Shane Steiger, Esq., CISSP

Mr. Steiger joined MITRE Corporation in 2018 as a Principal Cyber Security Engineer. He has over 24 years of cyber security experience across multiple large enterprises and industries.  He spent 9 years building and securing SCADA/ICS infrastructure for a large food manufacturer.  He then worked for 6 years as an infrastructure security architect in a large drug distributor.  He worked as Chief Endpoint Security Architect for a large technology company enabling the architectures of one of the largest spin/mergers to date.  Most recently, he was Director of Security Strategy and Innovation within a large telecommunications and entertainment organization.  Mr. Steiger was an early adopter of MITRE’s Cyber Resiliency Engineering Framework (CREF) and the ATT&CK® Framework.  He incorporated each framework into the threat modeling, emulation and defensive strategy choices of his organizations. As part of his role, he was a member of multiple Public and Private partnership working groups.  Some output can be seen in Security Tenets for Life Critical Embedded Systems published by DHS, an informational website on resilience – Industry Perspective on Cyber Resiliency hosted by MITRE and NIST SP 800-193 Platform Firmware Resiliency Guidelines.  Mr. Steiger also contributed directly to NIST SP 800-160 Volume 2 (Rev. 1):  Developing Cyber Resilient Systems: A Systems Security Engineering Approach.  Mr. Steiger has spoken at the Annual Secure and Resilient Cyber Architectures Invitational several times.  He has also presented to the Pennsylvania Bar Institute. He developed a cyber security game based on ATT&CK® which he presented at DEF CON 24 – Maelstrom: Are you playing with a full deck? Using a cyber adversary game based on ATT&CK® and the Lockheed Martin Kill Chain® to educate, demonstrate and evangelize.  Curently, Mr. Steiger is leading a small team developing the CREF Navigator™ which presents the contents of NIST SP 800-160 Vol. 2 (Rev 1) as an interactive website.  Mr. Steiger received his Bachelor of Arts in Mathematics and Latin from Susquehanna University and his Juris Doctor from Widener University Commonwealth Law School.  He is a CISSP and a member of the Pennsylvania Bar.