust architectures for AI workloads. Attendees will walk away with actionable strategies to protect AI applications and cloud environments from next-gen threats.
Key Takeaways:
- Understand the latest AI-driven cloud threats (adversarial AI, model poisoning, API attacks)
- Learn security best practices for AI-hosted cloud applications
- Explore AI-powered threat detection and Zero Trust security models
- Analyze real-world security incidents involving AI workloads
- Gain hands-on knowledge of AI security defense strategies for DevSecOps teams
Senior Site Reliability Engineer
Broadcom
profile
1:15 - 1:45 pm
Golden Rules for Industrial Cybersecurity
In today's evolving threat landscape, industrial environments face unique cybersecurity challenges that require more than just compliance -- they demand resilience. This session outlines the golden rules of industrial cybersecurity, combining strategic principles with practical implementation guidance. The presentation will explore leading frameworks such as IEC 62443 and the NIS T Cybersecurity Framework and show how they support a risk-based approach to securing Operational Technology (OT). Attendees will learn why asset visibility, network segmentation, and continuous risk assessment are foundational pillars of a strong cybersecurity posture.
The session will also tackle the often-overlooked challenge of aligning regulatory compliance (e.g., the Cyber Resilience Act, Machinery Directive) with real-world security needs -- bridging the gap between paperwork and protection. To ground these principles in reality, the session will analyze recent cyber-physical incidents in the U.S., including ransomware attacks on critical infrastructure. These cases will illustrate common vulnerabilities in industrial control systems (ICS), their operational impacts, and what we can learn from them.
Key Insights:
- Practical insights into IEC 62443 and NIST CSF application in OT
- Strategies for risk-based assessment and security mitigation
- Approaches to aligning compliance requirements with actual protection
- Lessons from real-world ransomware and ICS compromise incidents
Director of Cybersecurity & Integration
Bureau Veritas
profile
1:45 - 2:15 pm
Why VLANs Are a Poor Network Segmentation Solution in Industrial ICS/SCADA Environments
VLANs are a legacy solution that fail to meet the security and scalability demands of modern ICS/SCADA environments. They introduce significant risks due to misconfigurations, lack of visibility, and poor security segmentation. Additionally, protocols like 802.1x are outdated, overly complex, and no one likes them.
This session will break down why zero-trust principles -- built on segmentation, continuous verification, and least-privilege access -- are critical for securing operational technology. We'll explore how scalable solutions like proxy-based architectures, software-defined DMZs, and application-layer firewalls (L7) are replacing VLANs as the new standard for robust network security.
CEO
Trout Software
profile
2:15 - 2:45 pm
APT Group Attack Method Commonalities Against Critical Infrastructure
APT groups such as Typhoon have consistently exploited identity and access gaps across critical IT and OT systems leading to significant monetary and reputational damages. These breaches led to a dizzying array of new guidelines from federal agencies like NIST, CISA, and the EPA aimed at protecting US critical infrastructure from these emerging and dangerous threats.
In this session, Dr. Ymir Vigfussion compares real-world attack patterns against current federal guidance to uncover a critical insight: APT groups continue to succeed -- not because defenders lack standards, but because those standards don't address the attackers' preferred path. Fortunately, the research also points to an efficient way to detect and block APTs before they reach sensitive systems.
This session will cover:- The most common methods and protocols exploited by state-sponsored attackers and other APT groups
- An analysis of the 2024-2025 best practices for critical infrastructure from CISA, NIST, and the EPA
- The most efficient and effective detection point and method to stop APT groups
Professor of Computer Science, Emory University
CTO, Keystrike
profile
2:45 - 3:15 pm
Networking Coffee Break
3:15 - 4:15 pm
Next-Generation Cybersecurity Standards -- Bridging IEC 62443 and TEIA for Industrial IoT Security
As industrial control systems evolve, so must our approach to securing them. This panel brings together leading experts to explore how integrating IEC 62443's system-level security with TEIA's device-level trust model creates a comprehensive, zero-trust architecture for industrial IoT. Panelists will share real-world case studies, tackle key integration challenges, and provide practical strategies for securing IT/OT environments. Join us to gain actionable insights on leveraging these complementary standards to enhance resilience, scalability, and interoperability in critical infrastructure cybersecurity.
Chief Security Officer and Senior Vice President
Intertrust
profile
Director, Intelligent Systems
Mayman Aerospace
Senior Technology Advisor
JERA Co., Inc.
profile
4:15 - 4:45 pm
Securing Critical Infrastructure: A Case Study in Proactive Exposure Management
In today's landscape of escalating cyber threats, ensuring the security of critical infrastructure is paramount. This presentation will share a case study exploring how a leading U.S. energy provider, operating a vast and complex IT/OT environment, successfully addressed significant security gaps. Faced with the challenge of maintaining essential electrical services while mitigating risks from sophisticated cyberattacks and system failures, the organization requires comprehensive network visibility and proactive threat management.
Attendees will learn how integration with diverse IT/OT systems and advanced analytics capabilities enable the energy provider to achieve superior clarity on exposures and risks, strengthening their defense and highlighting the importance of proactive exposure management and the transformative impact of leveraging advanced network security solutions in high-risk environments.
CTO
RedSeal Networks
profile
5:00 - 6:30 pm
Networking Reception
6:30 - 8:30 pm
Drinks & Dinner co-hosted by Bureau Veritas and Business France
Fireside Chat: Regulatory Shifts & Business Resilience: What Cybersecurity Leaders Need to Know
As global frameworks like NIS2, DORA, the EU AI Act, and CMMC reshape the compliance landscape, leaders must adapt fast to stay secure, competitive, and compliant. Join us for a practical and engaging conversation on how to navigate these regulatory shifts using international standards and build true business resilience.
- 6:30 pm -- Arrival & Welcome Drinks
- 7:00 pm -- Opening Words
- 7:10 pm -- Fireside Chat with Floris Duvekot
- 7:30 pm -- Networking Cocktail and Dinner
- 8:30 pm -- Closing
Wednesday, June 4, 2025
8:00 - 9:00 am
Coffee and Continental Breakfast
9:00 - 10:15 am
Cyber Risk Assessment and Development for Distributed Energy Resources
This session discusses methodologies for assessing cyber risks specific to DER environments, focusing on vulnerabilities inherent in interconnected renewable energy assets such as solar panels, wind turbines, and energy storage systems. Panelists will cover risk modeling, threat identification, and the development of tailored cybersecurity strategies to mitigate potential attacks that could disrupt grid stability. Gain insights into best practices for integrating cyber risk management into the development and deployment of DERs, ensuring a secure and resilient transition to decentralized energy generation.
Dr. Chee-Wooi Ten
Professor, Electrical and Computer Engineering
Director, Center for Cyber-Physical Systems
Michigan Tech
profile
Director of Cyber and Risk Management
Illinois Commerce Commission
profile
Product Manager for Solar & Energy Storage
Toshiba Mitsubishi-Electric Industrial Systems Corporation
profile
10:15 - 10:45 am
Networking Coffee Break
10:45 am - 12:00 pm
IT/OT Convergence: Cyber-Informed Engineering and Engineering-Informed Threats
This session explores the dynamic intersection of IT and OT environments by examining how cyber-informed engineering is reshaping system design and resilience, while also highlighting how engineering insights can drive more accurate threat modeling-what we term engineering-informed threats. Panelists will discuss strategies for integrating IT's data-driven analytics with OT's real-time operational demands, sharing case studies on how converged systems can proactively anticipate and mitigate cyber risks. Attendees will learn how to embed cybersecurity into the very fabric of engineering processes and, conversely, use engineering principles to refine threat detection and response, ultimately building robust, resilient infrastructures in an increasingly interconnected industrial landscape.
Dr. Chee-Wooi Ten
Professor, Electrical and Computer Engineering
Director, Center for Cyber-Physical Systems
Michigan Tech
profile
President and CEO
Cumulys
profile
Principal Advisor, Strategic Innovations
Midcontinent Independent System Operator (MISO)
profile
Director, Cybersecurity
National Rural Electric Cooperative Association (NRECA)
profile
Technical Relationship and Program Development | Cybercore Integration Center
Idaho National Laboratory
profile
12:00 - 1:00 pm
Lunch Break
1:00 - 2:15 pm
Resisting the Weaponization of the Energy Network
This panel will delve into emerging challenges such as vulnerabilities in distributed energy resources, the cybersecurity risks associated with IoT-enabled smart grids and peer-to-peer energy trading platforms, and the sophisticated techniques employed by state-sponsored adversaries. Power-based cyber attacks, Aurora attacks (eg., opening / closing breakers out of phase with the grid), and Volt/VAR attacks will be discussed, as will the integration of AI for threat analysis and the adoption of "secure by design" principles to fortify energy systems against weaponization. The session will also emphasize the need for coordinated public-private partnerships and policy innovations to ensure resilient, future-proof energy networks.
Patrick Miller
CEO
Ampyx Cyber
profile
Associate Professor, Electrical Engineering and Computer Science
University of Missouri
profile
Managing Partner
Applied Control Solutions, LLC
profile
2:15 - 2:45 pm
Coffee Break
2:45 - 4:00 pm
Risk Management Business Case
Escalating liability risks associated with data breaches in ICS/SCADA environments can lead to severe legal and financial repercussions. Focusing on the risk management business case, panelists will discuss how vulnerabilities in industrial control systems not only jeopardize operational continuity but also expose organizations to regulatory fines, litigation costs, and reputational damage. By analyzing real-world incidents and regulatory frameworks, the discussion will provide strategies to quantify potential breach liabilities and build a compelling business case for investing in advanced cybersecurity controls.
Senior Vice President, Technology and Security
The Beckage Firm
profile
Chief Technology Officer
kWh Analytics
profile
President
SRC Digital Insurance Services
profile
Dr. Sanju Abraham is the Chief Technology Officer at kWh Analytics, bringing over 20 years of experience in leveraging technology to drive business growth and transformation. In his role, he leads the development of innovative software solutions for the solar energy industry, utilizing data science, cloud computing, and web applications. Prior to joining kWh Analytics, Dr. Abraham served as CTO at QuickConnectMD, where he oversaw software development and IT for telemedicine and electronic health record systems. He also co-founded Quze and held leadership positions at Devx5 and SOCIALDEALER, focusing on product development and technological strategies. Dr. Abraham holds a PhD and an MBA in Computer Science from DePaul University.
Brian Burnett is an accomplished cybersecurity professional with over 15 years of experience in building and managing robust cybersecurity programs. Since November 2020, he has served as the Director of Cybersecurity at North Carolina's Electric Cooperatives, where he established and leads the organization's cybersecurity program, ensuring the security of both IT and operational technology environments. Prior to this, Brian held a number of key cybersecurity/IT positions including Information Security Manager at IQVIA and Senior IT Auditor at Cherry Bekaert LLP. Since August 2011, he has served as a part-time instructor at the American Public University System, teaching courses in cybersecurity and digital forensics. Brian holds a Master of Science in Cybersecurity from Utica College and a Bachelor of Science in Criminal Justice from Guilford College. His certifications include EnCase Certified Examiner and Certified Computer Forensics Examiner.
Florian Doumenc is the CEO and Co-Founder of Trout Software, a company dedicated to enhancing security for industrial and defense sectors. Since April 2022, he has led initiatives to protect facilities from cyber threats and simplify compliance processes. Prior to founding Trout Software, Florian served as a Strategic Cloud Engineer at Google from February 2018 to January 2023, focusing on security projects such as Chronicle and Quantum & AI at GoogleX. He also held roles as an Account Executive at Dataiku and Glow Digital Media, and was the CEO of Hi Karl, an NLP-based virtual concierge company. Florian holds a graduate degree in cybersecurity from Harvard Extension School.
Julian Durand is the Chief Security Officer and Senior Vice President of Product Management at Intertrust Technologies, bringing over 30 years of experience in launching and scaling innovative products globally. At Intertrust, he directs IoT product development and oversees security practices. Before joining Intertrust, Julian held leadership roles at Qualcomm, where he spearheaded product security initiatives, virtual SIM development, and the company's inaugural IoT efforts, contributing to significant revenue growth. He also served as the technical lead for Nokia's first music phone. An inventor named in ten issued patents across IoT, Digital Rights Management (DRM), and virtual SIM technologies, Julian holds a B.Eng from Carleton University and an MBA from the University of Southern California. He is a Certified Information System Security Professional (CISSP) and an active member of the Forbes Technology Council.
Floris Duvekot is the Director of Cybersecurity & Integration at Bureau Veritas in North America, where he leads the strategic integration of cybersecurity services. With a background in behavioral science and crisis management and a strong record of building teams focused on awareness, security culture, and crisis management. He is passionate about partnering with organizations in critical sectors?such as energy and infrastructure?to build digital resilience. Now based in Boston, Floris continues to drive cross-border collaboration and innovation in cybersecurity while actively engaging with industry leaders and communities across North America.
Abubaker Elteriefi, PE is a Power Systems Engineer with over twenty-five years of experience in transmission system planning, design, and operations. He has been with ITC Holdings Corp. since 2007. As Operational Planning Manager, Mr. Elteriefi oversees operational assessments, identifies potential System Operating Limit exceedances, and develops mitigation plans to ensure system reliability and efficiency. He also serves as a subject matter expert for multiple North American Electric Reliability Corporation (NERC) reliability standards. Prior to ITC, he worked at Alliant Energy as a Substation Design Engineer and Lead Delivery System Planner. Abubaker holds a Bachelor of Science degree in Electrical Engineering from Iowa State University and is a registered Professional Engineer in the branch of Electrical Engineering. He is also a NERC-certified system operator at the reliability coordinator level and an active member of the Southwest Power Pool (SPP) Operating Reliability Working Group.
Eduardo Giancristofaro is Business Development Director of OT at SSH Communications Security, where he is responsible the development of the industrial automation market across the Americas, focusing on the U.S. and Canada. With a career spanning over three decades, Eduardo began as a PLC/SCADA programmer in 1994 and transitioned into industrial communication network sales, specializing in providing secure access solutions for operational technology environments. Prior to joining SSH in September 2022, he served as Channel Sales Manager for Latin America at HMS Networks, achieving a 300% market growth over five years. His earlier experience includes roles at Siemens, where he managed and expanded the Marine and Cruise Line Business portfolio as an Account Executive, and at ProSoft Technology, Inc., where he was involved in sales, business development, and technical support. Eduardo holds a Technician degree in Electronics from Escola T?cnica E. Lauro Gomes (1988-1992) and a degree in Engineering with a focus on Electronics from Universidade Paulista (2001-2005). He is based in the Miami-Fort Lauderdale Area.
Jim Harmening has spent his entire career in the Information Technology Sector. From his time working as a full time Mainframe Computer Operator at the University of Illinois at Chicago, through starting with the Illinois Commerce Commission as the Director of Cybersecurity and Risk Management, he has focused his work on making improvements in IT & Cybersecurity. From 1995 to 2020 he served as the president of Computer Bits, Inc. a small software development, IT support and computer forensic company in the Chicagoland area. He focused on the legal industry, provided services to the Cook County Sheriff, Lake County Chief Assessment Office and Illinois Secretary of State, as well as many small businesses. Jim has a degree in Mathematics & Computer Science from the University of Illinois at Chicago and has written several chapters in college textbooks. He was an Encase Certified Forensic Examiner and has taken courses in ethical hacking, operational technology cybersecurity and exercise creation. He looks forward to improving Cybersecurity in the 21st century.
Katherine Hutton is Product Manager for OT Cybersecurity at Fluence, where she oversees the development of cybersecurity solutions for energy storage products, ensuring compliance with evolving threats and global regulatory standards. Her career includes roles such as Senior Strategy Consultant at StealthPath Inc., Business Data Analyst at Schneider Electric's Global Product & Systems Security Office, Research Scientist at the Army Cyber Institute, and Special Advisor in the Office of the Director at the U.S. Secret Service. Katherine holds an MBA from Duke University's Fuqua School of Business and a Master's in Cybersecurity Strategy and Information Management from George Washington University. She actively contributes to the cybersecurity community as a Fellow at the Atlantic Council's Veterans Advanced Energy Project, Chief Advisor for Women in CyberSecurity (WiCyS) UK & Ireland, and Advisory Board Member at the Technology Advancement Center (TAC).
Dr. Taesic Kim is an Associate Professor in the Department of Electrical Engineering and Computer Science at the University of Missouri, where he directs the Cyber-Physical Power and Energy Systems (CPPES) Laboratory. His research focuses on developing resilient and secure power and energy systems, encompassing areas such as cyber-physical security, artificial intelligence, quantum intelligence, and power electronics. Dr. Kim has secured multiple grants from organizations including the U.S. Department of Energy and the National Science Foundation, holds two U.S. patents, and has authored over 100 papers in refereed journals and IEEE conference proceedings. Prior to joining the University of Missouri in September 2024, he served as an Associate Professor at Texas A&M University-Kingsville. He earned his Ph.D. and M.S. degrees from the University of Nebraska-Lincoln and his B.S. from Changwon National University in South Korea.
Dr. Mike Lloyd has 35 years' experience in understanding fast-moving, complex systems. He has authored 21 patents on security and networking. Before RedSeal, Mike Lloyd was Chief Technology Officer at RouteScience (acquired by Avaya), where he pioneered self-optimizing networks. Mike served as principal architect at Cisco on MPLS VPN modeling. He joined Cisco through the acquisition of Netsys Technologies, where he was the senior network modeling engineer.
Mike holds a degree in mathematics from Trinity College, Dublin, Ireland, and a PhD in stochastic epidemic modeling from Heriot-Watt University, Edinburgh, Scotland.
Carter Manucy is the Director of Cybersecurity at the National Rural Electric Cooperative Association (NRECA), where he oversees a team dedicated to strengthening cybersecurity for over 900 electric cooperatives, leveraging federal funding, partnering with national labs, and developing programs and resources to bolster co-op cybersecurity. Before joining NRECA in February 2023, he served as the IT/OT & Cybersecurity Director at the Florida Municipal Power Agency (FMPA), where he led initiatives in cyber and physical security, as well as strategic execution of IT and OT cybersecurity measures. His efforts have been recognized by the Electricity Information Sharing and Analysis Center (E-ISAC), which awarded him the Electricity Security Service Award in October 2024 for his leadership in enhancing grid security. Manucy is also actively involved in professional affiliations, including chairing the Cyber Mutual Assistance Compliance Committee and participating in NERC's Critical Infrastructure Protection Committee (CIPC). He holds a degree from the University of Central Florida.
Shane McFly is a Senior Cybersecurity Researcher at the National Renewable Energy Laboratory (NREL), specializing in cyber-physical systems security, complex system architecture, and cyber range development for cybersecurity research exercises. Since joining NREL in 2019, he has led initiatives to integrate the Distributed Energy Resource Cybersecurity Framework with NREL's cyber range, enhancing the laboratory's capabilities in securing energy systems. In addition to his role at NREL, Shane serves as an Adjunct Faculty Instructor at the Colorado School of Mines, where he teaches courses on Cyber-Physical Systems Security. His prior experience includes positions at Boeing as a Software Engineer and the Information Trust Institute as a Research System Administrator, focusing on cybersecurity and networking research. Shane's research interests encompass vulnerability analysis, mitigation strategies, and the development of immersive tools for cybersecurity training and workforce development.
Patrick Miller, CEO and owner of Ampyx Cyber, has over 35 years of experience in IT and OT security, focusing on critical infrastructure protection. His career began in the telecommunications industry during the 1980s, eventually shifting to cybersecurity. Miller has held pivotal roles across various sectors, including energy, water, telecommunications, finance, and insurance. Notably, he founded EnergySec, a nonprofit organization dedicated to enhancing cybersecurity in the energy sector, and served as its President and CEO. His expertise is internationally recognized, particularly in regulatory compliance and NERC Critical Infrastructure Protection standards. In addition to leading Ampyx Cyber, Miller contributes to the global cybersecurity community as the U.S. Coordinator for the Industrial Cybersecurity Center based in Madrid and as an instructor for the Cyber Information Security Leader course through CSA CPH in Copenhagen.
Sai Molige is a cybersecurity professional with 5+ years experience in threat hunting, detection engineering, and incident response. Since July 2019, he has served as the Senior Manager of Threat Hunting at Forescout Technologies Inc. in Irving, Texas, where he orchestrates coordination among multiple teams to enhance threat detection capabilities and provides threat-hunting services to over 30 diverse clients. Prior to joining Forescout, he contributed to security initiatives at Comcast and Snap Inc., focusing on application support, security development, and corporate security analysis. He holds multiple GIAC certifications, including GCIH, GCDA, GCFE, and GNFA.
An advocate for community engagement, Sai actively contributes to blogs, videos, and conferences, including the Blue Team Village at DEFCON, and volunteers in cybersecurity programs by conducting workshops and training sessions. He is passionate about leveraging threat intelligence to drive proactive threat-hunting initiatives.
Ruchi Rajasekhar is the Principal Advisor for Strategic Innovations at the Midcontinent Independent System Operator (MISO), where he overseeing cross-functional teams that leverage data science and engineering to enhance energy markets, operations, and infrastructure systems. His career has spanned more than 23 years, including roles as Senior Consultant at Knightsbridge Solutions (later acquired by HP) and IBM, and Principal of PricewaterhouseCoopers. He holds a MicroMasters in Data Science from MIT and an MBA in Finance, Venture, and Technology Management from Indiana University's Kelley School of Business. Since August 2014, Ruchi has also served as an Adjunct Professor at Indiana University?Purdue University Indianapolis.
Ramesh Reddi is an experienced cybersecurity professional in energy, utilities, and critical infrastructure protection fields. He worked on projects at US utilities (Exelon, PG&E and FP&L), IBM and HP. Currently, Ramesh serves as the President and Chief Technology Officer of CybSecBCML Inc., a company he founded in Raleigh, North Carolina. In this role, he focuses on integrating zero trust architectures and artificial intelligence to enhance the security of utility assets. He holds certifications in zero trust from the Cloud Security Alliance (CCZT) and Zscaler (ZTCA), and has received training from Google on its Generative AI technologies. Ramesh has also played a pivotal role in developing IEEE blockchain cybersecurity standards tailored for energy and utility applications. He also contributes his expertise as a Senior Cyber Security Advisor for Protect Our Power, an organization dedicated to safeguarding the U.S. electric grid.
Joe Weiss is Managing Partner at Applied Control Solutions, LLC, a consulting firm specializing in ICS and cybersecurity. With over 40 years of experience in industrial instrumentation, controls, and automation, and more than 20 years dedicated to ICS cybersecurity, Joe is recognized as an international authority in his field. He has held significant roles at organizations such as GE, EPRI, and KEMA, and has been instrumental in developing security standards for critical infrastructure protection. Joe is also a Fellow of the International Society of Automation (ISA) and serves as the Managing Director for several ISA standards committees, including those focused on nuclear and fossil plant standards, as well as control system cybersecurity.
Liliane Scarpari is a seasoned Cybersecurity & Compliance Senior Professional with over 15 years of experience across various industries, including oil & energy, financial, and technology sectors. She holds a Master of Information System with a concentration in Security and has been recognized as a top woman in cybersecurity in Latin America. Currently, as a Sr Technical Specialist at Microsoft, Liliane specializes in cyber security and compliance, risk advisory, and IT auditing, with a focus on Industrial Control Systems (ICS). Her expertise includes conducting comprehensive ICS cybersecurity audits, enhancing data protection strategies, and leading initiatives to secure critical infrastructure. Liliane is an active member of communities that empower women in STEM and has been a speaker at numerous cybersecurity conferences. She is multilingual, with proficiency in Portuguese, English, and advanced Spanish.
Dr. Emma Stewart is the Chief Power Grid Scientist and Research Strategist at Idaho National Laboratory (INL), where she leads initiatives to enhance the security and resilience of critical infrastructure. Prior to joining INL, she served as Chief Scientist at the National Rural Electric Cooperative Association (NRECA), overseeing a multimillion-dollar research and development portfolio and directing the co-op's Cyber Solutions Program. Dr. Stewart's experience includes roles at Lawrence Livermore National Laboratory and Lawrence Berkeley National Laboratory, focusing on power distribution, renewable energy integration, and operational cybersecurity. She holds a Ph.D. in Electrical Engineering and a Master of Engineering from the University of Strathclyde in Glasgow, Scotland. Throughout her career, Dr. Stewart has authored over 112 peer-reviewed papers, secured two patents, and received accolades such as the Federal Lab Consortium Far West Region Award and an R&D 100 Award.
Tom Tansy is a technology entrepreneur and leader in the renewable energy sector, currently serving as the CEO of DER Security Corp since April 2022. In his role as Chairman of SunSpec Alliance since 2009, he has been instrumental in developing data and communication standards to facilitate the seamless integration of solar PV systems and energy storage into the smart grid. Previously,as Vice President of Business Development at Fat Spaniel Technologies, he contributed to the pioneering efforts in solar Software-as-a-Service (SaaS) solutions. His tenure as General Manager and Vice President of Business Development at Power-One (now part of ABB) involved overseeing plant computing and monitoring solutions for global solar power installations. He has also had strategic roles at innovative technology ventures including Zero Motorcycles, Magenn Power, and TWiki.
In his early career, Tom founded Tansy Associates in 1991, providing product marketing and channel development services to prominent companies such as Apple, Adobe, Hitachi, IBM, Intel, and Sun Microsystems. He also co-founded NetCarta, whose WebMapper? intranet website management tool was eventually integrated into Microsoft IIS, and Swan Labs, whose application WANJet? achieved "Visionary" status in the Gartner Magic Quadrant and was later acquired by F5 Corporation.
Dr. Chee-Wooi Ten is Professor of Electrical and Computer Engineering at Michigan Technological University, where he also serves as the Director of the Center for Cyber-Physical Systems. His research focuses on quantifying rare events through system risk models and data science, particularly in the context of power grid interactions with robotics and transportation systems for decarbonization and electrification. Dr. Ten earned his BSc and MSc degrees in Electrical Engineering from Iowa State University and completed his PhD at University College Dublin in 2009. Since joining Michigan Tech in 2010, he has done extensive work advancing cybersecurity measures for power systems and has co-authored textbooks on electric power distribution system engineering and modern power system analysis. He was previously an editor for the IEEE Transactions on Smart Grid and an active reviewer for proposals, manuscripts, and tenure cases. In March 2025, Dr. Ten took on the role of Chief Technology Officer at EdisonXFC, a company dedicated to enhancing public EV charging infrastructure.
Larry Truong has over two decades of international experience in solar, energy storage, microgrids, and uninterruptible power systems (UPS). Currently serving as the Product Manager for Solar & Energy Storage at Toshiba Mitsubishi-Electric Industrial Systems Corporation (TMEIC), he oversees the company's inverter portfolio and spearheads the development of next-generation utility-scale power conversion solutions. Throughout his career, Larry has held leadership roles in general management, sales, business development, product management, and technical services at renowned organizations such as Sungrow, ABB, Schneider Electric, and American Power Conversion (APC). His academic credentials include bachelor's and master's degrees in electrical engineering from the University of Rhode Island, an MBA from the University of Chicago Booth School of Business, and a master's degree in cybersecurity from the Georgia Institute of Technology. In addition to his professional endeavors, Larry contributes to industry standards and interoperability as a board member of SunSpec Alliance.
Joe Weiss is Managing Partner at Applied Control Solutions, LLC, a consulting firm specializing in ICS and cybersecurity. With over 40 years of experience in industrial instrumentation, controls, and automation, and more than 20 years dedicated to ICS cybersecurity, Joe is recognized as an international authority in his field. He has held significant roles at organizations such as GE, EPRI, and KEMA, and has been instrumental in developing security standards for critical infrastructure protection. Joe is also a Fellow of the International Society of Automation (ISA) and serves as the Managing Director for several ISA standards committees, including those focused on nuclear and fossil plant standards, as well as control system cybersecurity.
Tobias Whitney is President and CEO of Cumulys, a company he founded in April 2024 to enhance real-time adherence to industry standards for asset owners and operators. With over two decades of experience in cybersecurity and compliance, Tobias has held a number of leadership roles that have significantly influenced industry standards and practices, including six years as Senior Manager of Critical Infrastructure Protection at the North American Electric Reliability Corporation (NERC), and a two-year term as Technical Executive at the Electric Power Research Institute (EPRI). He was also Vice President of Strategy and Policy at Fortress Information Security, he played a pivotal role in Fortress's selection to partner with the Cybersecurity and Infrastructure Security Agency's Joint Cyber Defense Collaborative (JCDC), facilitating real-time collaboration to mitigate cyber risks. He holds an MBA from Washington University and a BBA from the University of Missouri-Columbia.
K. Dixon Wright, President of SRC Digital Insurance Services, has been a prominent figure in the surety industry since 1981. He founded North Coast Surety Insurance Services, a specialty surety agency, and North Coast Surety Technologies, a technology company, both of which were acquired by Wells Fargo Insurance Services in 2009. Wright has held leadership roles at Surety Resource Connection, Inc., and FISTech Co., and is a founder and board member of OB Alliance Inc. As a strong advocate for open standards and interoperability, he has worked to improve access to surety credit for small and emerging businesses by expanding the XBRL taxonomy to include data fields tailored to the construction, energy, and transportation industries. His efforts aim to reduce administrative costs and enhance efficiency, enabling smaller companies to participate more effectively in community-serving projects.
Advait Patel is a skilled Senior Site Reliability Engineer based in Chicago, with a passion for leveraging technology to drive impactful solutions. With extensive experience in cloud computing, cloud security, and cybersecurity, he currently works at Broadcom, where he plays a key role in managing, building, and securing multi-million dollar revenue-generating products. Advait is also an advocate for professional growth and is eager to share his expertise with the next generation of tech talent through community involvement and mentorship. In his free time, he enjoys connecting with like-minded professionals and exploring innovative developments in the tech industry.
Sam Chanoski delivers technical leadership, expertise, and strategic insights to Idaho National Laboratory's portfolio of multi-million-dollar critical infrastructure security and resilience projects sponsored by the Department of Energy, Department of Homeland Security, and Department of Defense. He influences the development of large, long-term sustained programs for research, development, demonstration, and deployment associated with control system cybersecurity for nationally critical infrastructure, with particular focus on the energy sector.
Prior to joining INL, Sam spent sixteen years working in intentionally diverse positions across the electricity industry including real-time operations and maintenance with three large investor-owned utilities, situation awareness and event analysis with the North American Electric Reliability Corporation, intelligence with Electricity ISAC, and as the global security incident response team leader for a major manufacturer.
Sam's professional interests include real-time transmission and distribution operations, organizational behavior, control systems cybersecurity, and emergency management and resilience. He is a Senior Member of IEEE, and an adjunct professor at Gonzaga University's School of Engineering & Applied Science.
Nadine Miller is a professional engineer, executive, and corporate director with 20+ years of experience in engineering design and project management in the mining and transportation industries. Prior to her current position, Ms. Miller was Vice President of Cybersecurity & Operational Technology at JDS Energy and Mining. She also serves as an Independent Non-Executive Director for Wesdome Gold Mines and OMAI Gold Mines, Canadian gold mining companies, and a Strategic Advisor at Awz Ventures Inc., a venture capital fund, and Drone Delivery Canada.
For 13 years Ms. Miller worked primarily on tailings projects before transitioning to business development. She led the Business Development departments for two of the world's largest engineering consulting firms' Toronto offices: Bantrel with the backing of Bantrel's parent company, Bechtel; and SNC-Lavalin's Mining and Metallurgy. At JDS Ms. Miller has focused on building a team specialized in cybersecurity and operational technology and her team is providing these services to the resource industry.
She is a strong advocate on issues pertaining to women in engineering and received the 2017 Leading Women Building Communities Award for her work in this area.
Ms. Miller graduated from the University of Oxford, Saïd School of Business, with an MBA focused on finance and strategy; Massachusetts Institute of Technology (MIT) with a Master's degree in Civil and Environmental Engineering (specializing in geotechnical engineering); and holds a Bachelor of Applied Science degree from the University of Toronto in Mineral and Geological Engineering.
Scott Morris is a well-known name in the security, cyber, CISO, and health industries. He focuses on Incident Response, High-Net-Worth-Individuals, Security Maturity Programs for organizations of all sizes. He is the former CISO of Blue Cross Blue Shield and a seasoned speaker to management teams and boards.
Scott has served as Senior Vice President and Chief Information Security Officer (CISO) for a spectrum of organizations in size and maturity. As CISO for Blue Cross Blue Shield of WNY, Scott maintained responsibility for the information and cyber security programs. A refined information security executive possessing over two decades of experience, Scott has a stellar track record for developing security programs, governance, and percolating vertical stakeholder engagement.
Morris has participated as a key figure on advisory boards, such as H-ISAC regarded and dynamic voice in the cyber security community. He is a frequently sought-after educational contributor for his thought leadership and dynamism.
Bruce Tulloch has nearly four decades experience as a professional engineer and entrepreneur. He is the Director of Intelligent Systems at Mayman Aerospace, Senior Technology Advisor to JERA, and co-founder of MetaChip BitScope. He is an enthusiastic mentor to, and investor in startups and other businesses working in the infrastructure, energy and defence sectors.
Bruce has founded several companies and collaborated with many others to develop products, software and services ranging from Academy Award winning Digital Audio Dubbing systems for the US film and television industry, digital news radio broadcast systems for the Australian Broadcasting Corporation, sonar systems for the Australian Navy, diagnostic systems for US nuclear fusion research, and MRI diagnostic systems for Siemens Oncology. He has overseen the development of educational clusters for several US universities and developed two large research clusters for US Department of Energy at Los Alamos National Laboratories (LANL) and National Renewable Energy Laboratories (NREL).
Dr. Ymir Vigfusson is the CTO and co-founder of Keystrike, a growing cybersecurity company that emerged from his research as Associate Professor at Emory University, with a PhD in Computer Science from Cornell.
A reformed hacker making amends, a mathematician disguised as a computer scientist, a builder of systems and companies, a public speaker and educator, a private pilot and a pianist, a culturally curious Icelander, and an exoskeleton for 4 little viklings.
Ymir has been involved in a number of research projects, which are listed in his curriculum vitae and publications. His academic research has been gratefully supported by the NSF, CDC, RANNIS, and other funding from industry.
Before starting Keystrike in 2023, he co-founded the penetration testing company Syndis (acquired in 2021) and the cybersecurity education company Adversary (acquired in 2020).
Ymir has had the fortune of spending time with some remarkable people, and has enjoyed passing what he has learned on to his students and various audiences.