Perry Pederson



“The Cybersecurity Posture of Research Reactors” at the European Research Reactor Conference, October 2020.

“Application of Maturity Models for Evaluating Cybersecurity Programs at Nuclear and Radiological Facilities” at the IAEA International Conference on Nuclear Security (ICONS 2020), February 2020.

“Cybernetics for the Future” published by CIO Review magazine, October 2018.

“Virtual Energy Sector Advanced Digital Forensics Analysis Platform (VFP)” DOE Readiness Assessment/Gap Analysis in 2016.

“Adding the How-To to the NIST CSF” published by ISSA Journal 2015, Vol 13 Issue 4, P. 28-33.

“Regulating Nuclear Cyber Security: The Core Issues - An analysis of existing regulatory frameworks in light of the increasing cyber threat against critical infrastructure” by Perry Pederson in 2015.

“Bound to Fail: Why Cyber Security Risk Cannot Be Managed Away” published by Brookings Institute in 2013.

“The RIPE Crosswalk: Comparing the RIPE cyber security program to ICS security standards and frameworks” by Perry Pederson, November 2014.

“A RIPE Implementation of the NIST Cyber Security Framework: Adding the How-To to the NIST CSF” by Perry Pederson, October 2014.

“A Cost-Efficient Approach to High Cyber Security Assurance in Nuclear Power Plants: The RIPE Framework as an Alternative to Regulatory Guide 5.71 and NEI 08-09” by Perry Pederson, April 2014.

“Virtual Cyber-Security Testing Capability for Large Scale Distributed Information Infrastructure Protection” by Perry Pederson, David Lee, Guoqiang Shu, Dongluo Chen, Zhijun Liu, Na Li, and Lifeng Sang, in 2008.

“Critical Infrastructure Interdependency Modeling: A Survey of International and U.S. Research” published by INL in 2006.

Perry Pederson

Senior Cybersecurity Consultant

For the past 40 years, Mr. Pederson’s career has spanned the public and private sector R&D communities in information security and protection of industrial control systems. The last 15 years have been focused on applying cyber security to industrial control systems found within critical infrastructure.

At Pacific Northwest National Laboratory (PNNL), Perry was a Technical Advisor and Principal Investigator for projects ranging from assessing cyber security vulnerabilities in critical nuclear enterprise systems to developing cyber security training for the next generation of nuclear operators. Prior to joining PNNL, Perry worked at the Nuclear Regulatory Commission (NRC). He was part of the team that built the regulatory framework for cybersecurity for nuclear power reactors and represented the NRC on various International Atomic Energy Agency working groups. Perry was also the first person to hold the position of Senior Cyber Threat Intelligence Analyst at the NRC.

He has received the SANS Process Control/SCADA Security Leadership Award for his outstanding and continuous efforts in protecting critical infrastructure against cyber-attacks. He holds a Bachelor of Science in Information Systems, a Master of Science in Information Security Analysis, and is a doctoral candidate researching security metrics for industrial control system environments. His professional certifications include CCRMP, C|CISO, and CSQE.