Featured Presentation

Guest Speaker: Steve Johnson, CISSP, MSc in Cybersecurity from University of Essex, CVP
Professional Associate, Sr. Control Systems Cybersecurity Specialist

Websites: HDR, Steve's LinkedIn

Topic: Cybersecurity for Operational Technology vs. Traditional IT. Special Challenges, Different Goals/Objectives, Exciting Career Track Opportunities.

Nearly all training and education for cybersecurity is based on the Information Technology (IT) area of practice. However, a significant amount of non-IT expertise is needed for the protection of critical national infrastructure and other key areas important to our continuity of productivity and quality of life. The systems that operate, automate, and control our productivity and safety fall into an area of practice called Operational Technology (OT).

The basic principles of cybersecurity are the same for both IT & OT. However, the approach, priorities, and advanced training can be very different. This session will focus on a few of the primary differences, including the application of the C-I-A model, and a look at why the priorities are different. We will discuss a sampling of the systems to be protected by OT Cybersecurity and the impacts of a breach in those sectors, including transportation, water treatment, gas/oil pipeline, power grid, and more.

Attend this session to learn about:

• Key differences between IT & OT cybersecurity best practices
• The reason OT Cybersecurity prioritizes C-I-A differently
• Why key practices like security patching and pen-testing are seldom applied to production systems
• Ways that an OT cyberattack can have life-safety impacts or cripple American productivity
• Emerging opportunities for career advancement via the critical workforce shortage of OT Cyber experience
• Examples of OT systems including: Reversible express lanes, Movable bridges, Automated water treatment systems, Medical devices, Industrial controls and manufacturing, Building automation/smart buildings

Bio: Steve Johnson, MSc in Cybersecurity from University of Essex, CISSP, CVP- began his career in the U.S. Army as a COMSEC specialist where he served for 11 years, including the periods covering the Grenada actions and the first Gulf Ware. Following military service, Steve managed telecom projects for large private industry and government clients including DOD, FBI, Department of State, and Veterans Health Administration. In 200, he made the transition to Intelligent Transportation Systems (ITS), designing and deploying large-scale, secure networks for traffic management across many states. 

In 2014, Steve was selected as the program manager for a USDOT Research project. In this role, he served as the Principal Investigator, Privacy and Cybersecurity Officer, and had oversight of the program which designed, deployed, tested and operated a connected vehicle project. Since 2021, he has been a global cyber SME for the transportation sector, including surface roadway, aviation, port operations, rail freight and public rail transit, and consults for multiple State and Federal agencies on cybersecurity for emerging technologies.

Agenda

• 6:00 – 6:05 PM: Announcement from our Sponsor 

• 6:06 – 7:30 PM: Cybersecurity for Operational Technology vs. Traditional IT. Special Challenges, Different Goals/Objectives, Exciting Career Track Opportunities - Presented by (Guest Speaker - Steve Johnson, MSc in Cybersecurity, CISSP, CVP)

• 7:30 – 8:00 PM: Chapter Meeting Updates - Presented by (Chapter President - Gail Murray, CISSP)

**Participation in this session qualifies for up to 2 Continuing Professional Education (CPE) credits for active ISC2 credential holders who are members of the ISC2 AJ Chapter. Members are eligible to access exclusive content on our website.**

Venue sponsored by: Amentum 

Options