Loading...

Michael Sanchez, CEO (CISA), has over 36 years of experience in IT/OT, cybersecurity, physical security, risk, compliance, and audit. He is the former head of Commercial Cybersecurity and Compliance for a large global management consulting firm and experienced in successfully scoping and advising on projects of all sizes and complexity. In other past roles, Michael managed IT and OT for a Fortune 10 energy corporation with physical assets across 18 states, assisted in the IT rebuild and redesign for a large power generation company, and served for 12 years as a board member for FBI InfraGard Houston, helping to facilitate the sharing of information related to domestic physical and cyber threats. He is a member of the Forbes Technology Council, serves on the ASIS International Utilities Security Steering Committee, and was appointed Chair, ASIS Global Critical Infrastructure Community 2024-2025.

 

Sid Shaffer, VP and Chief Technology and Information Security Officer (MBA, CISA), has a reputation for consistent first-class delivery in the industry. With 25 years of experience and a passion for quality, he provides technology enablement and leads our teams to deliver excellence throughout the entire cybersecurity lifecycle. Sid is an expert in the application of internal controls in risk reduction and has extensive experience with developing and assessing cybersecurity and compliance programs, including substantial compliance experience with North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) requirements. He has managed and participated in multiple cybersecurity exercises and vulnerability assessments, assisted management in the remediation of security and control concerns, advised clients on methods of reducing cybersecurity risks, and facilitated sessions to improve key business processes and the related controls.

Mario Chiock, Chief of Staff (CISA, CISM, CISSP), has over 42 years of experience in Oil Field operations, IT, Security, Risk, Privacy and Auditing. As the former CISO at Schlumberger, he was responsible for developing the company’s worldwide, long-term cyber security strategy. He is recognized for his leadership and management in all aspects of cybersecurity throughout the company as well as within the community. Mario was recognized as one of the top 25 out of more than 10,000 security executives in the ExecRank 2013 Security Executive Rankings, he also won the 2012 Central Information Security Executive (ISE) “People Choice Award”, in 2014 he is a recipient of the CSO40 – 2014 award, named “ISSA Fellow”, won ISC2 Americas Information Security Leadership Awards (ISLA) and won the “ISSA Honor Roll” award. In 2017 he received the InfraGard Houston award of excellence for the Private-Public Partnership in Cybersecurity. Mario has a CISSP, CISM & CISA Certifications, and is past chair for the American Petroleum Institute Information (API) Security Sub-Committee and was involved in the formation of the Oil & Gas ISAC.

Bill Lawrence, Chief Delivery Officer, ITEGRITI (CISSP, PMP, MS International Relations, MS Military Science, BS Computer Science), is a cybersecurity executive who previously served as the NERC CSO and Senior Director of the E-ISAC. He led 40 employees in a 24/7 information sharing and analysis center to defend the North American electric grid. He has also served as a CISO for a SaaS risk assessment company protecting the data of several top oil and gas clients, and as a Commander in the U.S. Navy flying F-14 Tomcats and F/A-18 Super Hornets off aircraft carriers in combat. Over his career, he greatly expanded international grid security exercises and conferences and earned awards as a CISO as well as a leader and instructor in the U.S. Navy. Bill specializes in cybersecurity, leadership, client trust, AI, and critical infrastructure. He serves on the Houston Innovation Advisory Council, is a member of InfraGard, and helps lead the Houston Chapter of Control System Cyber Security Alliance International [(CS)2AI].

Dr. Thomas “Tom” Duffey, Director Cybersecurity and Compliance (CAP, C|CISO, CCNP-S, CDPSE, C|EH, CISA, CISM, CISSP, CRISC, FITSP-M, GCIP, HIPAA CHP, HITRUST CCSFP, MCSE, PMP, SABSA SCF, SASE) specializes in serving the cybersecurity and regulatory compliance needs of the defense, healthcare, and energy (utilities and oil & gas) critical infrastructure sectors. He is passionate about protecting operational technology (OT) and the Internet of Things (IoT) for multiple industries. His consulting and training experience includes support for worldwide military branches (U.S. Army, Navy, Air Force, Marines, Army Reserve, Air National Guard), and he has worked at numerous CONUS and OCONUS facilities across the globe. Tom’s DoD 8570 qualifications include IAM II, IAT III, and IASAE II, along with CNDSP-Auditor, CNDSP-Incident Responder, and CNDSP Manager. Tom earned his Doctoral Degree with specialization in Computer and Information Security and wrote his dissertation on NERC CIP Regulatory Compliance /Security. He also serves as the Director of Education for ISSA-South Texas Chapter.

The ITEGRITI Project Management Office (PMO)

Each ITEGRITI project has an assigned lead, a person with the background and experience for successful project leadership and delivery, who is teamed with a Project Manager.  Our leads manage the project team, approach, and deliverables while our PM’s monitor hours, timelines, barriers, deliverables and ensure the teams have the support and resources necessary for client success.  As appropriate, these resources include the use of standard methodologies, tools, and templates to generate consistent and quality deliverables.  ITEGRITI PMs report independently to our PMO office, currently led by our CEO.

Stanley Kopman, Senior Project Manager (BSEE), has over 40 years of experience in the electric utility industry, including more than 20 years of expertise in regulatory compliance in the United States and Canada. He formerly served as the Assistant Vice President of Compliance Enforcement and Mitigation for Northeast Power Coordinating Council (NPCC), one of the NERC regional entities. He has led multiple audit teams for FERC, and NERC OT/ICS audits and participated as chairman of various NERC and regional compliance committees. While at NPCC, Stanley’s accomplishments included:

  • Developed and implemented a collaborative, risk-based compliance monitoring and enforcement program (CMEP).
  • Developed and implemented internal regional compliance procedures, documentation, and reporting tools related to the CMEP.
  • Ensured compliance monitoring and enforcement issues were thoroughly vetted and processed by NPCC per the NERC Rules of Procedure.
  • Represented NPCC on NERC Committees and Task Forces, providing input and perspective from a regional view.
  • Organized and led NPCC Regional response audit team as it prepared and presented requested information to NERC and FERC.
  • Developed successful and influential outreach programs for NPCC Registered Entities, including creating and presenting at semi-annual compliance workshops for as many as 200.