Table of Contents
Who We Are
We are a team of dedicated operational technology (OT) and industrial cybersecurity experts that provide practical, scalable, industrial cybersecurity services and solutions. Our team has decades of hands-on experience working in critical infrastructure facilities such as chemical plants, refineries, pipelines & terminals, manufacturing facilities and offshore facilities to help those operations run safely, reliably and securely.
We help our clients:
Practically and cost-effectively identify and remediate the cybersecurity vulnerabilities that present the greatest risk to the integrity of their operations.
Select, design, deploy, optimize, monitor and maintain security technology in OT environments to achieve the greatest value from their new or existing security tech investments.
Build, mature and operationalize their OT cybersecurity programs that align with industry regulations, standards, and their existing IT security policies and standards.
The end result? Your operations are secure, safe, reliable and compliant, and your operations teams are equipped to perform their jobs, and do so in a secure way.
Who We Are
Why Are We Qualified
Why Are We Qualified
An asset-owner perspective is the core of our identity.
We deeply understand the issues our clients are facing because we’ve experienced them “from the inside.” We understand the difficulties of deploying, running and maintaining these systems. We’ve experienced the friction that can occur between IT and Operations (e.g., when Operations is hesitant to let IT into their facilities, or when IT doesn’t understand the unique challenges of Operations).
Because we’ve lived it, we know how to communicate with executive management teams, corporate IT, and plant personnel. Most importantly, we understand how to implement practical, cost-effective solutions to OT security challenges for the long-term.
Leadership
Leadership
Jacob Marzloff developed a passion for safety and security early in his career as part of a corporate IT team at a large oil and gas company. His small team supported 75 facilities across the United States, equipping him with early and invaluable in-depth, hands-on experience that set the foundation for his career in operational technology (OT) security. Since then, Jacob has led OT security programs for global oil and gas companies, supervising teams spread across multiple continents, to assess their security postures and develop multi-phase, minimal downtime solutions. Jacob has presented to some of the world’s largest commercial and federal organizations on the benefits and real-world use cases for implementing OT security technologies and strategies.
Throughout his career, Jacob has worked to build trust between IT and OT by introducing practical security technologies and striving for increased resiliency of industrial operations.
At Armexa, he leads teams of OT cybersecurity specialists in designing and implementing solutions that secure the safety, reliability and performance of industrial operating environments.
Eric Forner has worked with some of the largest industrial operators in the world, particularly with industrial hardware configuration and hardening, process control network engineering and design, endpoint security, and network security technologies. In addition to industrial system engineering and design, Eric also has experience evaluating and reverse engineering industrial protocols and embedded hardware.
Eric drives the technical direction of Armexa by identifying, developing and implementing industrial control solutions (ICS)/operational technology (OT) security technologies and architectures. He is a licensed Professional Engineer in the Control System Engineering discipline, specializing in ICS/OT cybersecurity with expertise in security operations and engineering, industrial network design and plant floor systems integrations. He has extensive experience working with various technologies in process controls, building automation, and Enterprise IT.
John Cusimano is an accomplished business and thought leader with more than 30 years of experience in process control, functional safety, operational technology (OT) and industrial control systems (ICS) cybersecurity.
John has performed and led hundreds of OT cybersecurity vulnerability and risk assessments and helped dozens of companies establish OT cybersecurity programs. He is a voting member of the ISA 99 cybersecurity standards committee. As part of that committee, he chaired the subcommittee that authored the ISA/IEC 62443-3-2:2020 standard “IACS Security Risk Assessment & Design.” He is the developer and primary instructor of multiple training courses on OT cybersecurity.
John is a Certified Functional Safety Expert (CFSE), a Certified Information Systems Security Professional (CISSP), Global Industrial Cyber Security Professional (GICSP), and ISA 62443 Expert.
Steve Stock has more than 25 years of experience in telecommunications and IP networking using wired and wireless technologies, with deep expertise in operational technology (OT) cybersecurity risk management and Process Control Network architecture.
Steve has led greenfield upstream, midstream and downstream projects for energy supermajors, working with engineering teams and system integrators to design and commission OT networks, firewalls and endpoint security technologies for major industrial installations. He also has extensive experience working with multiple oil and gas refineries to assess their Process Control Network to identify and remediate common misconfigurations that were negatively impacting the ability to operate their plants.
Over the last 10 years, Steve has developed and refined a passive data collection methodology used for OT documentation and assessments.
Chris Lyndes spent the first decade of his career in corporate IT infrastructure and application management at oil and gas companies, focusing on Active Directory and Windows administration. From there, he transitioned to a dedicated operational technology (OT) resource supporting operations in onshore and offshore oil and gas facilities, chemical plants, refineries and other manufacturing assets.
Chris has nearly 20 years of industrial IT experience working with IT and OT systems, communications networks, SCADA systems and Distributed Control Systems. Today he focuses strictly on OT, implementing the technologies required to achieve a stable and secure OT network infrastructure.
Chris specializes in onsite work at OT operating assets and in creating and leading effective teams that can safely execute work inside process control environments.
