Click here for more detail on specific speaking engagements and working group participation.

Papers, Presentations, and Speaking Engagements
Network Security Management for Transmission Systems (Coauthor) Electric Power Research Institute 2013-01-15
Cybersecurity: Getting Ahead of the Wave San Francisco Bar Assoc. 2012-11-05
Architecture Roundtable GridSec 2012 2012-10-24
Assessing the Maturity of Your VM and Compliance Programs nCircle Connect 2012-10-23
The Electricity Subsector Cybersecurity Capability Maturity Model GridSec 2012 2012-10-22
Quantitative Threat Methodology Cybersecurity For Energy and Utilities Qatar 2012-09-18
Towards a Quantitative Threat Methodology GFIRST 2012 conference 2012-08-22
Information Sharing Is The Only Way To Defeat The Cyber Onslaught
(iTunes link)		 Oil and Gas IQ Interview 2012-07-27
The Electricity Subsector Cybersecurity Capabilities Maturity Model Contributor 2012-05-31
Real World Security: Maximizing the Value of Your Security Investments Webinar 2012-05-30
Architecture of Secure Systems [for the Smart Grid] ConnectivityWeek 2012 2012-05-24
AMI Networks: PKI Security Considerations TechTarget Publications 2012-04-02
PKI Security Considerations For AMI Networks NESCO Webinar 2012-03-29
Security Logging in the Utility Sector: Roadmap to Improved Maturity Published Paper 2012-03-12
PKI Implications for AMI security RSA 2012 / IOActive IOAsis 2012-02-28
PKI Security Considerations for AMI, Smart Grid, and ICS Networks Published Paper 2012-01-12
Supply Chain of Cryptographic Key Material EyeForEnergy Conference 2011-09-27
Bridging the Gap Between Operational and Information Technology EyeForEnergy Conference 2011-09-27
Smart Grid Cyber Security, Myths & Opportunities ConnectivityWeek 2011 2011-05-26
DNS as a Covert Channel Within Protected Networks Published Paper 2011-01-25
An Overview of AMI and Associated Deployment Challenges CMU 2010-11-15
Hacking The Smart Grid (panel) RSA Conference 2010-03-11
Securing our Critical Infrastructure Cyber Security West Conference 2009-10-14
What Works in Security Control Systems SANS SCADA Security Summit 2009-01-09
The SCADA Honeynet Experience at INL Published Paper 2008-11-12
Mitigations for the Aurora Vulnerability SANS SCADA Security Summit 2008-01-15
Expert Citations
ICSA-12-348-01: Siemens ProcessSuite and Invensys Wonderware InTouch Poorly Encrypted Password File ICS-CERT 2012-12-13
New FERC Cybersecurity Office Has Lofty Oversight and Outreach Goals Threatpost 2012-09-25
Java 1.7 zero-day exploit unlikely to impact most Mac users TUAW 2012-08-28
SMS sender spoofing possible on iOS: what you need to know TUAW 2012-08-17
Advanced Threat Video Series Dell SecureWorks 2012-07-27
Utilities urged to increase vigilance over meter firmware, upgrades Smart Grid Today 2012-06-08
“Me and My Job” Profile in SC Magazine SC Magazine 2012-03-01
SSL Certificate Scandal Exposes Bug in Mac OS X PC Magazine 2011-09-01
How to get rid of DigiNotar digital certificates from OS X TUAW 2011-09-01
Mac OS X Can't Properly Revoke Dodgy Digital Certificates IDG News 2011-08-31
Smart Grid Security East 2011: Interviews Note: Video 2011-05-13
Data Protection: EnergySec's plan for critical infrastructure CSO Magazine 2010-06-16
What if the smart grid has stupid security? CSO Magazine 2010-05-11
RSA 2010: Hacking the Smart Grid -- Myths, Nightmares & Professionalism CMU CyLab 2010-03-03
Critical condition: Utility infrastructure SC Magazine 2010-02-01
Hunkering Down To Specify Smart Grid Security Standards RenewGrid 2009-10-15
Sharing threat data is key to securing the power grid GCN 2009-09-24
Electric industry creates alternative channel for sharing data on infrastructure security Washington Technology 2009-08-11
Powering Up - Prioritizing Security Threats Baseline Magazine 2009-05-27
The energy sector needs information sharing, too SC Magazine 2009-05-08
With Economic Slump, Concerns Rise Over Data Theft IDG News 2009-01-29
Computer Threat for Industrial Systems Now More Serious IDG News 2008-09-10
Software watchdog working on enterprise security metrics IDG News 2008-08-09
How to Prioritize Threats (Without Spending Big Bucks) CSO Magazine 2008-04-17
Researcher Puts Quantitative Measurement on Information Security Threats Information Security Magazine 2008-03-15
Press Releases
nCircle Announces Coverage for Six SCADA Suppliers in Suite360™ nCircle 2012-06-18
EnergySec Selected by DOE to Create the NESCO EnergySec 2010-10-28
Large Utility Implements Metrics Based Security Risk Management System with nCircle™ nCircle 2010
Energy Sector Security Consortium Announces Founders' Circle Partnerships EnergySec 2009-09-23
Industry Group Expands Energy Security Initiatives EnergySec 2009-02-03
The Total Economic Impact™ Of SecureWorks’ Managed Security Services Forrester Research 2008-03-15