Hackers only need to get things right once…infosec pros need to get it right every time.
I currently work as an Infrastructure Analyst with primary responsibilities in cyber-security and networking for a medium-sized utility company. This role spans the organization, including working with other departments and affiliates on various projects ranging from system reliability improvements, assessments, and IT project management.
In the twenty years spent working in the IT field, I have had the opportunity to work on wide-ranging projects such as mergers, telecommunication infrastructure, website design and management, and application program interface development. I have also participated in developing state-wide standards for electric supplier communications and represented my organization at various regulatory and industry conferences.
Throughout all of my other work, I have been fascinated by watching people come up with ingenious ways to get around controls. A substation accident resulting in major injury added a new spin on that fascination. What happens when people get hurt or killed due to a security issue? What happens if someone can actually turn the power off and prevent us from getting it back on? This added to my drive to change my focus over the last few years towards information security, including ICS/IIoT specific issues.
My education includes a recently completed Master of Science in Cybersecurity through University of Maryland University College, a Bachelor of Science in Business and Technology from Husson University, and an Associate’s Degree in Computer Information Systems from Northern Maine Community College. I have also earned the GIAC Enterprise Defender and Security+ certifications, and plan to continue furthering my education through training and work experience.
I currently reside in northern Maine with his wife of ten years and teenage son. Outside of infosec, I enjoy spending time with my family and dogs, exploring the local lakes by boat, and spending time with friends.
I’m always interested in connecting with other colleagues, especially in the cyber-security field. Feel free to drop me a line here or on my Twitter.