With a career in executive leadership that spans more than 35 years, Mr. Anderson has been involved in critical infrastructure operations for 30 of those years and focused specifically on OT/ICS cybersecurity for 20 years. His extensive background in partner programs, marketing channel development strategies and technology sourcing empowers him in his day-to-day activities overseeing LPI operations. As a practitioner, Mr. Anderson brings extensive subject matter expertise specific to the energy and transportation sectors, and his technical acumen positions him as an active participant in many advanced assessments and projects delivered by Lofty Perch.
The Most Trusted Name in ICS/OT Cybersecurity
Protecting Critical Systems
Lofty Perch is the most dependable name in control system security. With more than 20 years securing the largest assets owners in the world, we use a comprehensive suite of services and technology that is designed specifically for reducing cyber-related risk within SCADA, DCS, PCN, and ICS environments. We are the global leader in providing realistic, accurate and engineering-informed security solutions. We help you protect the very systems that are so important to your business.
What Our Customers Have To Say
Leadership Team
Mark Fabro
President and Chief Security Scientist
As a recognized expert in attack methodologies and adversarial techniques, Mr. Fabro’s career in industrial control systems and operational technology cybersecurity spans almost 30 years. His work focuses on threat-profiling and advanced countermeasures for critical infrastructure. In addition to advising some of the world’s largest infrastructure asset owners, he has testified to the U.S. Congress on the cybersecurity risk to the North American Bulk Power System (BES).
He has also contributed to many control system security standards. For his work in critical infrastructure protection, Mark has been recognized as one of the ‘25 Most Influential Consultants in the World’ and been named the ‘Information Security Professional of the Year’ by SC Magazine. He has also contributed to many security standards, including NIST 800-82, APTA, IAEA, N290.7, and IEC/ISA62443.
Steve Anderson
Founder and Chief Operating Officer
With a career in executive leadership that spans more than 35 years, Mr. Anderson has been involved in critical infrastructure operations for 30 of those years and focused specifically on OT/ICS cybersecurity for 20 years. His extensive background in partner programs, marketing channel development strategies and technology sourcing empowers him in his day-to-day activities overseeing LPI operations. As a practitioner, Mr. Anderson brings extensive subject matter expertise specific to the energy and transportation sectors, and his technical acumen positions him as an active participant in many advanced assessments and projects delivered by Lofty Perch.
Kim Hermack
Chief Financial Officer
Overseeing all LPI financial operations, Ms. Hermack brings more than 20 years of experience in the cybersecurity domain of interest. Within her role as the Chief Financial Officer, Ms. Hermack oversees subsidiary legal and contracting activities and manages corporate affairs associated with Lofty Perch’s ability to deliver on a global scale. Before Lofty Perch, Ms. Hermack held executive positions in the manufacturing, telecommunications and financial industries.
Jack Palmer
Senior Practice Consultant
With a focus on tactical engineering-informed cybersecurity assessments, Mr. Palmer has supported numerous programs covering nuclear, transportation and water/wastewater operations. Formally educated in control system cybersecurity and security engineering, as well as being trained by both the U.S. Department of Homeland Security and the Canadian Nuclear Laboratory, he has developed and delivered countless standards-based OT/ICS cyber risk assessment programs. He is a recognized subject matter expert in the application of NIST, ISO and IEC 62443 requirements and the development of system/protocol-specific vulnerability and penetration testing programs.
Leadership Team
Steve Anderson
Founder and Chief Operating Officer
Mark Fabro
President and Chief Security Scientist
As a recognized expert in attack methodologies and adversarial techniques, Mr. Fabro’s career in industrial control systems and operational technology cybersecurity spans almost 30 years. His work focuses on threat-profiling and advanced countermeasures for critical infrastructure. In addition to advising some of the world’s largest infrastructure asset owners, he has testified to the U.S. Congress on the cybersecurity risk to the North American Bulk Power System (BES). He has also contributed to many control system security standards. For his work in critical infrastructure protection, Mark has been recognized as one of the ‘25 Most Influential Consultants in the World’ and been named the ‘Information Security Professional of the Year’ by SC Magazine. He has also contributed to many security standards, including NIST 800-82, APTA, IAEA, N290.7 and IEC/ISA62443.
Kim Hermack
Chief Financial Officer
Overseeing all LPI financial operations, Ms. Hermack brings more than 20 years of experience in the cybersecurity domain of interest. Within her role as the Chief Financial Officer, Ms. Hermack oversees subsidiary legal and contracting activities and manages corporate affairs associated with Lofty Perch’s ability to deliver on a global scale. Before Lofty Perch, Ms. Hermack held executive positions in the manufacturing, telecommunications and financial industries.
Jack Palmer
Senior Practice Consultant
With a focus on tactical engineering-informed cybersecurity assessments, Mr. Palmer has supported numerous programs covering nuclear, transportation and water/wastewater operations. Formally educated in control system cybersecurity and security engineering, as well as being trained by both the U.S. Department of Homeland Security and the Canadian Nuclear Laboratory, he has developed and delivered countless standards-based OT/ICS cyber risk assessment programs. He is a recognized subject matter expert in the application of NIST, ISO and IEC 62443 requirements and the development of system/protocol-specific vulnerability and penetration testing programs.
