2026 Speakers and Topics

Multi-sector leader with deep leadership experience in the private sector, U.S. Federal Government, U.S. military, and the non-profit sector. Currently serving as: a board director for Union Pacific (NYSE: UNP) and SAIC (NASDAQ: SAIC); a Distinguished Professor of the Practice at the Sam Nunn School of International Affairs at Georgia Tech; a Harvard Kennedy School Senior Fellow at the Belfer Center for Science and International Affairs; serving on nonprofit boards to include the Avalon Action Alliance supporting mental healthcare for veterans and first responders; and doing public speaking on leadership, the value of public service and various national security matters.

He previously served as the Senate confirmed Deputy Secretary of the U.S. Department of Homeland Security in the Biden Administration from June 2021 to July 2023. From 2011 to 2021, was a senior executive in Citigroup, leading teams as a managing director and in various chief operating officer roles. Served in three other presidential Administrations: Obama Administration National Security Council (NSC) Senior Director for Afghanistan and Pakistan; Bush Administration NSC Director for Iraq; and Clinton Administration White House Fellow for the U.S. Trade Representative.

Commanded a U.S. Army combat battalion in Iraq and served as the Board Chair for a national veterans non-profit. Rhodes Scholar, West Point First Captain.

Mark Bristow is the Director of MITRE’s Cyber Infrastructure Protection Innovation Center (CIPIC), where he enhances the resilience of U.S. and allied cyber systems. In this role, he leads efforts to develop technical solutions and strategies to safeguard critical infrastructure from cyber and non-kinetic threats.

With two-decades of experience in cybersecurity, Bristow played a key role in responding to major cyber incidents, such as the Ukrainian power grid attack, breaches of U.S. election infrastructure, and Russian attempts to infiltrate the U.S. power grid. He is passionate about protecting critical infrastructure, understanding its foundational importance to the daily lives of the people it serves.

Before joining MITRE, Bristow served as the Branch Chief for Cyber Defense Coordination at the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), focusing on national cyber defense. In this role, he used his expertise in incident response, industrial control systems, network monitoring, and defense to support national security and resiliency projects in addition to shaping national-level policy. Previously, he was the Director of the Hunt and Incident Response Team and the Incident Response Chief for the Industrial Control Systems Cyber Emergency Response Team at CISA and its predecessor, National Protection and Programs Directorate.

Bristow is passionate about mentoring and dedicates significant time to guiding and supporting emerging security experts. He believes mentoring, collaboration, and learning from others are essential to building a stronger, more resilient community of security experts. As a certified SANS instructor, he teaches the ICS515: ICS Visibility, Detection, and Response course, sharing his extensive real-world experience with students. He frequently speaks on industrial control systems security and has guest lectured at prominent institutions like Georgetown U, GMU, and the US Naval Academy.

Brian Foster is a highly experienced OT security leader but started his career as a classically trained controls engineer. After many years he found himself drawn back to his passion in OT security and now specializes in the Energy Utility vertical.

In his roles with Energy Utilities, he has led and advised teams of cyber security engineers and architects to improve the security posture on multiple Grid Modernization projects and has the immense privilege of focusing on protecting our critical infrastructure, a responsibility he holds with the utmost dedication and reverence. Over the years, he has had the unique opportunity to oversee the safety and security of next-generation control systems, as well as enhancing the security of many legacy systems. This comprehensive experience has allowed him to drive both types of systems towards the increased security posture needed in today’s ever-evolving threat landscape.

Overall, his innovative approach and strategic vision to securing both state of the art and legacy systems has consistently placed him at the forefront of the industry. Today his focus is on anticipating and mitigate emerging threats to critical infrastructure.

Brad is the OT Security Infrastructure Architect at United Parcel Service.

Speaks 5 (English, Arabic, Portuguese, French and African) languages, and resided in 6 international (US, Saudi, India, Nigeria, Russia, and Singapore) countries as career demanded.

• Over 30 years of oil, gas, energy, experience that span across Nuclear, onshore, offshore, refinery, chemical plants, and pipeline
• Deeply passionate about Energy, Oil and Gas, Nuclear technology.
• Bachelor – Information System Technology / Psychology – University of Houston (Main Campus)
• Bachelor – Process Piping Engineering – University of Houston (Downtown).
• Master – Risk Management – George Washington University.
• Cyber Certifications – CISSO, CISSP, CISM.
• Member Infra-guard – FBI, US Coast Guard advisory, Texas A&M Texarkana Advisory, IADC – Cyber security.
• Love outdoors – Road biking, soccer, basketball, and golfing.
• Lead the development of dept of energy cyber security maturity model framework.

Emilie is a PMP with British Petroleum (BP).

Specialties include:

Engineering, Procurement, Construction & Operations (EPC&O)
Major Capital Projects (MCP)
Midstream and Downstream Chemicals & Petroleum
Energy & Utilities
Pulp & Paper
Digital Transformation
Management Consulting
Business Process Modeling
Information Management
Portfolio, Program and Project Management
IT Systems Selection, Rationalization, Development & Implementation
IT/OT Cybersecurity
Commodities/Energy Trading and Risk Management (C/ETRM)

Marcus (Marc) Sachs is the Senior Vice President and Chief Engineer at the Center for Internet Security. He is a retired US Army Officer and was a White House appointee in the George W. Bush administration. His private sector experience includes senior leadership roles at SRI International, Verizon Communications, the North American Electric Reliability Corporation, and Pattern Computer. Prior to joining CIS he was the Deputy Director for Research at Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security. He is a recognized cybersecurity expert with over 30 years of experience countering a wide range of cyber threat actors. Marc lives and works in Huntsville, Alabama.

Virginia “Ginger” Wright is the program manager for Cyber-Informed Engineering (CIE) at the Idaho National Laboratory (INL). She leads INL’s implementation of the National Strategy for Cyber-Informed Engineering developed by the Department of Energy.

Ms. Wright has led multiple cyber research programs at INL including DOE-CESER’s Cyber Testing for Resilient Industrial Control Systems (CyTRICS™) program, Software Bills of Material for the Energy Sector, critical infrastructure modeling and simulation, and nuclear cybersecurity. Ms. Wright has a Bachelor of Science in Information Systems/Operations Management from the University of North Carolina at Greensboro.

Rob has retired from GE Vernova with over 35 year’s experience as executive leader in Industrial controls development, application, service and installation. His experience comes from working in GE various Industrial business’ developing controls for Fossil turbines (gas, stem, combined cycle) Solar, Wind and Nuclear, ) Oil & Gas Control Systems.
His most recent role at GE power gen was, Executive Chief Engineer and VP Product Security. Rob is a lifetime ICS controls, engineer, leaders, technologist, and advocate, from platform development to advanced applications in the Power Generation industry.
He had held roles at GE in leadership of design, development and delivery of control systems built around GE Mark*VIe platform. He began his adventure into Product Cyber, ten years ago as the industry and GE moved to address the growing risk of Cyber-attack on critical infrastructure and fielded, engineered products. In this role, he has matured a product security program, focusing on compliance, risk, customer requirements, engineering and advancing technology while pushing the common risk structure and methodology known across the Power industry. Rob resides in Greenville, SC.

Mike Holcomb is the Fellow of Cybersecurity and the ICS/OT Cybersecurity Global Lead for Fluor, one of the world’s largest engineering, procurement, and construction companies. His current role provides him with the opportunity to work in securing some of the world’s largest ICS/OT environments, from power plants and commuter rail to manufacturing facilities and refineries. As part of his community efforts, Michael founded the BSidesICS/OT and BSides Greenville conferences along with the Upstate SC ISSA Chapter.

He has his Masters degree in ICS/OT cybersecurity from the SANS Technology Institute. Additionally, he maintains cyber security and ICS/OT certifications such as the CISSP, GRID, GICSP, GCIP, GPEN, GCIH, ISA 62443, and more.

He posts regularly on LinkedIn and YouTube to help others learn more about securing ICS/OT and critical infrastructure.

Mike Holcomb is the Fellow of Cybersecurity and the ICS/OT Cybersecurity Global Lead for Fluor, one of the world’s largest engineering, procurement, and construction companies. His current role provides him with the opportunity to work in securing some of the world’s largest ICS/OT environments, from power plants and commuter rail to manufacturing facilities and refineries. As part of his community efforts, Michael founded the BSidesICS/OT and BSides Greenville conferences along with the Upstate SC ISSA Chapter.

He has his Masters degree in ICS/OT cybersecurity from the SANS Technology Institute. Additionally, he maintains cyber security and ICS/OT certifications such as the CISSP, GRID, GICSP, GCIP, GPEN, GCIH, ISA 62443, and more.

He posts regularly on LinkedIn and YouTube to help others learn more about securing ICS/OT and critical infrastructure.

Eric Byres, P.Eng, ISA Fellow, is the world’s foremost expert in the fields of Operational Technology (OT) security and software supply chain risk management. As Senior Partner at ICS Secure Ltd, he provides guidance to companies entering the cyber and software supply chain security markets, as well as security policy guidance for established companies and government agencies. He was the founder and CEO at aDolus Technology, a leader in Software Bill of Materials generation and risk management.

He is also the inventor of Tofino Security—the world’s most widely deployed ICS-specific firewall, licensed by Honeywell, Schneider Electric, and Caterpillar. Eric has advised government security agencies and major energy companies on protecting critical infrastructure and has played a key role in shaping international cybersecurity standards. He has chaired the ISA SP-99 Security Technologies Working Group, represented Canada in the IEC TC65/WG10 standards effort, and testified before the U.S. Congress on OT security in national critical infrastructures. An ISA Fellow since 2009, Eric has received numerous international awards, including ISA’s highest honor, Excellence in Leadership, in 2013.

Specialties include:

Engineering, Procurement, Construction & Operations (EPC&O)
Major Capital Projects (MCP)
Midstream and Downstream Chemicals & Petroleum
Energy & Utilities
Pulp & Paper
Digital Transformation
Management Consulting
Business Process Modeling
Information Management
Portfolio, Program and Project Management
IT Systems Selection, Rationalization, Development & Implementation
IT/OT Cybersecurity
Commodities/Energy Trading and Risk Management (C/ETRM)

Mr. Daryl Haegley’s distinguished career includes military, federal, civilian and commercial consulting experience.  While assigned to the Office of the Principal Cyber Advisor to the Secretary of Defense, he advised on cyberspace activities, cyber mission forces, and offensive and defensive cyber operations and missions.  His role encompassed overseeing strategic cybersecurity efforts to protect the control systems and operational technology (OT) enabling the Department of Defense’s (DoD) critical infrastructure.  Designated lead to draft the cyber-physical systems Federal and non-Federal skill and training gaps directed by the Executive Order on America’s Cybersecurity Workforce.  For the past seven years, Mr. Haegley has brought awareness to the ever-increasing cyber threat to unprotected connected devices and has led the government to make change.  Specifically, he has successfully advocated to change laws, DoD policy and standards, and academic curricula while initiating the first comprehensive facilities related control systems cybersecurity program of its kind within the federal government. 

A recognized  innovator and thought leader, he’s a contributing author to NIST Special Publication 800-82 R2 “Guide to Industrial Control Systems Security,” Unified Facilities Criteria 4-010.06 “Cybersecurity of Facility Related Controls Systems” and ‘Governance and Assessment Strategies for Industrial Controls,’ Springer technical publication, “Cyber-Security of SCADA and Other Industrial Control Systems.”  Additionally: Immediate past President, Advisory Board, Control Systems Cyber Security International Association, D.C. Chapter; Fellow, Institute for Critical Infrastructure Technology (ICIT); Finalist, National Security Agency’s 2018 Frank B Rowlett Award for Individual Excellence in the field of Information Systems Security; and one of the founding members of the American Cyber League. 

He maintains four certifications, three Masters’ degrees, two college tuitions & one patent.

Blake Gilson is currently the Industrial Cybersecurity Manager of ExxonMobil where he helps leads the direction and execution of the IT department’s overall industrial cybersecurity strategy. Blake holds a BA in Business Management Information Systems from the University of Houston and holds five cyber security Global Information Assurance Certifications, and DOE OT Defender Alumni. 

Emilie is a PMP with British Petroleum (BP).

Speaks 5 (English, Arabic, Portuguese, French and African) languages, and resided in 6 international (US, Saudi, India, Nigeria, Russia, and Singapore) countries as career demanded.

• Over 30 years of oil, gas, energy, experience that span across Nuclear, onshore, offshore, refinery, chemical plants, and pipeline
• Deeply passionate about Energy, Oil and Gas, Nuclear technology.
• Bachelor – Information System Technology / Psychology – University of Houston (Main Campus)
• Bachelor – Process Piping Engineering – University of Houston (Downtown).
• Master – Risk Management – George Washington University.
• Cyber Certifications – CISSO, CISSP, CISM.
• Member Infra-guard – FBI, US Coast Guard advisory, Texas A&M Texarkana Advisory, IADC – Cyber security.
• Love outdoors – Road biking, soccer, basketball, and golfing.
• Lead the development of dept of energy cyber security maturity model framework.

Shaun Six is the President and CEO of UTSI International. He is a 3X entrepreneur with over 20 years of Business Strategy, Operations Strategy, IT/OT Innovation, PM and Consulting, Training & Development and Compliance experience.

Cole Oursler is a technical leader with a passion for people. He believes that the most important part of technology is the end user. Cole has a history of successfully solving business challenges with technical and non-technical solutions. He has experience with cyber-physical and automation technologies ranging from 3D printers and CNC machines to PLCs and SCADA. Cole is a Certified Information Systems Security Professional (CISSP) and has a passion for cybersecurity, especially in critical infrastructure.

Cole is currently the IT supervisor of Mountain View Electric Association and a student in Georgia Institute of Technology’s Masters of Cybersecurity Cyber-Physical Security track. He has previous information technology experience in Education, Hydraulics and Manufacturing, and an Electric and Water utilities.

Personal Mission:
To make a positive impact on the lives of people. By living a life of integrity, compassion and grit.

Work Mission:
To demystify technology for the average user thereby facilitating the operations of the organization.

David White is President and Co-founder at Axio — a company with an innovative methodology and software that provides companies with actionable visibility to their cyber risk. David leads key cybersecurity initiatives for Axio in the energy, water, healthcare, federal, and other critical infrastructure sectors. He co-developed Axio’s cyber risk management process and continues to refine its assessment, risk modeling, and insurance analysis components.

He is an expert in cybersecurity frameworks and maturity models, cyber risk quantification, and cyber insurance. David is also faculty for Navigator, an executive education program for cyber leaders in collaboration with ISTARI and the University of Cambridge Judge Business School.

Patrick Miller shares over 35 years of IT/OT experience through his consulting services as an independent security and regulatory advisor for the Critical Infrastructure and Key Resource sectors. He is currently the CEO and owner of Ampyx Cyber, an industrial security consulting firm based in Portland, OR USA. Patrick is also the US Coordinator for the Industrial Cybersecurity Center, or CCI (Centro de Ciberseguridad Industrial) based in Madrid, Spain and an instructor for the Cyber Information Security Leader (CISL) course through CSA CPH in Copenhangen, Denmark. 

Mr. Miller is an internationally recognized public speaker on the subjects of critical infrastructure protection, process and industrial control system (ICS/OT) cybersecurity, information technology (IT) cybersecurity, regulatory compliance (leading global expert on NERC CIP), audit and privacy. He is an active volunteer and member of several critical infrastructure security working groups. Patrick has been commended with a number of professional awards for his successful work in building information sharing functions and cybersecurity programs. In addition to his energy sector experience, Mr. Miller also held key positions in the water, telecommunications, finance and insurance sectors. Patrick is currently an instructor for the SANS ICS456 training on the NERC CIP standards.

Patrick’s career started in the 1980s with deep roots in the telecommunications industry. Over several years, Mr. Miller migrated from telecom to information technology management before taking a primary focus on cybersecurity as principal security consultant for Breakwater Security Associates in 2001 where he developed and managed the energy and utility security consulting practice. He then joined PacifiCorp as a senior information security consultant where he was responsible for enterprise and industrial control system cybersecurity as well as NERC CIP regulatory compliance for the organization. Patrick left the utility after 7 years to join the regulatory strata as manager of critical infrastructure protection (CIP) audits and investigations for the Western Electricity Coordinating Council (WECC) Regional Entity under the North American Electric Reliability Corporation (NERC) in their capacity as the Electric Reliability Organization delegated by the Federal Energy Regulatory Commission (FERC). Mr Miller left the regulator to reconnect with industry as director of the NERC CIP compliance consulting practice at ICF International. In 2010, Patrick founded the 501(c)(3) nonprofit organization EnergySec and became President, CEO, and chairman of the board of directors. EnergySec was contracted to the U.S. Department of Energy (DOE) to establish a new public-private partnership known as the National Electric Sector Cybersecurity Organization (NESCO), and Patrick was Principal Investigator of the  program. After successfully ramping and transitioning the NESCO program and taking EnergySec from startup to operational, he rejoined the consulting world through The Anfield Group as a managing principal. In 2014, Patrick left the Anfield Group to form Archer Energy Solutions (later renamed to Archer International), a consulting firm focusing on industrial security. After 6+ successful years with Archer, Patrick sold his share in 2021 and formed Ampere Industrial Security (rebranded as Ampyx Cyber in 2024), the premier global security and regulatory consulting firm for industrial control systems and operational technologies.

Thrive in cybersecurity leadership roles providing business-enabling security for companies whose strategic leadership values their team’s input, lead with good integrity, view their employees as a competitive investment, have a strong history of hiring top talent, and embed security as part of their company’s DNA.

Passionate and self-driven security professional translating complex technical concepts into simple business language for companies to understand, prepare, and respond to cybersecurity events.

Experienced in forming, developing, and leading IT and security teams through transformations, M&A, product development, and security remediation projects, leveraging analytics and evidence-based approaches to reduce cost and increase executive support.

In-depth experience applying and complying with NIST Cybersecurity Framework, ISO 2700X, PCI-DSS, SWIFT, GDPR, CCPA, and China MLPS.

Bring an informed, global perspective to managing risk with input from local operations and compliance requirements.

As the founder and executive director of Red Tiger Security, I provide specialized consulting, research, and training services for critical infrastructure protection and the security of SCADA, DCS, process control, and mission-critical real-time systems. My mission is to help clients protect their assets, operations, and reputation from cyber threats and incidents.

With over 22 years of experience in industrial security, I have built a strong reputation and brand awareness in the field, developed business opportunities, forged strategic partnerships, and created innovative solutions and services. I have also contributed to the industry knowledge and best practices by speaking at various events, conferences, and trade shows, and publishing multiple security guides and reports. My core competencies include electrical engineering, industrial automation, business optimization, IT automation, database integration, web portal development, web applications, cyber security, industrial networking security, leadership, management, and marketing.

Vivek Ponnada is an OT Security practitioner with global experience and currently works at Frenos as SVP of Growth & Strategy. Having started his career in ICS as an Instrumentation Technician, Vivek became a Controls Engineer and commissioned Gas Turbine Controls systems in Europe, Middle-East, Africa and South-East Asia. Post MBA, Vivek held multiple roles including Sales, Marketing & Business Development and Services covering Control systems & Cybersecurity solutions for Critical Infrastructure industries (Power, Oil & Gas, Water, Mining etc.) at GE and XenonCyber and Nozomi Networks.

He is the co-lead for the Top 20 Secure PLC Coding Practices Project and his recent talks/contributions include DefCon ICS Village, ICS Cybersecurity Conference (Security Week), Industrial Security Conference in Copenhagen, and many others.

Vivek is a Chartered Engineer from I.E. India, MBA from The University of Texas at Austin and GICSP certification from GIAC. He is also a CS2AI fellow, member of ISA, ISACA and the Public Safety Canada ICS Security Symposium Advisory Committee.

Experienced security leader working with leadership in critical infrastructure, enterprise, and operations focused on growing and strengthening security organizations.

Strong background in architecture, security assessment, monitoring, network monitoring in large environments, vulnerability management, vulnerability assessment, penetration testing, regulatory environments, and framework driven security. Deep experience in Control Systems (SCADA, EMS, DCS/PCS) and global enterprise networks.