Our Qualified Trainers

Bas van de Kerkhof

Bas van de Kerkhof is born in 1964 in Eindhoven and has a broad knowledge of as well Trial Technology as Information technology and Technique. He studied Foods Technology at the MAS and after that Process Technology at the HAS in ‘s Hertogenbosch. Further he graduated in Information Technology at the Catholic University Tilburg. Furthermore he won an European “Making the difference award” at Strasbourg.

He was working of 1986 until 2001 by Mars which he for example developed an automation system and a production planning system for all European sites of Mars. Further he developed a management information system and a warehouse management system. From 2001 he decided to start its own business through which he developed a production planning system based on the ISA-95 standard. Bas is a member of the ISA SP95 commission and is our trainer for ISA-88, ISA-95 and ISA-100.-88, ISA-95, ISA-106 and B2MML standards, and our trainer for these standards.

Carlos Montes Portela

Carlos Montes Portela received a B.Sc. degree in Software Engineering and a M.Sc. degree in Business Process Management and IT (cum laude). His master thesis focused on the design space of the ICT architecture of the Smart Grid taking into account security and privacy issues. Carlos has over 25 years of experience in different roles: software engineer, technical and functional designer, IT architect, EAI/SOA architect, team leader, senior smart grid innovator and senior OT security officer. Currently, Carlos is an independent business owner. Form his company Dicarma he offers coaching, training and consulting services on cybersecurity related topics. As a TOGAF, CISSP and CISM certified OT Security Manager, Carlos is currently contracted by a Dutch DSO where he is responsible for OT ISO-27001 and ISA/IEC-62443 based ISMS. Carlos also researches the applicability of the ISA/IEC-62443 standards for charging infrastructures for electric vehicles for an association related to EV charging. Furthermore Carlos is an active member of the Dutch standardization committee NEC65 and WG10 of TC65 at the IEC where the IEC-62443 standards are developed. Carlos is also an informative member of the ISA-99 committee. He conducts training courses for ISA-Europe in the Dutch, English and Spanish languages. Carlos is one of our Certified Trainers and Subject Matter Experts for the ISA/IEC62443 training program.

Carlos Montes Portela es licenciado en Informática (B.Sc. – Bachelor of Science in Software Engineering) y ha obtenido un máster (M.Sc. – Master of Science)  en Gestión de Procesos de Negocio e Informática (cum laude). Su tesis de se centró en arquitecturas ICT para Smart Grids (redes eléctricas inteligentes) teniendo en cuenta las exigencias en temas como ciberseguridad y privacidad. Carlos más de 25 años de experiencia en diferentes puestos: ingeniero en programación de software, diseñador técnico y funcional de sistemas, arquitecto de sistemas, arquitecto EAI / SOA, líder de equipo e innovador senior en proyectos relacionados a redes inteligentes. Actualmente Carlos trabaja desde su empresa Dicarma  como OT Security Manager para una operadora de redes de distribución de gas y electricidad holandesa. Carlos también es un miembro activo del comité NEC65 y WG10 de la IEC donde se elaboran las partes del IEC-62443 y miembro informativo del comité ISA-99.

Como OT Security Manager Carlos tiene las siguientes certificaciones: TOGAF, CISSP, CISM y ISO-27001 Certified Implementer. Carlos es responsable de que se incorporen privacidad y seguridad en las diferentes etapas de las iniciativas relacionadas con OT / sistemas de control / redes inteligentes a través de un ISMS basado en ISO-27001 e ISA/IEC-62443. Ha estado involucrado en proyectos relacionados con Smart Metering, RTU / Automatización de Subestaciones, Carga Inteligente de Vehículos Eléctricos y escenarios de Demanda / Respuesta de redes inteligentes basados ​​en incentivos con consumidores domésticos. Carlos imparte cursos para ISA Europa en holandés, inglés y español. Carlos es uno de nuestros profesores certificados y expertos para el programa de cursos relacionados a  ISA/IEC-62443.

Philip Westbroek

Philip Westbroek is a datacommunications and cybersecurity enthusiast with more than 20 years experience in these fields and holds a masters degree in information security management. He combines his work as an OT security officer at Enexis Netbeheer (a company responsible for energy distribution to 2.7 million customers) with training activities for ISA Europe. After working for Ericsson Telecommunications for 10 years, he moved to the energy sector in 2006. During the past 12 years he was responsible for the design and realisation of a number of smart grid projects, mainly in the fields of smart metering and distribution automation. Among these projects were a cryptoserver solution to protect smart meter key material and the Enexis Private MVNO solution. This award-winning mobile M2M datacommunications solution enables Enexis to switch from one mobile operator to another without swapping the SIMs Enexis use in their RTUs, smart meters and other M2M equipment. He was also involved in a number of European tenders as the responsible expert for datacommunications and cybersecurity. Philip currently works on the preparations for the ISO27001 certification of the Enexis Netbeheer OT environment. He is one of our Certified Trainers and Subject Matter Experts for the ISA/IEC62443 training program.

John Verhoof

John obtained a bachelor’s degree in ICT, Information Technology in 2003. John started his career as a technician at a famous Dutch computer manufacturer.
He specialized in networking and was one of the first certified Novell Network Engineers in his country. John also obtained the Microsoft Certified Network Engineer certificates. After working in this technique for about 6 years, John made the transition to a management position. For 11 years he was an IT manager within the Dutch prison system, a department of the Ministry of Justice. In that role he was responsible for and focused on IT Security. It was 2005 when John decided to take a different path and he started his own business. He continued his career as a software developer and obtained the MCSE and MCSA certificates. First, he built software interfaces between BAAN ERP and MES systems, later full (API-driven) (web) applications. From 2016 to 2019, John combined his job as a software engineer with the role of a Web Development Teacher at Fontys High School.
Since 2017, John is an ISA/IEC-62443 certified Cybersecurity Trainer and ISA/IEC-62443 Subject Matter Expert at ISA Europe in The Netherlands. He also supports students during ISA/IEC-62443 course exercises and is a reviewer and co-developer of ISA/IEC-62443 training lab exercises. John obtained the ISA/IEC-62443 Cybersecurity Expert certificate and advanced his factory automation skills through various training courses and small projects (such as SITRAIN SIMATIC S7 TIA Portal), Batch Control Using the ANSI/ISA88 Standards and others. John brings his passion and unique experience into conducting cybersecurity training courses.

Christian Haas

Christian Haas received his diploma degree in Computer Science from the University of Karlsruhe in 2008 and his doctoral degree from the Karlsruhe Institute of Technology (KIT) in 2014. Between 2008 and 2015 he was a researcher at the Institute of Telematics at KIT where he participated in several projects for the Federal Office for Information Security (BSI) and the Federal Ministry of Education and Research (BMBF). In 2014, he worked as a postdoctoral researcher at the competence center for applied security technologies (KASTEL). Since 2015, he is working as the group leader of a research group on Securely Networked Systems at Fraunhofer IOSB in Karlsruhe.
His research interests are network security, wireless sensor networks and security for industrial production systems.

David Meier

David Meier received his master degree in Information System Technology from the Technische Universität Darmstadt in 2013.
Since 2014, he is part of the research group on Securely Networked Systems at Fraunhofer IOSB in Karlsruhe where he participated in multiple projects for the Federal Ministry of Education and Research (BMBF) and European Commission.
He has been involved with multiple projects in the area of industrial IT security for industry partners and public authorities. His research interests include network security, wireless networks and security for industrial systems.

Prashanth Attigere Channaveeraiah

A leader and critical thinker in the field of OT cybersecurity with 16 years of experience. He acquired Bachelor of Engineering in 2005. He managed military IT/ OT infrastructure at Indian Navy for the first 10 years of career. He leads the Global Cyber Security Pentest Lab, Schneider Electric at Bangalore, India as Lab Manager for 3 + years. Exposed to rich experience of handling pentest of 300+ critical ICS products i.e., PLCs, Safety devices, RTUs, Historians, smart metres, and associated applications. Gained effective practical experience in MITRE ATT&CK, IEC 62443-4-1, IEC 62443-4-2, and OT pentest environment.

He possessed certifications like ISA 62443 Cybersecurity Expert, CISSP, CISM, GPEN, GICSP, ISO 27001:2013 LA and AWS Security. He is passionate about IT-OT convergence and attack surfaces exposed in such engineering. He continues to pursue offensive security at home lab as his free time endeavour. He started a OT Cybersecurity startup ‘SECOT PVT Ltd’. It got very quick success in bagging projects in middle east (RA of 120 electric substations and few more in oil & gas). During this tenured he practiced IEC 62443-2-X series as a service provider for asset owners.

He joined Siemens Energy at Erlangen, Germany to contribute cybersecurity of Grid Automation Technologies for electrical utilities. Contributed to strategic decisions for OT cybersecurity in digitalisation journey of GAT, Siemens Energy. Interacted with many of the important Energy companies in Europe, Middle East, and US. He practiced NERC-CIP, IEC 62443-3-2, IEC 62443-3-3, Local regulations, NIST CSF during this role.

Currently working with SKF Group. Contributing to formulating OT cybersecurity strategy, policy, governance, processes, including IT-OT convergence for 100+ manufacturing factories across the globe.

Rafael Barreto

With more than 15 years of experience, Rafael is a Certified OT/ICS Cybersecurity Expert and a Certified Functional Safety Expert/Master. Having a strong background in process automation, he is currently an independent consultant in OT Cybersecurity and Functional Safety management and engineering. His expertise ranges within infrastructures classified as critical, essential and important. He is also a certified Project Manager,

He has implemented several OT cybersecurity and Functional Safety management systems for multi-billion projects within the petrochemicals and Oil & Gas industry at asset owners, EPC contractors and 3rd party vendors. He has also worked for a diverse range of industries such as food, beverages, and water transnational companies.

He has been the responsible for the development of management systems, process and cyber risk assessments, requirements specification, technical implementation, design of cyber countermeasures, architectures, technology selection, definition of maintenance plans, patch/antivirus management, access control, response and recovery plans. Experienced with main automation vendors such as Honeywell, Rockwell, Schneider, Siemens.

On top of that, Rafael is a Subject Matter Expert implementing and assessing/auditing OT compliance with IEC 62443, NIS 2, NIST CSF, IEC 61511, IEC 61508, ISO 13849, helping customers to get international certifications for their organizations. He is member of ISASecure ISA/IEC 62443 Site Assessment (ACSSA) Program committee for certification for asset owners.

One of Rafael’s passions is to share his experience for the industry to become safer and more cybersecure. This is why he has always been involved in the development and delivery of trainings for companies and universities, adapting his learning approach about cybersecurity governance, assessment, implementation, operation and maintenance to answer the needs of high management (CEO and board) as well as of engineers, technicians, and plant operators. He has several publications related to functional safety, risk assessments, and control theory.

Rafael received his Master’s diploma in Automation and Electrical engineering from the Grenoble Institute of Technology, France and is fluent in English, French, and Spanish.

Josep Román

Josep Román has a B.Sc. degree in Computer Science Engineering from Universitat de Barcelona and has been working in the Cyber Security field +25 years across different sectors (finance, government, transportation, retail, FMCG, nuclear and oil & gas). He has an MBA diploma by the IESE Business School.

He lived in Switzerland for 10 years where he worked for the some of the main Swiss banks occupying different roles in IT Security up to CISO positions.

Josep has also collected some security certifications over the years (CISSP, CRISC, CISA, Lead Auditor for ISO 27001 & 22301, ISA/IEC 62443 Cyber Security expert, and CIPM in Data Protection among others).

Since 2017, when he joined a very well-known world beverages company as a Cyber Security Director, he’s been intensively exposed to the OT world, designing the Cyber Security strategy for all Company’s factories and warehouses and managing all the related projects to achieve the strategy. He’s currently working at one of the biggest companies in the Gas production providing OT Cyber Security services and advisory based on the ISA/IEC 62443 standard.

He’s a regular speaker at Cyber conferences like Manusec (CyberSecurity for Critical Manufacturing consortium) where he’s also member of the Steering Committee.

Nicky Jones

Nicholas (Nicky) Jones is the OT cyber security leader for EY across the Middle East and North Africa. Previously to EY, Nicky worked at BP where his most prominent role was leading a security project to connect gas resources from the Caspian Sea to markets in Europe.

Before BP, Nicky spent a large portion of his career working across the energy sector and is worked for or with most of the super majors.

Nicky currently sits on the committee for the international society of automation and is a graduate from one of the leading defence universities in the world, Kings College, London.

Nicky holds a Master’s in International Affairs and Cybersecurity and is a Certified ISA 62443 Trainer and Subject Matter Expert.

Mohammed Shaheen

Shaheen is an automation engineer with over 17 years of experience in industrial automation solutions, specializing in the security and safety of Industrial Automation and Control Systems. He holds a bachelor’s degree in Instrumentation & Control Engineering and has further specialized in Digital Manufacturing and Smart Factories. Shaheen is certified as an ISA/IEC 62443 Cybersecurity Expert, Functional Safety Engineer (TÜV), and Chartered Engineer.

His experience includes Distributed Control Systems and Safety Instrumented Systems in the oil and gas, petrochemical, and refinery industry in the Middle East. He has implemented measures to protect critical infrastructure, facilitate data exchange using standard industrial protocols, review SIL classification reports, and cybersecurity risk assessments.

He is an informative member of the ISA-99 committee and currently an active participant in the joint team JT-62443-2-3 (software patch/update management for automation solutions). Shaheen applies his passion and experience in the security and safety of IACS to deliver specialized cybersecurity training programs.

Lieven Dubois

Lieven Dubois studied electronic engineering in Belgium, followed by professional training in software engineering. He worked for 10 years in process automation in the chemical (batch and continuous processes) and automotive (manufacturing) industries in various roles. In 1990, as one of the system architects, he applied real-time expert system technology to an alarm management project in Belgium. In 2001, he co-founded UReason, a leading artificial intelligence company specialising in real-time decision support and alarm management applications. Lieven joined the ISA 18.2 committee in 2008 and contributed to Technical Report (TR) 4. He is co-chair of ISA 18.2 WG8, which published a technical report on notifications that do not meet the 18.2 definition of an alarm. He is a clause editor for technical report  9 of ISA 18.2 on “Digitalization and Interoperability” and is contributing to the revision of the 18.2 Technical Report 4 on “Enhanced and Advanced Alarm Methods”.

Lieven has co-authored several papers on the application of real-time artificial intelligence technology and is co-author of the book “Artificial Intelligence in Process Fault Diagnosis: methods for Plant Surveillance”. He is a multilingual presenter at seminars, workshops and conferences on alarm management and situational awareness. Lieven now lives in Italy and is a CEI member, involved in the IEC committee managing IEC 62682. He has a keen interest in the psychological aspects of human interaction with computers, the workings of the brain and consequently human-machine interfaces, improved graphics and ways of interacting with computers and automation.

Wally Magda

Wally Magda is an internationally recognized cyber and physical security expert for Industrial Automation and Control Systems (IACS). His deep security experience spans military nuclear missile command and control systems, intelligence agencies and enterprise security. Wally’s IACS career began as an Instrumentation, Control and Electrical (ICE) Technician. He then progressed to managing control systems as a process control engineer. Seeing the need for security professionals with a background in control systems he stepped into the enterprise level security realm. Wally has conducted numerous cyber and physical security assessments for electric, natural gas, chemical, LNG and manufacturing facilities. Wally brings his passion and unique experience into conducting cyber and physical security training courses and assessments specific to IACS.

Our Technical Experts

Jose Antonio Serrano

Jose Antonio Serrano has more than 25 years of experience in IT/OT environments in different sectors such as: Telecommunications, Automotive, Food and Services. He has a hybrid Operational/Strategic profile that helps him to have a global vision of IT/OT environments.

During his career in the Automotive sector, where he was working from 2003 until 2021, he was collaborating in projects related to the digital transformation of factories.

In addition, he has carried out OT environment security projects based on the ISA/IEC-62443 standard, support for the implementation of ISO 27001 and CISv8 controls in different companies.

He has the following certifications at the Cybersecurity level: ISA/IEC 62443 Cyber Security Expert, CEH, CND and Cisco CyberOPS. At the service and project management level, he has the following certifications: ITIL v3 and PRINCE2.

Jose Antonio collaborates with ISA Europe as TA in the IC33/IC34/IC37 courses in English and Spanish.