About

Mon, 01 Jan 0001 00:00:00 +0000

Seth Bromberger has spent more than thirty years working in network and systems security across government, finance, energy, and defense.

At Lawrence Livermore National Laboratory, he works on graph analytics and data science tooling for high-performance computing environments, with a continuing focus on cybersecurity for critical infrastructure.

Since 2024, Seth has been an Adjunct Professor of Computer Science at California State University, East Bay, where he teaches CS471, Security and Information Assurance.

Projects & Research

Mon, 01 Jan 0001 00:00:00 +0000

CLIPPy - A Python Interface to HPC Resources #

CLIPPy (CLI + Python) exposes precompiled HPC binaries as methods on a dynamically-created Python object, giving researchers and data scientists a familiar interactive interface — at the REPL or in a notebook — without needing to learn complex job submission systems. A detailed description is available in our IA3 2021 paper.

MetallData - HPC-Scale Interactive Data Science #

MetallData is an HPC platform for interactive data science at scale. Its centerpiece is MetallGraph, a persistent distributed graph data structure designed to handle tens of billions of nodes on HPC systems.

Publications, Presentations & Citations

Mon, 01 Jan 0001 00:00:00 +0000

Publications & Presentations #

An Evaluation of Transliterated Arabic Name Matching Methods
Co-author. Accepted, 91st Military Operations Research Society (MORS) Symposium, "Analytics as a Force Multiplier", 12 June 2023
Towards Scalable Data Processing in Python with CLIPPy
Co-author. 2021 IEEE/ACM 11th Workshop on Irregular Applications: Architectures and Algorithms (IA3), 15 November 2021
Improving Estimation of Betweenness Centrality for Scale-Free Graphs
Co-author, 17 November 2017
Simulation of a RTU cyber attack on a transformer bank
Co-author. 2017 IEEE Power & Energy Society General Meeting, 16-20 July 2017
LightGraphs: Our Network, Our Story
JuliaCon 2017, 20 June 2017
Cybersecurity and the Supply Chain: A Case Study
California Network for Manufacturing Innovation Cybersecurity Summit, 27 October 2016
An Introduction to the Cybersecurity Capability Maturity Model (C2M2)
NORCAL AMSC Cybersecurity Forum, 17 August 2016
Industrial Control Systems Security
California Cyber Security Symposium, 30 September 2015
Cyber Risk Isn’t Always in the Computer
Wall Street Journal, 24 September 2015
RSA Conference 2015 Wrap Up: Exclusive Q&A with Seth Bromberger of NCI Security
Lancope Blog, 29 April 2015
“Lies, Damned Lies, and Statistics”: Improving the Effectiveness of Indicators of Compromise
Industrial Control Cyber Security USA conference (co-chairman) / Cyber Senate, 7 October 2014
Incident Response, Management and Recovery Roundtable
Industrial Control Cyber Security USA conference (co-chairman) / Cyber Senate, 6 October 2014
Interview: Home Depot Security Breach
KRON4 News, 18 September 2014
“It won't happen to me”: Denial in the Age of Indiscriminate Attacks
Wine Industry Technology Symposium, 30 June 2014
Hackers Breach Security at EBay
KRON4 News, 21 May 2014
Defining Criticality in a Networked World: Implications of the Use of Information and Communications Technology for Efforts to Promote the Security and Resilience of Critical Infrastructure
Co-author, 17 January 2014
Graph Theoretic Approaches to Incident Response in Smart Grids
Digital Bond S4x14, 16 January 2014
Measuring Progress in Cybersecurity Efforts
CyberSecurity for Energy and Utilities Abu Dhabi (chairman), 8 October 2013
Threat Update for the Oil and Gas Sector
CyberSecurity for Energy and Utilities Abu Dhabi (chairman), 7 October 2013
Network Security Management for Transmission Systems
Electric Power Research Institute, 15 January 2013
ICSA-12-348-01: Siemens ProcessSuite and Invensys Wonderware InTouch Poorly Encrypted Password File
ICS-CERT, 13 December 2012
Cybersecurity: Getting Ahead of the Wave
San Francisco Bar Assoc., 5 November 2012
Architecture Roundtable
GridSec 2012, 24 October 2012
Assessing the Maturity of Your VM and Compliance Programs
nCircle Connect, 23 October 2012
The Electricity Subsector Cybersecurity Capability Maturity Model
GridSec 2012, 22 October 2012
New FERC Cybersecurity Office Has Lofty Oversight and Outreach Goals
Threatpost, 25 September 2012
Quantitative Threat Methodology
Cybersecurity For Energy and Utilities Qatar, 18 September 2012
Java 1.7 zero-day exploit unlikely to impact most Mac users
TUAW, 28 August 2012
Towards a Quantitative Threat Methodology
GFIRST 2012 conference, 22 August 2012
SMS sender spoofing possible on iOS: what you need to know
TUAW, 17 August 2012
Information Sharing Is The Only Way To Defeat The Cyber Onslaught
Oil and Gas IQ Interview, 27 July 2012
Advanced Threat Video Series
Dell SecureWorks, 27 July 2012
Utilities urged to increase vigilance over meter firmware, upgrades
Smart Grid Today, 8 June 2012
The Electricity Subsector Cybersecurity Capability Maturity Model
Contributor, 31 May 2012
Real World Security: Maximizing the Value of Your Security Investments
Webinar, 30 May 2012
Architecture of Secure Systems [for the Smart Grid]
ConnectivityWeek 2012, 24 May 2012
AMI Networks: PKI Security Considerations
TechTarget Publications, 2 April 2012
PKI Security Considerations For AMI Networks
NESCO Webinar, 29 March 2012
Security Logging in the Utility Sector: Roadmap to Improved Maturity
Published Paper, 12 March 2012
“;Me and My Job”; Profile in SC Magazine
SC Magazine, 1 March 2012
PKI Implications for AMI security
RSA 2012 / IOActive IOAsis, 28 February 2012
PKI Security Considerations for AMI, Smart Grid, and ICS Networks
Published Paper, 12 January 2012
Supply Chain of Cryptographic Key Material
EyeForEnergy Conference, 27 September 2011
Bridging the Gap Between Operations and Information Technology
EyeForEnergy Conference, 27 September 2011
SSL Certificate Scandal Exposes Bug in Mac OS X
PC Magazine, 1 September 2011
How to get rid of DigiNotar digital certificates from OS X
TUAW, 1 September 2011
Mac OS X Can't Properly Revoke Dodgy Digital Certificates
IDG News, 31 August 2011
Smart Grid Cyber Security, Myths & Opportunities
ConnectivityWeek 2011, 26 May 2011
Smart Grid Security East 2011: Interviews
Youtube Video, 13 May 2011
DNS as a Covert Channel Within Protected Networks
Published Paper, 25 January 2011
An Overview of AMI and Associated Deployment Challenges
CMU, 15 November 2010
Data Protection: EnergySec's plan for critical infrastructure
CSO Magazine, 16 June 2010
What if the smart grid has stupid security?
CSO Magazine, 11 May 2010
RSA 2010: Hacking the Smart Grid -- Myths, Nightmares & Professionalism
CMU CyLab, 3 March 2010
Critical Condition: Utility Infrastructure
SC Magazine, 1 February 2010
Hunkering Down To Specify Smart Grid Security Standards
RenewGrid, 15 October 2009
Securing our Critical Infrastructure
Cyber Security West Conference, 14 October 2009
Sharing Threat Data Is Key To Securing The Power Grid
GCN, 24 September 2009
Electric Industry Creates Alternative Channel For Sharing Data On Infrastructure Security
Washington Technology, 11 August 2009
Powering Up - Prioritizing Security Threats
Baseline Magazine, 27 May 2009
The Energy Sector Needs Information Sharing, Too , 8 May 2009
With Economic Slump, Concerns Rise Over Data Theft
IDG News, 29 January 2009
What Works in Security Control Systems
SANS SCADA Security Summit, 9 January 2009
The SCADA Honeynet Experience at INL
Published Paper, 12 November 2008
Computer Threat for Industrial Systems Now More Serious
IDG News, 10 September 2008
Software Watchdog Working On Enterprise Security Metrics
IDG News, 9 August 2008
How to Prioritize Threats (Without Spending Big Bucks)
CSO Magazine, 17 April 2008
Researcher Puts Quantitative Measurement on Information Security Threats
Information Security Magazine, 15 March 2008
Mitigations for the Aurora Vulnerability
SANS SCADA Security Summit, 15 January 2008

Press Releases #

nCircle Expands Vulnerability Scanning For SCADA Devices
nCircle, 23 June 2012
DOE Selects EnergySec To Create The National Electric Cybersecurity Organization
EnergySec, 14 October 2010
Large Utility Implements Metrics Based Security Risk Management System with nCircle™
nCircle, 2010
Energy Sector Security Consortium Announces Founders' Circle Partnerships
EnergySec, 23 September 2009
Industry Group Expands Energy Security Initiatives
EnergySec, 3 February 2009
The Total Economic Impact™ Of SecureWorks’ Managed Security Services
Forrester Research, 15 March 2008