Monday, October 7 and Tuesday, October 8, 2024 2 Broadway, New York, NY 10004
About
Collaborate
Knowledge Sharing
Standards
This two-day event is where cybersecurity industry leaders and experts from the transportation sector come together to share insights, knowledge, and experiences. Our participants include the following:
Critical Infrastructure Partners
Public Transportation Entities
US Regulating Entities
Law Enforcement
Policy Makers
This year’s theme is to discuss Cybersecurity stewardships and tackling pressing and complex Cybersecurity rail infrastructure challenges. Discussions will focus on:
Partnerships at the C-Suite Level: Hear insights of how CEO, CIO and Board of Directors work together to secure and protect their organization.
Smart Investments: Discuss the cybersecurity strategic investments that focus on reducing risks and safeguarding revenues.
Driver for Action: Empower effective OT cybersecurity initiatives through actionable policies.
AI Threats & Defenses: Explore how AI is reshaping the threat landscape and how it can be harnessed to fortify defenses.
Case Studies: Share what’s working and what’s challenging in current OT cybersecurity strategies.
Tip: To choose another route in any transportation mode, click the corresponding icon. Each route shows the estimated travel time on the map.
Eric Goldstein
Executive Assistant Director
for the Cybersecurity and Infrastructure Security Agency
Eric Goldstein serves as the Executive Assistant Director for Cybersecurity for the
Cybersecurity and Infrastructure Security Agency (CISA) as of February 19, 2021. In
this role, Goldstein leads CISA’s mission to protect and strengthen federal
civilian agencies and the nation’s critical infrastructure against cyber
threats.
Previously, Goldstein was the Head of Cybersecurity Policy, Strategy, and Regulation
at Goldman Sachs, where he led a global team to improve and mature the firm’s
cybersecurity risk management program. He served at CISA’s precursor agency,
the National Protection and Programs Directorate, from 2013 to 2017 in various roles
including Policy Advisor for Federal Network Resilience, Branch Chief for
Cybersecurity Partnerships and Engagement, Senior Advisor to the Assistant Secretary
for Cybersecurity, and Senior Counselor to the Under Secretary.
At other points in his career, Goldstein practiced cybersecurity law at an
international law firm, led cybersecurity research and analysis projects at a
federally-funded research and development center, and served as a Fellow in Advanced
Cyber Studies at the Center for Strategic and International Studies, among other
roles.
He is a graduate of the University of Illinois at Urbana-Champaign, the Georgetown
University School of Public Policy, and Georgetown University Law Center.
David P. Pekoske
Administrator of the
Transportation Security Administration (TSA)
David Pekoske was first confirmed by the U.S. Senate as the Transportation Security
Administration’s seventh administrator in August 2017 and was reconfirmed for
a second term in September 2022. Pekoske leads a workforce of over 60,000 employees
and is responsible for security operations at nearly 440 airports throughout the
United States. TSA is also the lead federal agency for security of highways,
railroads, mass transit systems and pipelines. Under his leadership, TSA
improved transportation security through close partnerships and alliances, a culture
of innovation, and the development of a dedicated workforce.
During his tenure as TSA Administrator, Pekoske also served at the Department of
Homeland Security as Acting Secretary from January 20 to February 2, 2021, and as
the Senior Official Performing the Duties of Deputy Secretary from April to November
2019, and again from February to June 2021. At the Department, Pekoske helped
lead a unified national effort to ensure the continued security of the United
States, coordinating components with missions ranging from prevention and protection
to recovery and response. He was also a commissioner on the Cyberspace
Solarium Commission that developed a consensus on a strategic approach to defending
the United States in cyberspace against attacks of significant consequence.
Before joining TSA, Pekoske was an executive in the government services industry,
where he led teams that provided counterterrorism, security and intelligence support
services to government agencies. Pekoske served as the 26th Vice Commandant of
the U.S. Coast Guard, culminating a Coast Guard career that included extensive
operational and command experience. As the Vice Commandant, Pekoske was second
in command, also serving as Chief Operating Officer and Component Acquisition
Executive of the Coast Guard. He is a recognized expert in crisis management,
strategic planning, innovation, and aviation, surface transportation and maritime
security. In addition, he has been twice awarded the Homeland Security
Distinguished Service Medal.
Pekoske holds a Master of Business Administration from the Massachusetts Institute of
Technology, a Master of Public Administration from Columbia University and a
Bachelor of Science from the U.S. Coast Guard Academy.
Rafail Portnoy became the MTA’s Chief Technology Officer in
January 2020. He is leading the transformation of the Information Technology
Department, including major initiatives that will further consolidate, modernize,
and standardize the MTA’s technology environment, systems and applications
while enhancing cybersecurity posture. His goal is to continue building a robust,
agile, and customer-focused IT department essential for supporting efficient service
delivery and transformation throughout the MTA.
Portnoy is currently a member of the teaching faculty at NYU Tandon School of
Computer Sciences and Engineering. He holds a Master of Science degree in
Information Systems Engineering from Brooklyn Polytechnic (now NYU) and a Bachelor
of Business Administration degree in Management Information Systems from Pace
University. He resides in Rockland County, New York, with his wife and two
children.
Tariq Habib
Chief Information Security
Officer, Metropolitan Transportation Authority (MTA)
Mr. Habib is the Chief Cybersecurity Officer at New York Metropolitan Transportation Authority (MTA) where he is responsible for all aspects of MTA’s Cybersecurity Strategy and Operations. He is an experienced Executive in Operational Technologies and Intelligent Transportation Systems programs as well as Security strategy and operations. With many years of Information Security experience, he is promoting an evolution of the behavioral and cultural transformation to manage cybersecurity risks within an organization. He has a strong understanding of threat landscape, public policy and critical infrastructure systems security.
Carolyn Hayward-Williams
Director, Office of Railroad
Systems and Technology Federal Railroad Administration (FRA)
Carolyn is the Director of the Office of Railroad Systems and Technology in
FRA’s Office of Safety. She was responsible for ensuring the railroad
industry met the 2020 Positive Train Control deadline. Along with continued
oversight and audit of railroad’s PTC systems, she is also leads FRA’s
oversight of operating practices, passenger rail and new technology approvals.
Joseph P. DeLorenzo
Associate Administrator for
Transit Safety and Oversight and Chief Safety Officer
Joseph "Joe" DeLorenzo is FTA’s Associate Administrator for Transit Safety and
Oversight and Chief Safety Officer. The FTA Office of Transit Safety and Oversight
administers a national transit safety program and monitors program compliance to
ensure safe, reliable, and equitable transit service in accordance with FTA policy
and regulatory requirements. The office implements and oversees safety standards for
all modes of public transit in the United States.
Immediately prior to joining the FTA, Mr. DeLorenzo served as the Acting Associate
Administrator for Enforcement for the Federal Motor Carrier Safety Administration
(FMCSA) and the Agency’s Director of the Office of Enforcement and Compliance where
he was responsible for policy and program development for the Agency’s enforcement
and compliance program.
Mr. DeLorenzo comes to the FTA with more than 30 years of experience in the
transportation industry. Mr. DeLorenzo’s career includes over 15 years in field
experience and, also extends to managing training and education related to
Commercial Motor Vehicle Safety and Security as Director of FMCSA’s National
Training Center. In that role he was responsible for a wide range of Commercial
Vehicle Safety training for Federal, State and local law enforcement agencies in the
areas of Commercial Motor Vehicle and Hazardous Materials Safety and Security,
Criminal Interdiction and professional development.
He holds a B.S. in Criminal Justice and Sociology, and a Master’s in Public Policy
and Management.
Dr. Riza Aditya
Cyber Security Authority,
Thales
Riza Aditya has more than 20 years of Cyber Security experience in various roles and
domains. In the role of Cyber Security Authority, he ensures Cyber Security is
adequately considered in solution, balancing the needs from Customer and internal
stakeholders. He contributed to definition and validation of Cyber Security in
various domains, including: Rail Signaling, Air Traffic Management, Electricity
Transmission and Distribution, and Banking and Finance. He has a Ph.D for research
in cryptographic protocol.
Aaron Amorim
Cyber/IT Architect, Thales
Aaron Amorim is an experience Cybersecurity and IT Solution Architect with nearly 20
years of experience in the railway industry. His experience covers not just
security and IT but also embedded software development as well as diagnostics and
maintenance. This unique combination of skill gives him background to provide
end-to-end solutions that ensures not just compliance, but also value across the
security, operations, and maintenance spheres.
Janno Lieber
Administrator of the
Transportation Security Administration
John (“Janno”) Lieber was confirmed as Chair and CEO of the Metropolitan
Transportation Authority (MTA) in January 2022, following his nomination to that
position by Gov. Kathy Hochul. Lieber has been serving as MTA Acting Chair and CEO
since July 2021 and is the Authority’s 15th Chair since it was founded in
1968.
In this position, Lieber provides strategic, financial, and operational leadership
for the MTA, the largest public transportation agency in North America. He also
heads the MTA Board of Directors, senior leadership team, and a total workforce of
more than 60,000 employees.
From 2017 to 2021, Lieber served as President of MTA Construction & Development,
the organization responsible for planning, developing, and delivering capital
projects across the MTA. In that position, he led the creation and implementation of
the MTA’s 2020-2024 $51.5 Billion Capital Program. He also managed the
integration and transformation of construction and development management practice
at the MTA.
Prior to the MTA, Lieber served as President of World Trade Center Properties LLC,
where he was responsible for managing all aspects of the Silverstein
organization’s efforts to rebuild at the World Trade Center site, including
planning, design, and construction issues; business, financing, and legal matters;
and public affairs, government, and community relations.
Earlier in his career, he held positions in the administrations of President Bill
Clinton and NYC Mayor Ed Koch and worked as an attorney in private practice.
Christian Maisonneuve
Head of Information
Technologies, Privacy Officer, Nova Bus
<
As a 20 year veteran of the Transport industry, Christian has successfully evolved
through operations, manufacturing and product development, as well as contributing
to articulated and hybrid bus industrialization supporting industry demand. As
electromobility becomes the future of transport, with digital solutions and
connected services in tow, he is now fully committed to heralding in digital
transformation to our current landscape.
Christian’s current focus as a member of Nova Bus executive team, is
responsible for Information Technology and recently became a Nova Bus Privacy
Officer. He is a natural leader with the ability to build the required
collaboration necessary to provide and promote team work, partnership and
performance needed to meet objectives.
Christian, a holistic solution problem solver, promotes cohesion problem which
will remain a top priority for him.
Scott Margolis
Chief Information Security
Officer, Massachusetts Bay Transportation Authority
Prior to joining the MBTA, Scott Margolis lead the Commonwealth of Massachusetts
Health Exchange Security & Privacy Compliance program established to support and
meet the goals of The Patient Protection and Affordable Care Act (ACA).
Working with State Agencies and IT Services organizations, Scott is responsible for
ensuring compliance with Centers for Medicare & Medicaid (CMS) and Internal
Revenue Service (IRS) guidelines as part of the Commonwealth of Massachusetts
implementation of a Health Information Exchange (HIX) and Integrated Eligibility
System (IES).
Mr. Margolis has more than 30 years of information technology, security governance,
and regulatory compliance experience as an entrepreneur, senior leader and
consultant. He has worked across the healthcare continuum having worked for payer,
consulting and product organizations. He has successfully managed information
technology and security organizations, led large consulting initiatives in both the
public and private sectors, and developed products for the commercial marketplace.
Mr. Margolis holds a Master of Business Administration in Management Information
Science and a BA in Computer & Information Sciences from Temple University
Rafi Khan
Chief Information Security
Officer, New Jersey Transit
Rafi is Chief Information Security Officer at NJ TRANSIT, the third largest
transportation agency in the US with nearly $4 billion operating and capital budget.
Prior to that, he was Senior Associate at Open Minds, providing technology
strategies for healthcare companies on IT systems, security, business workflows
& execution. Previously, he was VP, CIO and CISO of Edible Arrangements and
Edible Brands, leading its global technology teams responsible for e-commerce, BI,
analytics, DevOps app development delivery, infrastructure, security and support,
spanning 1300 international locations and 15K endpoints.
Rafi graduated from the School of Nuclear Medicine Technology at the VA Medical
Center, Northport NY, and is board certified by the Nuclear Medicine Technology
Certification Board.
Jesse Whale
Vice President, Chief
Information Security Officer, Amtrak
Jesse Whaley is an accomplished thought and action leader across multiple disciplines
encompassing technology, security, intelligence, and criminal investigations. He has
consistently delivered award-winning cybersecurity performance and groundbreaking
improvements for the U.S. Department of Defense, international governmental
alliances, and private companies.
As Amtrak’s current Chief Information Security Officer, Jesse leads the
management of cyber risk and information security matters. He manages everything
from traditional enterprise technology risks to unique challenges with the
operational technology that securely moves trains and safely delivers passengers to
their destinations. Jesse authored and is delivering a comprehensive cybersecurity
strategy to strengthen the company’s security posture while supporting the
digital transformation of the business.
Previously, Jesse transformed cybersecurity operations at the Pentagon. He designed
and built major programs to protect the nation’s military headquarters from
cyber threats, including cyber intelligence fusion, cyber hunt, and user activity
monitoring in support of the DoD Insider Threat Program. Jesse held many other
leadership positions throughout DoD, including leading defensive cyberspace
operations at a regional cyber center. He delivered unique critical technology
capabilities as a Director within the military intelligence community and served as
an IT Director (CIO equivalent) overseas. Jesse also provides expert advisory
services.
Jesse is especially known for leading revolutionary global initiatives. His
accomplishments include successfully leading teams through resolution of over 10,000
cybersecurity incidents and over 500 criminal investigations. Jesse and his teams
have received numerous awards. In 2017, Jesse was named the Pentagon IT Senior
Civilian Employee of the Year. Jesse is active throughout the technology and
security communities as a member of (ISC)2, ISACA, Evanta’s Washington DC
CIO/CISO Governing Body, the Association of American Railroads (AAR) Rail
Information Security Committee (RISC), and HMG Strategy’s Washington DC CISO
Advisory Board.
Jesse also served ten years in the U.S. Army as a CID Special Agent and a Digital
Forensic Examiner. Jesse has lived and worked across the globe, developing trusted
partnerships with his counterparts in Asia, Europe, and the Middle East.
Philippe Ayrault
PhD, Systems Safety/System
Assurance Manager – Systra USA
Mr. Ayrault is a specialist in mass transportation supervision and signalization. He
is an expert in systems reliability, availability, maintainability, and safety
(RAMS) and was Thales’ RAMS department lead. In addition, Mr. Ayrault has expertise
in CBTC, data management, ETCS, IXL, OCC and PDC. For system safety, he is a
specialist in systems/software, Cenelec and CEI61508 Standards and is highly skilled
in common criteria, evaluation, and formal methods for system security. He employs
various tools, including Fault Tree, Atelier B, Coq, and SAT solvers and is well
versed in the Methods and Norms: EN-5012x, DO178, DO333, CEI 61508.
Richard Lewis
Designated CISO, San
Francisco Municipal Transportation Agency (SFMTA)
Rick Lewis joined SFMTA as Principal Security Manager in Mar 2022. He is CISSP and
passionate about Network Security and Performance. His background includes working
for Gilead, Walmart, and Visa, where he successfully defended against DDoS attacks
and broke kill chain on attempted exploits. He was born in San Francisco and
lives in San Mateo with his wife, daughter, and dogs.
Dennis Wong, PE
Mr. Wong’s experience is primarily focused in mass transit systems applications and
communications systems design. He participates in various aspects of project
delivery for train control and SCADA systems for low voltage and vital and non-vital
train signaling systems, control/monitoring of SCADA, automatic train supervision,
PLC, and HMI programming. Mr. Wong has provided consultant services to various
transit agencies throughout the US from project conceptual stage through preliminary
engineering, as well as systems commissioning and closeout.
Nick Urlaub
Critical Infrastructure
Resiliency and Safety Capability Area Lead
MITRE Labs
Mr. Urlaub is the Critical Infrastructure Resiliency and Safety Capability Area Lead
for MITRE. He comes from an electrical engineering background having spent 7 years
working for Power Engineers, an engineering consulting firm, as a SCADA engineer.
For the past 5 years, he has been working on the cyber security of industrial
control systems at MITRE. Recently, Mr. Urlaub participated in a number of
engagements looking into the transportation sector cybersecurity including helping
lead an internal research project to investigate railroad cybersecurity issues.
Adi Karisik
Global Technology
Principal/Operational Technology Cybersecurity, Jacobs
Mr. Karisik’s work experience covers a variety of organizations in the intelligence
arena. He teaches at the Naval Post Graduate School in Monterey and has authored
several types of training that include cross-cultural negotiations, predictive
behavior analysis, human terrain reading, and survivability.
At Jacobs, Mr. Karisik has held prominent positions in Cybersecurity. Since 2022, he
leads the Jacob OT Cybersecurity division as part of the Divergent Solutions Line of
Business.
Mathew Rogers, PhD, CISA
ICS Cyber Security
Expert Office of the Technical Director at CISA
Mr. Rogers is an ICS Cyber Security Expert in the Office of the Technical Director at
CISA. He received a PhD in securing legacy OT vehicle networks from the University
of Oxford on a Rhodes Scholarship. Matthew worked as the founding engineer at a
vehicle and weapon system cybersecurity startup before pursuing broader ICS
cybersecurity efforts at MITRE. At CISA Matthew focuses on ICS Strategy and how ICS
R&D efforts can be transitioned to effective tools for Critical Infrastructure
sectors.
George Fosu
AECOM Cybersecurity Project
Manager
Mr. Fosu is an experienced Cybersecurity Project Lead Engineer specializing in
transportation, automotive technology, mechatronics (electrical and mechanical
engineering), information technology, project management, and commercial vehicle
product change management.
Jessie Gill
Manager of Systems
Technical Services at British Columbia Rapid Transit
Jessie Gill is the Manager of Systems Technical Services for British Columbia Rapid Transit. His department manages, maintains and secures BCRTC OT environment from SCADA systems, CCTV, Card Access, Train Control to server and network infrastructure. He has over 20 years of IT experience including 10 years in Transportation with 7 of those in the Operational Technology (OT) environment. Jessie sponsors over 150 million dollars in capital projects that are modernizing and transforming the BCRTC OT landscape.
Helen Negre
Chief Cybersecurity Officer,
Siemens USA and CSO, Americas-Siemens Mobility, Inc
Helen is the Chief Cybersecurity Officer for Siemens USA and the Americas CISO for
Siemens Mobility overseeing IT/OT security and Product Security strategy and
operations in the critical infrastructure and transportation sectors. She sits on
the Siemens Product Security Board in the data privacy working group and is
passionate about ensuring the upmost security in our products. She has an
educational background in Digital Forensics and Psychology. Previously, she has
served as the Head of Cybersecurity Incident Response, Product Security Officer, a
Forensic Investigator, and a DevSecOps Lead. Previous to her time with Siemens, she
worked in IT and Product Security in the Aerospace industry. In addition to her
security work, She is the chair of the Siemens Mobility Women’s Empowerment
network and Sits on the Diversity and Inclusion Strategy Council. Outside of work,
Helen volunteers with the Diana Initiative, Mental Health Hackers, Women of Security
(WoSEC), and enjoys a quiet life with her husband, chickens, and five dogs.
Brydon Owen
Director, Electrical
Engineering, New Flyer
Brydon Owen joined New Flyer in 2005, and since then has advanced through engineering
leadership roles in design, electrical integration, electrical engineering,
production, and new product development, most recently serving as Chief Engineer,
Electrical Engineering. In his current role, Brydon oversees development and
execution of New Flyer’s long-term technology roadmap, building on his
foundation of zero-emission bus development by strengthening its electrical
architecture, software, and controls in alignment with ISO26262 and emerging vehicle
cybersecurity industry standards. Brydon is an expert in advanced control systems
and holds a Bachelor of Applied Science in Electrical and Electronics Engineering
(B.Sc.) from the University of Manitoba, a Master of Electrical and Electronics
Engineering (MASc) from the University of Toronto and is an accredited Professional
Engineer. He remains an active member of APEGM, IEEE, and SAE, and in 2018 was named
to Mass Transit’s prestigious Top 40 Under 40 list. Brydon is also a
certified functional safety professional and has complete Level 1 ISO21434
Automotive Vehicle Cybersecurity Training
Joel D. Waugh
Sr. Director, Cybersecurity
& CISO, Washington Metropolitan Area Transit Authority (WMATA)
With more than 20 years of experience installing, managing and securing information
systems, Joel Waugh brings unique insight and experience to his position as WMATAs
Chief Information Security Officer.
From 1990 to 2011, he proudly served in the US Army. Notable accomplishments during
his career include a deployment to Bosnia and Herzegovina in support of NATO
peacekeeping operations and two deployments to Iraq in support of Operation Iraqi
Freedom. Upon retiring from the Military in 2011, Joel joined the Federal Bureau of
Investigation, where he spent 8 years building a customer-focused cybersecurity
program around the National Institute of Standards and Technologies (NIST) Risk
Management Framework. Joel’s career at the FBI culminated as the Chief,
Information Security Risk Management, responsible for the security for over 500
hosting environments and information systems across multiple security enclaves.
Since January 2019 Joel has been with WMATA. First in the role of Director of
Cybersecurity, where he led a dynamic team in the implementation of a robust
cybersecurity framework founded on a Federal-style assessment and authorization
process. For the last six months, Joel has served as the Senior Director of
Cybersecurity and CISO, in charge of risk management, defensive operations and
cybersecurity governance.
Eddy Thesee has been appointed Vice President Products & Solutions Cybersecurity
at Alstom in September 2018. His current scope of responsibilities includes the
definition of the cybersecurity strategy for products and solutions across the
complete Alstom portfolio, the execution of cybersecurity activities in projects and
new products, as well as the development of the cybersecurity standalone business
allowing Alstom to provide services and solutions answering to the growing demand in
the railway market.
Prior to joining Alstom, Eddy was working in consulting companies implementing
mathematical algorithms for the prediction of stock market prices. Eddy joined
Alstom in 1999 to support the activities related to the “year 2000”
mitigation. After several positions in IT for Alstom global operations and end users
support, Signalling, Turnkey & Infrastructure, he has been in charge of
Processes, Methods, and tools for Signalling and Digital Mobility.
Eddy studied Mathematics, Telecommunication, Information technologies and psychology
at the University Renee Descartes in Paris and holds master degrees in these
disciplines. He lives in Paris, France, with his daughter.
Mical Solomon
Acting Chief Information Security Officer at the Port Authority of NY & NJ
Mical Solomon is the Acting Chief Information Security Officer at the Port Authority of NY & NJ. Mical has worked in the Information Security/Cyber Security field for over 20 years during which time he has served in various roles in IBM Security and Consulting and as the CISO at NASCAR. Mical also has provided Cyber security advisory for several boards and for the University of South Florida’s Executive Cyber Certificate Program.
Mical has an undergraduate degree in Education and a Masters in Cybersecurity. Mical also holds several industry certifications including a CISSP and credentials from AWS.
Sonya T. Proctor
Assistant Administrator for
Surface Operations of the Transportation Security Administration.
Assistant Administrator for Surface Operations Proctor started her law enforcement
career with the Washington, DC, Metropolitan Police Department. During her
25-year tenure, she served in the patrol and investigative ranks, directing and
leading the department through many city-wide challenges, including crime reduction,
civil disturbances, sensitive investigations and significant departmental
reorganization. She rose to command many key positions in the department,
including serving as Commander of the Third Police District, often recognized for
its broad diversity and the model community policing approach she developed with her
community partners. She served in every rank from patrol officer to Chief of
Police, retiring from the department after serving as the Chief of Police in an
interim capacity.
Proctor went on to serve as the Chief of Police for the national Amtrak Police
Department, developing a new strategic blend of city policing in a passenger
railroad environment. In conjunction with then NYPD Commissioner Ray Kelly,
Proctor co-chaired the Northeast Corridor Coalition, a group of law enforcement
leaders dedicated to enhancing post 9/11 security on Amtrak for passengers between
Washington, DC, and New York.
She is a graduate of the 130th session of the prestigious FBI National Academy, a
long-time member of the International Association of Chiefs of Police and its Civil
Rights Committee, and she remains active in the national and international law
enforcement community. She earned her bachelor’s and master’s
degrees from Johns Hopkins University.