Our aeCyberSolutions Team
aeSolutions offers the deepest bench of Industrial Cybersecurity professionals in the industry
We are a team of credentialed professionals (CISSP, GICSP, 62443 Expert, C | EH, CCNA, CCDA, MSCE, CFSE, PMP, etc). with the skills and experience to help companies develop ICS security programs, frameworks, policies and practices, and design and implement ICS cybersecurity configurations and mitigations.
When you meet with us, you’re meeting with the people who do the work. It’s never a case of ‘sell-then-switch.’ By working with you and focusing on the core mission in each of these four areas, we can help you meet your mission.
John Cusimano - CFSE, CISSP, GICSP
Vice President of Industrial Cybersecurity
John has over 20 years of experience and has performed many control system cybersecurity vulnerability and cyber risk assessments. He is a member of the International Society of Automation (ISA) and is a voting member of the ISA 99 cybersecurity standards committee. As part of that committee, he is the chair of the zones and conduits working group, and co-chair of the product development working group. He is the developer and primary instructor of the ISA courses on cybersecurity. John is a Certified Functional Safety Expert (CFSE), a Certified Information Systems Security Professional (CISSP), and a Global Industrial Cyber Security Professional (GICSP). John has a B.S. in Electrical and Computer Engineering from Clarkson University in New York.
Krish Sridhar - P.E., GSEC
Director of Industrial Cybersecurity
Krish Sridhar is a subject matter expert on cybersecurity solutions applied to industrial control systems. He brings over 20 years of industry experience with process automation, high availability architectures, industrial networks and application software. Krish has executed many cybersecurity risk and vulnerability assessment projects for chemical, specialty chemical, life sciences and CFATS compliant companies per the NIST framework and ISA 99/IEC 62443 standards. His particular expertise and experience developing and designing holistic cybersecurity programs for industrial control systems leveraging proven IT technologies, ICS security tools and products and industry best practices.
Krish works closely with various stakeholders within organizations to develop detailed implementation protocols, procedures, guidelines and help manage the lifecycle of a cybersecurity program.
Paul Rostick - CISSP, GICSP
CISO & Senior Principal Cybersecurity Advisor
Paul Rostick is the Chief Information Security Officer (CISO) and an Industrial Cybersecurity Advisor for aeSolutions. He advises company executives on establishing strategic Industrial Cybersecurity Programs.
Prior to joining aeSolutions, Paul was the CISO and Director of Cybersecurity Programs for Sunoco Logistics Partners, where he developed their first integrated IT/OT Cybersecurity Program. He has over 25 years of IT/OT/EHS experience in the Oil & Gas industry. Paul’s cybersecurity articles have been published in various industry publications, including Pipeline and Gas Journal, ISA InTech Magazine, TechTarget Search Security, and Linked-In. Paul regularly presents on Cybersecurity Program topics at industry conferences and forums, including ARCForum, AFPM, and AiCHE.
Industrial Cybersecurity Business Development Manager
Dave is an experienced process automation expert who has over 20 years’ experience with a global owner operator. In addition, Dave has worked within the consulting engineering field with numerous clients on the topics of process safety, cybersecurity and alarm management.
Dave has participated on various industry standards committees, conducted Gap assessments vulnerability analysis on a broad range of industries. Dave's deep understanding of the challenges the end-user/owner operator faces form the backbone of his approach to solving cybersecurity problems in a complex environment.
Dave is a published author “Implementing IEC 62443 – A Pragmatic Approach to Cybersecurity 1st Edition”.
Industrial Cybersecurity Senior Principal Advisor
Stuart holds an MBA in Technology Management and holds a CISSP Certification. He previously served as the Global Director of Information Security Risk Management & Policy at Sony Corporation and prior to that was with Wipro Limited as the Head of Operational Technology (OT) and IoT Cybersecurity.
“I’m very excited to be joining the premier team in ICS / OT cybersecurity at aeSolutions”, says Stuart. “Recent incidents continue to highlight the challenges in securing and protecting industrial systems from cyberattack. With my new role, I’m well placed to help organizations meet those challenges.”
Industrial Cybersecurity Technical Project Team Manager
Jacob Morella is a Chemical Engineer with experience in industrial cybersecurity, process safety, automation, and process operations. In his current role as an Industrial Cybersecurity Technical Project Manager he leads teams that perform Cybersecurity Risk Assessments, Vulnerability Assessments, PHA/LOPA studies, and Alarm Rationalization studies. His primary focus is on implementation of CyberPHA risk assessments and leveraging his strong background in process safety & operations to improve the assessment process. Jacob is a licensed Professional Engineer, Certified Function Safety Expert (CFSE), and has a B.S. in Chemical Engineering from Clemson University.
Josh Ruff - CCNA
Industrial Cybersecurity Business Manager
Josh has over 6 years of experience working on, designing, and/or executing Cybersecurity Vulnerability Assessments, Wired/Wireless Industrial Networks, Process Automation & Controls Engineering, Automation Application and Device Level Security, Standards and Procedures Development, Commissioning and Start-up, and Project Management in Oil & Gas onshore, upstream and midstream facilities. Having been embedded for 3 years with one of the largest operators in the Bakken and being an end user of Industrial Cybersecurity products and policies, Josh is able to utilize this experience to assess and evaluate process and procedural hazards, ICS architecture, and cybersecurity risks.
Industrial Cybersecurity Senior Principal Specialist
Tim Gale is an Industrial Cybersecurity and Process Safety Specialist with almost 30 years’ experience in the Oil & Gas, Specialty Chemical, Pulp & Paper, Food & Beverage, Pharmaceutical and Mining industries. Tim has performed numerous vulnerability / risk and compliance assessments using ISA/IEC 62443, NIST 800 series and NIST CSF standards. As a Process Control Engineer with experience in design, commissioning and start-up of process control / process safety systems, Tim has a unique foundation for assessing and evaluating process hazards, control system architectures and cybersecurity risks. Drawing on experience from numerous industrial projects across North America, Europe and Asia including new construction and ICS upgrades / migrations, Tim is the Practice Lead for Cybersecurity Risk and Vulnerability Assessments and has obtained both ISA 62443 Expert and ISA 61511 SFS certifications from the ISA as well as GICSP certification from GIAC.
Industrial Cybersecurity Senior Specialist
Senior Principal Specialist in Industrial Cybersecurity with over 30 years of experience with industrial automation & control systems. He’s held electrical maintenance and management related positions across a variety of industries including stone quarrying / manufacturing, hygiene / forest product manufacturing, and the maritime industry. Recent work has been in the offshore oil and gas sector of the energy industry with dedication to maritime related industrial automation and control system cybersecurity.
Patrick Riley - GICSP
Industrial Cybersecurity Principal Specialist
Patrick is a subject matter expert on cybersecurity solutions applied to industrial control systems. He has over 9 years of industry experience with designing and implementing industrial networks and application software and troubleshooting and maintaining large scale deployments. He has performed several cybersecurity risk and vulnerability assessment projects for Oil and Gas as well as manufacturing companies per the NIST Cybersecurity Framework and IEC 62443 and NIST-800-82 standards.
Patrick’s core competencies include Security Architecture Design, Network Security, Security Policy, Access Control and Incident Handling. He has experience working closely with various stakeholders within an organization to develop detailed implementation design requirements, ensuring adherence to industry best practices.
Industrial Cybersecurity Technical Project Manager
Chad Vicknair brings a true shop-floor to top-floor perspective with over 27 years in the regulated and highly hazardous chemical industry. In 1992, while working as a maintenance contractor at a chemical facility in Louisiana, he accepted an employment offer in operations. Driven by a natural desire to understand systems from end to end, he quickly moved through various roles developing a strong understanding of interoperability between not only systems, but the people interacting with them. Continuing a personal pursuit of education, Chad earned a Bachelor’s degree and multiple certifications in process control and cybersecurity. At the site level, he administered BPCS, SIS, PCN and MES systems, supported PSM, PHA, LOPA and alarm rationalization programs, and helped to develop and sustain regulatory programs for CFATS, MTSA, RCSC, and the EPA. As a corporate global ICS cybersecurity consultant and PM, Chad navigated across multiple business functions to promote IT/OT collaboration, adaption of the NIST CSF and a risk-based approach to cybersecurity aligning the business mission with regulatory requirements
Industrial Cybersecurity Specialist
Jose Cruces is a fully trained and certified network associate, he has extensive knowledge in building, maintaining, and monitoring secured Cisco network systems and devices. He is experienced in different networking protocols such as Single and Multi-Area OSPF, RIPv2, BGP and EIGRP. Experienced in switching technologies like extended access control lists, port security VTP, VLANs, and STP. He is skilled in ensuring efficient network operations and assisting in the initial analysis, design, planning, and coordination of LAN and WAN network systems.
Industrial Cybersecurity Principal Specialist
Ray has over 40 years of experience in Process Automation and Controls. He has designed IO and communications components for a DCS and Safety Controller and has spent many years with Field Service and Technical Support supporting those products. He has extensive experience with product certifications including UL508, FM and CSA Class 1 Div II, IEC61508 and IEC62443. One of the means of evaluating devices for Functional Safety – the FMEDA (Failure Modes, Effects and Diagnostic Analysis) was perfected with his help. He has performed the security testing and certification for many of the control and safety products and systems to ISASecure™ and Achilles™ security certification programs. He was instrumental in the development of the ISASecure™ SSA certification scheme. Ray has performed and assisted with Cyber Vulnerability Assessments and Risk Assessments for numerous Chemical and Oil and Gas facilities.
Industrial Cybersecurity Principal Specialist
Ted most recently served as a Sr. Project Manager and Industrial Controls Lead for CEC Group, and has previous experience as a Programmer, Electrical Engineering Lead, and Electronic Systems Supervisor for both consulting organizations and municipal governments. Ted holds his Associate’s Degree in Electronic Engineering.