FEMP Cyber Series: 3 Focusing on Connected OT Cybersecurity Risk  

Jason Koman is an Energy Technology Program Specialist at the Department of Energy's (DOE) Federal Energy Management Program (FEMP). He leads FEMP's work focused on Grid-Integrated Efficient Buildings (GEBs), water sustainability and resilience, and cybersecurity. Jason began his career in the non-profit space with the Clinton Foundation as a global program manager for energy efficient, low carbon buildings. Moving into the private sector as a consultant to the US Department of Energy during the Obama and Trump administrations, Jason rose to the role of managing director at RE Tech Advisors, leading a team of 30+ consultants to deliver sustainability programs for the US EPA and DOE. Jason decided to return to DOE in 2021 to focus on decarbonizing federal government infrastructure and helping agencies meet their sustainability goals under the Biden administration. He holds a Bachelor's in Public Policy from Trinity College, Hartford and a Master's in Public Policy from the University of California, Berkeley.

Christopher Bonebrake graduated from Washington State University with a bachelor's degree in Electrical Engineering in 2002 and a master's degree in Electrical Engineering in 2004. He has been working for PNNL since 2002 on various projects such as analog electronics and system design on chemical and radiation detection systems, industrial control systems, commercial Energy Management Systems (EMS), supervisory control and data acquisition (SCADA) equipment, power system simulation and analysis using lab-based tools, and cyber security events and training related to energy delivery systems. He is currently the Energy Cyber Program Coordinator and working on the cybersecurity of energy delivery systems.

Travis Ashley joined the Electricity Infrastructure and Buildings division at Pacific Northwest National Laboratory in 2017 as a computer scientist, primarily researching in residential energy efficiency applications and cybersecurity. His research in cybersecurity focuses on critical infrastructure protection, focusing on improving the maturity of the cybersecurity posture of the facilities that supply critical services. He has contributed to the development of the Mitigations of Exposed Energy Delivery System (MEEDS) attack surface management tool was primarily through identifying exposed devices using Python. He also contributed to the development of the Facility Cybersecurity Framework (FCF) training tools through designing cyberattack scenarios and mapping cybersecurity policy controls to the various stages of the attack. He is currently pursuing his Master's degree in Cybersecurity and is a member of the IEEE Computer Society.

Penny McKenzie is a Cyber Security Engineer for Pacific Northwest National Laboratory. She has expertise in network monitoring and intrusion detection of Industrial Control Systems (ICS), forensics analysis, policy and regulation determination for incident response for ICS, incident handling procedures, convergence of cyber and physical security, and Internet of Things (IoT) cyber security with an emphasis in intrusion detection and secure coding practices. Her current research focuses on incident response, risk management framework guidance of implementation on facility related control systems, network monitoring protocols for ICS, configuration management of network sensors, cyber security policy review and implementation, cyber-physical security for federal facilities, IoT pattern of life behaviors, cyber talent recruitment and program development, and educational outreach. Penny's work supports the IAEA, the US Department of Energy, the Department of Homeland Security, Federal Bureau of Investigation, Building Technology Office, and the Department of Defense. She has supported the Office of STEM education for the last 5 years in developing an early education cyber security guidance for K-12 students and has piloted and helped develop an early career cyber security competition for students and work force professionals.