Automotive Cybersecurity Summit Advisory Board"/>
Register by tomorrow to save $300 on cutting-edge cyber security training at SANS Miami 2020!

Automotive Cybersecurity Summit

Chicago, IL | Tue, May 1 - Tue, May 8, 2018
This event is over,
but there are more training opportunities.


Kevin Baltes, Director & CISO – Product Cybersecurity, General Motors Company

Kevin Baltes was named Director and CISO, Product Cybersecurity, for General Motors Company effective April 1st, 2015. Baltes is responsible for leading the global team that is defining the strategies to reduce the risks associated with cybersecurity threats related to the vehicle and its components and services. His team manages the cybersecurity posture of the end-to-end connected vehicle ecosystem, including the electronic control modules, IT back office, telecom channels, mobile apps, and connected services such as telematics, infotainment, app shop, and V2X.

Prior to this role, he served as Engineering Group Manager, Vehicle Cybersecurity. During his time in this role, Baltes led the development of the in-vehicle cybersecurity technical solution.

Joining GM in 1995 as an Embedded Controls and Software Engineer, Baltes has held multiple roles in Powertrain Engineering, Electrical, IT, and R&D. He holds 12 US patents, and several are pending.

Kevin earned a Bachelor’s Degree in Electrical Engineering from the University of Dayton, and a Master’s Degree in Engineering from Rensselaer Polytechnic Institute.

Kevin is a Certified Information Systems Security Professional (CISSP). He lives in Michigan with his wife. He enjoys live music and travelling.


Paul Bierdeman, Senior Engineer, Caterpillar Inc.

Paul Bierdeman, a senior engineer at Caterpillar Inc. in Peoria, Illinois, serves as technical steward for embedded security. His focus is software and hardware security architecture for next generation embedded control platforms and systems. Paul joined Caterpillar in 1979, and has worked on such projects as: industrial facility energy management, vital information management data analytics, autonomous haulage in mines, and hardened embedded network gateway. His passions include renovating British sports cars, canoeing the boundary waters and coaching FIRST Robotics Lego League.


Lisa Boran, Manager – Vehicle Cybersecurity, Ford Motor Co.

Lisa Boran is the Vehicle Cybersecurity Manager at Ford Motor Company focused on defining and instituting security functions within Product Development embedded systems (both cybersecurity and traditional security). Lisa has a MS from University of Michigan in Control Theory and a BS from Wayne State University in Electrical Engineering. Lisa has over 26 years at Ford including a wide variety of roles but mostly in the security area. External to Ford, she chairs both a SAE and SAE/ISO Committee to develop a Vehicle Cyber Security Systems Engineering Process standard.


Matt Carpenter (@Ma77Carpenter), Principal Researcher, Grimm

Matthew Carpenter is a Principal Security Researcher with Grimm (SMFS) performing deep security research for .com, .gov, and .mil. Matthew's expertise is in reverse-engineering, vulnerability research, exploit weaponization, hardware/software/firmware/Automotive/IoT/ICS/AMI/Radio, Symbolic analysis, generalized hacker techniques, and teaching. He has a detailed background in Risk analysis/mitigation, Penetration Testing at all levels (hw/sw/net/web/physical). Matthew is former vice-chair of UCAIUG AMI-SEC Task Force and SG Security, and lead the Vulnerabilities team for NIST Cyber Security Coordination Task Force developing NISTIR-7628. He is a former member of the Advanced Security Acceleration Project for the Smart Grid (ASAP-SG), and was the Red-team lead for Advanced Security Acceleration Project (AMI-SEC/ASAP). Matthew is an entertaining and informative speaker, and is a repeat speaker at many Hacker/ICS/SCADA conferences, domestic and abroad.


Faye Francy, Executive Director, Automotive Information Sharing and Analysis Center (Auto-ISAC)

This position serves the global automotive industry through the analysis and sharing of trusted and timely cyber threat information about existing or potential cyber-related threats and vulnerabilities for on-road vehicle electronics and associated networks. Actively engaged with private-sector stakeholders, partners and government agencies to facilitate information sharing and strengthen the industry's capability and capacity to detect, prevent, respond to, and mitigate disruptions related to the connected vehicle and supporting infrastructure. Responsibilities include developing, maintaining and executing a Strategic Plan that outlines strategic and operational priorities for the automotive industry. Build and maintains key relationships with Chief Information Officers (CIOs), Chief Information Systems Officers (CISOs), Product Development leadership, and other executives across the automotive industry responsible for securing vehicles and connected infrastructure. The Auto-ISAC is a non-profit organization operating in Washington, D.C.

Previously Ms. Francy was the Aviation ISAC Executive Director while she was working for the Boeing Company. Ms. Francy held numerous leadership positions at Boeing, including Cyber ONE Leader, Director Enterprise Technologies for Networked Systems, Director of Phantom Works Network Centric Thrust and Director of Engineering for Air Traffic Management.

Ms. Francy owned and operating two small businesses and held positions as a forensic chemist at Maryland State Police, Monroe and West Palm Beach County Sheriff’s Departments. Ms. Francy has a Bachelor’s Degree in Chemistry and Mathematics from Towson State University and a Master Degree in Forensic Chemistry from University of Pittsburgh. Faye is an American Institute of Aeronautics and Astronautics (AIAA) Associate Fellow, former Research Advisory Board member for Embry Riddle, and DC Analyst’s Roundtable Membership Chair.


Kevin Harnett, Principal Investigator/Security Researcher, Dept. of Transportation/Volpe Center

Kevin Harnett is a Program Manager for the United States Department of Transportation (DOT) at the Volpe National Transportation Systems Center located in Cambridge, Massachusetts. Mr. Harnett has over 37 years of combined project management, technical consulting, and implementation skills. Kevin is a Cybersecurity Program Manager (PM) with experience providing technical leadership in planning, implementing, and managing high-priority programs involving cybersecurity and risk management for the DHS, DOT, National Highway Traffic Safety (NHTSA), National Motor Freight Traffic Association (NMFTA), Federal Aviation Administration (FAA), DOD/USAF, Defense Information Systems Agency (DISA), NASA, DHS, and other agencies.

From 2010-2014, Kevin supported NHTSA on their "Research Planning for Cybersecurity of Automotive Safety - Critical Electronic Control Systems" Program and the development of a Vehicle Cybersecurity Threat/Risk Model, Assessment of the Automotive Information Sharing and Analysis Center (Auto ISAC) Model Paper, Vehicle Cybersecurity Testing laboratory, and Vehicle Cybersecurity Guidance.

Since October 2014, Kevin has supported DHS Science and Technology (S&T) Cybersecurity Division (CSD) on three major programs focusing on automotive cybersecurity: Automotive Cybersecurity Industry Consortium (ACIC), DHS Cybersecurity for Government Vehicles Program, and Automotive Cybersecurity Tools Research. In support of DHS, Kevin has been evaluating OBD-2 dongles/telematics systems, Open Source CAN tools, CAN Bus, Bluetooth, etc., and state-of-the-art Automotive Cybersecurity countermeasures, such as Intrusion Detection System (IDS), Intrusion Prevention Systems (IPS), Firewalls, etc. in the Volpe Cybersecurity Vehicle Testing Lab. Since 2016, Kevin is also supporting the National Motor Freight Traffic Association (NMFTA) on a new program called Heavy Vehicle Cybersecurity (HVCS), Kevin is evaluating OEM heavy vehicles and telematics system vulnerabilities. Since 2017, Kevin has been supporting the DOE to conduct a Technical Meeting and write a Technical Report on Electric Vehicle Charging Infrastructure Cybersecurity.


Urban Jonson, Chief Technology Officer, National Motor Freight Traffic Association, Inc. (NMFTA)

Urban Jonson is the Chief Technology Officer and the Program Manager of the Heavy Vehicle Cyber Security (HVCS) program for National Motor Freight Traffic Association, Inc, (NMFTA). Urban has over 25 years of experience in information technology, complex systems analysis, and information technology security. NMFTA is nonprofit membership organization headquartered in Alexandria, Virginia who represents over 500 carriers who collectively operate close to 200,000 power units generating $100 billion in freight revenue. NMFTA is committed to helping less-than-truckload (LTL) carriers and members meet the challenges confronting the transportation industry through representation, research, education, and the publication of specifications, rules, transportation codes and dissemination of studies, reports and analyses.


Kai Thomsen (@kaithomsen), IT Security Architect, Audi AG

Kai is the Incident Response team lead at AUDI AG and currently working on creating a modern CSIRT at Audi. Before that he established an IT Service Continuity organization at Audi and developed and executed crisis management training exercises for top management. Prior to Audi, he worked at SMS group, an engineering company for steel manufacturing plants. There he was responsible for network security architecture, NSM, and forensics. Kai holds an M.A. in computer science and English and American Literature. He is also currently a SANS Instructor in Development.


Dr. André Weimerskirch, VP Cyber Security, Lear Corporation

André Weimerskirch is VP Cyber Security at Lear Corporation. Before that, André established the transportation cyber security group at the University of Michigan Transportation Research Institute (UMTRI), and co-founded the embedded systems security company ESCRYPT which was sold to Bosch in 2012.

André is active in all areas of automotive and transportation cyber security and privacy, published numerous articles in the area of automotive and embedded cyber security, and is co-founder of the American workshop on embedded security in cars (escar USA). André is vice chair of the SAE Vehicle Electrical System Security Committee, co-chairs the Michigan Mobility Transformation Center (MTC) cyber security working group, co-organizes the SAE ComVEC cybersecurity session, and is a member of the joint SAE/ISO Cybersecurity Working Group.