Mr. Seán Paul Mcgurk

Managing Principal Industrial Control Systems Cybersecurity


Selected as a Smart Grid Pioneer for 2012 for Security Winner of the 2011 Federal Top 100 IT Professional Award Mr. McGurk is currently the Managing Principal for Verizon Investigative Response with extensive experience in Industrial Control System (ICS) Cybersecurity, Critical Infrastructure Protection (CIKR) and National Security Operations Center management. His primary focus is leading the Investigative Response (IR) capability for Industrial Control, automated and embedded systems security.

Prior to joining Verizon Mr. McGurk severed in several roles in the federal government, military and private sector focusing on information assurance and cybersecurity. He has over 33 years of experience in advanced systems operation and information systems security. Mr. McGurk served over 28 years in the United States Navy with 20 years in the Navy’s nuclear weapons program, serving on six fleet ballistic missile submarines and several shore facilities. He led two submarines as Chief of the Boat, and served as the Command Master Chief for a Tactical Electronics Warfare Squadron and the Navy’s only forward deployed Carrier Air Wing. For several years he worked as an arms control inspector for the Department of Defense where he conducted numerous inspections throughout the Soviet Union and subsequent Commonwealth of Independent States in accordance with the Intermediate Nuclear Forces (INF), the Strategic Arms Reduction Treaty (START) and the Conventional Armed Forces in Europe Treaties. Since leaving the Navy, Mr. McGurk has managed a number of significant system development and IT security programs in the private sector supporting the Department of Defense and the Intelligence Community. Go to to see the full biography.

Speech Topic & Synopses
Cyber Espionage in Critical Infrastructure, Who is in your network? How long have they been there? And what are they after?

The online world includes many opportunities to grow your business and develop new markets. It is also filled with risk that includes various forms of activism, protests, retaliation, and pranks. These activities encompass more than accessing systems and stealing personal or proprietary data (e.g., DDoS attacks, BotNets, Ransomware, etc.), but the theft of corporate and personal information is a core tactic. This specter of “hacktivism” rose to impact many organizations around the world. Corporate Executives are troubled by the mysterious nature of the threat origins and the tendency to embarrass victims. Security professionals found this trend more troubling than other perceived threats as it has the potential to negatively impact the corporate brand or reputation. Equally of concern was that target selection by these groups did not follow the logical lines of who has money and/or valuable information. The threat actors modified their techniques, tactics and procedures (TTP) to obfuscate their identity and intent. The activity was not limited to protests and lulz (Hacker-speak for laughs), however. Mainline cybercriminals continued to automate and streamline their methods of high-volume, low-risk attacks against weaker targets. Less frequent, but arguably more damaging, were advanced, persistent attacks focused on compromising trade secrets, classified information, and other intellectual property. Our analysis of activity identified many actors, varied tactics, and diverse motives in the past year, and in many ways, the adversary profile has changed in relation to the threats. By understanding the motives and TTPs of the cyber threat actors business leaders and security professionals can take the necessary steps to protect their network environments.