ethernautics

IT Solutions Architects and Cyber Security Engineering

Ethernautics, Inc. – Michael W. Meissner: Cyber Security Architecture and Engineering

Ethernautics Logo

Michael W Meissner – Cyber Security Infrastructure Architect and Engineer.

Mike Meissner

Michael W Meissner – Cyber Security Infrastructure Architect – Engineer

Mr. Meissner is a highly motivate Cyber Security Program Manager and Cyber Security Engineer and has over thirty years of experience as a managing programs and projects.

Meissner has executed end to end program management and project management of large and/or multiple large projects. Mr. Meissner has managed projects from a few individuals to teams of over 100 individuals and vendors.

Mr. Meissner designs and implements all facets of cyber security projects, programmatic and technical detail management to ensure deliverables are met within schedule, budget, and quality goals.

Mr. Meissner has many years of experience working in a complex, multi tasking type environments.

Meissner has successfully managed Cyber Security and Information Security projects across multiple domains IT and Non-IT from software/systems to Critical Infrastructure construction efforts.

Meissner has executed projects thru their complete lifecycles.

  • Cyber Security Project/Program Management implementing Cyber Security Programs in Critical National Infrastructure Projects
  • Systems Architect/Cyber Security Digital Systems Engineer implementing 10CFR73.54 NIST – Cyber Security Framework for Critical Infrastructure (Nuclear Power Stations, Water Stations, Telecommunications).
  • Cyber Security Engineering providing Cyber Security Design and build of network and application security and authorization for plant control and reporting systems.
  • Cyber Security Engineering – Critical Digital Asset Assessments, Vulnerability Threat Mitigation, Design and Deploy IT and Plant Control Infrastructure (ICS) thru the modification process to support Cyber Security in an Industrial Environments.
  • Cyber Security Vulnerability Assessment and Mitigation,
  • Asset Management throughout the System Lifecycle

 

  • For the following systems:
    • Voice (CUCM)
    • Data – Clanssified and Unclassified
    • Network Infrastructure
    • Public Address
    • Mobile Telecom, Radio (DAS)
    • Electronic Safety and Security (ESS)
      • Fire
      • Electronic Security and Surveillance
      • Infrastructure Security
    • Plant Control System (PCS)
      • Industrial Control Systems (ICS)
      • Distributed Control Systems (DCS)
      • Supevisory Control and Data Aquitision Systems (SCADA)
    • Building Automation Systems (BAS)

Cyber Security Governance and Risk Management

    • Program Management and Project Management
      • Implementation of Cyber Security Program
      • Program Management
      • Project Management
      • Risk Assessment
      • Asset Management
      • Resource Management
      • Incident Management
      • Vendor Management
    • Cyber Security Regulatory Compliance and Best Practices
      • Implementation of NIST – Cyber Security Framework for Critical Infrastructure.
      • Implementing 10CFR73.54 – The Cyber Security Rule
    • Policies and Procedures development
    • General Cyber Security Program and Policy
      • Control of Portable Media
      • Control of Portable Processing Devices
      • Digital Asset Determination
      • Engineering and Design
      • Operations
      • Procure and Supply Chain
    • Configuration Management
    • Disaster Recovery

Cyber Security Engineering

    • Business and Regulatory Requirements
    • Critical Digital Asset Determination
    • Risk Assessment
    • Vulnerability Assessment
    • Identification of attack vulnerabilities (OWASP) and (ISO/IEC 15408-1:2009)
    • Vulnerability Assessments – Penetration Testing, and Systems Monitoring.
    • Cyber Security Controls Catalog
    • Remediation and Mitigation

Design

    • Network Security Design (LAN/WAN)
    • Application Security Design
    • Data Security
    • Physical Security Systems
    • Secure Wireless
      • Radio Encryption
      • Data
      • Voice (Push-to-Talk)
    • Security Operation Centers (SOC), Network Operation Centers (NOC), Data Centers, Telecom Equipment Rooms,
    • Engineering Drawings
    • Identity Access Management and Authorization
    • Plant Control Systems (PCS, ICS) and SCADA Systems in Nuclear Power Plants, Chemical Processing and Water Treatment/Distribution Critical Infrastructure
    • Design overall Defense-In-Depth Architecture for plant systems (NIST Cyber Security Framework and ISO/IEC 27001 compliance COBIT, COSO).
    • Build – Implementation
  • Supporting Infrastructures (Telcom, Power, HVAC, Data Center, Closets, DAS, Distribution Systems)
  • Outside Plant (OSP)
  • Secure Structured Cabling

Build – Implementation

    • Network Security Deployment of network and application security and authorization for plant control and reporting systems.
    • Firewalls
    • Data Diodes
    • DMZ’s
    • Encryption
    • IAM
    • SIEMS
    • IDS/IPS

Operations

    • Security Operation Center (SOC, Alarm Stations)
    • Cyber Security Monitoring
    • Network Security Monitoring
    • Deployment of network and application security and authorization for plant control and reporting systems.

IT cybersecurity detection and prevention tools – Right tools for the job:

    • Network Monitoring – SolarWinds
    • Vulnerability Scanners – Retina
    • SIEM – Splunk, QRadar
    • IDS / IPS – Sourcefire, Cisco IPS 4200, IntruShield
    • Password Management – Thycotic
    • Defense in Depth Architecture and Advanced Persistent Threats (APTs)
    • Incident Management and Forensics
    • Safe Guards (10 CFR 73.51)
    • Cyber Security Training and Awareness

Reference Projects:

Michael W. Meissner with Ethernautics, Inc. contracted through EdgeRock to California Water Services Group (CWS) for Cyber Security Program Development, SCADA Network Security, Vulnerability Mitigation for protection of Critical Assets in Water Treatment/Distribution Plants. (2015) (Click Here)

Michael W. Meissner with Ethernautics, Inc. contracted through Areva, NP to South Texas Project (STP) for program implementation of 10CF73.54 Protection of Critical Assets in Nuclear Power Plants. (2012-2015) (Click Here)

Michael W. Meissner with Ethernautics, Inc. contracted through CSC to Urenco-USA/(LES) for program implementation and protection of Critical Assets in Nuclear Enrichment Facilities.(2007-2012) (Click Here)

Michael W. Meissner with Information Mechanics, Inc. contracted by Telecommunication Corporation Inc. (TCI) for development of Secure Encrypted communications to Digital Set Top Boxes (Click Here) – Addressability Systems: US Patent Number #6070001 (Click Here)


Published Work:

Ethernautics, Inc. – Michael W Meissner: Cyber Security Database Threats ( Click Here)
Glossary of Terms – Cyber Security At Nuclear Power Plants ( Click Here )
Secure Encrypted communications to Digital Set Top Boxes (Click Here) – Addressability Systems: US Patent Number #6070001 (Click Here )
Ethernautics, Inc. – Meissner: Cyber Security Standards, Best Practices and PRADL for Water Utilities ( Click Here )
Cyber Security in the Automobile: Automobile/Vehicle Protocol Buses ( Click Here )

Communications Protocols Utilized in Plant Control Systems are a key component in the development of a Cyber Security Controls Catalog – Quora ( Click Here)

%d bloggers like this: