Issues

Cybersecurity Technology & Innovation
About Related Content

Events

Online Event Thu, March 4, 2021 • 1:00 pm ET

You want us to do what, now? CISO views on public-private partnerships
Cybersecurity Technology & Innovation
Online Event Mon, December 13, 2021 • 9:00 pm ET

Securing the energy and critical infrastructure sectors from cyberattacks
Energy & Environment Energy Markets & Governance Geopolitics & Energy Security
Online Event Fri, March 25, 2022 • 1:00 pm ET

Beyond hope as a strategy: New models for public-private collaboration
Cybersecurity

All Content

Tech at the Leading Edge

Mar 22, 2023

Modernizing critical infrastructure protection policy: Seven perspectives on rewriting PPD21

By Will Loomis

In February of 2013, then President Obama signed a landmark executive order - Presidential Policy Directive 21 (PPD 21) - that defined how U.S. Departments and Agencies would provide a unity of government effort to strengthen and maintain US critical infrastructure. Almost a decade later, evolutions in both the threat landscape and the interagency community invite the US government to revise this critical policy.

Cybersecurity Infrastructure Protection

The 5×5

Dec 14, 2022

The 5×5—The cyber year in review

By Simon Handler

A group of experts reviews the highs and lows of the year in cybersecurity and look forward to 2023. 

Cybersecurity Internet

Megan Samford is a nonresident senior fellow at the Cyber Statecraft Initiative under the Atlantic Council’s Digital Forensic Research Lab (DFRLab) and vice president and chief product security officer for energy management at Schneider Electric. Presently the only female chief product security officer (CPSO) for a major industrial, Samford is a security executive with a focus on industrial control systems security, critical infrastructure protection, and risk analysis. Samford drives the product security strategy and program for Schneider Electric’s energy management business.

Prior to Schneider Electric, Samford was the global director of product safety and security for Rockwell Automation, product security leader for GE Global Research, and lead for the GE Product Security Incident Response Team. While working in the public sector, she served as the Commonwealth of Virginia’s critical infrastructure protection coordinator and special assistant for homeland security projects within the offices of former Governors Tim Kaine and Bob McDonnell.

Samford brings a unique perspective to the security community based on her diverse security background with an interest in utilizing proven concepts from traditional critical infrastructure protection and emergency management foundations, such as Incident Command System and preparedness, and applying those to cyber, in particular for industrial control systems incident response.

In addition to her role at Schneider Electric, she is currently the chairperson for the ISA Global Cybersecurity Alliance. She is also leading a community-driven effort known as Incident Command System for Industrial Control Systems (ICS4ICS), which seeks to establish a common language for responding to cyber incidents and provide avenues for mutual assistance between organizations. Lastly, she is the co-chair of the US Department of Homeland Security’s Control Systems Working Group.

Samford has served on numerous boards, including Virginia Commonwealth University’s School of Electrical and Computer Engineering, Security Analysis and Risk Management Association, Department of Homeland Security’s Control Systems Security Working Group, Trusted Computing Group, and Virginia Aviation Security Advisory Council. She is also a returning 2022 program chair for the RSA Conference “Secure All the Things” track.

Samford holds a bachelor’s degree in homeland security and emergency preparedness as well as a master’s in public administration, both from Virginia Commonwealth University.