Michael W. Meissner - Cyber Security Engineering Biography

Michael W. Meissner, RCDD
Michael W. Meissner, RCDDEnterprise Architect; BSS/OSS - Cyber Security at Ethernautics, Inc.
MICHAEL W. MEISSNER, RCDD CYBER SECURITY SERVICES CYBER SECURITY PROGRAM AND PROJECT MANAGEMENT CYBER SECURITY SOLUTIONS ARCHITECTURE CYBER SECURITY DESIGN ENGINEERING
MICHAEL MEISSNER SUMMARY • MR. MEISSNER IS A HIGHLY MOTIVATE CYBER SECURITY PROGRAM MANAGER AND CYBER SECURITY ENGINEER AND HAS OVER THIRTY YEARS OF EXPERIENCE AS A MANAGING PROGRAMS AND PROJECTS. • MICHAEL W. MEISSNER LEADS ETHERNAUTICS, INC.'S CYBER SECURITY PRACTICE. MR. MEISSNER HAS OVER 30 YEARS OF IT, ENGINEERING AND MANAGEMENT EXPERIENCE. THROUGHOUT HIS CAREER HE HAS PROVIDED EXCEPTIONAL CLIENT SERVICE AND COMMUNICATION SKILLS WITH A DEMONSTRATED ABILITY TO DEVELOP AND MAINTAIN OUTSTANDING CLIENT RELATIONSHIPS. • HIGHLY ORGANIZED, RESULTS-ORIENTED AND ATTENTIVE TO DETAILS. SELF-MOTIVATED, PROACTIVE, INDEPENDENT AND RESPONSIVE. REQUIRES LITTLE SUPERVISORY ATTENTION. EXCELLENT PRESENTATION, FACILITATION AND DIPLOMACY SKILLS • MEISSNER HAS EXECUTED END TO END PROGRAM MANAGEMENT AND PROJECT MANAGEMENT OF LARGE AND/OR MULTIPLE LARGE PROJECTS. MR. MEISSNER HAS MANAGED PROJECTS FROM A FEW INDIVIDUALS TO TEAMS OF OVER 100 INDIVIDUALS AND VENDORS. ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 2
MICHAEL MEISSNER SUMMARY • MR. MEISSNER DESIGNS AND IMPLEMENTS ALL FACETS OF CYBER SECURITY PROJECTS, PROGRAMMATIC AND TECHNICAL DETAIL MANAGEMENT TO ENSURE DELIVERABLES ARE MET WITHIN SCHEDULE, BUDGET, AND QUALITY GOALS. HE IS ABLE TO EXPRESS A CLEAR UNDERSTANDING OF THE BUSINESS, OPERATIONAL AND HUMAN IMPACT OF TECHNOLOGY AND THE CYBER SECURITY THREATS THEY EXPOSE. • MR. MEISSNER HAS MANY YEARS OF EXPERIENCE WORKING IN A COMPLEX, MULTI TASKING TYPE ENVIRONMENTS. • DEMONSTRATED TRACK RECORD ASSISTING CLIENTS WITH IDENTIFYING AND ASSESSING INFORMATION SYSTEM RELATED RISKS AND DEFINING BEST PRACTICES AS A TRUSTED ADVISER. • HANDS-ON EXPERIENCE WITH INFORMATION SECURITY STANDARDS AND TECHNOLOGY • EXPERIENCE WITH SECURITY STRATEGIES AND/OR SECURITY ARCHITECTURE. • EXPERTISE IN IT POLICY AND PROCEDURE DEVELOPMENT. • MEISSNER HAS EXECUTED PROJECTS THRU THEIR COMPLETE LIFE-CYCLES (SDLC) • IT PROCESSES (I.E., ITIL) INCLUDING INCIDENT, PROBLEM, DEFECT, CHANGE AND RELEASE MANAGEMENT. ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 3
MICHAEL MEISSNER SECURITY DOMAINS • EXPERIENCE WITH THE FOLLOWING SECURITY DOMAINS: • AUDIT AND MONITORING, • RISK RESPONSE & RECOVERY • CRYPTOGRAPHY • DATA COMMUNICATIONS • COMPUTER OPERATIONS SECURITY • TELECOMMUNICATIONS & NETWORK SECURITY • SECURITY ARCHITECTURE & MODELS • MEISSNER MAINTAINS EXPERIENCE IN SEVERAL INDUSTRY VERTICALS ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 4
WORK HISTORY 08/2007 - Present Ethernautics, Inc. California Water Services Areva Computer Sciences Corporation Telcordia Global Telcom Limited (GTL) US Cellular Urenco/LES ETUS STP – South Texas Project Verizon Wireless JoAnn’s Stores 01/2007 – 08/2007 NetCracker, Technologies US Army Time Warner One Communications Covad Telus Nextel/Sprint Verizon Business Horry Telephone Cooperative Comcast 11/1993 – 01/2007 Information Mechanics, Inc. Comcast (TCI) AT&T Broadband MetroList Mobeo GTE AT&T Wireless Bell South Continental Cable Lafarge Concrete Denver Post US Park Service Across Media Networks Telcordia (Belcore) – SAIC TECO/Peoples Gas Cable Services Group (CSG) AMDOCS Cable Data Kenan AT&T Broadband MediaOne USWest/Qwest Ticketmaster/Pacer Cats, AMC, United Artist 02/1992 – 11/1993 Berger & Co Region Transportation District (RTD) Lipper Analytical Aspen Ski Corp Obeymeyer Sports USWest Jones Cable Xcel Energy Frontier Communications Optimus Technologies Ticketmaster/Pacer Cats Trinidad Benham Territory Agent IBM – Oil & Gas/Mining/AEC 05/1987 – 02/1992 IBM Department of Transportation Department of Health and Human Services Department of Labor Rocky Flats – Rockwell International Public Service Company of Colorado Kaiser Permanente St. Anthony’s Hospital St. Luke’s Hospital, Veterans Hospital Colorado School of Mines 05/1987 – 10/1988 Colorado School of Mines Research Development Data Center Management 06/1985 – 05/1987 Schlumberger Measurement While Drilling (MWD) 01/1988 – 06/1985 Mammoth Information Services Calaway Oil & Gas Bird Oil Corporation Amselco Minerals Amoco Microgeophysical Corp Max P. Arnold & Associates * See Project References for details: (Click Here) ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT 5
GOVERNANCE PROGRAM AND PROJECT MANAGEMENT • CYBER SECURITY PROGRAM LEADERSHIP AND MANAGEMENT • CYBER SECURITY STRATEGY • CYBER SECURITY PROJECT MANAGEMENT • REGULATORY COMPLIANCE • POLICY AND PROCEDURE DEVELOPMENT • CHANGE MANAGEMENT - CONFIGURATION MANAGEMENT • TECHNICAL SPECIFICATIONS AND BEST PRACTICE DEVELOPMENT • INCIDENT RESPONSE DISASTER RECOVERY • REPORTING AND KPI’S ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 6
GOVERNANCE PROGRAM AND PROJECT MANAGEMENT • CUSTOMER FACING – WORKS ACROSS ORGANIZATION • PROJECT MANAGEMENT • DEVELOP AND TRACK SCHEDULES • TRACK RESOURCES • KPI’S • RFP PREPARATION, BID PREPARATION AND RESPONSE • JOB COSTING AND BUDGET TRACKING • PROFICIENT IN DESIGN, PRESENTATION, AND PROJECT MANAGEMENT TOOLS (MS OFFICE, WORD, EXCEL, POWER POINT, VISIO, PROJECT) • PROJECT AND CONSTRUCTION MANAGEMENT, IT ENGINEERING MANAGEMENT, FIELD ENGINEERING AND “CRAFT” MANAGEMENT • LABOR/UNION RELATIONS ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT – 7) 7
TECHNICAL CAPABILITIES • LOW VOLTAGE DESIGN - REGISTERED COMMUNICATIONS DISTRIBUTION DESIGNER (RCDD) CERTIFICATION • OUTSIDE PLANT DESIGN • ELECTRONIC SAFETY AND SECURITY SYSTEMS DESIGN (LIFE SAFETY) • WIRELESS DESIGN (DAS, CELLULAR, ANALOG RADIO) • INTELLIGENT BUILDINGS, BUILDING AUTOMATION, UTILITY MONITORING DESIGNS • CYBER SECURITY DESIGN – CISSP CERTIFICATIONS • RIGHTS OF WAY, PERMITTING, AND AUTHORITIES HAVING JURISDICTION (AHJ) • CUSTOMER FACING SALES AND SUPPORT – TECHNICAL PRESENTATIONS • PROFICIENT IN DESIGN TOOLS (ACAD, VISIO, EXCEL) • FIELD ENGINEERING, DESIGN VERIFICATION, AND "AS-BUILTS" • CYBER-PHYSICAL SYSTEMS • CYBER SECURITY ASSESSMENT Hello 8
TECHNICAL CAPABILITIES – CYBER SECURITY • CYBER-PHYSICAL SYSTEMS - ELECTRONIC SAFETY AND SECURITY SYSTEMS DESIGN (LIFE SAFETY) • WIRELESS DESIGN (DAS, CELLULAR, ANALOG RADIO) - ENCRYPTION • CYBER SECURITY DESIGN – CISSP CERTIFICATIONS • REGULATORY REQUIREMENTS • BUSINESS REQUIREMENT • CUSTOMER FACING SALES AND SUPPORT – TECHNICAL PRESENTATIONS • RISK ASSESSMENT • CRITICAL DIGITAL ASSET MANAGEMENT • CYBER SECURITY ASSESSMENT ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT – 7) 9
CYBER SECURITY ENGINEERING SECURITY-BY-DESIGN SERVICES • CYBER SECURITY ENGINEERING • CYBER SECURITY ARCHITECTURES (PCI, NIST, ISO ETC.) • BUSINESS AND REGULATORY REQUIREMENTS • SYSTEM ANALYSIS USING MULTIPLE TECHNOLOGIES IN HETEROGENEOUS ARCHITECTURES AND WIDE SYSTEM FUNCTIONALITY • ELECTRONIC SAFETY AND SECURITY (ESS) - PHYSICAL SECURITY SYSTEMS AND LIFE SAFETY SYSTEMS • CRITICAL DIGITAL ASSET DETERMINATION • ANALYZES NETWORK SECURITY DESIGN • RISK ASSESSMENT AND MANAGEMENT • WORK WITH CLIENTS IN IDENTIFYING AND ASSESSING INFORMATION SYSTEM RELATED RISKS RELATED TO CYBER SECURITY. • CREATING STRATEGIES RELATED TO CYBER SECURITY RISK MANAGEMENT. • PLANS AND CONDUCTS VULNERABILITY ASSESSMENTS • CREATED AND TUNED VULNERABILITY SCAN GROUPS AND CONFIGURATIONS. • IDENTIFICATION OF ATTACK VULNERABILITIES (OWASP) AND (ISO/IEC 15408-1:2009) • EVALUATION OF SYSTEM SECURITY CONFIGURATIONS • DEVELOPMENT AND EVALUATION OF ATTACK SCENARIOS • EVALUATES FINDINGS AND CONDUCTS ROOT CAUSE ANALYSIS • CONDUCT PENETRATION TESTING, ROUTINE EXPLOIT ANALYSIS, SYSTEMS MONITORING. • CYBER SECURITY CONTROLS CATALOG • REMEDIATION AND MITIGATION ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 10
CYBER SECURITY ENGINEERING SECURITY-BY-DESIGN DIGITAL DESIGN AND SYSTEMS ENGINEERING SERVICES • MEISSNER HAS EXPERIENCE WITH DESIGNING THE FOLLOWING SECURITY RELATED SYSTEMS: • NETWORK SECURITY DESIGN (LAN/WAN) • APPLICATION SECURITY DESIGN • DATA SECURITY • ELECTRONIC SAFETY AND SECURITY (ESS) - PHYSICAL SECURITY SYSTEMS AND LIFE SAFETY SYSTEMS • SECURE WIRELESS • RADIO ENCRYPTION • DATA • VOICE (PUSH-TO-TALK) • INTEGRATES SECURITY TECHNICAL CONTROLS FOR MULTIPLE PROJECTS/PRODUCTS WITH DEFINED REQUIREMENTS • DESIGN TEST PLANS TO EVALUATE CONTROL OBJECTIVES AND IDENTIFY WEAKNESSES IN THE INFORMATION TECHNOLOGY CONTROL STRUCTURE. • SECURITY OPERATION CENTERS (SOC), NETWORK OPERATION CENTERS (NOC), DATA CENTERS, TELECOM EQUIPMENT ROOMS, • ENGINEERING DRAWINGS - (T-EQP, T-PHY, T-PHY) • IDENTITY ACCESS MANAGEMENT AND AUTHORIZATION • PLANT CONTROL SYSTEMS (PCS, ICS) AND SCADA SYSTEMS IN NUCLEAR POWER PLANTS, CHEMICAL PROCESSING AND WATER TREATMENT/DISTRIBUTION CRITICAL INFRASTRUCTURE • DESIGN OVERALL DEFENSE-IN-DEPTH ARCHITECTURE FOR PLANT SYSTEMS (NIST CYBER SECURITY FRAMEWORK AND ISO/IEC 27001 COMPLIANCE COBIT, COSO). • SUPPORTING INFRASTRUCTURES (TELCOM, POWER, HVAC, DATA CENTER, CLOSETS, DAS, DISTRIBUTION SYSTEMS) • OUTSIDE PLANT (OSP) • SECURE STRUCTURED CABLING • DEFINES SECURITY PRODUCT SPECIFICATIONS • DEFINE INTRUSION/DATA LOSS TECHNIQUES. • DESIGNS, INTEGRATES AND CONFIGURES CONTROLS. • RESPONSIBLE FOR IMPLEMENTING AND TUNING THE TECHNICAL SOLUTION USED TO IDENTIFY AND MANAGE THE CONFIGURATIONS AND CONTROLS • PATCH MANAGEMENT- SATELLITE, SCCM, WSUS, SHAVLIK, SECUNIA, LANDESK ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 11
CYBER SECURITY ENGINEERING SECURITY-BY-DESIGN DIGITAL DESIGN AND SYSTEMS ENGINEERING SERVICES • MEISSNER HAS EXPERIENCE WITH DESIGNING THE FOLLOWING SECURITY RELATED SYSTEMS: • NETWORK SECURITY DEPLOYMENT OF NETWORK AND APPLICATION SECURITY AND AUTHORIZATION FOR PLANT CONTROL AND REPORTING SYSTEMS. • FIREWALLS • DATA DIODES • DMZ’S • ENCRYPTION • IAM • SIEMS • IDS/IPS ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 12
CYBER SECURITY ENGINEERING SECURITY-BY-DESIGN SERVICES • MEISSNER HAS EXPERIENCE WITH THE FOLLOWING SYSTEMS: • PHYSICAL SECURITY SYSTEMS • LIFE/SAFETY SYSTEMS – ESS SYSTEMS • ASSET MANAGEMENT • PLANT CONTROL SYSTEMS • BUILDING AUTOMATION & UTILITY MONITORING • DATA CENTER DESIGN • CABLE DESIGN – STRUCTURED CABLING • OUTSIDE PLANT - OSP • NETWORK DESIGN • CYBER SECURITY ENGINEERING • AUTHORIZATION AND CONTROL • LEED • PROJECT MANAGEMENT ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 13
CYBER SECURITY ENGINEERING SECURITY-BY-DESIGN OPERATIONS SERVICES • SECURITY OPERATION CENTER (SOC, ALARM STATIONS) • CYBER SECURITY MONITORING • NETWORK SECURITY MONITORING • INCIDENT DETECTION • CONTRIBUTES TO THE DEVELOPMENT AND EVALUATION OF ATTACK SCENARIOS • EVALUATES FINDINGS AND CONDUCTS ROOT CAUSE ANALYSIS • PERFORMS INCIDENT RESPONSE ACTIVITIES ACROSS BROAD TECHNOLOGY PROFILES OR MULTIPLE SYSTEMS • INTERROGATES INDUSTRY SOURCES AND EVALUATES INCIDENT INDICATORS. • COLLECTS AND PRESERVES EVIDENCE, IDENTIFIES INTRUSION OR INCIDENT PATH AND METHOD • DETERMINES NATURE, MECHANISMS, SCOPE AND LOCATION OF THE INCIDENT. • DRAFTS INCIDENT/INVESTIGATION REPORTS AND MAKES RECOMMENDATION FOR FUTURE PROCESS ENHANCEMENTS. PREPARES AND DELIVERS TECHNICAL REPORTS AND BRIEFINGS • DEPLOYMENT OF NETWORK AND APPLICATION SECURITY AND AUTHORIZATION FOR PLANT CONTROL AND REPORTING SYSTEMS. • MONITORS NETWORK AND HOST-BASED SECURITY ALERTING SYSTEMS AND EVENT LOGS. PERFORMS INITIAL EVENT/LOSS ASSESSMENT AND VALIDATION. ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 14
CYBER SECURITY ENGINEERING SECURITY-BY-DESIGN IT CYBER SECURITY DETECTION AND PREVENTION TOOLS • NETWORK MONITORING – SOLARWINDS • VULNERABILITY SCANNERS - NESSUS, RETINA, QUALSYS, FOUNDSTONE, NEXPOSE • SIEM – SPLUNK, IBM QRADAR • IDS / IPS – SOURCEFIRE, CISCO IPS 4200, INTRUSHIELD • PASSWORD MANAGEMENT - THYCOTIC • DEFENSE IN DEPTH ARCHITECTURE AND ADVANCED PERSISTENT THREATS (APTS) • INCIDENT MANAGEMENT AND FORENSICS - NETWITNESS • RSA SECURITY ANALYTICS, ARCHER, SECOPS • PKI - PUBLIC KEY INFRASTRUCTURE • WEBSENSE • FIREWALLS - CISCO, PALOALTO NETWORKS, CHECKPOINT • DATA DIODES - CANARY, WATERFALL • CISCO ISE • CHECKPOINT LOAD BALANCER • REMEDY NETWORKING Through education and experience Mr. Meissner has amassed skills with the following Cyber Security Tool Sets: ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 15
CYBER SECURITY ENGINEERING SECURITY-BY-DESIGN IT CYBER SECURITY TECHNOLOGIES • SECURITY INFORMATION AND EVENT MANAGEMENT (SIEM) • MR. MEISSNER HAS HAD A VARIETY OF EXPERIENCES WITH THE FOLLOWING SIEM SOLUTIONS IN ORDER TO SUPPORT REAL-TIME ANALYSIS OF SECURITY ALERTS GENERATED BY NETWORK HARDWARE AND APPLICATIONS: • QRADAR • SPLUNK • MCAFEE ENTERPRISE SECURITY MANAGER • IDS/IPS • MR. MEISSNER HAS EXPERIENCE IN EVALUATING AND DEPLOYING SEVERAL IDS AND IPS TOOLS THAT HAVE ASSISTED ORGANIZATIONS IN THE IDENTIFICATION AND PROTECTION OF THEIR WIRED AND WIRELESS NETWORKS AGAINST SEVERAL TYPES OF SECURITY THREATS. MR. MEISSNER HAS EXPERIENCE WITH THE FOLLOWING IDS/IPS/SIEM SOLUTIONS: • MCAFEE'S INTRUSHIELD/MCAFEE NETWORK SECURITY PLATFORM (NSP) • SOURCEFIRE • SNORT • TIPPINGPOINT • JUNIPER IPS Through education and experience Mr. Meissner has experience with the following Cyber Security Technologies: ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 16
CYBER SECURITY ENGINEERING SECURITY-BY-DESIGN IT CYBER SECURITY TECHNOLOGIES • ENDPOINT SECURITY TOOLS/ANTI-VIRUS/ANTIMALWARE • MR. MEISSNER HAS EXPERIENCE WITH THE FOLLOWING ENDPOINT SECURITY SOLUTIONS: • MCAFEE • SYMANTEC • RSA ECAT • MOBILE DEVICES MANAGEMENT (MDM) • MR. MEISSNER HAS EFFECTIVELY DEPLOYED MDM SOFTWARE O BOLSTERS NETWORK SECURITY THROUGH REMOTE MONITORING AND CONTROL OF SECURITY CONFIGURATIONS, POLICY ENFORCEMENT AND PATCH PUSHES TO MOBILE DEVICES. DEPLOYING SYSTEMS THAT REMOTELY LOCK LOST, STOLEN OR COMPROMISED MOBILE DEVICES AND, IF NECESSARY, WIPE ALL STORED DATA. MR. MEISSNER HAS EXPERIENCE WITH THE FOLLOWING MDM SOLUTIONS: • BLACKBERRY ENTERPRISE SERVER BES10 • AIRWATCH • IBM MAAS360 MDM • CITRIX XENMOBILE • SYMANTEC MOBILE MANAGEMENT • MCAFEE EMM • MICROSOFT ENTERPRISE MOBILITY SUITE (EMS) • CISCO ISE Through education and experience Mr. Meissner has experience with the following Cyber Security Technologies: ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 17
CYBER SECURITY ENGINEERING SECURITY-BY-DESIGN IT CYBER SECURITY TECHNOLOGIES • NETWORK ACCESS CONTROL/IDENTITY ACCESS MANAGEMENT (IAM) TOOLS • MR. MEISSNER HAS EVALUATED AND DEPLOY MULTIPLE IDENTITY ACCESS MANAGEMENT (IAM) SYSTEMS AT MULTIPLE ENTERPRISES TO ESTABLISH A FRAMEWORK FOR BUSINESS PROCESSES THAT FACILITATES THE MANAGEMENT OF ELECTRONIC IDENTITIES. TO INITIATE, CAPTURE, RECORD AND MANAGE USER IDENTITIES AND THEIR RELATED ACCESS PERMISSIONS IN AN AUTOMATED FASHION. UTILIZING IAM TECHNOLOGIES MR. MEISSNER EFFORTS HAVE ENSURED THAT ACCESS PRIVILEGES ARE GRANTED ACCORDING TO ONE INTERPRETATION OF POLICY AND ALL INDIVIDUALS AND SERVICES ARE PROPERLY AUTHENTICATED, AUTHORIZED AND AUDITED. MR. MEISSNER HAS EXPERIENCE WITH THE FOLLOWING NETWORK ACCESS CONTROL/IAM SOLUTIONS: • IBM'S SECURITY IDENTITY MANAGER • TOOLS4EVER'S • CENTRIFY IDENTITY SERVICE • THYCOTIC SECRET SERVER • CISCO ISE • NEXT GENERATION FIREWALLS AND DATA DIODES • MR. MEISSNER HAS EXPERIENCE WITH THE FOLLOWING NEXT GENERATION FIREWALLS AND DATA DIODES: • JUNIPER • PALO ALTO NETWORKS (PAN) • CANARY • WATERFALL ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 18
CYBER SECURITY ENGINEERING SECURITY-BY-DESIGN IT CYBER SECURITY TECHNOLOGIES • AUTHENTICATIONS, AUTHORIZATION AND CONTROL • MR. MEISSNER AUTHORED AUTHENTICATION, AUTHORIZATION AND CONTROL FOR EARLY INTERNET OF THINGS (IOT) IN THE EARLY 1990. UNITED STATES PATENT: 6070001. • COMPUTER FORENSICS • MR. MEISSNER HAS EXPERIENCE WITH DIGITAL COMPUTER FORENSIC TOOLS USED TO PRODUCE EVIDENCE FOUND ON DIGITAL STORAGE MEDIA UTILIZING TECHNIQUES AND PRINCIPLES TO FOR DATA RECOVERY, IN ORDER TO IDENTIFY, PRESERVE, RECOVER, ANALYZE DIGITAL INFORMATION DESIGNED TO CREATE A LEGAL AUDIT TRAIL. MR. MEISSNER HAS EXPERIENCE WITH THE FOLLOWING COMPUTER FORENSIC SOLUTION: • ACCESSDATA • VULNERABILITY SCANNING TOOLS: • MR. MEISSNER HAS EVALUATED AND DEPLOY MULTIPLE VULNERABILITY SCANNING TOOLS AT MULTIPLE ENTERPRISES TO IN ORDER TO ASSESS COMPUTERS, COMPUTER SYSTEMS, NETWORKS OR APPLICATIONS FOR WEAKNESSES. MR. MEISSNER HAS PERFORMED 1000’S OF SCANS BOTH PROTECT CRITICAL DIGITAL ASSETS WITH THE ENTERPRISE AND TO EVALUATE ABILITY OF NON-AUTHORIZED ATTACKERS LOOKING TO GAIN UNAUTHORIZED ACCESS. MR. MEISSNER HAS EXPERIENCE WITH THE FOLLOWING VULNERABILITY SCANNING TOOLS: • RETINA • NEXPOSE • OTHERS: • MR. MEISSNER HAS EXPERIENCE WITH THE FOLLOWING ADDITIONAL TOOLS TO ASSIST THE ENTERPRISE WITH ESTABLISHING A SOUND DEFENSE IN DEPTH ARCHITECTURE: • WIRESHARK • NMAP ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 19
CYBER SECURITY ENGINEERING SECURITY-BY-DESIGN REGULATORY REQUIREMENTS AND BEST PRACTICESName: Regulation, Pub, Doc #: Website: PCI DSS Payment Card Industry Data Security Standard https://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Secu rity_Standard ISO 27001:2013 Specification for an information security management system (ISMS) https://en.wikipedia.org/wiki/ISO/IEC_27001:2013 HIPAA Health Insurance Portability and Accountability Act of 1996 https://en.wikipedia.org/wiki/Health_Insurance_Portability_and_Acco untability_Act NIST Special Publication 800-53 Revision 4 NIST Special Publication 800-53 http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800- 53r4.pdf NIST Special Publication 800-37 Revision 1 NIST Special Publication 800-37 Revision 1 http://csrc.nist.gov/publications/nistpubs/800-37-rev1/sp800-37- rev1-final.pdf Managing Information Security Risk NIST Special Publication 800-39 http://csrc.nist.gov/publications/nistpubs/800-39/SP800-39-final.pdf Introduction to NISTIR 7628 Guidelines for Smart Grid Cyber Security NISTIR 7628 http://www.nist.gov/smartgrid/upload/nistir-7628_total.pdf Electric Infrastructure Protection and Substation Perimeter Security. CIP-014 https://secureusa.net/energy-sector-cip-014-compliance/ Third part (of 8) of the open international standard IEC 61131 for programmable logic controllers, IEC 61131-3 http://en.wikipedia.org/wiki/IEC_61131-3 Role Engineering and RBAC Standards Role Based Access Control (RBAC) http://csrc.nist.gov/groups/SNS/rbac/standards.html Security techniques -- Evaluation criteria for IT security -- Part 1: Introduction and general model ISO/IEC 15408-1:2009 http://www.iso.org/iso/catalogue_detail.htm?csnumber=50341 * Meissner has experience with many regulatory and best practice requirements related to Cyber Security ** Non-Exhaustive List: Requirements vary by Industry, Business Risk, and Local AHJ *** Ethernautics, Inc. – Meissner: Cyber Security Standards, Best Practices and PRADL for Water Utilities http://wp.me/p2xZpH-1g ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 20
CYBER SECURITY ENGINEERING SECURITY-BY-DESIGN REGULATORY REQUIREMENTS AND BEST PRACTICESName: Regulation, Pub, Doc #: Website: ITIL General ITIL https://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Secu rity_Standard 10 CFR 73.54 “Cyber Security Rule https://en.wikipedia.org/wiki/ISO/IEC_27001:2013 Safe Guards (10 CFR 73.51) https://en.wikipedia.org/wiki/Health_Insurance_Portability_and_Acco untability_Act NIST Special Publication 800-53 Revision 4 http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800- 53r4.pdf Cyber Security Training and Awareness http://csrc.nist.gov/publications/nistpubs/800-37-rev1/sp800-37- rev1-final.pdf NIST And other security frameworks. http://csrc.nist.gov/publications/nistpubs/800-39/SP800-39-final.pdf * Non-Exhaustive List: Requirements vary by Industry, Business Risk, and Local AHJ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 21
DESIGN STANDARDS • MEISSNER HAS EXPERIENCE WITH THE FOLLOWING DESIGN STANDARDS: • ANSI/TIA/EIA STANDARDS • ANSI/TIA/EIA-568-C: COMMERCIAL BUILDING TELECOMMUNICATIONS CABLING STANDARD • ANSI/TIA/EIA-569-C: TELECOMMUNICATIONS PATHWAYS AND SPACES • ANSI/TIA/EIA-606-B: CABLE LABELING STANDARDS • ANSI/TIA/EIA-607-C: GENERIC TELECOMMUNICATIONS GROUNDING (EARTHING) AND BONDING FOR CUSTOMER PREMISES • ANSI/TIA/EIA-942: TELECOMMUNICATIONS INFRASTRUCTURE STANDARD FOR DATA CENTERS • TELECOMMUNICATIONS DESIGN MANUAL (TDM) - BICSI (BUILDING INDUSTRY CONSULTING SERVICE INTERNATIONAL) • NATIONAL ELECTRIC CODE (NFPA 70) - NEC • MASTER FORMAT • DIVISION 27 • DIVISION 28 • ASHRAE GUIDELINES • STANDARD 135 – BACNET - A DATA COMMUNICATION PROTOCOL FOR BUILDING AUTOMATION AND CONTROL NETWORKS • STANDARD 189.1 – STANDARD FOR THE DESIGN OF HIGH PERFORMANCE, GREEN BUILDINGS EXCEPT LOW-RISE RESIDENTIAL BUILDINGS • LEED – USBC US GREEN BUILDING COUNCIL ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 22
REGISTRATIONS AND CERTIFICATIONS • REGISTERED COMMUNICATIONS DISTRIBUTION DESIGNER (RCDD) • ELECTRONIC SAFETY AND SECURITY (ESS) – IN PROCESS • OUTSIDE PLANT SPECIALIST (OSP) – IN PROCESS • CERTIFIED NETWORK ASSOCIATE (CAN) – IN PROCESS • CERTIFIED INFORMATION SYSTEMS SECURITY PROFESSIONAL (CISSP) – IN PROCESS • PMP – PROJECT MANAGEMENT PROFESSIONAL – IN PROCESS • LEEDS – LEADERSHIP IN ENERGY AND ENVIRONMENTAL DESIGN – IN PROCESS©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 23
CLIENTS ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT 24
REFERENCE PROJECTS • MICHAEL W. MEISSNER WITH ETHERNAUTICS, INC. CONTRACTED TO CALIFORNIA WATER SERVICES GROUP (CWS) FOR CYBER SECURITY PROGRAM DEVELOPMENT, SCADA NETWORK SECURITY, VULNERABILITY MITIGATION FOR PROTECTION OF CRITICAL ASSETS IN WATER TREATMENT/DISTRIBUTION PLANTS. (2015) (CLICK HERE) • MICHAEL W. MEISSNER WITH ETHERNAUTICS, INC. CONTRACTED THROUGH AREVA, NP TO SOUTH TEXAS PROJECT (STP) FOR PROGRAM IMPLEMENTATION OF 10CF73.54 PROTECTION OF CRITICAL ASSETS IN NUCLEAR POWER PLANTS. (2012-2015) (CLICK HERE) • MICHAEL W. MEISSNER WITH ETHERNAUTICS, INC. CONTRACTED THROUGH CSC TO URENCO- USA/(LES) FOR PROGRAM IMPLEMENTATION AND PROTECTION OF CRITICAL ASSETS IN NUCLEAR ENRICHMENT FACILITIES.(2007-2012) (CLICK HERE) • MICHAEL W. MEISSNER WITH INFORMATION MECHANICS, INC. CONTRACTED BY TELECOMMUNICATION CORPORATION INC. (TCI) FOR DEVELOPMENT OF SECURE ENCRYPTED COMMUNICATIONS TO DIGITAL SET TOP BOXES (CLICK HERE) - ADDRESSABILITY SYSTEMS: US PATENT NUMBER #6070001 (CLICK HERE)Hello 25
PATENTS AND PUBLISHED ARTICLES Expert Systems and Knowledge Engineering IBM RedBook 1988 A Business Case for an Education Network Channel Jones International University 1993 Addressability Systems US Patent #6070001 1993 Product, Packages, and Promotions Functions Telecommunications Inc. Business Function Document 1994 Triple Play Billing Telecommunications Inc. Business Function Document 1994 Designing for Performance in Credit Card Transactions Telecommunications Inc. Business Function Document 1994 The Pitfalls of Automating Inefficient Processes Information Mechanics, Inc. 1996 Data Centre Design and Consolidation Information Mechanics, Inc. 1997 Best Practices in Service Catalog NetCracker Marketing 2006 Best Practices on OSS Deployment NetCracker Marketing 2007 Best Practices in SLA’s NetCracker Marketing 2007 Defined KPI’s • MTBF – Mean Time Between Failure • MTTR – Mean Time To Repair • SCCT – Supply Chain Cycle Time • IRCT – Inventory Replenishment Cycle Time • IMOS- Inventory Months of Supply • ITO – Inventory Turnover www.kpilibrary.com 2008 Cabling Specifications Urenco Ltd – Design Document 2009 Cable Testing Specifications Urenco Ltd – Design Document 2010 PLC’s – The greatest Cyber Security Risk to the Nation’s Infrastructure DEF CON Presentation 2012 Wikipedia Articles • Electrode ionization • Addressability • Addressability Systems • Cable Converter Box • Descramble • Solutions Architect • FTTLA Wikipedia.com http://en.wikipedia.org/wiki/Electrodeionization http://en.wikipedia.org/wiki/Addressability http://en.wikipedia.org/wiki/Addressable_system s http://en.wikipedia.org/wiki/Cable_Converter_Bo x http://en.wikipedia.org/wiki/Descramble 2008-2012 ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 26
PATENTS AND PUBLISHED ARTICLES Title Address Year Ethernautics, Inc.: Cyber Security Database Threats https://ethernautics.wordpress.com/2015/ 06/13/database-security-threats/ 2013 Glossary of Terms - Cyber Security At Nuclear Power Plants http://wp.me/p2xZpH-c 2013 Secure Encrypted communications to Digital Set Top Boxes - Addressability Systems: US Patent Number #6070001 http://wp.me/p2xZpH-V http://patents.com/us-6070001.html https://en.wikipedia.org/wiki/Addressability 1993 Ethernautics, Inc. – Meissner: Cyber Security Standards, Best Practices and PRADL for Water Utilities http://wp.me/p2xZpH-1g 2015 Cyber Security in the Automobile: Automobile/Vehicle Protocol Buses http://infrastructurecybersecurity.blogspot. com/2015/06/automobilevehicle-protocol- buses.html 2014 Communications Protocols Utilized in Plant Control Systems are a key component in the development of a Cyber Security Controls Catalog - Quora https://industrial-cyber- security.quora.com/Communications- Protocols-Utilized-in-Plant-Control- Systems-are-a-key-component-in-the- development-of-a-Cyber- Security?srid=7rIp&share=1 2014 ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 27
1 of 27

Michael W. Meissner - Cyber Security Engineering Biography

Technology

Michael W Meissner - Cyber Security Experience and Capabilities - 02/17/2015 Michael W. Meissner is a Solutions Architect, Infrastructure Architect and Cyber Security Engineer at Ethernautics, Inc. Michael Meissner has over thirty years of relevant Information Systems and Information Technology experience. Mr. Meissner is a Cyber Security Engineer with over 20 years of Information Security practice. Mr. Meissner authored Information Security Patents.

Michael W. Meissner, RCDD
Michael W. Meissner, RCDDEnterprise Architect; BSS/OSS - Cyber Security at Ethernautics, Inc.

Recommended

Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano... by
Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano...Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano...
Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano...Sardegna Ricerche
90 views14 slides
2015 NEW 1 FTSI INFO Packet with SEWPV by
2015 NEW 1 FTSI INFO Packet with SEWPV2015 NEW 1 FTSI INFO Packet with SEWPV
2015 NEW 1 FTSI INFO Packet with SEWPVTim Drexler
340 views15 slides
Ignite 2019 by
Ignite 2019Ignite 2019
Ignite 2019TI Safe
1.7K views45 slides
European smart grid cyber and scada security by
European smart grid cyber and scada securityEuropean smart grid cyber and scada security
European smart grid cyber and scada securityYulia Rotar
2K views6 slides
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc... by
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...Dale Butler
919 views6 slides
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips... by
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...Ahmed Al Enizi
1.4K views11 slides

More Related Content

Viewers also liked

Beyond the Pentest: How C2, Internal Pivoting, and Data Exfiltration Show Tru... by
Beyond the Pentest: How C2, Internal Pivoting, and Data Exfiltration Show Tru...Beyond the Pentest: How C2, Internal Pivoting, and Data Exfiltration Show Tru...
Beyond the Pentest: How C2, Internal Pivoting, and Data Exfiltration Show Tru...Beau Bullock
6.9K views59 slides
Build Safe and Secure Distributed Systems by
Build Safe and Secure Distributed SystemsBuild Safe and Secure Distributed Systems
Build Safe and Secure Distributed SystemsReal-Time Innovations (RTI)
938 views110 slides
Feasible car cyber defense - ESCAR 2010 by
Feasible car cyber defense - ESCAR 2010Feasible car cyber defense - ESCAR 2010
Feasible car cyber defense - ESCAR 2010Iddan Halevy
1.4K views21 slides
FASTR_Overview2017 by
FASTR_Overview2017FASTR_Overview2017
FASTR_Overview2017Craig Hurst
170 views12 slides
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3 by
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Jim Gilsinn
3.1K views20 slides

Viewers also liked(18)

Beyond the Pentest: How C2, Internal Pivoting, and Data Exfiltration Show Tru... by Beau Bullock
Beyond the Pentest: How C2, Internal Pivoting, and Data Exfiltration Show Tru...Beyond the Pentest: How C2, Internal Pivoting, and Data Exfiltration Show Tru...
Beyond the Pentest: How C2, Internal Pivoting, and Data Exfiltration Show Tru...
Beau Bullock6.9K views
Build Safe and Secure Distributed Systems by Real-Time Innovations (RTI)
Build Safe and Secure Distributed SystemsBuild Safe and Secure Distributed Systems
Build Safe and Secure Distributed Systems
Real-Time Innovations (RTI)938 views
Feasible car cyber defense - ESCAR 2010 by Iddan Halevy
Feasible car cyber defense - ESCAR 2010Feasible car cyber defense - ESCAR 2010
Feasible car cyber defense - ESCAR 2010
Iddan Halevy1.4K views
FASTR_Overview2017 by Craig Hurst
FASTR_Overview2017FASTR_Overview2017
FASTR_Overview2017
Craig Hurst170 views
Session 3.2 Zahri Hj Yunos by Commonwealth Telecommunications Organisation
Session 3.2 Zahri Hj YunosSession 3.2 Zahri Hj Yunos
Session 3.2 Zahri Hj Yunos
Commonwealth Telecommunications Organisation1.4K views
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3 by Jim Gilsinn
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Jim Gilsinn3.1K views
Comprehensive Security Concept For Process Control Systems V2006 by kaestnja
Comprehensive Security Concept For Process Control Systems V2006Comprehensive Security Concept For Process Control Systems V2006
Comprehensive Security Concept For Process Control Systems V2006
kaestnja767 views
Myths vs. Truths at St. Vincent's Hospital by NewellNYC
Myths vs. Truths at St. Vincent's HospitalMyths vs. Truths at St. Vincent's Hospital
Myths vs. Truths at St. Vincent's Hospital
NewellNYC470 views
Industrial Control Security USA Sacramento California Oct 13/14 by James Nesbitt
Industrial Control Security USA Sacramento California Oct 13/14Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14
James Nesbitt694 views
Cyber Security Architecture - A Systems Approach December 05 2012 by Joseph Hennawy
Cyber Security Architecture - A Systems Approach December 05 2012Cyber Security Architecture - A Systems Approach December 05 2012
Cyber Security Architecture - A Systems Approach December 05 2012
Joseph Hennawy483 views
SAE 2014 - Cyber Security: Mission Critical for the Internet of Cars by Andreas Mai
SAE 2014 - Cyber Security: Mission Critical for the Internet of CarsSAE 2014 - Cyber Security: Mission Critical for the Internet of Cars
SAE 2014 - Cyber Security: Mission Critical for the Internet of Cars
Andreas Mai3.3K views
National Critical Information Infrastructure Protection Centre (NCIIPC): Role... by Cybersecurity Education and Research Centre
National Critical Information Infrastructure Protection Centre (NCIIPC): Role...National Critical Information Infrastructure Protection Centre (NCIIPC): Role...
National Critical Information Infrastructure Protection Centre (NCIIPC): Role...
Cybersecurity Education and Research Centre7.3K views
Hackers are the new highway threat by Harman Innovation
Hackers are the new highway threatHackers are the new highway threat
Hackers are the new highway threat
Harman Innovation2.7K views
Integrating the Alphabet Soup of Standards by Jim Gilsinn
Integrating the Alphabet Soup of StandardsIntegrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of Standards
Jim Gilsinn958 views
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009) by Byres Security Inc.
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
Byres Security Inc.1.2K views
From Connected To Self-Driving - Securing the Automotive Revolution by Alexander Schellong
From Connected To Self-Driving - Securing the Automotive RevolutionFrom Connected To Self-Driving - Securing the Automotive Revolution
From Connected To Self-Driving - Securing the Automotive Revolution
Alexander Schellong312 views
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges... by Ahmed Al Enizi
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Ahmed Al Enizi2.2K views
Connected & Autonomous vehicles: cybersecurity on a grand scale v1 by Bill Harpley
Connected & Autonomous vehicles: cybersecurity on a grand scale v1Connected & Autonomous vehicles: cybersecurity on a grand scale v1
Connected & Autonomous vehicles: cybersecurity on a grand scale v1
Bill Harpley1.6K views

Similar to Michael W. Meissner - Cyber Security Engineering Biography

Herklotz - Information Operations and Security - Spring Review 2013 by
Herklotz - Information Operations and Security - Spring Review 2013Herklotz - Information Operations and Security - Spring Review 2013
Herklotz - Information Operations and Security - Spring Review 2013The Air Force Office of Scientific Research
1K views34 slides
Michael W Meissner - RCDD ESS Qualifications by
Michael W Meissner - RCDD ESS QualificationsMichael W Meissner - RCDD ESS Qualifications
Michael W Meissner - RCDD ESS QualificationsMichael W. Meissner, RCDD
714 views9 slides
Leveraging Technology to Enhance Security, Reliability & NERC-CIP Ver.5 Compl... by
Leveraging Technology to Enhance Security, Reliability & NERC-CIP Ver.5 Compl...Leveraging Technology to Enhance Security, Reliability & NERC-CIP Ver.5 Compl...
Leveraging Technology to Enhance Security, Reliability & NERC-CIP Ver.5 Compl...TheAnfieldGroup
2.9K views22 slides
John kingsley OT ICS SCADA Cyber security consultant by
John kingsley OT ICS SCADA Cyber security consultantJohn kingsley OT ICS SCADA Cyber security consultant
John kingsley OT ICS SCADA Cyber security consultantJohn Kingsley
685 views8 slides
Industrial Control Security USA Sacramento California Oct 6/7 by
Industrial Control Security USA Sacramento California Oct 6/7Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7James Nesbitt
1.9K views12 slides
Ijisa by
IjisaIjisa
IjisaMiajackB
14 views2 slides

Similar to Michael W. Meissner - Cyber Security Engineering Biography(20)

Herklotz - Information Operations and Security - Spring Review 2013 by The Air Force Office of Scientific Research
Herklotz - Information Operations and Security - Spring Review 2013Herklotz - Information Operations and Security - Spring Review 2013
Herklotz - Information Operations and Security - Spring Review 2013
The Air Force Office of Scientific Research1K views
Michael W Meissner - RCDD ESS Qualifications by Michael W. Meissner, RCDD
Michael W Meissner - RCDD ESS QualificationsMichael W Meissner - RCDD ESS Qualifications
Michael W Meissner - RCDD ESS Qualifications
Michael W. Meissner, RCDD714 views
Leveraging Technology to Enhance Security, Reliability & NERC-CIP Ver.5 Compl... by TheAnfieldGroup
Leveraging Technology to Enhance Security, Reliability & NERC-CIP Ver.5 Compl...Leveraging Technology to Enhance Security, Reliability & NERC-CIP Ver.5 Compl...
Leveraging Technology to Enhance Security, Reliability & NERC-CIP Ver.5 Compl...
TheAnfieldGroup2.9K views
John kingsley OT ICS SCADA Cyber security consultant by John Kingsley
John kingsley OT ICS SCADA Cyber security consultantJohn kingsley OT ICS SCADA Cyber security consultant
John kingsley OT ICS SCADA Cyber security consultant
John Kingsley685 views
Industrial Control Security USA Sacramento California Oct 6/7 by James Nesbitt
Industrial Control Security USA Sacramento California Oct 6/7Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7
James Nesbitt1.9K views
Ijisa by MiajackB
IjisaIjisa
Ijisa
MiajackB14 views
Online MS in Cybersecurity at NYU by NYU Tandon Online
Online MS in Cybersecurity at NYUOnline MS in Cybersecurity at NYU
Online MS in Cybersecurity at NYU
NYU Tandon Online653 views
Cyber Security: Protecting Today's Mission Critical Public Safety Networks by LRKimball
Cyber Security: Protecting Today's Mission Critical Public Safety NetworksCyber Security: Protecting Today's Mission Critical Public Safety Networks
Cyber Security: Protecting Today's Mission Critical Public Safety Networks
LRKimball791 views
Mark Minnucci: Deployment of MBSE and the Emergence of a Systems-Thinking Cul... by EnergyTech2015
Mark Minnucci: Deployment of MBSE and the Emergence of a Systems-Thinking Cul...Mark Minnucci: Deployment of MBSE and the Emergence of a Systems-Thinking Cul...
Mark Minnucci: Deployment of MBSE and the Emergence of a Systems-Thinking Cul...
EnergyTech2015677 views
Industrial Control Security USA Sacramento California Oct 6/7 by James Nesbitt
Industrial Control Security USA Sacramento California Oct 6/7Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7
James Nesbitt394 views
Martin Vliem (Microsoft): Met vertrouwen naar de cloud by Content Guru Benelux
Martin Vliem (Microsoft): Met vertrouwen naar de cloudMartin Vliem (Microsoft): Met vertrouwen naar de cloud
Martin Vliem (Microsoft): Met vertrouwen naar de cloud
Content Guru Benelux80 views
Cyber Security_Presentation_KTH by Awais Shibli
Cyber Security_Presentation_KTHCyber Security_Presentation_KTH
Cyber Security_Presentation_KTH
Awais Shibli1.2K views
Technology a facilitator for buisiness by Brian Pereira
Technology a facilitator for buisinessTechnology a facilitator for buisiness
Technology a facilitator for buisiness
Brian Pereira70 views
July 20, 2016 Webcast for the Cybersecurity MS at NYU Tandon Online by NYU Tandon Online
July 20, 2016 Webcast for the Cybersecurity MS at NYU Tandon OnlineJuly 20, 2016 Webcast for the Cybersecurity MS at NYU Tandon Online
July 20, 2016 Webcast for the Cybersecurity MS at NYU Tandon Online
NYU Tandon Online284 views
NYU Tandon Online M.S. In Cybersecurity Webinar by NYU Tandon Online
NYU Tandon Online M.S. In Cybersecurity WebinarNYU Tandon Online M.S. In Cybersecurity Webinar
NYU Tandon Online M.S. In Cybersecurity Webinar
NYU Tandon Online407 views
How to Build a Winning Cybersecurity Team by Global Knowledge Training
How to Build a Winning Cybersecurity TeamHow to Build a Winning Cybersecurity Team
How to Build a Winning Cybersecurity Team
Global Knowledge Training341 views
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca... by Shah Sheikh
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
Shah Sheikh6.5K views
MRHCV-short.DOC by Mark Hobday
MRHCV-short.DOCMRHCV-short.DOC
MRHCV-short.DOC
Mark Hobday220 views
Introduction to the CSA Cloud Controls Matrix by John Yeoh
Introduction to the CSA Cloud Controls MatrixIntroduction to the CSA Cloud Controls Matrix
Introduction to the CSA Cloud Controls Matrix
John Yeoh2.2K views
How Bell Energy can help you be a Sustainable and Profitable Organization by Chandrashekhar Kulkarni
How Bell Energy can help you be a Sustainable and Profitable OrganizationHow Bell Energy can help you be a Sustainable and Profitable Organization
How Bell Energy can help you be a Sustainable and Profitable Organization
Chandrashekhar Kulkarni875 views

Recently uploaded

Business Analyst Series 2023 - Week 4 Session 7 by
Business Analyst Series 2023 - Week 4 Session 7Business Analyst Series 2023 - Week 4 Session 7
Business Analyst Series 2023 - Week 4 Session 7DianaGray10
126 views31 slides
Kyo - Functional Scala 2023.pdf by
Kyo - Functional Scala 2023.pdfKyo - Functional Scala 2023.pdf
Kyo - Functional Scala 2023.pdfFlavio W. Brasil
449 views92 slides
Cencora Executive Symposium by
Cencora Executive SymposiumCencora Executive Symposium
Cencora Executive Symposiummarketingcommunicati21
139 views14 slides
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or... by
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...ShapeBlue
158 views20 slides
20231123_Camunda Meetup Vienna.pdf by
20231123_Camunda Meetup Vienna.pdf20231123_Camunda Meetup Vienna.pdf
20231123_Camunda Meetup Vienna.pdfPhactum Softwareentwicklung GmbH
50 views73 slides
Microsoft Power Platform.pptx by
Microsoft Power Platform.pptxMicrosoft Power Platform.pptx
Microsoft Power Platform.pptxUni Systems S.M.S.A.
80 views38 slides

Recently uploaded(20)

Business Analyst Series 2023 - Week 4 Session 7 by DianaGray10
Business Analyst Series 2023 - Week 4 Session 7Business Analyst Series 2023 - Week 4 Session 7
Business Analyst Series 2023 - Week 4 Session 7
DianaGray10126 views
Kyo - Functional Scala 2023.pdf by Flavio W. Brasil
Kyo - Functional Scala 2023.pdfKyo - Functional Scala 2023.pdf
Kyo - Functional Scala 2023.pdf
Flavio W. Brasil449 views
Cencora Executive Symposium by marketingcommunicati21
Cencora Executive SymposiumCencora Executive Symposium
Cencora Executive Symposium
marketingcommunicati21139 views
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or... by ShapeBlue
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...
ShapeBlue158 views
20231123_Camunda Meetup Vienna.pdf by Phactum Softwareentwicklung GmbH
20231123_Camunda Meetup Vienna.pdf20231123_Camunda Meetup Vienna.pdf
20231123_Camunda Meetup Vienna.pdf
Phactum Softwareentwicklung GmbH50 views
Microsoft Power Platform.pptx by Uni Systems S.M.S.A.
Microsoft Power Platform.pptxMicrosoft Power Platform.pptx
Microsoft Power Platform.pptx
Uni Systems S.M.S.A.80 views
Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ... by ShapeBlue
Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ...Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ...
Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ...
ShapeBlue144 views
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLive by Network Automation Forum
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLiveAutomating a World-Class Technology Conference; Behind the Scenes of CiscoLive
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLive
Network Automation Forum50 views
Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda... by ShapeBlue
Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda...Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda...
Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda...
ShapeBlue120 views
2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue by ShapeBlue
2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue
2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue
ShapeBlue103 views
Declarative Kubernetes Cluster Deployment with Cloudstack and Cluster API - O... by ShapeBlue
Declarative Kubernetes Cluster Deployment with Cloudstack and Cluster API - O...Declarative Kubernetes Cluster Deployment with Cloudstack and Cluster API - O...
Declarative Kubernetes Cluster Deployment with Cloudstack and Cluster API - O...
ShapeBlue88 views
Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ... by ShapeBlue
Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ...Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ...
Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ...
ShapeBlue85 views
Future of AR - Facebook Presentation by Rob McCarty
Future of AR - Facebook PresentationFuture of AR - Facebook Presentation
Future of AR - Facebook Presentation
Rob McCarty62 views
Ransomware is Knocking your Door_Final.pdf by Security Bootcamp
Ransomware is Knocking your Door_Final.pdfRansomware is Knocking your Door_Final.pdf
Ransomware is Knocking your Door_Final.pdf
Security Bootcamp90 views
GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N... by James Anderson
GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N...GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N...
GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N...
James Anderson156 views
Data Integrity for Banking and Financial Services by Precisely
Data Integrity for Banking and Financial ServicesData Integrity for Banking and Financial Services
Data Integrity for Banking and Financial Services
Precisely78 views
DRBD Deep Dive - Philipp Reisner - LINBIT by ShapeBlue
DRBD Deep Dive - Philipp Reisner - LINBITDRBD Deep Dive - Philipp Reisner - LINBIT
DRBD Deep Dive - Philipp Reisner - LINBIT
ShapeBlue140 views
Setting Up Your First CloudStack Environment with Beginners Challenges - MD R... by ShapeBlue
Setting Up Your First CloudStack Environment with Beginners Challenges - MD R...Setting Up Your First CloudStack Environment with Beginners Challenges - MD R...
Setting Up Your First CloudStack Environment with Beginners Challenges - MD R...
ShapeBlue132 views
"Surviving highload with Node.js", Andrii Shumada by Fwdays
"Surviving highload with Node.js", Andrii Shumada "Surviving highload with Node.js", Andrii Shumada
"Surviving highload with Node.js", Andrii Shumada
Fwdays53 views
Extending KVM Host HA for Non-NFS Storage - Alex Ivanov - StorPool by ShapeBlue
Extending KVM Host HA for Non-NFS Storage - Alex Ivanov - StorPoolExtending KVM Host HA for Non-NFS Storage - Alex Ivanov - StorPool
Extending KVM Host HA for Non-NFS Storage - Alex Ivanov - StorPool
ShapeBlue84 views

Michael W. Meissner - Cyber Security Engineering Biography

  • 1. MICHAEL W. MEISSNER, RCDD CYBER SECURITY SERVICES CYBER SECURITY PROGRAM AND PROJECT MANAGEMENT CYBER SECURITY SOLUTIONS ARCHITECTURE CYBER SECURITY DESIGN ENGINEERING
  • 2. MICHAEL MEISSNER SUMMARY • MR. MEISSNER IS A HIGHLY MOTIVATE CYBER SECURITY PROGRAM MANAGER AND CYBER SECURITY ENGINEER AND HAS OVER THIRTY YEARS OF EXPERIENCE AS A MANAGING PROGRAMS AND PROJECTS. • MICHAEL W. MEISSNER LEADS ETHERNAUTICS, INC.'S CYBER SECURITY PRACTICE. MR. MEISSNER HAS OVER 30 YEARS OF IT, ENGINEERING AND MANAGEMENT EXPERIENCE. THROUGHOUT HIS CAREER HE HAS PROVIDED EXCEPTIONAL CLIENT SERVICE AND COMMUNICATION SKILLS WITH A DEMONSTRATED ABILITY TO DEVELOP AND MAINTAIN OUTSTANDING CLIENT RELATIONSHIPS. • HIGHLY ORGANIZED, RESULTS-ORIENTED AND ATTENTIVE TO DETAILS. SELF-MOTIVATED, PROACTIVE, INDEPENDENT AND RESPONSIVE. REQUIRES LITTLE SUPERVISORY ATTENTION. EXCELLENT PRESENTATION, FACILITATION AND DIPLOMACY SKILLS • MEISSNER HAS EXECUTED END TO END PROGRAM MANAGEMENT AND PROJECT MANAGEMENT OF LARGE AND/OR MULTIPLE LARGE PROJECTS. MR. MEISSNER HAS MANAGED PROJECTS FROM A FEW INDIVIDUALS TO TEAMS OF OVER 100 INDIVIDUALS AND VENDORS. ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 2
  • 3. MICHAEL MEISSNER SUMMARY • MR. MEISSNER DESIGNS AND IMPLEMENTS ALL FACETS OF CYBER SECURITY PROJECTS, PROGRAMMATIC AND TECHNICAL DETAIL MANAGEMENT TO ENSURE DELIVERABLES ARE MET WITHIN SCHEDULE, BUDGET, AND QUALITY GOALS. HE IS ABLE TO EXPRESS A CLEAR UNDERSTANDING OF THE BUSINESS, OPERATIONAL AND HUMAN IMPACT OF TECHNOLOGY AND THE CYBER SECURITY THREATS THEY EXPOSE. • MR. MEISSNER HAS MANY YEARS OF EXPERIENCE WORKING IN A COMPLEX, MULTI TASKING TYPE ENVIRONMENTS. • DEMONSTRATED TRACK RECORD ASSISTING CLIENTS WITH IDENTIFYING AND ASSESSING INFORMATION SYSTEM RELATED RISKS AND DEFINING BEST PRACTICES AS A TRUSTED ADVISER. • HANDS-ON EXPERIENCE WITH INFORMATION SECURITY STANDARDS AND TECHNOLOGY • EXPERIENCE WITH SECURITY STRATEGIES AND/OR SECURITY ARCHITECTURE. • EXPERTISE IN IT POLICY AND PROCEDURE DEVELOPMENT. • MEISSNER HAS EXECUTED PROJECTS THRU THEIR COMPLETE LIFE-CYCLES (SDLC) • IT PROCESSES (I.E., ITIL) INCLUDING INCIDENT, PROBLEM, DEFECT, CHANGE AND RELEASE MANAGEMENT. ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 3
  • 4. MICHAEL MEISSNER SECURITY DOMAINS • EXPERIENCE WITH THE FOLLOWING SECURITY DOMAINS: • AUDIT AND MONITORING, • RISK RESPONSE & RECOVERY • CRYPTOGRAPHY • DATA COMMUNICATIONS • COMPUTER OPERATIONS SECURITY • TELECOMMUNICATIONS & NETWORK SECURITY • SECURITY ARCHITECTURE & MODELS • MEISSNER MAINTAINS EXPERIENCE IN SEVERAL INDUSTRY VERTICALS ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 4
  • 5. WORK HISTORY 08/2007 - Present Ethernautics, Inc. California Water Services Areva Computer Sciences Corporation Telcordia Global Telcom Limited (GTL) US Cellular Urenco/LES ETUS STP – South Texas Project Verizon Wireless JoAnn’s Stores 01/2007 – 08/2007 NetCracker, Technologies US Army Time Warner One Communications Covad Telus Nextel/Sprint Verizon Business Horry Telephone Cooperative Comcast 11/1993 – 01/2007 Information Mechanics, Inc. Comcast (TCI) AT&T Broadband MetroList Mobeo GTE AT&T Wireless Bell South Continental Cable Lafarge Concrete Denver Post US Park Service Across Media Networks Telcordia (Belcore) – SAIC TECO/Peoples Gas Cable Services Group (CSG) AMDOCS Cable Data Kenan AT&T Broadband MediaOne USWest/Qwest Ticketmaster/Pacer Cats, AMC, United Artist 02/1992 – 11/1993 Berger & Co Region Transportation District (RTD) Lipper Analytical Aspen Ski Corp Obeymeyer Sports USWest Jones Cable Xcel Energy Frontier Communications Optimus Technologies Ticketmaster/Pacer Cats Trinidad Benham Territory Agent IBM – Oil & Gas/Mining/AEC 05/1987 – 02/1992 IBM Department of Transportation Department of Health and Human Services Department of Labor Rocky Flats – Rockwell International Public Service Company of Colorado Kaiser Permanente St. Anthony’s Hospital St. Luke’s Hospital, Veterans Hospital Colorado School of Mines 05/1987 – 10/1988 Colorado School of Mines Research Development Data Center Management 06/1985 – 05/1987 Schlumberger Measurement While Drilling (MWD) 01/1988 – 06/1985 Mammoth Information Services Calaway Oil & Gas Bird Oil Corporation Amselco Minerals Amoco Microgeophysical Corp Max P. Arnold & Associates * See Project References for details: (Click Here) ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT 5
  • 6. GOVERNANCE PROGRAM AND PROJECT MANAGEMENT • CYBER SECURITY PROGRAM LEADERSHIP AND MANAGEMENT • CYBER SECURITY STRATEGY • CYBER SECURITY PROJECT MANAGEMENT • REGULATORY COMPLIANCE • POLICY AND PROCEDURE DEVELOPMENT • CHANGE MANAGEMENT - CONFIGURATION MANAGEMENT • TECHNICAL SPECIFICATIONS AND BEST PRACTICE DEVELOPMENT • INCIDENT RESPONSE DISASTER RECOVERY • REPORTING AND KPI’S ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 6
  • 7. GOVERNANCE PROGRAM AND PROJECT MANAGEMENT • CUSTOMER FACING – WORKS ACROSS ORGANIZATION • PROJECT MANAGEMENT • DEVELOP AND TRACK SCHEDULES • TRACK RESOURCES • KPI’S • RFP PREPARATION, BID PREPARATION AND RESPONSE • JOB COSTING AND BUDGET TRACKING • PROFICIENT IN DESIGN, PRESENTATION, AND PROJECT MANAGEMENT TOOLS (MS OFFICE, WORD, EXCEL, POWER POINT, VISIO, PROJECT) • PROJECT AND CONSTRUCTION MANAGEMENT, IT ENGINEERING MANAGEMENT, FIELD ENGINEERING AND “CRAFT” MANAGEMENT • LABOR/UNION RELATIONS ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT – 7) 7
  • 8. TECHNICAL CAPABILITIES • LOW VOLTAGE DESIGN - REGISTERED COMMUNICATIONS DISTRIBUTION DESIGNER (RCDD) CERTIFICATION • OUTSIDE PLANT DESIGN • ELECTRONIC SAFETY AND SECURITY SYSTEMS DESIGN (LIFE SAFETY) • WIRELESS DESIGN (DAS, CELLULAR, ANALOG RADIO) • INTELLIGENT BUILDINGS, BUILDING AUTOMATION, UTILITY MONITORING DESIGNS • CYBER SECURITY DESIGN – CISSP CERTIFICATIONS • RIGHTS OF WAY, PERMITTING, AND AUTHORITIES HAVING JURISDICTION (AHJ) • CUSTOMER FACING SALES AND SUPPORT – TECHNICAL PRESENTATIONS • PROFICIENT IN DESIGN TOOLS (ACAD, VISIO, EXCEL) • FIELD ENGINEERING, DESIGN VERIFICATION, AND "AS-BUILTS" • CYBER-PHYSICAL SYSTEMS • CYBER SECURITY ASSESSMENT Hello 8
  • 9. TECHNICAL CAPABILITIES – CYBER SECURITY • CYBER-PHYSICAL SYSTEMS - ELECTRONIC SAFETY AND SECURITY SYSTEMS DESIGN (LIFE SAFETY) • WIRELESS DESIGN (DAS, CELLULAR, ANALOG RADIO) - ENCRYPTION • CYBER SECURITY DESIGN – CISSP CERTIFICATIONS • REGULATORY REQUIREMENTS • BUSINESS REQUIREMENT • CUSTOMER FACING SALES AND SUPPORT – TECHNICAL PRESENTATIONS • RISK ASSESSMENT • CRITICAL DIGITAL ASSET MANAGEMENT • CYBER SECURITY ASSESSMENT ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT – 7) 9
  • 10. CYBER SECURITY ENGINEERING SECURITY-BY-DESIGN SERVICES • CYBER SECURITY ENGINEERING • CYBER SECURITY ARCHITECTURES (PCI, NIST, ISO ETC.) • BUSINESS AND REGULATORY REQUIREMENTS • SYSTEM ANALYSIS USING MULTIPLE TECHNOLOGIES IN HETEROGENEOUS ARCHITECTURES AND WIDE SYSTEM FUNCTIONALITY • ELECTRONIC SAFETY AND SECURITY (ESS) - PHYSICAL SECURITY SYSTEMS AND LIFE SAFETY SYSTEMS • CRITICAL DIGITAL ASSET DETERMINATION • ANALYZES NETWORK SECURITY DESIGN • RISK ASSESSMENT AND MANAGEMENT • WORK WITH CLIENTS IN IDENTIFYING AND ASSESSING INFORMATION SYSTEM RELATED RISKS RELATED TO CYBER SECURITY. • CREATING STRATEGIES RELATED TO CYBER SECURITY RISK MANAGEMENT. • PLANS AND CONDUCTS VULNERABILITY ASSESSMENTS • CREATED AND TUNED VULNERABILITY SCAN GROUPS AND CONFIGURATIONS. • IDENTIFICATION OF ATTACK VULNERABILITIES (OWASP) AND (ISO/IEC 15408-1:2009) • EVALUATION OF SYSTEM SECURITY CONFIGURATIONS • DEVELOPMENT AND EVALUATION OF ATTACK SCENARIOS • EVALUATES FINDINGS AND CONDUCTS ROOT CAUSE ANALYSIS • CONDUCT PENETRATION TESTING, ROUTINE EXPLOIT ANALYSIS, SYSTEMS MONITORING. • CYBER SECURITY CONTROLS CATALOG • REMEDIATION AND MITIGATION ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 10
  • 11. CYBER SECURITY ENGINEERING SECURITY-BY-DESIGN DIGITAL DESIGN AND SYSTEMS ENGINEERING SERVICES • MEISSNER HAS EXPERIENCE WITH DESIGNING THE FOLLOWING SECURITY RELATED SYSTEMS: • NETWORK SECURITY DESIGN (LAN/WAN) • APPLICATION SECURITY DESIGN • DATA SECURITY • ELECTRONIC SAFETY AND SECURITY (ESS) - PHYSICAL SECURITY SYSTEMS AND LIFE SAFETY SYSTEMS • SECURE WIRELESS • RADIO ENCRYPTION • DATA • VOICE (PUSH-TO-TALK) • INTEGRATES SECURITY TECHNICAL CONTROLS FOR MULTIPLE PROJECTS/PRODUCTS WITH DEFINED REQUIREMENTS • DESIGN TEST PLANS TO EVALUATE CONTROL OBJECTIVES AND IDENTIFY WEAKNESSES IN THE INFORMATION TECHNOLOGY CONTROL STRUCTURE. • SECURITY OPERATION CENTERS (SOC), NETWORK OPERATION CENTERS (NOC), DATA CENTERS, TELECOM EQUIPMENT ROOMS, • ENGINEERING DRAWINGS - (T-EQP, T-PHY, T-PHY) • IDENTITY ACCESS MANAGEMENT AND AUTHORIZATION • PLANT CONTROL SYSTEMS (PCS, ICS) AND SCADA SYSTEMS IN NUCLEAR POWER PLANTS, CHEMICAL PROCESSING AND WATER TREATMENT/DISTRIBUTION CRITICAL INFRASTRUCTURE • DESIGN OVERALL DEFENSE-IN-DEPTH ARCHITECTURE FOR PLANT SYSTEMS (NIST CYBER SECURITY FRAMEWORK AND ISO/IEC 27001 COMPLIANCE COBIT, COSO). • SUPPORTING INFRASTRUCTURES (TELCOM, POWER, HVAC, DATA CENTER, CLOSETS, DAS, DISTRIBUTION SYSTEMS) • OUTSIDE PLANT (OSP) • SECURE STRUCTURED CABLING • DEFINES SECURITY PRODUCT SPECIFICATIONS • DEFINE INTRUSION/DATA LOSS TECHNIQUES. • DESIGNS, INTEGRATES AND CONFIGURES CONTROLS. • RESPONSIBLE FOR IMPLEMENTING AND TUNING THE TECHNICAL SOLUTION USED TO IDENTIFY AND MANAGE THE CONFIGURATIONS AND CONTROLS • PATCH MANAGEMENT- SATELLITE, SCCM, WSUS, SHAVLIK, SECUNIA, LANDESK ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 11
  • 12. CYBER SECURITY ENGINEERING SECURITY-BY-DESIGN DIGITAL DESIGN AND SYSTEMS ENGINEERING SERVICES • MEISSNER HAS EXPERIENCE WITH DESIGNING THE FOLLOWING SECURITY RELATED SYSTEMS: • NETWORK SECURITY DEPLOYMENT OF NETWORK AND APPLICATION SECURITY AND AUTHORIZATION FOR PLANT CONTROL AND REPORTING SYSTEMS. • FIREWALLS • DATA DIODES • DMZ’S • ENCRYPTION • IAM • SIEMS • IDS/IPS ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 12
  • 13. CYBER SECURITY ENGINEERING SECURITY-BY-DESIGN SERVICES • MEISSNER HAS EXPERIENCE WITH THE FOLLOWING SYSTEMS: • PHYSICAL SECURITY SYSTEMS • LIFE/SAFETY SYSTEMS – ESS SYSTEMS • ASSET MANAGEMENT • PLANT CONTROL SYSTEMS • BUILDING AUTOMATION & UTILITY MONITORING • DATA CENTER DESIGN • CABLE DESIGN – STRUCTURED CABLING • OUTSIDE PLANT - OSP • NETWORK DESIGN • CYBER SECURITY ENGINEERING • AUTHORIZATION AND CONTROL • LEED • PROJECT MANAGEMENT ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 13
  • 14. CYBER SECURITY ENGINEERING SECURITY-BY-DESIGN OPERATIONS SERVICES • SECURITY OPERATION CENTER (SOC, ALARM STATIONS) • CYBER SECURITY MONITORING • NETWORK SECURITY MONITORING • INCIDENT DETECTION • CONTRIBUTES TO THE DEVELOPMENT AND EVALUATION OF ATTACK SCENARIOS • EVALUATES FINDINGS AND CONDUCTS ROOT CAUSE ANALYSIS • PERFORMS INCIDENT RESPONSE ACTIVITIES ACROSS BROAD TECHNOLOGY PROFILES OR MULTIPLE SYSTEMS • INTERROGATES INDUSTRY SOURCES AND EVALUATES INCIDENT INDICATORS. • COLLECTS AND PRESERVES EVIDENCE, IDENTIFIES INTRUSION OR INCIDENT PATH AND METHOD • DETERMINES NATURE, MECHANISMS, SCOPE AND LOCATION OF THE INCIDENT. • DRAFTS INCIDENT/INVESTIGATION REPORTS AND MAKES RECOMMENDATION FOR FUTURE PROCESS ENHANCEMENTS. PREPARES AND DELIVERS TECHNICAL REPORTS AND BRIEFINGS • DEPLOYMENT OF NETWORK AND APPLICATION SECURITY AND AUTHORIZATION FOR PLANT CONTROL AND REPORTING SYSTEMS. • MONITORS NETWORK AND HOST-BASED SECURITY ALERTING SYSTEMS AND EVENT LOGS. PERFORMS INITIAL EVENT/LOSS ASSESSMENT AND VALIDATION. ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 14
  • 15. CYBER SECURITY ENGINEERING SECURITY-BY-DESIGN IT CYBER SECURITY DETECTION AND PREVENTION TOOLS • NETWORK MONITORING – SOLARWINDS • VULNERABILITY SCANNERS - NESSUS, RETINA, QUALSYS, FOUNDSTONE, NEXPOSE • SIEM – SPLUNK, IBM QRADAR • IDS / IPS – SOURCEFIRE, CISCO IPS 4200, INTRUSHIELD • PASSWORD MANAGEMENT - THYCOTIC • DEFENSE IN DEPTH ARCHITECTURE AND ADVANCED PERSISTENT THREATS (APTS) • INCIDENT MANAGEMENT AND FORENSICS - NETWITNESS • RSA SECURITY ANALYTICS, ARCHER, SECOPS • PKI - PUBLIC KEY INFRASTRUCTURE • WEBSENSE • FIREWALLS - CISCO, PALOALTO NETWORKS, CHECKPOINT • DATA DIODES - CANARY, WATERFALL • CISCO ISE • CHECKPOINT LOAD BALANCER • REMEDY NETWORKING Through education and experience Mr. Meissner has amassed skills with the following Cyber Security Tool Sets: ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 15
  • 16. CYBER SECURITY ENGINEERING SECURITY-BY-DESIGN IT CYBER SECURITY TECHNOLOGIES • SECURITY INFORMATION AND EVENT MANAGEMENT (SIEM) • MR. MEISSNER HAS HAD A VARIETY OF EXPERIENCES WITH THE FOLLOWING SIEM SOLUTIONS IN ORDER TO SUPPORT REAL-TIME ANALYSIS OF SECURITY ALERTS GENERATED BY NETWORK HARDWARE AND APPLICATIONS: • QRADAR • SPLUNK • MCAFEE ENTERPRISE SECURITY MANAGER • IDS/IPS • MR. MEISSNER HAS EXPERIENCE IN EVALUATING AND DEPLOYING SEVERAL IDS AND IPS TOOLS THAT HAVE ASSISTED ORGANIZATIONS IN THE IDENTIFICATION AND PROTECTION OF THEIR WIRED AND WIRELESS NETWORKS AGAINST SEVERAL TYPES OF SECURITY THREATS. MR. MEISSNER HAS EXPERIENCE WITH THE FOLLOWING IDS/IPS/SIEM SOLUTIONS: • MCAFEE'S INTRUSHIELD/MCAFEE NETWORK SECURITY PLATFORM (NSP) • SOURCEFIRE • SNORT • TIPPINGPOINT • JUNIPER IPS Through education and experience Mr. Meissner has experience with the following Cyber Security Technologies: ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 16
  • 17. CYBER SECURITY ENGINEERING SECURITY-BY-DESIGN IT CYBER SECURITY TECHNOLOGIES • ENDPOINT SECURITY TOOLS/ANTI-VIRUS/ANTIMALWARE • MR. MEISSNER HAS EXPERIENCE WITH THE FOLLOWING ENDPOINT SECURITY SOLUTIONS: • MCAFEE • SYMANTEC • RSA ECAT • MOBILE DEVICES MANAGEMENT (MDM) • MR. MEISSNER HAS EFFECTIVELY DEPLOYED MDM SOFTWARE O BOLSTERS NETWORK SECURITY THROUGH REMOTE MONITORING AND CONTROL OF SECURITY CONFIGURATIONS, POLICY ENFORCEMENT AND PATCH PUSHES TO MOBILE DEVICES. DEPLOYING SYSTEMS THAT REMOTELY LOCK LOST, STOLEN OR COMPROMISED MOBILE DEVICES AND, IF NECESSARY, WIPE ALL STORED DATA. MR. MEISSNER HAS EXPERIENCE WITH THE FOLLOWING MDM SOLUTIONS: • BLACKBERRY ENTERPRISE SERVER BES10 • AIRWATCH • IBM MAAS360 MDM • CITRIX XENMOBILE • SYMANTEC MOBILE MANAGEMENT • MCAFEE EMM • MICROSOFT ENTERPRISE MOBILITY SUITE (EMS) • CISCO ISE Through education and experience Mr. Meissner has experience with the following Cyber Security Technologies: ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 17
  • 18. CYBER SECURITY ENGINEERING SECURITY-BY-DESIGN IT CYBER SECURITY TECHNOLOGIES • NETWORK ACCESS CONTROL/IDENTITY ACCESS MANAGEMENT (IAM) TOOLS • MR. MEISSNER HAS EVALUATED AND DEPLOY MULTIPLE IDENTITY ACCESS MANAGEMENT (IAM) SYSTEMS AT MULTIPLE ENTERPRISES TO ESTABLISH A FRAMEWORK FOR BUSINESS PROCESSES THAT FACILITATES THE MANAGEMENT OF ELECTRONIC IDENTITIES. TO INITIATE, CAPTURE, RECORD AND MANAGE USER IDENTITIES AND THEIR RELATED ACCESS PERMISSIONS IN AN AUTOMATED FASHION. UTILIZING IAM TECHNOLOGIES MR. MEISSNER EFFORTS HAVE ENSURED THAT ACCESS PRIVILEGES ARE GRANTED ACCORDING TO ONE INTERPRETATION OF POLICY AND ALL INDIVIDUALS AND SERVICES ARE PROPERLY AUTHENTICATED, AUTHORIZED AND AUDITED. MR. MEISSNER HAS EXPERIENCE WITH THE FOLLOWING NETWORK ACCESS CONTROL/IAM SOLUTIONS: • IBM'S SECURITY IDENTITY MANAGER • TOOLS4EVER'S • CENTRIFY IDENTITY SERVICE • THYCOTIC SECRET SERVER • CISCO ISE • NEXT GENERATION FIREWALLS AND DATA DIODES • MR. MEISSNER HAS EXPERIENCE WITH THE FOLLOWING NEXT GENERATION FIREWALLS AND DATA DIODES: • JUNIPER • PALO ALTO NETWORKS (PAN) • CANARY • WATERFALL ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 18
  • 19. CYBER SECURITY ENGINEERING SECURITY-BY-DESIGN IT CYBER SECURITY TECHNOLOGIES • AUTHENTICATIONS, AUTHORIZATION AND CONTROL • MR. MEISSNER AUTHORED AUTHENTICATION, AUTHORIZATION AND CONTROL FOR EARLY INTERNET OF THINGS (IOT) IN THE EARLY 1990. UNITED STATES PATENT: 6070001. • COMPUTER FORENSICS • MR. MEISSNER HAS EXPERIENCE WITH DIGITAL COMPUTER FORENSIC TOOLS USED TO PRODUCE EVIDENCE FOUND ON DIGITAL STORAGE MEDIA UTILIZING TECHNIQUES AND PRINCIPLES TO FOR DATA RECOVERY, IN ORDER TO IDENTIFY, PRESERVE, RECOVER, ANALYZE DIGITAL INFORMATION DESIGNED TO CREATE A LEGAL AUDIT TRAIL. MR. MEISSNER HAS EXPERIENCE WITH THE FOLLOWING COMPUTER FORENSIC SOLUTION: • ACCESSDATA • VULNERABILITY SCANNING TOOLS: • MR. MEISSNER HAS EVALUATED AND DEPLOY MULTIPLE VULNERABILITY SCANNING TOOLS AT MULTIPLE ENTERPRISES TO IN ORDER TO ASSESS COMPUTERS, COMPUTER SYSTEMS, NETWORKS OR APPLICATIONS FOR WEAKNESSES. MR. MEISSNER HAS PERFORMED 1000’S OF SCANS BOTH PROTECT CRITICAL DIGITAL ASSETS WITH THE ENTERPRISE AND TO EVALUATE ABILITY OF NON-AUTHORIZED ATTACKERS LOOKING TO GAIN UNAUTHORIZED ACCESS. MR. MEISSNER HAS EXPERIENCE WITH THE FOLLOWING VULNERABILITY SCANNING TOOLS: • RETINA • NEXPOSE • OTHERS: • MR. MEISSNER HAS EXPERIENCE WITH THE FOLLOWING ADDITIONAL TOOLS TO ASSIST THE ENTERPRISE WITH ESTABLISHING A SOUND DEFENSE IN DEPTH ARCHITECTURE: • WIRESHARK • NMAP ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 19
  • 20. CYBER SECURITY ENGINEERING SECURITY-BY-DESIGN REGULATORY REQUIREMENTS AND BEST PRACTICESName: Regulation, Pub, Doc #: Website: PCI DSS Payment Card Industry Data Security Standard https://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Secu rity_Standard ISO 27001:2013 Specification for an information security management system (ISMS) https://en.wikipedia.org/wiki/ISO/IEC_27001:2013 HIPAA Health Insurance Portability and Accountability Act of 1996 https://en.wikipedia.org/wiki/Health_Insurance_Portability_and_Acco untability_Act NIST Special Publication 800-53 Revision 4 NIST Special Publication 800-53 http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800- 53r4.pdf NIST Special Publication 800-37 Revision 1 NIST Special Publication 800-37 Revision 1 http://csrc.nist.gov/publications/nistpubs/800-37-rev1/sp800-37- rev1-final.pdf Managing Information Security Risk NIST Special Publication 800-39 http://csrc.nist.gov/publications/nistpubs/800-39/SP800-39-final.pdf Introduction to NISTIR 7628 Guidelines for Smart Grid Cyber Security NISTIR 7628 http://www.nist.gov/smartgrid/upload/nistir-7628_total.pdf Electric Infrastructure Protection and Substation Perimeter Security. CIP-014 https://secureusa.net/energy-sector-cip-014-compliance/ Third part (of 8) of the open international standard IEC 61131 for programmable logic controllers, IEC 61131-3 http://en.wikipedia.org/wiki/IEC_61131-3 Role Engineering and RBAC Standards Role Based Access Control (RBAC) http://csrc.nist.gov/groups/SNS/rbac/standards.html Security techniques -- Evaluation criteria for IT security -- Part 1: Introduction and general model ISO/IEC 15408-1:2009 http://www.iso.org/iso/catalogue_detail.htm?csnumber=50341 * Meissner has experience with many regulatory and best practice requirements related to Cyber Security ** Non-Exhaustive List: Requirements vary by Industry, Business Risk, and Local AHJ *** Ethernautics, Inc. – Meissner: Cyber Security Standards, Best Practices and PRADL for Water Utilities http://wp.me/p2xZpH-1g ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 20
  • 21. CYBER SECURITY ENGINEERING SECURITY-BY-DESIGN REGULATORY REQUIREMENTS AND BEST PRACTICESName: Regulation, Pub, Doc #: Website: ITIL General ITIL https://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Secu rity_Standard 10 CFR 73.54 “Cyber Security Rule https://en.wikipedia.org/wiki/ISO/IEC_27001:2013 Safe Guards (10 CFR 73.51) https://en.wikipedia.org/wiki/Health_Insurance_Portability_and_Acco untability_Act NIST Special Publication 800-53 Revision 4 http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800- 53r4.pdf Cyber Security Training and Awareness http://csrc.nist.gov/publications/nistpubs/800-37-rev1/sp800-37- rev1-final.pdf NIST And other security frameworks. http://csrc.nist.gov/publications/nistpubs/800-39/SP800-39-final.pdf * Non-Exhaustive List: Requirements vary by Industry, Business Risk, and Local AHJ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 21
  • 22. DESIGN STANDARDS • MEISSNER HAS EXPERIENCE WITH THE FOLLOWING DESIGN STANDARDS: • ANSI/TIA/EIA STANDARDS • ANSI/TIA/EIA-568-C: COMMERCIAL BUILDING TELECOMMUNICATIONS CABLING STANDARD • ANSI/TIA/EIA-569-C: TELECOMMUNICATIONS PATHWAYS AND SPACES • ANSI/TIA/EIA-606-B: CABLE LABELING STANDARDS • ANSI/TIA/EIA-607-C: GENERIC TELECOMMUNICATIONS GROUNDING (EARTHING) AND BONDING FOR CUSTOMER PREMISES • ANSI/TIA/EIA-942: TELECOMMUNICATIONS INFRASTRUCTURE STANDARD FOR DATA CENTERS • TELECOMMUNICATIONS DESIGN MANUAL (TDM) - BICSI (BUILDING INDUSTRY CONSULTING SERVICE INTERNATIONAL) • NATIONAL ELECTRIC CODE (NFPA 70) - NEC • MASTER FORMAT • DIVISION 27 • DIVISION 28 • ASHRAE GUIDELINES • STANDARD 135 – BACNET - A DATA COMMUNICATION PROTOCOL FOR BUILDING AUTOMATION AND CONTROL NETWORKS • STANDARD 189.1 – STANDARD FOR THE DESIGN OF HIGH PERFORMANCE, GREEN BUILDINGS EXCEPT LOW-RISE RESIDENTIAL BUILDINGS • LEED – USBC US GREEN BUILDING COUNCIL ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 22
  • 23. REGISTRATIONS AND CERTIFICATIONS • REGISTERED COMMUNICATIONS DISTRIBUTION DESIGNER (RCDD) • ELECTRONIC SAFETY AND SECURITY (ESS) – IN PROCESS • OUTSIDE PLANT SPECIALIST (OSP) – IN PROCESS • CERTIFIED NETWORK ASSOCIATE (CAN) – IN PROCESS • CERTIFIED INFORMATION SYSTEMS SECURITY PROFESSIONAL (CISSP) – IN PROCESS • PMP – PROJECT MANAGEMENT PROFESSIONAL – IN PROCESS • LEEDS – LEADERSHIP IN ENERGY AND ENVIRONMENTAL DESIGN – IN PROCESS©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 23
  • 24. CLIENTS ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT 24
  • 25. REFERENCE PROJECTS • MICHAEL W. MEISSNER WITH ETHERNAUTICS, INC. CONTRACTED TO CALIFORNIA WATER SERVICES GROUP (CWS) FOR CYBER SECURITY PROGRAM DEVELOPMENT, SCADA NETWORK SECURITY, VULNERABILITY MITIGATION FOR PROTECTION OF CRITICAL ASSETS IN WATER TREATMENT/DISTRIBUTION PLANTS. (2015) (CLICK HERE) • MICHAEL W. MEISSNER WITH ETHERNAUTICS, INC. CONTRACTED THROUGH AREVA, NP TO SOUTH TEXAS PROJECT (STP) FOR PROGRAM IMPLEMENTATION OF 10CF73.54 PROTECTION OF CRITICAL ASSETS IN NUCLEAR POWER PLANTS. (2012-2015) (CLICK HERE) • MICHAEL W. MEISSNER WITH ETHERNAUTICS, INC. CONTRACTED THROUGH CSC TO URENCO- USA/(LES) FOR PROGRAM IMPLEMENTATION AND PROTECTION OF CRITICAL ASSETS IN NUCLEAR ENRICHMENT FACILITIES.(2007-2012) (CLICK HERE) • MICHAEL W. MEISSNER WITH INFORMATION MECHANICS, INC. CONTRACTED BY TELECOMMUNICATION CORPORATION INC. (TCI) FOR DEVELOPMENT OF SECURE ENCRYPTED COMMUNICATIONS TO DIGITAL SET TOP BOXES (CLICK HERE) - ADDRESSABILITY SYSTEMS: US PATENT NUMBER #6070001 (CLICK HERE)Hello 25
  • 26. PATENTS AND PUBLISHED ARTICLES Expert Systems and Knowledge Engineering IBM RedBook 1988 A Business Case for an Education Network Channel Jones International University 1993 Addressability Systems US Patent #6070001 1993 Product, Packages, and Promotions Functions Telecommunications Inc. Business Function Document 1994 Triple Play Billing Telecommunications Inc. Business Function Document 1994 Designing for Performance in Credit Card Transactions Telecommunications Inc. Business Function Document 1994 The Pitfalls of Automating Inefficient Processes Information Mechanics, Inc. 1996 Data Centre Design and Consolidation Information Mechanics, Inc. 1997 Best Practices in Service Catalog NetCracker Marketing 2006 Best Practices on OSS Deployment NetCracker Marketing 2007 Best Practices in SLA’s NetCracker Marketing 2007 Defined KPI’s • MTBF – Mean Time Between Failure • MTTR – Mean Time To Repair • SCCT – Supply Chain Cycle Time • IRCT – Inventory Replenishment Cycle Time • IMOS- Inventory Months of Supply • ITO – Inventory Turnover www.kpilibrary.com 2008 Cabling Specifications Urenco Ltd – Design Document 2009 Cable Testing Specifications Urenco Ltd – Design Document 2010 PLC’s – The greatest Cyber Security Risk to the Nation’s Infrastructure DEF CON Presentation 2012 Wikipedia Articles • Electrode ionization • Addressability • Addressability Systems • Cable Converter Box • Descramble • Solutions Architect • FTTLA Wikipedia.com http://en.wikipedia.org/wiki/Electrodeionization http://en.wikipedia.org/wiki/Addressability http://en.wikipedia.org/wiki/Addressable_system s http://en.wikipedia.org/wiki/Cable_Converter_Bo x http://en.wikipedia.org/wiki/Descramble 2008-2012 ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 26
  • 27. PATENTS AND PUBLISHED ARTICLES Title Address Year Ethernautics, Inc.: Cyber Security Database Threats https://ethernautics.wordpress.com/2015/ 06/13/database-security-threats/ 2013 Glossary of Terms - Cyber Security At Nuclear Power Plants http://wp.me/p2xZpH-c 2013 Secure Encrypted communications to Digital Set Top Boxes - Addressability Systems: US Patent Number #6070001 http://wp.me/p2xZpH-V http://patents.com/us-6070001.html https://en.wikipedia.org/wiki/Addressability 1993 Ethernautics, Inc. – Meissner: Cyber Security Standards, Best Practices and PRADL for Water Utilities http://wp.me/p2xZpH-1g 2015 Cyber Security in the Automobile: Automobile/Vehicle Protocol Buses http://infrastructurecybersecurity.blogspot. com/2015/06/automobilevehicle-protocol- buses.html 2014 Communications Protocols Utilized in Plant Control Systems are a key component in the development of a Cyber Security Controls Catalog - Quora https://industrial-cyber- security.quora.com/Communications- Protocols-Utilized-in-Plant-Control- Systems-are-a-key-component-in-the- development-of-a-Cyber- Security?srid=7rIp&share=1 2014 ©1994-2016 Copyright Michael W. Meissner – Ethernautics, Inc. Author: Michael W. Meissner Last revised: 02/17/2016 4:16:59 PM PDT (UTC/GMT –7) 27