The Advisor Behind Brager Security
Keirsten Brager has built her career at the intersection of operational technology, critical infrastructure, and executive leadership.
Keirsten Brager
Founder & Principal Advisor
A Decade of Securing Critical Infrastructure
Keirsten Brager is the Founder & CEO of Brager Security and a cybersecurity executive with more than a decade of experience securing critical infrastructure. She specializes in operational technology (OT) cybersecurity, AI governance, cyber risk management, and regulatory compliance, helping organizations build resilient security programs that enable innovation.
Throughout her career, Keirsten has led enterprise cybersecurity and compliance initiatives for electric utilities, with accountability across multiple NERC CIP reliability standards. She has partnered with executive leadership to strengthen security governance, improve operational resilience, and navigate an evolving cyber threat landscape.
Through Brager Security, Keirsten advises organizations and leaders on cybersecurity strategy, governance, and emerging technologies while helping build resilient, future-ready security programs.
"The organizations that get security right don't treat it as a compliance exercise. They treat it as a strategic capability."
Author & Contributing Author
Secure the Infosec Bag: Six Figure Career Guide
A career strategy guide for cybersecurity professionals pursuing six-figure roles, covering positioning, negotiation, and building a high-value security career.
Grid Grace
A career strategy guide for professionals interested in entering and advancing in the power utility industry.
Tribe of Hackers
Insights from leading cybersecurity professionals on building a career, developing expertise, and contributing to the security community.
97 Things Every Information Security Professional Should Know
A collection of essential knowledge and perspectives from practitioners across the information security field.
The Language of Cybersecurity
A reference guide to the terminology, concepts, and vocabulary that define the cybersecurity profession.
Named accountability for the standards that decide audit outcomes.
NERC CIP Senior Delegate
As a named NERC CIP Senior Delegate, Keirsten held formal program accountability across multi-jurisdictional registered entities, serving as a named point of contact for regulatory interaction and audit outcomes.
Direct CIP Standard Accountability
She owned direct accountability for the CIP standards that govern a registered entity's daily security and compliance posture: asset categorization (CIP-002), personnel and training (CIP-004), system security management (CIP-007), incident response and reporting (CIP-008), recovery planning (CIP-009), configuration and vulnerability management (CIP-010), information protection (CIP-011), and internal network security monitoring (CIP-015). Across the remaining CIP standards she carried shared accountability, coordinating with physical security, network, and supply chain functions to keep the full program defensible.
Executive & Technical Translation
What separates her work is translation. She gives engineers precise technical direction and gives executives, boards, and regulators the same subject matter framed as business risk and program posture, without sacrificing the accuracy that makes either version useful.
Education & Certifications
Continuing Education
Bringing Clarity to Complex Security Challenges
Keirsten is a sought-after keynote speaker and workshop facilitator for industry conferences, executive forums, and leadership events. Her sessions cut through complexity to deliver the perspective that executive and practitioner audiences need, grounded in real-world experience, not theory.
Speaking Topics
- OT Cybersecurity Strategy for Critical Infrastructure
- AI Governance in Operational Environments
- NERC CIP Readiness Assessments & Compliance Strategy
- Communicating Cyber Risk to Boards and Executives
- NERC CIP Audit Preparation for Electric Utilities
- The Future of Critical Infrastructure Security
Available Formats
Published LinkedIn Carousels
- The Perimeter Held. Something Was Already Inside2026
- The Risk Was Assigned. The Owner May Not Know It Is Theirs2026
- The Baseline Held. The Model Behind It Did Not2026
- Two Sat At Her Desk on Tuesday. She Only Knew About One2026
- The Fourth User. CIP-004 Was Written for Three2026
- Six AI Vendor Outages in 15 Days. Your Grid Ran Through All of Them2026
Recent Published Articles
Speaking Engagements
- Tripwire Summit—November 2019
Beyond Compliance: Leveraging Automation, Metrics and KPIs to Optimize Cyber Program Performance
- HOU.SEC.CON—April 2019
Building a Business Case for Your Security Monitoring Strategy
- University of Houston Fall Cybersecurity Event—November 2018
A Day In the Life of a Lead Security Engineer
- Splunk User Group, Entergy Timberloch Office—October 2018
- Diana Initiative—August 2018
Keynote: Seconomics
- InfoSecurity Magazine Webinar—May 2018
Best Practices and Future Direction of Security Awareness Training
- Women in Control Systems Cybersecurity—April 2018
Recruiting and Retaining Female Security Talent
- HOU.SEC.CON—April 2018
Addressing the Cybersecurity Opportunity Gap
- Tripwire Webinar—November 2017
Reducing the ICS Human Attack Surface
- Texas Southern University—September 2017
Bridging The Gap Between Academia and Industries that Need Cyber Talent
- Global Issues Summit—April 2017
The Importance of Diversity in Cybersecurity
- HOU.SEC.CON—March 2017
Panelist: Strategies for Career Success
- HOU.SEC.CON—August 2016
Emerging Cyber Threats Against Power Utilities
- HOU.SEC.CON—October 2015
Business Skills for the Savvy Security Professional
Invite Keirsten to Speak
Available for conferences, executive forums, board briefings, and customized leadership workshops.
Inquire About SpeakingWork With Keirsten
Whether you need executive advisory, a strategic assessment, or a keynote speaker who can command a room, let's start with a conversation.