20 Cyber Policy Experts To Follow On Twitter
— Forbes
Top 50 Smart Grid Pioneers
— Smart Grid Today
35 Information Security Twitter Accounts You Have to Follow
— Security Scorecard

Professional History

As Managing Partner of Archer International, Patrick Miller shares over 30 years of IT/OT experience through his consulting services as a security and regulatory advisor for the Critical Infrastructure and Key Resource sectors. Patrick is also the founder, president emeritus and currently serves on the board of directors for the Energy Sector Security Consortium, Inc. (EnergySec), a 501(c)(3) nonprofit organization as well as the US Coordinator for the Industrial Cybersecurity Center, or CCI (Centro de Ciberseguridad Industrial). 

Mr. Miller is an internationally recognized public speaker on the subjects of critical infrastructure protection, process and industrial control system (ICS/OT) cybersecurity, information technology (IT) cybersecurity, regulatory compliance (leading global expert on NERC CIP), audit and privacy. He is an active volunteer and member of several critical infrastructure security working groups. Patrick has been commended with a number of professional awards for his successful work in building information sharing functions and cybersecurity programs. In addition to his energy sector experience, Mr. Miller also held key positions in the insurance, Internet and telecommunications sectors.

Patrick’s career started in the 1980s with deep roots in the telecommunications industry followed by years of information technology management before taking a primary focus on cybersecurity as principal security consultant for Breakwater Security Associates (now NTI Associates) in 2001. There he developed and managed the energy and utility security consulting practice. He then joined PacifiCorp as a senior information security consultant where he was responsible for enterprise and industrial control system cybersecurity as well as NERC CIP regulatory compliance for the organization. Patrick left the utility after 7 years to join the regulatory strata as manager of critical infrastructure protection (CIP) audits and investigations for the Western Electricity Coordinating Council (WECC) Regional Entity under the North American Electric Reliability Corporation (NERC) in their capacity as the Electric Reliability Organization delegated by the Federal Energy Regulatory Commission (FERC). Mr Miller left the regulatory space to reconnect with industry as director of the NERC CIP compliance consulting practice at ICF International. In 2010, EnergySec asked Patrick to be President and CEO as well as Principal Investigator of the new public-private partnership known as the National Electric Sector Cybersecurity Organization (NESCO) program under the U.S. Department of Energy (DOE). After successfully ramping and transitioning the NESCO program and taking EnergySec from startup to operational, he rejoined the consulting world through The Anfield Group as a managing principal. In 2014, Patrick left the Anfield Group to form Archer Energy Solutions (now Archer International) with three other partners to establish the premier security and regulatory consulting firm with a focus on critical infrastructure and industrial control systems.

Career Highlights

  • First and former Manager of NERC CIP Compliance Audits and Investigations at WECC
  • First NERC CIP auditor in the US
  • Led and/or participated in many NERC CIP Audits in multiple NERC Regions
  • Drafter of sections of NERC UAS 1200 and NERC CIP versions 1/2/3
  • Drafter of several CIP Interpretations
  • EnergySec NERC CIP instructor
  • EnergySec Founder, Director and President Emeritus
  • Centro de Ciberseguridad Industrial (CCI) US Coordinator
  • Cyber Senate Steering Member for Industrial Control Cyber Security
  • National Electric Sector Cybersecurity Organization Principal Investigator
  • 2002 Winter Olympics Electric Utility Operations Cybersecurity Lead
  • Advisor to multiple industrial security product vendors
  • Former utility staff (multiple utilities, telecommunications, water & energy)

Credentials and Certificates

  • CISSP: Certified Information Systems Security Professional — International Information Systems Security Certification Consortium (ISC2), 2002, 2005, 2008, 2011
  • ISSAP: Information Systems Security Architecture Professional, CISSP Concentration — International Information Systems Security Certification Consortium (ISC2), 2005, 2008, 2011
  • SSCP: Systems Security Certified Practitioner — International Information Systems Security Certification Consortium (ISC2), 2001, 2004, 2007, 2010
  • CISA: Certified Information Systems Auditor — Information Systems Audit and Control Association (ISACA), 2006, 2009, 2012
  • CRISC: Certified in Risk and Information Systems Control - Information Systems Audit and Control Association (ISACA), 2010
  • DHS-CVI: Department of Homeland Security Certified Chemical-terrorism Vulnerability Information Authorized User – DHS, 2010
  • CEH: Certified Ethical Hacker — EC Council, 2007
  • NSA IAM: National Security Agency Information Assessment Methodology — INFOSEC Assessment Training and Rating Program (IATRP), 2003
  • SCP: Snort Certified Professional — SourceFire, 2006
  • TCP: Tripwire Certified Professional — Tripwire, 2001