Currently Mark is the Director for the Hunt and Incident Response Team (HIRT) at Department of Homeland Secuirty's Cybersecurity and Infrastructure Security Agency (CISA) where he leverages his expertise in incident response, industrial control systems, network monitoring and defense to support national security interests. Before ICS-CERT was integrated into HIRT, Mark was the Chief of ICS-CERT incident response. In Mark's sixteen-year security career he has also worked for CSRA and Securicon where he supported a variety of private and public sector clients.
Mark has been on the front lines of headline grabbing incident response efforts such as the attack on the Ukrainian power grid, intrusions into US election infrastructure and Russian attempts to gain access to the U.S. power grid. Mark is a frequent speaker on industrial control systems security issues worldwide.
Mark's experience has led him to the path of sharing his knowledge and helping others learn to protect critical infrastructure. He loves teaching not only to help others, but because he learns something from his students in every class. Mark shares his real-world experiences with students so they can relate the information to scenarios in the field.
When Mark isn't defending ICS systems, he enjoys spending time with his family, working toward his pilot's license and SCUBA diving as much as possible.
ADDITIONAL CONTRIBUTIONS BY MARK BRISTOW:
ICS Asset Identification: It's More Than Just Security: A SANS Panel Discussion, July 2020