Plenary Session 3 - What’s in a Name: Critical Infrastructure Protection… or Resilience?
The field of Critical Infrastructure began with a focus on protection, and in the past decade has pivoted toward a focus on resilience. Which is it? Does it matter? This panel will provide perspectives from Critical Infrastructure owner-operators and their allies, and what they are focusing on in an era of marked unpredictability.
Gregory A. Garrett
Vice President, Cybersecurity, Peraton
Gregory Garrett serves as Vice President, Cybersecurity for Peraton. He leads the Peraton Cybersecurity Leadership Team supporting 3,000 information technology (IT) and cybersecurity team members company-wide, with a portfolio of more than $3 Billion in active cyber programs supporting the U.S. Public Sector. He also leads the Peraton Cybersecurity Community of Practice (CoP) to advance cybersecurity education, training, and communications with Peraton employees and partners nationwide and internationally.
He has 30+ years of experience successfully managing the P&L of over $40 Billion in Information Technology, satellite communications, telecommunications, and cybersecurity programs worldwide. Mr. Garrett advises Peraton customers on cyber governance, risk and compliance frameworks, as well as cyber threat assessment tools and cyber incident response plans. Through a suite of IT and cyber products, services, and integrated solutions he helps clients identify their biggest IT and cyber pain points and develop technology and business roadmaps to enhance business operations and digital security.
Mr. Garrett has held several senior executive positions in information technology and cybersecurity, including: Head of U.S. & International Cybersecurity for BDO, President & General Manager, Information Technology, UIC Corporation, Partner & Head of Cybersecurity for Blue Canopy LLP, Chief Information Officer & CISO Lucent Technologies Government Solutions. He is a highly decorated former USAF Military Officer with over 20 years of distinguished service including leadership positions at Space Systems Division, Aeronautical Systems Division, Air Force Institute of Technology, and HQ USAF the Pentagon. During this time, he honed his focus on all aspects of information technology, telecommunications, cybersecurity, systems engineering, satellite communications, program management, and government contracting spaces.
Mr. Garrett has experience working around the world with clients that range from Fortune 500 companies to U.S. federal government agencies. He is a best-selling author of 24 business books, including: “Cybersecurity in the Digital Age”, “Winning U.S. Government Contracts”, World Class Contracting:7th Edition”, “Managing Complex Outsourced Projects” and 150 articles. Mr. Garrett earned a B.S. Chemistry and Engineering Physics from Miami University, a M.S. Systems Engineering & Systems Management from The University of Southern California (USC), a Graduate Certification in IT Project Management and Government Contracts from The George Washington University, and completed an executive education program in Advanced Program Management from Stanford University.
Managing Director, Enterprise Security, Duke Energy
Mark Aysta is managing director of enterprise security for Duke Energy. He leads a team responsible for maintaining the safety and security of Duke Energy’s employees and assets. In addition to traditional physical security, Aysta is responsible for the digital forensics, insider threat and intelligence programs. Prior to joining Duke Energy in 2018, Aysta spent 22 years as a special agent with the FBI where he investigated violations of federal law and conducted national security investigations with an emphasis on undercover and sensitive operations. He’s also traveled extensively around the world to instruct law enforcement and intelligence services professionals on the topics of insider threats and the use of covert techniques.
Executive Director, CISA
Brandon Wales is CISA's first Executive Director, serving as the senior career executive helping oversee execution of CISA operations. He is responsible for leading long-term strategy development, managing CISA-wide policy initiatives and ensuring effective operational collaboration across the Agency.
From November 2020 to July 2021, he was designated as the Acting Director of CISA. In this capacity, Wales oversaw CISA’s efforts to defend civilian networks, manage systemic risk to national critical functions, and work with stakeholders to raise the security baseline of the Nation’s cyber and physical infrastructure.
Prior to serving as Executive Director, Wales directly supported the Secretary of Homeland Security from August 2017 to December 2019 and he has served DHS since 2005.
Wales' contributions have been recognized with an Exceptional Performance Award from the Director of National Intelligence, a DHS Secretary’s Award for Excellence, and two DHS Distinguished Service Medals.
Director for Cyber Integration, Center for Securing the Homeland, The MITRE Corporation
Ms. Emily Frye is Director for Cyber Integration at the Homeland Security Center. The Cyber Integration group identifies cyber needs and demands across the civilian sponsor arena and serves as the connective tissue between MITRE offerings and sponsor priorities. This organization is also responsible for driving corporate efforts to press forward in developing leading-edge solutions to address emerging cybersecurity challenges that our sponsors face.
Prior to this, Ms. Frye was the Director of National Protection and Resilience within the HSSEDI FFRDC. Ms. Frye has practiced law, moved a startup through three rounds of venture funding, served as the Director of Research for a think tank, and consulted extensively across technical and policy is-sues in both the public and private sectors. Her particular expertise brings together technical, legal, and business perspectives to inform homeland security risk and resilience management, cybersecurity policy and critical infrastructure protection. With twenty years of experience in creating novel solutions to the problems associated with emerging technology and security risk, she is seasoned in guiding divergent communities toward uniquely effective solutions. Her relationships with stakeholders across industry and government bring cross-sectoral depth to the design and execution of programs, exercises, analyses, and related events.
Since joining MITRE, she has helped define and explore options for the future of comprehensive nationwide cybersecurity approaches across both public and private sectors, bridge the divide between federal and state government on cybersecurity initiatives, and strengthen public-private partnerships in support of Critical Infrastructure security and resilience. Her work has focused on the financial services, information technology, electricity, and telecommunications sectors. She has served on both the Long-Range Planning Committee for the Section of Science and Technology of the American Bar Association, and as advisor to the Diversity Committee of the American Bar Association. Ms. Frye is an accomplished speaker and moderator, and is published on issues relating to critical infrastructure, national resilience, digital technology, national security, privacy, economic impacts of cybersecurity, and the role of insurance in Critical Infrastructure Protection.
Partner, DLA Piper
Justine focuses her practice on both proactive and reactive cybersecurity and data privacy services, representing clients in matters related to information governance, diligence in acquisitions and investments, incident preparedness and response, the California Consumer Privacy Act and cyber litigation.
She provides actionable and practical guidance to help businesses manage data, technology, cyber threats, privacy, security and digital assets. As businesses navigate complex and far-reaching laws and regulations, Justine proactively creates compliance programs customized to client needs and budgets, including data mapping, vendor management, privacy and security by design, cyber risk management and mitigation, eWorkforce policies, data retention and destruction policies and implementation, consumer request workflows, cyber-awareness policies and trainings, and CCPA/CPRA readiness audits. She also provides reactive cyber services, including incident response, crisis management, privileged forensic investigations into business email compromises, data breaches and ransomware attacks, compliance with notice obligations to individuals and regulators, regulatory inquiries and investigations, and cyber litigation. Justine also handles employment litigation and counseling, as well as commercial litigation.