Board Members, Good afternoon – I hope you are all doing well!
As you know, our program strategy is to drive adoption and expand coverage through directly working with community partners to ensure the program brings them value. To achieve this, we have launched several community working groups and special interest groups. I wanted to send an important update on changes in the User Experience Working Group (UEWG) and ICS/OT Special Interest Group (SIG) community leadership: Shadya Maldonado Rosado has accepted a new position with her employer and will not be able to continue as UEWG co-chair. We wish her all the best in her new role. She will continue to participate in the UEWG as time permits. We have identified a new co-chair for the UEWG: Przemyslaw Roguski (aka Rogue). He brings significant experience and enthusiasm to the role. Here’s a quick bio provided by Rogue: “Przemysław Roguski is a Security Architect with over ten years of experience in security analysis, identification of possible threats and mitigation strategies. He specializes in security aspects within cloud products. Przemysław Roguski works at Red Hat, where he designs security solutions and processes across Red Hat Product Security. He focuses on security data improvements to build a better understanding of security issues and opportunities to address them before exploitation.” Additionally, Rogue has been instrumental in several previous efforts undertaken by the UEWG. Rogue recently created the first draft and is helping to lead the current effort to define CWE/CAPEC User Stories and Personas. These initial User Stories and Personas will be the templates against which others are written and we greatly appreciate Rogue’s effort in getting this effort moving forward. Rogue will have direct involvement with the operation of the UEWG in terms of managing meeting agenda topics, driving working group activities, coordinating comms with the community between sessions, tracking progress on objectives, and identifying other opportunities for discussion/action. As co-chair he may periodically brief the Board with me to provide updates on UEWG activities. Gregory Shannon is moving on and will no longer co-chair the ICS-OT SIG. We appreciate Greg’s hard work in helping to launch the SIG and connect the congressionally requested Securing Energy Infrastructure Executive Task Force (SEI-ETF) work on new classes of security vulnerabilities (in ICS, Sector 9) to CWE. We wish him the best in his future endeavors. Matt Luallen will be taking over co-chair responsibilities for the ICS-OT SIG community leadership. Here’s a quick bio provided by Matt: “Matthew Luallen is currently the Vice-President of Cyber Vulnerability Awareness at CyManII, as well as a Lead Research Scientist at the University of Illinois-Urbana, where he coordinates, and conducts applied research that addresses securing the nation’s critical infrastructure. Luallen served as a Co-Founder of CYBATI, where he led the company in developing and expanding training services to enhance the understanding of, and provide protection from, cyber-physical threats. He also served as a Co-Founder of Dragos Security co-developing CyberLens™ for operational technology device and communications discovery and analysis. He was a Co-Founder of Encari, a NERC CIP cybersecurity consulting firm helping to defend power grid assets from cyber-physical attacks. He was also an Information Security Network Engineer and Architect at Argonne National Laboratory, as well as continuing as a SANS Certified Instructor and CCIE.” Matt is currently coordinating the effort to promote awareness of the CWE/CAPEC program and the ICS-OT SIG at the S4 ICS and OT Security Conference (https://s4xevents.com/). Matt will have direct involvement with the operation of the ICS/OT SIG in terms of managing meeting agenda topics, driving working group activities, coordinating comms with the community between sessions, tracking progress on objectives, and identifying other opportunities for discussion/action. As co-chair he may periodically brief the CWE/CAPEC Board with me to provide updates on ICS-OT SIG activities. The team is very happy to welcome both Rogue and Matt as they step into these important roles. Best, Alec -- Alec J. Summers Center for Securing the Homeland (CSH) Cyber Security Engineer, Principal Group Lead, Cybersecurity Operations and Integration –––––––––––––––––––––––––––––––––––– MITRE - Solving Problems for a Safer World™