Megan Samford, VP, Chief Product Security Officer (CPSO) for Energy Management at Schneider Electric, is a security executive with focus on industrial control systems security, critical infrastructure protection, and risk analysis. In her role at Schneider Electric, Megan is responsible for driving the product security strategy and program for Schneider Electric’s Energy Management business. During this time, Megan became the first female CPSO for a major industrial company without first being a CISO, and is currently the only female CPSO in this space. This is a huge achievement for women in industrial control systems security.
Prior to Schneider Electric, Megan was the Global Director of Product Safety and Security for Rockwell Automation, Product Security Leader for GE Global Research and lead for the GE Product Security Incident Response Team. While working in the public sector, she served as the Commonwealth of Virginia’s Critical Infrastructure Protection Coordinator within the Governor’s Offices of Tim Kaine and Bob McDonnell.
Megan brings a unique perspective to the security community, based on her diverse security background, with an interest in utilizing proven concepts from traditional critical infrastructure protection and emergency management foundations, such as Incident Command System and preparedness, and applying those to cyber, in particular for industrial control systems incident response. She is currently leading a community-driven effort, known as Incident Command System for Industrial Control Systems (ICS4ICS,) which seeks to establish a common language for responding to cyber incidents and provide avenues for mutual assistance between organizations.
Megan has served on numerous boards including Virginia Commonwealth University’s School of Electrical and Computer Engineering (ECE), Security Analysis and Risk Management Association (SARMA) Department of Homeland Security’s Control Systems Security Working Group (CSWG), Trusted Computing Group (TCG), and Virginia Aviation Security Advisory Council (VASAC). She is also a returning 2020 Program Chair for the RSA Conference, “Secure All The Things” track.
She holds a bachelor’s degree in homeland security and emergency preparedness as well as a master’s in public administration, both from Virginia Commonwealth University.