Mark Fabro is the President and Chief Security Scientist for Lofty Perch, Inc. a market leading security technology company focused on SCADA and control system cyber security. As a recognized expert in attack methodologies and adversarial techniques his work is focused on threat modeling, incident investigations and counter-attack planning. His projects have included supporting some of largest infrastructure asset owners in the world, and in addition to being involved in the development of several security standards for transportation, energy, and water sectors he has testified to Congress on cyber security risk and threat to the North American Bulk Power System.
Mr. Fabro’s was a contributing specialist to the U.S. National Strategy to Secure Cyberspace, the Cyber Annex to the National Response Framework, the post-Katrina control systems recovery plan for Oil and Gas, and most recently the DoE Cybersecurity Capability Maturity Model (C2M2). He has authored several of the Recommended Practices for the DHS ICS-CERT, is a co-founder of the Repository for Industrials Security Incidents (RISI), and is a member of both the NERC Smart Grid and Cyber Attack Task Forces. Over his 20 year career he has been instrumental in helping shape the security technology landscape whether it was creating first generation hardened OS firewalls or assisting the White House in crafting the National Strategy to Secure Cyberspace.
On the research side he is well known for the discovery of numerous critical vulnerabilities in infrastructure technology, authored early proof-of-concept code for next-gen weaponized malware and is a contributing developer to numerous assessment frameworks. He is regularly published for his work in Smart Grid, integrated radio mesh communications, and control systems forensics. He is the co-founder of numerous security mailing lists, and is involved in several international working groups addressing ‘denial of control’ within the process control and SCADA domain. He has also contributed to several standards and practices specific to SCADA/EMS security, namely NIST 800-82 and NISTR 7628, and is on the American Public Transit Association (APTA) Control Systems Cyber Security Working Group.
Mr. Fabro has a degree in applied physics and mathematics and is currently working on his PhD in Electrical and Information Engineering. He has completed post graduate studies in national security and counterterrorism at both the American Military University and the United Nations, and has taught cyber security theory at more than 20 universities and government agencies around the globe. He is a regular instructor/speaker at many international security events, including GridSecCon, ICSJWG, SecTor, AUSCERT, BlackHat, SANS and many others. Recently, for his work in critical infrastructure protection, he was recognized as one of the ’25 Most Influential Consultants in the World’ and was named ‘Information Security Professional of the Year’ by SC Magazine.
Prior to Lofty Perch he held senior engineering and director positions with many great companies such as Bearing Point (now Deloitte), American Management Systems (now CGI) and Secure Computing Corporation (now McAfee).
Since its inception in 2005, Mr. Anderson has overseen all of the major Lofty Perch strategic successes including the expansion into U.S. markets, the solidification of international partner agreements, and all strategic resource acquisitions. Mr. Anderson’s commitment to professionalism and dedication to customer needs drives Lofty Perch’s focus on delivering quality solutions which properly fit the immediate and long-term requirements of all Lofty Perch customers.