Juan Lopez Jr., USMC (ret) is a cyber-physical R&D program manager at ORNL located in Oak Ridge, TN. He leads research in Critical Infrastructure Protection, Supervisory Control and Data Acquisition (SCADA) systems, and Electromagnetic Interference (EMI) modeling. He served as the technical lead in SCADA/ICS research at the Air Force Cyberspace Technical Center of Excellence located at the Air Force Institute of Technology on Wright-Patterson AFB, OH. During his Marine Corps career, he served as an Information Assurance Chief at U.S. Marine Corps Forces Command, as a Systems Chief with the 7th, 8th, and 9th Communications Battalions, 31st Marine Expeditionary Force, an Operational Planner with Assistant Chief of Staff G-6, in the 1st Marine Division and Marine Corps Base Okinawa, Japan. He also served at Joint Task Force 6 supporting Counter Drug Operations, the G-8 Summit for President Clinton, Defense Information Systems Agency, and a Spectrum Manager.
Mr. Lopez’s academic resume includes a Ph.D. in Computer Science at the Air Force Institute of Technology, a Bachelor of Science from the University of Maryland, a Master of Science from Capitol College, and a Master of Science from the Air Force Institute of Technology under the NSA’s Information Assurance Scholarship Program. His research work has received various awards to include the Armed Forces Communications and Electronics Association (AFCEA) Research Excellence in the field of Information Resource Management, and the Science Direct ”Top 25 Hottest Articles” in the decision sciences category, and the Governor’s award for Distinguished Hispanic Ohioan for research contributions and educational outreach to stem schools. He has published articles in the Omega Journal of Management Science, ACM SIGMIS, IEEE Transactions on Power Delivery, and Journal of Critical Infrastructure Protection. He has presented at the SANS SCADA Summit, ICS Cybersecurity Conference, and the IEEE Radio and Wireless conference
Critical Infrastructure & SCADA Security 101 for Cybersecurity Professionals
Critical infrastructure is realizing tremendous growth and integration of technology-enabled solutions to improve system performance, reduce costs related to both operational and life-cycle maintenance, reduce environmental impact, improve the fidelity and accuracy of measurements and monitoring, integrate renewable energy and associated energy resources, and improve overall system reliability. Despite these improvements, numerous cyberattack events (e.g., Stuxnet, Black Energy, Triton) highlight the fragility and increased attack surface of critical infrastructure as a consequence of technology outgrowth. Presented here are insights with various examples to guide cybersecurity professionals gain an appreciation and comprehend how to best align established security principles from Information Technology (IT) with Operational Technology (OT) in order to support operational functionality, reliability, and safety.