Mr. Fradenburgh, one of N&ST’s leading consultants, has over thirty years of experience with information security and ten years experience in the electric power industry. Mr. Fradenburgh is an expert in the Critical Infrastructure Protection (CIP) Reliability Standards from the North American Electric Reliability Corporation (NERC), completed NERC’s auditor training in 2009 and 2012, and has participated in numerous Regional Entity audits. Since 2007 Mr. Fradenburgh has been a frequent attendee at NERC Critical Infrastructure Protection Committee (CIPC) meetings, and he was a contributing member of the NERC Risk Assessment Working Group, which developed Critical Asset and Critical Cyber Asset identification guidelines for compliance with Standard CIP-002, Versions 1 through 3. Mr. Fradenburgh served as an Observer Participant member of the NERC Cyber Security – Order 706 Standard Drafting Team (CIP Version 5), and also supported the CIP Standards Revisions Drafting Team, which was tasked with responding to FERC Order 791 directives for CIP V5, in a similar role.
Since joining N&ST, Mr. Fradenburgh has worked almost exclusively with electric utility companies to help them achieve and maintain NERC CIP compliance through rigorous program assessment, program development, program execution and audit support. He has worked with Generator Owners and Operators, Transmission Owners and Operators, Reliability Coordinators, Balancing Authorities and Regional Entities on CIP compliance tasks including Compliance Assessments, Gap Analyses, Gap Remediation, RSAW Development and Audit Preparation, Mock Audits, Cyber Vulnerability Assessments and compliance program management and oversight. Mr. Fradenburgh has also participated in CIP compliance audits as an entity SME, as a Regional Entity audit team member, and as a NERC Observer.
Earlier in Career
Mr. Fradenburgh’s previous employers include Greenwich Technology Partners, General Dynamics C4 Systems, RSA Security, and Internet pioneer BBN Corporation. His previous experience includes assisting a financial services company with security policy and program strategies based on ISO 17799 and assisting a Fortune 500 manufacturer with the selection and implementation of a host-based intrusion prevention product. He also evaluated the security of the network and computing infrastructure supporting a suite of high-value transaction applications for a New York financial services company. During his tenure with RSA Security, Mr. Fradenburgh acted as lead technical architect and project manager for several enterprise-wide deployments of PKI systems.
Mr. Fradenburgh is a graduate of Brown University and is a Certified Information Systems Security Professional (CISSP).