Critical Infrastructure Protection

Cybersecurity  +  Compliance  +  Managed Services


Michael Sanchez, CEO (CISA) is involved in the scoping and planning of every project, and then serves in an advisory capacity until all deliverables are completed. He has over 34 years of experience in information technology, cybersecurity, physical security, compliance, and audit. Michael has held senior leadership positions in the energy, oil & gas, healthcare, and transportation industries. He is a former VP and General Manager for ICF International, a large global management consulting firm, where he served as head of Commercial Cybersecurity and Compliance. In other past roles, he managed IT and OT for a $12-billion energy corporation, assisted in the IT rebuild and redesign for a large power generation company, and served for 12 years as a board member for FBI InfraGard Houston, helping to facilitate the sharing of information related to domestic physical and cyber threats.

Sid Shaffer, VP and Chief Delivery Officer (MBA, CISA) has a reputation for consistent first-class delivery in the industry. With 24 years of experience and a passion for quality, he provides technology enablement and leads our teams to deliver excellence throughout the entire cybersecurity lifecycle.  Sid is an expert in the application of internal controls in risk reduction and has extensive experience with developing and assessing cybersecurity and compliance programs, including substantial compliance experience with North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) requirements. He has managed and participated in multiple cybersecurity exercises and vulnerability assessments, assisted management in the remediation of security and control concerns, advised clients on methods of reducing cybersecurity risks, and facilitated sessions to improve key business processes and the related controls.

Dr. Thomas “Tom” Duffey, Director Cybersecurity and Compliance (CAP, C|CISO, CCNP-S, CDPSE, C|EH, CISA, CISM, CISSP, CRISC, FITSP-M, GCIP, HIPAA CHP, HITRUST CCSFP, MCSE, PMP, SABSA SCF, SASE) specializes in serving the cybersecurity and regulatory compliance needs of the defense, healthcare, and energy (utilities and oil & gas) critical infrastructure sectors.  He is passionate about protecting operational technology (OT) and the Internet of Things (IoT) for multiple industries.  His consulting and training experience includes support for worldwide military branches (U.S. Army, Navy, Air Force, Marines, Army Reserve, Air National Guard), and he has worked at numerous CONUS and OCONUS facilities across the globe. Tom’s DoD 8570 qualifications include IAM II, IAT III, and IASAE II, along with CNDSP-Auditor, CNDSP-Incident Responder, and CNDSP Manager. Tom earned his Doctoral Degree with specialization in Computer and Information Security and wrote his dissertation on NERC CIP Regulatory Compliance /Security.