Michael R Galde
- Assistant Professor of Practice
- Member of the Graduate Faculty
- (520) 626-2422
- Engineering, Rm. 304
- Tucson, AZ 85721
- michaelgalde@arizona.edu
Biography
Michael Galde is an Assistant Professor of Practice at the University of Arizona specializing in Industrial Cyber Operations. With a career that seamlessly bridges academia, industry, and intelligence, Michael is dedicated to advancing cybersecurity research and education while protecting critical infrastructure.
In his current role, Michael leads innovative research initiatives such as the Industrial Asymmetric Environment Surveillance (IAES) project—a groundbreaking effort focused on the early detection of vulnerabilities in industrial control systems. His work in this area was prominently showcased during his presentation at CactusCon, Arizona's premier cybersecurity conference, where he detailed how IAES monitors and safeguards vital network infrastructures. Michael's research not only pushes the boundaries of passive network monitoring but also provides invaluable hands-on experience to a dedicated team of student researchers.
Michael is also a passionate educator who has developed and delivered comprehensive courses on Cyber Operations, Network Analysis, Malware Analysis, and Industrial Control Systems Security. He continuously enhances his curriculum through practical, interactive assignments and updated lab sessions, ensuring students gain theoretical knowledge and real-world skills. Beyond the classroom, he contributes to curriculum development as a member of the CAST Curriculum Committee. He shares his expertise by editing and producing content for "The Packet," a monthly cybersecurity publication.
Before joining the University of Arizona, Michael excelled as a Cyber Security Engineer at the Nebraska Applied Research Institute, specializing in vulnerability assessments, tool development, and reverse engineering. His earlier roles as an Intelligence Analyst for The Buffalo Group and the United States Army further solidified his reputation for providing critical intelligence and cybersecurity expertise.
Michael holds a Master's degree in Cybersecurity and a Bachelor's in Political Science from the University of Nebraska. He is globally recognized for his cybersecurity proficiency, earning credentials such as the Global Industrial Cyber Security Professional (GICSP) and GIAC Response and Industrial Defense (GRID) certifications. A frequent contributor to cybersecurity discussions, Michael shares his insights at conferences, on media platforms, and through his involvement in commercialization initiatives that explore innovative solutions for enterprise-level challenges.
Through his multifaceted contributions to research, teaching, and service, Michael Galde continues to shape the evolving landscape of cybersecurity, ensuring that both academic and practical approaches keep pace with the demands of a digitally interconnected world.
Degrees
- M.S. Cyber Security
- University of Nebraska, Omaha, Nebraska, United States
- Master of Science
- University of Nebraska at Omaha, Omaha, US
- B.S. Political Science
- University of Nebraska, Omaha, Nebraska, United States
- Bachelor of Science
- University of Nebraska at Omaha College of Arts and Sciences, Omaha, US
Work Experience
- University of Arizona, Tucson (2020 - Ongoing)
- Nebraska Applied Research Institute (2017 - 2020)
Licensure & Certification
- GIAC Response and Industrial Defense (GRID), GIAC (2020)
- Global Industrial Cyber Security Professional (GICSP), GIAC (2018)
Interests
Teaching
Network AnalysisCybersecurityOperational Technology (OT)Cyber OperationsMalware Analysis and Reverse EngineeringIndustrial Control Systems SecurityDigital Forensics
Research
Rapid Deployment of Technical SystemsOT / IT Gap BridgesAir-Gapped Networks and InfrastructureAutomated Recovery of Industrial Control SystemsIndustrial Network VisibilityCybersecurity ImplementationsLarge Language ModelsMachine Learning in CybersecurityIndustrial Asymmetric Environment Surveillance (IAES)Vulnerability Assessment and Penetration Testing in OT EnvironmentsCybersecurity Education and Workforce DevelopmentVideo Instructional Computerized Environments (VICE) for Remote LearningCyber-Physical Systems SecurityThreat Intelligence and Analysis
Courses
2024-25 Courses
-
Active Cyber Defense
CYBV 400 (Spring 2025) -
Intro Methods of Ntwk Analysis
CYBV 326 (Spring 2025) -
Malware Threats & Analysis
CYBV 454 (Spring 2025) -
Intro Methods of Ntwk Analysis
CYBV 326 (Fall 2024) -
Intro to ICS Security
CYBV 330 (Fall 2024) -
Malware Threats & Analysis
CYBV 454 (Fall 2024)
2023-24 Courses
-
Intro Methods of Ntwk Analysis
CYBV 326 (Spring 2024) -
Malware Threats & Analysis
CYBV 454 (Spring 2024) -
Intro Methods of Ntwk Analysis
CYBV 326 (Fall 2023) -
Intro to ICS Security
CYBV 330 (Fall 2023)
2022-23 Courses
-
Intro Methods of Ntwk Analysis
CYBV 326 (Spring 2023) -
Malware Threats & Analysis
CYBV 454 (Spring 2023) -
Intro Methods of Ntwk Analysis
CYBV 326 (Fall 2022) -
Malware Threats & Analysis
CYBV 454 (Fall 2022)
2021-22 Courses
-
Intro Methods of Ntwk Analysis
CYBV 326 (Spring 2022) -
Intro to Cyber Operations
CYBV 385 (Spring 2022) -
Malware Threats & Analysis
CYBV 454 (Spring 2022) -
Intro Methods of Ntwk Analysis
CYBV 326 (Fall 2021) -
Intro to Cyber Operations
CYBV 385 (Fall 2021) -
Malware Threats & Analysis
CYBV 454 (Fall 2021)
2020-21 Courses
-
Intro to Cyber Operations
CYBV 385 (Summer I 2021) -
Intro Methods of Ntwk Analysis
CYBV 326 (Spring 2021) -
Intro to Cyber Operations
CYBV 385 (Spring 2021) -
Intro Methods of Ntwk Analysis
CYBV 326 (Fall 2020) -
Intro to Cyber Operations
CYBV 385 (Fall 2020)
2019-20 Courses
-
Fundamentals of Cybersecurity
CYBV 301 (Summer I 2020) -
Intro Methods of Ntwk Analysis
CYBV 326 (Spring 2020) -
Intro to Cyber Operations
CYBV 385 (Spring 2020)
Scholarly Contributions
Presentations
- Galde, M. R. (2024, February).
IAES: Guarding the University of Arizona's Heartbeat – The Watchful Eye on Critical Infrastructure
. CACTUSCON 13CACTUSCON.More infoDive into the cutting-edge world of passive network monitoring with the Industrial Asymmetric Environment Surveillance (IAES) research project, a beacon at The University of Arizona in the vast sea of digital threats. As the digital age advances, the demand for vigilant systems grows, systems that detect even the faintest hints of compromise, misconfiguration, or misuse in vital network infrastructures. Our initial focus is the power generation environment. Discover how IAES expertly navigates through network control data across a myriad of hardware and software landscapes. Uncover the strategies IAES employs to safeguard the University of Arizona's core services, ensuring that the rhythm of daily operations remains undisturbed. Join us as we delve into the intricacies of identifying, mitigating, and staying a step ahead in the dynamic world of digital security. - Galde, M. R., Wagner, P. E., & Alharthi, D. N. (2023). Who's Watching Who: Hacking IP Cameras. CactusCon11 2023. Mesa, AZ.
Creative Productions
- Galde, M. R. (2024.
UA24-293 – DaRIA Adaptive Network Intelligence Agent with Dynamic Host Reassignment
. Tech Launch Arizona. https://inventions.arizona.edu/tech/Adaptive_Network_Intelligence_Agent_with_Dynamic_Host_Reassignment: Tech Launch Arizona. https://inventions.arizona.edu/tech/Adaptive_Network_Intelligence_Agent_with_Dynamic_Host_ReassignmentMore infoA cutting-edge cybersecurity tool designed to dynamically reassign hosts for real-time intelligence gathering across multiple platforms, enhancing operational cyber-intelligence capabilities. - Galde, M. R. (2024.
UA24-296 – SPINE (Shared Processing Infrastructure for NLP Ecosystems)
. Tech Launch Arizona. https://inventions.arizona.edu/tech/SPINE_(Shared_Processing_Infrastructure_for_NLP_Ecosystems): Tech Launch Arizona. https://inventions.arizona.edu/tech/SPINE_(Shared_Processing_Infrastructure_for_NLP_Ecosystems)More infoShared Processing Infrastructure for NLP Ecosystems (SPINE) is an innovative software platform designed to optimize the deployment of large language models (LLMs) within enterprise environments. The platform leverages existing hardware resources within the organization to help businesses adopt a large language model to their workflows while protecting the company’s sensitive intellectual property. SPINE can optimize performance for large-scale operations, has real-time compliance and auditing features, incorporates bias detection mechanisms and ethical AI practices, and provides robust resource management. This ensures enterprises can deploy LLMs effectively, even in demanding environments, with high availability and fault tolerance. - Galde, M. R. (2024. GRID-LM: an AI-Powered Distributed Model for Infrastructure Threat Detection and Response. Tech Launch Arizona. https://inventions.arizona.edu/tech?title=GRID-LM%3a_an_AI-Powered_Distributed_Model_for_Infrastructure_Threat_Detection_and_Response: Tech Launch Arizona. https://inventions.arizona.edu/tech?title=GRID-LM%3a_an_AI-Powered_Distributed_Model_for_Infrastructure_Threat_Detection_and_ResponseMore infoAn AI-powered, distributed model to strengthen operational technology (OT) network security by detecting infrastructure threats through continuous, near-real-time monitoring.
- Galde, M. R. (2020. Video Instructional Computerized Environment. Content Streaming. College of Applied Science and Technology: University of Arizona CAST.
