2020 Program Chair
2021 PC Chair
Information security professional with 12 years experience across higher education, healthcare and international organizations.
Adli Wahid is current a Senior Internet Security Specialist at APNIC. He prime focus is security engagement activities in the Asia Pacific Region. This includes helping establish CERTs/CSIRTs, providing workshops and supporting the security community. Adli has a lot of experience working with regional CSIRT initiatives such as APCERT and OIC-CERT. He also served on the FIRST Board from 2014 to June 2019.
Alex Pinto is a Distinguished Engineer of the Security Solutions Group at Verizon Enterprise Services, currently managing the Verizon Security Research team, which is responsible for the Verizon Data Breach Investigations Report (DBIR).
Alex has over 20 years of experience in build security solutions and products and the last 6 of those years have been solely dedicated to the application of data science techinques on cybersecurity. He also holds multiple certifications, such as CISSP-ISSAP, CISA, CISM, and was previously PMP and PCI-QSA certified.
Ran JANET-CERT from 1999-2004; since then, regulatory issues affecting online services, including incident response; PC Chair 2019. Visited Montreal 1965 (see profile pic)
Anthony Kasza is a Threat Researcher for Corelight. At Corelight, Anthony is responsible for developing prototypes which provide insights into network activity. Prior to Corelight, Anthony was responsible for discovering new and tracking known threats, creating scalable classification systems, producing and operationalizing threat intelligence, and researching malware communication protocols. Anthony earned his Master of Science degree from DePaul University in Computer, Information, and Network Security.
Baiba Kaškina is the general manager of CERT.LV, she has been leading the CSIRT team in Latvia since 2006. Before that Baiba was working for TERENA in the Netherlands and was TF-CSIRT Secretary from 2003- 2006. Since 2013 Baiba is the member of TF-CSIRT Steering Committee and since 2014 – the Chair of TF-CSIRT. Baiba has been a member of the TNC and FIRST conference programme committees as well as has participated in various working groups nationally and internationally.
With almost 25 years in the PC industry, Beverly has project management experience in the areas of customer satisfaction, software development, troubleshooting problems, Lean Six Sigma, product accessibility and product security incident response. She has been involved with the FIRST organization serving on the Program Committee for the past 3 years and led the Vendor SIG. She was involved in the development of FIRST's PSIRT Framework and has presented at 2 annual FIRST conferences. Beverly is a CVE board member and enjoys collaborating with other PSIRTs.
FCT|FCCN (the portuguese NREN), PT
Carlos was born in Lisbon (Portugal), and graduated in Computer Science at the University of Lisbon in 1999. He was a Systems Engineer at University of Lisbon from 1996 to 2000 -- with a short spell at FCCN, working for the Portuguese Schools' Network Team and ccTLD .PT.
Back to FCCN during 2000, he managed the Portuguese Internet Exchange (Gigapix) for 15 years, participating at Euro-IX (euro-ix.net), while also contributing to the Networking Team, responsible for AS1930's backbone.
Over the years Carlos has delivered IPv6 courses (around Europe and Portuguese speaking countries in Africa) and also some talks at TERENA Networking Conferences and RIPE meetings. He is also a co-author of several policy proposals.
Since late 2015 he moved into CyberSecurity, taking a leadership role at RCTS CERT, the Portuguese R&E Network's Computer Emergency Response Team.
From 2016 to 2018 he was the Chairman of the Portuguese CSIRT Network's General Assembly (redecsirt.pt). He was also LinhaAlerta's manager between 2016 and 2018, and represented the portuguese Hotline at the INHOPE Association (inhope.org).
He now usually attends FIRST, TF-CSIRT and RIPE meetings, mostly focusing on incident response and anti-abuse issues.
United States Cybersecurity & Infrastructure Security Agency (CISA), US
Mr. Christopher Butera serves as an Associate Director at the United States Cybersecurity and Infrastructure Agency (CISA). He leads the Threat Hunting subdivision which includes many of CISA's cyber defense operations including threat analysis, federal network detection, incident handling and response, and hunt teams. His previous role was the Deputy Director of the National Cybersecurity and Communications Integration Center (NCCIC), Head of Cyber Threat Detection Analysis. Mr. Butera brings a wealth of experience to his role with over 15 years in various cybersecurity and IT leadership positions. Among other prior roles he served as Director of the NCCIC’s Hunt and Incident Response Team. As Division Director, he led the federal government’s efforts to provide technical assistance to significant cyber incidents, including many large-scale data breaches in both the private sector and federal government. His team focused on discovering and analyzing new forensic artifacts, finding new security controls to prevent and detect APT intrusions, and creating or enhancing opportunities for early detection and containment. Mr. Butera holds a Bachelor of Science degree in Computer Science from the University of Notre Dame and earned his Master of Science in Computer Science from the University of Chicago.
Cristine Hoepers is the General Manager of CERT.br, the Brazilian National CERT, maintained by NIC.br, from the Brazilian Internet Steering Committee. She has a degree in Computer Science and a PhD in Applied Computing. She has been working with Incident Management at CERT.br since 1999, where she helps the stablishment of new CSIRTs in the Country, provides training in information security and incident handling, and develops best practices to reduce abuse and increase Internet resilience. She is also involved since 2001 with research on the use of honeypot technology to understand attackers' tools and behaviour, as well as how to measure Internet abuse and the impact of policies on the improvement of the Internet health.
In the past she served as a member of the FIRST Board of Directors, as a Lead Experts of the UN IGF Best Practice Forum on CERTs, and as a member of the ITU HLEG (High Level Experts Group). She has been a speaker and moderator at several forums such as ITU, OAS, ICANN, APWG, IGF, MAAWG, LACNIC and FIRST Conferences, on the topics of incident handling, Internet fraud and spam, CSIRTs development and use of honeypots to identify and measure Internet infrastructure abuse.
European Commission, BE
Worked for 5 years as security analyst for CERT.be, 1 year at the European External Action Service and 4 years in the European Commission. During those 4 years, I initially worked as contractor and since July 2018, I'm a public servant.
Denise Anderson, MBA, is President of the National Health Information Sharing and Analysis Center (NH-ISAC), a non-profit organization dedicated to protecting the health sector from physical and cyber attacks and incidents through dissemination of trusted and timely information.
Denise currently serves as Chair of the National Council of ISACs and participates in a number of industry groups and initiatives. In addition, she has served on the Board and as Officer and President of an international credit association, and has spoken at events all over the globe.
Denise was certified as an EMT (B), and Firefighter I/II and Instructor I/II in the state of Virginia for twenty years and was an Adjunct Instructor at the Fire and Rescue Academy in Fairfax County, Virginia for ten years.
She is a graduate of the Executive Leaders Program at the Naval Postgraduate School Center for Homeland Defense and Security.
Dennis Dayman has more than 25 years of experience combating spam, security/privacy issues, data governance issues, and improving email delivery through industry policy, ISP relations and technical solutions. Previously he was Return Path’s Chief Privacy and Security Officer, at that time Dayman leverages his experience and key relationships to provide best practices to Return Path, its customers, and ensures the compliance of their communications data flows. He was also responsible for coordinating and managing Return Path’s international electronic commerce, privacy and Internet related policy issues.
Previously to Return Path, he was Eloqua’s Chief Privacy and Security Officer. Eloqua was acquired by Oracle for $871 Million dollars in 2012 and is now the centerpiece of Oracle's marketing cloud. He was appointed by Department of Homeland Security (DHS) Secretary Nielsen to the Data Privacy and Integrity Advisory Committee (DPIAC) that provides input to DHS on programmatic, policy, operational, administrative and technical issues that relate to personal identifiable information, as well as data integrity and other privacy-related matters. Also appointed as a U.S. Delegate for the U.S. Technical Advisory Group (TAG) within International Organization for Standardization (ISO) and American National Standards Institute (ANSI) supporting work on ISO/PC 317: Consumer protection: privacy by design for consumer goods and services. He is a longstanding member of several boards and advisory committees within the advertising and messaging industry and also sits on several advisory boards for Internet companies and is also a partner, mentor, and frequent investor in start-ups.
Cisco Umbrella, US
Dr. Dhia Mahjoub is the Head of Security Research at Cisco Umbrella. He works with his team on building large scale threat detection and threat intelligence systems, driving new product features and supporting major business deals in the US, Europe, and APAC. Dhia has 15+ years experience in network security and holds a PhD in graph data analysis. He’s been supporting Law Enforcement through his investigation of cybercrime and speaking about the subject at the Europol-INTERPOL Cybercrime Conference, the Dutch NCSC One Conference, the SANS CTI Summit and RIPE meetings. Dhia’s innovation in the space has led him to be awarded several patents on scalable threat detection and he is a frequent speaker at major conferences including Black Hat, Defcon, Flocon, FIRST, Virus Bulletin, and FS-ISAC. He has also given keynotes at KPMG and Orange security events and is on the program committee of Botconf and the ACM DTRAP journal.
I started my career in IT support and went on to management after joining VMware in 2007. In 2016 I took on the role of creating a Product Security team in the Ireland VMware office, following on from this I took on the responsibility of the global PSIRT team for VMware.
CSIRT CEDIA's Coordinator since Aug 2013. Working with (and a big fan of) Linux since 1995.
Foy Shiver is Deputy Secretary-General of APWG (Anti-Phishing Working Group) and a founding director of APWG.EU. In 2004 Mr. Shiver assumed operations management for the nascent non-profit Anti-Phishing Working Group. Since then the organization has grown into a global industry, law enforcement and research focused group dedicated to countering the growing threat of electronic crime. In 2006, Mr. Shiver accepted the appointment as Deputy Secretary-General of APWG, charged with cultivating membership around research, education and policy issues fighting cybercrime and electronically mediated fraud. In this role Mr. Shiver founded the APWG’s Symposium on eCrime Research, the first and only peer-reviewed program focusing exclusively on cybercrime research. Since 2006 he has grown this annual event and published 130+ peer reviewed cybercrime research papers through IEEE. In 2013 Mr. Shiver worked with APWG and CaixaBank to found the new European Foundation APWG.EU. This foundation focuses on cybercrime research and education within the European Union and globally. Mr. Shiver has previously worked in Lotus Notes Product Management, and founded a clinical research company: Woodstock Data. He is a proud veteran of the US Army 82nd Airborne Division.
Regular attendance of FIRST and TF-CSIRT meetings, I'd been involved in the CSIRT community for about 20 years now
Graciela Martínez currently is the Head of the WARP (Warning Advice and Reporting Point) of LACNIC. WARP provides the services needed to reinforce computer security incident response capabilities in case of incidents involving Latin American and Caribbean Internet addresses. In addition to this, Graciela also is the head of the AMPARO trainings. These trainings goal is to build capacity for the creation and operation of Computer Emergency Response Teams (CSIRTs), spreading know-how and reaching out to the LAC community. With over 20 years of experience in IT, she has more than 10 years professionally dedicated to computer security and outreach activities to bring LAC CSIRTs community together with other international security communities.
Cyber Emergency Center, Computer Forensics Department of LACERT, in LAC HQ Hirakawacho, Tokyo, Japan, JP
Hendrik Adrian was a bachelor of Electrical Engineering when received Master of Science in Computer & Information Sciences & Support Services.
Hendrik was working straight in the IT Security field with the UNIX skills in security hardening on various systems, he is known as implementing integration of open source solutions to filter malicious contents on various protocol for data transmission in the internet, his noted achievement was as co-founder and CEO of Kaspersky Labs regional office in Japan which acted as technical leader & business executive, his retirement to establish his own security protocol filtration product security entity, KLJTech (kljtech.com), was a well-noted appliance security product maker “K-Prox and K-Shield” in Japan Hendrik joined the CERT works afterwards and as an active speaker in the reversing & security conference like R2CON, BotConf, AV Tokyo, Brucon, DefCon Japan and he'll talk in Hack.Lu in 2019. His keen in deep technical presentation exposing many local threat via 0day.jp like the detection of first android malware made in Japan. Since 2016 through LACERT (previously JSOC) he is active until in Japan government support for various educational security lecturing activities in IPA(NFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN).
Aside of his daily work, in August 28th 2012 he gathered security researchers all over the world to form a malware analysis group known as MalwareMustDie.org, an NPO formed to suppress the growth of malware distribution in internet. Under his leadership MalwareMustDie (MMD) is known with achievement in deep analysis and disclosure of new threats, some achievements i.e. the first disclosure of Mirai IOT malware, Darkleech Rogue Apache Modules, detection of CookieBomb threat, and Rogue 302-Redirection & Cushion attack, 300+ botnet source codes, full disclosure of Kelihos botnet actors, and stopping the PowerLocker ransomware. More achievement can be seen in https://en.wikipedia.org/wiki/MalwareMustDie The team is also dedicated for its malicious sites takedown achievement which shutting down of more than 36,000 malware domains, and assisting arrest to some alleged cyber crime adversaries.
Several speakers notes:
https://rada.re/con/2018/schedule.html https://www.botconf.eu/author/hendrik-adrian/ http://2014.brucon.org/index.php/Hendrik_Adrian.html https://www.ipa.go.jp/jinzai/camp/2017/zenkoku2017_koushi.html https://www.ipa.go.jp/jinzai/camp/2018/zenkoku2018_program_profile.html#profile_z-04 https://www.ipa.go.jp/jinzai/camp/2019/zenkoku2019_program_profile.html#profile_z-02 https://2018.seccon.jp/seccon/2018akihabara/#cb-08 https://2018.seccon.jp/seccon/2018akihabara/#cb-07 http://en.avtokyo.org/avtokyo2013/speakers#hendrik
"Strudels" threat: https://resources.infosecinstitute.com/exclusive-close-look-largest-credential-harvesting-campaign-via-iot-botnet/ About Linux malware research: https://linux-audit.com/interview-malwaremustdie-linux-malware-research/ About FHAPPI APT: https://securityaffairs.co/wordpress/57309/apt/fhappi-campaign.html
SECOM., Co., LTD, JP
Computer Security Researcher at Private Company in Japan. I've researched a lot of security topics over 10 years. It contains many academic journal papers, patents, and program committee of international conferences as reviewer. Additionally, I developed cyber crime investigation tool and training materials at INTERPOL from 2014 to 2017. References Sites https://researchmap.jp/khiro/?lang=english https://www.linkedin.com/in/khiroki/ https://khiro.org/
UFBA - Federal University of Bahia/Brazil, BR
Italo Valcy, MSc in Computer Science, is the Chief Information Security at the Federal University of Bahia/Brazil (UFBA) responsible for the CERT.Bahia and ETIR-UFBA, which are CSIRTs responsible for handling and responding to security incidents related to the Internet community of Bahia connected to the Brazilian Academic and Research Network (RNP). He is involved in projects and experimentation related to Incident Handling, pentest, Vulnerability Management, network and application security (RPKI, DNSSEC, MANRS, BGP Security), malicious activity monitoring and also Future Internet projects, such as Software-Defined Networks, INT/P4, ICN, etc.
Team Cymru, BR
Jacomo, who is based in Brazil, joined Team Cymru in 2012 as part of the Outreach Team and have previously worked at the Brazilian Research and Academic Network. Jacomo is known globally due to his active involvement in FIRST (Forum for Incident Response and Security Teams) and for his work at several Security Communities and Trusted Groups. Jacomo is responsible for Team Cymru's Community Services, including the CSIRT Assistance Program - CAP. When possible also teaches Forensic and CSIRT security classes at post-graduation classes and work on his photography hobby.
Jeffrey Carpenter has dedicated more than 25 years to improving the state of information security in roles such as analyst, product security officer, information security officer and leader.
In 1995, Jeffrey joined the CERT® Coordination Center, located at Carnegie Mellon University’s Software Engineering Institute, as an incident response analyst. He became the incident response team leader in 1998 and technical manager in 2000. Jeffrey managed more than 50 technical individuals who conducted applied research and operational analysis with a focus on incidents, software vulnerabilities, network monitoring, malicious code, vulnerability discovery, and secure coding.
Jeffrey applied his insights and experience to further the focus on security at a government and international level. He was instrumental in helping the U.S. Department of Defense and the U.S. Department of Homeland Security create teams to exchange incident information and indicators between government and critical infrastructure organizations. He also worked closely with the U.S. Department of Homeland Security on the formation of US-CERT, the national computer security incident response team (CSIRT) for the United States. Jeffrey helped many other governments and regional organizations around the world establish national incident response capabilities as well. To promote collaboration among these organizations, he founded a successful annual conference for technical staff working for CSIRTs with national responsibility. Jeffrey’s active involvement in the incident response community over the years has included presenting in various forums and serving on Forum of Incident Response and Security Teams (FIRST) committees and working groups.
Jeffrey currently is the Secureworks Senior Director of Threat Intelligence and Incident Response Consulting. The Threat Intelligence group is part of the Counter Threat Unit™ (CTU) and delivers threat intelligence services to clients. The Incident Response Consulting Practice provides rapid containment and eradication of threats, minimizing the duration and impact of a security breach for Secureworks’ clients, as well as helping clients effectively prepare to have an incident.
Just before joining SecureWorks, Jeffrey was a product security and information security officer in the healthcare division at Royal Philips. In that role, he focused on improving security in the product development lifecycle for medical devices. He also helped improve security in the creation and operation of services that are used by patients, customers, and clinicians, and that also exchange data with medical devices in the field. In addition, Jeffrey worked closely with members of the sales and marketing teams to develop training and materials that would increase the efficiency of customer interactions by helping sales and marketing staff answer customer security questions more quickly and completely.
In his spare time, Jeffrey responds to other kinds of incidents as a volunteer firefighter and fire police officer. He has been an administrative officer at his fire company for most of his service, serving as recording secretary, president, and currently as vice president.
Jeroen van der Ham is assistant professor of Computer Network Security in the Design and Analysis of Communication Systems (DACS) group at the University of Twente. Jeroen combines this with his work at the National Cyber Security Centre in The Netherlands (NCSC-NL). At NCSC-NL he focuses on the many developments in coordinated vulnerability disclosure and ethics of the security profession. At the University of Twente he focuses on ethics of internet security research, denial of service attacks, and anonimization in network measurements.
Duke University, US
Jesse Bowling is the Security Architect for Duke University, and has worked in IT for nearly two decades, with over 10 years in IT Security. His professional career has been spent entirely in the education industry spanning three higher education institutions including a large public, medium private, and large private organizations. He currently serves on the Board of Directors for REN-ISAC, Chairman of the Technical Advisory Group for REN-ISAC, Chairman of the Internet2 Security Working Group, and Chair for the 2020 EDUCAUSE Security Professionals Conference.
DePaul University, US
John is a network architect in the Information Services division and adjunct faculty member in the College of Computing and Digital Media at DePaul University. He is also a PhD candidate in Computer Science at the University of Illinois Chicago.
In 10+ years of experience in infosec, I've been both in red and blue teams. After several years performing penetration testing trying to break into information systems and assessing the security of web and mobile applications, I joined the defence side first working as a security researcher for an MSSP and now as a CTO for Hacknowledge, a Swiss security monitoring solution. First both handling the technical aspects and growing a cross-functional team of +15 engineers (security, devops, infra) and now, focussing entirely on the technical part.
My background in offensive techniques allows me to have a different view on how to protect enterprises and their critical assets. I played Defcon CTF finals in 2015 as part of the 0daysober team.
I am also a guest lecturer at HEIG-VD on software exploitation techniques, and UniMail on incident response and malware analysis. I'm also part of the BlackAlps conference where I'm in charge of the program committee.
I spoke and gave software exploitation or reverse engineering workshops at several Swiss and European events including Hack.lu, Security BSides London, EUSecWest, Insomni'hack, OWASP Geneva, and Swiss Cyber Storm. Most of my public presentations could be found under : https://speakerdeck.com/milkmix
University of Applied Sciences Hamburg, DE
Being a member within FIRST since 1993 Peter has served in various capacity for multiple member organisations. In particular he chaired the 2017 FIRST Program Committee und is co-chair of the FIRST Educational Board.
KPMG LLP, GB
Konrads is an experienced, fast thinking and performing IT consultant with 20 years of IT experience. Konrads is currently focusing on high-end security assessments, red-teaming and incident response. His role is a technical team leader and subject matter expert in the Cyber Defence Services team. Konrads’ key strengths are strong IT skills across entire internet technology stack coupled with creativity and business drive. Thanks to Konrads’ understanding of how cyber security works from top to bottom, he can use the technical details to identify systemic problems, find root causes and deliver recommendations for multiple audiences – from technical staff, developers to senior management.
Purdue University/Fastly, Inc., US
Krassimir Tzvetanov is a security architect at Fastly, a high performance CDN designed to accelerate content delivery as well as serve as a WAF and a shield against DDoS attacks. His current focus is on incident response and investigations, threat intelligence and security systems architecture. In the past he worked for hardware vendors like Cisco and A10 focusing on threat research and information exchange, DDoS mitigation features, product security and best security software development practices. Before joining Cisco, Krassimir was Dedicated Paranoid (security) at Yahoo!, Inc. where he focused on designing and securing the edge infrastructure of the production network. Part of his duties included dealing with DDoS and abuse. Before Yahoo! Krassimir worked at Google, Inc. as an SRE for two mission critical systems, the ads database supporting all incoming revenue from ads and the global authentication system which served all of the company applications. Krassimir is very active in the security research and investigation community, has number of contributions to FIRST SIGs, as well as participates in the Honeynet Project. In addition, Krassimir ran the BayThreat security conference and has contributed to a number of other events like DefCon, where he ran the Radio Communications group, and ShmooCon and DC650. Krassimir holds Bachelors in Electrical Engineering (Communications) and Masters in Digital Forensics and Investigations and is currently a graduate student at Purdue University.
Working at CERT.at since 2008, FIRST board of directors 2014-2018
Lionel has been involved in the CSIRTs world since 2004, when he set up the CSIRT for the Belgian NREN. He later evolved that team into the first iteration of CERT.be, the Belgian National CERT. He worked for ENISA, then came back to help set up the second iteration of CERT.be, where he is currently working.
Dr. Lisa Bradley is the Director of Product & Application Security at Dell Technologies. In this role, she oversees the Product Security Incident Response Team (PSIRT); defines and drives implementation of engineering and support process changes to optimize vulnerability management; and manages response to customer inquiries about Dell Technologies corporate product and application security practices. Lisa has 20 years of Enterprise-class engineering and leadership experience including 6+ years leading PSIRT programs for NVIDIA and IBM. Lisa is part of the FIRST PSIRT Sig and contributed to the FIRST PSIRT Services Framework, training, and PSIRT Maturity document. Lisa has spoken at many tech-related events including FIRST, BSIMM, DerbyCon, ISACA and Security Journey.
Marco Thorbruegge, DE
2001 - 2005 DFN-CERT 2005 - 2016 ENISA since 2016 Defence
Team leader for KraftCERT, the Norwegian CERT (cyber security response team) for energy (oil&gas&electric), water&waste water and Industrial control system industry. Background from IC design, computer networking, and information security. Worked on information security since 1998: for the ISP community, in academia for a number of years, as well the Norwegian Security Authority/National CERT (NSM/NorCERT) and at the grid- and transmission system operator. On the board of directors of FIRST for 8 years, serving as chairman for 2 years.
Mark-David McLaughlin (MD) has over 20 years’ experience in the field of information security. In his role of Director of Security and Risk Management at Acuity Brands Lighting, MD helps ensure security practices are an integral part of the company’s IoT offerings. Prior to his current role, MD held a variety of information security related positions at IBM and Cisco; these roles include building a product incident response team, serving as a customer advocate in Cisco’s managed security service offering, performing security architecture reviews, conducting penetration tests, and developing software that supported security features on embedded hardware platforms.
MD has filed several patents and has presented world-wide on topics ranging from security metrics to analytics to the ethical disclosure of security vulnerabilities. MD holds a PhD with a focus on Information Security, an MBA with a specialization in telecommunications, and a BS in Computer Science.
CERT Division / Software Engineering Institute / Carnegie Mellon University, US
Mark Zajicek is a Member of the Technical Staff in the Monitoring and Response directorate of the CERT Division at the Software Engineering Institute, located at Carnegie Mellon University. Zajicek’s current work is focused on helping other organizations to build their own computer security incident response team (CSIRT) or incident management capability. As a member of the CERT CSIRT Development and Training team, Zajicek is responsible for providing guidance to new and existing CSIRTs, worldwide. He has codeveloped a variety of documents and training materials, and is an instructor for a suite of several courses that provide training for CSIRT managers and technical staff. Previously, Zajicek was the Daily Operations team leader for the CERT Coordination Center (CERT/CC), after having joined the CERT/CC’s incident handling staff in 1992. Prior to joining the CERT/CC, he also helped support the CERT/CC during its initial start-up in 1988.
TREND MICRO, DE
working in IT Security since 1990, with Trend Micro since 2001, Sr Director of Forwardlooking Threat Research since 2009
Michael Hausding works as Competence Lead DNS & Domain Abuse for SWITCH, the ccTLD registry for .ch and .li. His main job is to prevent internet crime on and with .ch & .li domains. He is a incident handler for more than 20 year and a member of SWITCH-CERT. Michael holds a Master in computer science from the University of Darmstadt, a MAS in management, technology and economics from ETH Zürich. He is a board member of the ISOC Switzerland chapter and the Swiss Internet Security Alliance.
Michael Murray serves as a Senior Manager for the Secureworks Security and Risk Consulting - Incident Response (SRC-IR) team, focused on delivering proactive incident response services that prepare our clients to act when an incident strikes by ensuring that they have defined, implemented, and exercised the necessary plans and processes, and by augmenting client incident management capabilities during an incident response event. Prior to joining the Secureworks team, Michael was a member of the technical staff at the CERT Coordination Center (CERT/CC), and previously served on the Board of Directors of the Forum of Incident Response and Security Teams (FIRST).
Niall leads the monitoring, detection and response programs for Informatica. Previous to this Niall spent a number of years working in consulting advising clients across industries on topics across the breadth of information security.
Niall also lectures on a number of modules in the MSc Cyber Security in the National College of Ireland, sits on the SME Technical Advisory Committee for Comptia; helping to develop and shape certifications. Alongside this Niall also has a number of certifications across general security, penetration testing and forensics.
FIRST Liaison (day job: SANOFI), FR
Computer Systems Engineer with a Master Degree in Communications Networks. Specialist with about 20 years of experience in OSS technologies. Researcher and producer of scientific articles in the IT area. Founding Partner and General Manager of NawesCorp Cía. Ltda., Commercially known as EcuaLinux.com. Wide experience as a teacher and instructor in Universities, Institutes and Continuing Education Centers. Has held executive and management positions in the academic and business area, both public and private sectors. Currently works at the CSIRT of CEDIA and manages part of the advanced services infrastructure, and participates as an instructor in its Continuing Education School.
Rastislav Janota has over 20 years of experience in IT and telecommunication sectors. Over his career, Mr. Janota holds successfully various expert, managerial, and supervision positions in the field of information and communication services and cyber/information security in private and governmental sectors both at home and abroad. Currently he serves as Chairman of the Cyber Security Committee of the Security Council of the Slovak republic as well as Director of SK-CERT – Slovak National CERT under National Security Authority of Slovak republic. From these positions, he bear responsibility for cyber security governance of the Slovak Republic.
nic.at Gmbh / CERT.at, AT
Robert Schischka studied business economics at the University of Economics in Vienna, specialising in commercial information technology and controlling. His professional focus is within the topics of IT strategy, architecture, infrastructure and IT security. He gained his profound experience as a security expert during his occupation in a subsidiary company of the Austrian National Bank and as a consultant with the internationally active IT-consulting company CSC. Along with Richard Wein, he has been the CEO of nic.at since September 2003, where he is responsible for the technical operation. And since 2008 is director of the national Computer Emergency Response Team ( CERT.at).
In the CNCS (NCSC Portugal) since its foundation, in 2014. Head of CERT.PT since 2016
ENISA - European Union Agency for Network and Information Security, EU
Rossella Mattioli joined ENISA, the EU Agency for Cybersecurity, in 2013. Over the years she worked on threat modelling and security measures for Internet infrastructure, ICS/SCADA, smart grids, Internet of Things, smart cars and airports. She is currently focusing on strengthening European Union incident response capabilities by supporting the “CSIRTs Network” established by the 2016 Network and Information Security Directive and the TF-CSIRT “Reference Security Incident Taxonomy” Working Group. Rossella holds a MSc in Cybersecurity from TalTech - Tallinn University of Technology and she is a Certified Information Systems Security Professional (CISSP).
Fujitsu System Integration Laboratories, JP
Dr. Ryusuke Masuoka is a research principal at Fujitsu System Integration Laboratories LTD (FSI), working on Cyber Security. Over 30 years, he has conducted research in neural networks, simulated annealing, agent system, pervasive/ubiquitous computing, Semantic Web, bioinformatics, Trusted Computing, Software/Security Validation, Cloud Computing, Smart Grid, the Internet of Things, Cyber Security Policy, and Cyber Security. He also led numerous standardization activities and collaborations with universities, national and private research institutes, and startups. He is an ACM senior member and an IEEE senior member.
NATO Communications and Information Agency (NCIA), US
Sarah Brown is a Senior Scienist at the NATO Communications and Information (NCI) Agency where she works on cyber security capability development for NATO, with a particular interest in cyber threat intelligence. She works on independent research projects under the name Security Links. Prior to NATO, Sarah worked at Fox-IT, delivering threat information to banks globally and leading standardization efforts for delivery of such content. Sarah worked for nine years at MITRE. Sarah has spoken at RSA, FIRST, ACM WISCS, CyCON, Holland Strikes Back, and Hack in the Box. Sarah holds a BA in Mathematics and Computer Science and an MA in Mathematics from University of Maryland, College Park.
I am a 20 year security/privacy expert, spending the last 5 + years in various PSIRT roles at Microsoft and Palo Alto Networks. I have started speaking at small conferences and see the importance to bring a variety of perspectives to conference talks.
National Telecom Regulatory Authority, EG
Dr Hashem is the Principal Cybersecurity Advisor at the Egyptian National Telecommunication Authority (NTRA). Dr. Hashem is also theChair Professor of Engineering Mathematics and Computer Science at the Faculty of Engineering, Cairo University, Egypt.Dr Hashem is a Senior IEEE member and an ISACA Certified Information Security Manager. Over the last decade, Dr. Hashem has led several key cybersecurity efforts at the national level, and setting up the framework for further developing the Egyptian Computer Emergency Readiness Team (EG-CERT) at the National Telecom Regulatory Authority (NTRA). More recently, in 2015, Dr Hashem became a member of Egypt’s Supreme Cybersecurity Council (ESCC), which is affiliated with the Cabinet of Ministers. As the Chairman of the Executive Bureau of the ESCC, Dr Hashem led the team that drafted Egypt’s first National Cybersecurity Strategy (2017-2021). Successful cybersecurity initiatives and activities led by Dr Hashem have contributed to Egypt’s advanced cybersecurity rank: 14th among 194 countries,as reported by the International Telecommunications Union (ITU)/ABI Global Cybersecurity Index in July 2017. (https://www.itu.int/dms_pub/itu-d/opb/str/D-STR-GCI.01-2017-PDF-E.pdf ). Since 1999, Dr Hashem has worked as an ICT strategist and policy advisor at the Egyptian Ministry of Communications and Information Technology (MCIT) and its affiliates: The Information Technology Development Agency (ITIDA Executive VP for E-Business and E-Signature) and the National Telecom Regulatory Authority (NTRA VP for Cybersecurity). Dr Hashem has participated in formulating and executing national Information and Communication Technology (ICT) policies, especially in cybersecurity and e-signature, and developing new models for empowering collaboration between the ICT industry and the academic/research community in order to enhance the competitiveness of Egyptian ICT companies. Dr. Hashem received a B.Sc. in Communication & Electronic Engineering anda M.Sc. in Engineering Mathematics from Cairo University-Egypt, and a Ph.D. in Industrial Engineering from Purdue University-USA. He also completed the Senior Executive Program at Harvard Business School-USA. Dr. Hashem authored and co-authored more than sixty articles and book chapters in the areas of artificial intelligence, cybersecurity, information technology, e-commerce, and operations research, with applications in engineering, energy, environment, and computer sciences, with over 1600 international citations (http://scholar.google.com.eg/citations?user=KKIju5kAAAAJ&hl=en). Dr. Hashem received several awards and recognition including: the Global Bangemann Challenge Award (from the King of Sweden: Stockholm – 1999).
Internet Protocol (IP) based Information systems design and security for over a quarter century- yes, even before the Internet became commercialized and common-, including carrier grade backbone networks.
Information Security Specialist, with 10 years of experience in Information Technology with multinational companies. Posses a Bachelor's degree on Computer Science and Master’s degree in Information Technology Project Management.
MSc in Computer Science, specializing in Systems Security, Cryptography, Networking. Working at the supercomputing center of the University of Karlsruhe/Karlsruhe Institute of Technology since 2004, foundingmember of KIT's CERT since 2008, KIT-CERT manager from 2011 to 2018.
Mr. Millar has served in CISA for 10 years, working to strengthen the agency’s information sharing capabilities, increasing the level of public, private and international partner engagement, and supporting initiatives to improve information exchange by both humans and machines, such as the standardization of the Traffic Light Protocol and the development of the Structured Threat Information eXpression. Prior to his cybersecurity career, he served as a linguist with the 22nd Intelligence Squadron of the United States Air Force. Mr. Millar holds a Master’s of Science from the George Washington University and is a Distinguished Graduate of the National Defense University’s College of Information and Cyberspace.
Energie Baden-Württemberg AG, DE
Finished high school in 1991; from 1991 to 2006 in the German Navy as Naval Flight Officer (among duty stations senior simulator training officer and information security offer for the naval air wing); from 2006 to 2010 university degree in computer sciences (main topics were forensic, security and robotics); 2011 to 2019 member of the KIT-CERT at the KIT (Karlsruher Institute of Technology in Karlsruhe, Germany); since 2019 senior security manager at Energie Baden-Württemberg (EnBW; German large energie provider and power authority).
Agency ARNIEC - RoEduNet, RO
Working at RoEduNet (Romanian NREN) before its official founding in 1998. Although graduated a mechanical engineering faculty in 1990, after a couple of years I switched interest to computer networks and related stuff. Main activities within RoEduNet include administration and operations related to optical and IP networks. I also work at "Alexandru Ioan Cuza" University from Iasi, at the Digital Communications Dept. RoCSIRT joined in 2010, now team rep. Also acting as GEANT backup APM for Romania.
Senior Manager, Global Cyber Compliance Services. Leads a team of cyber professionals managing cyber security compliance activities at Raytheon both in the US and at their Global locations. Holds the CISSP, ISSMP, and CCSP certifications. Wayne's initial FIRST Conference was the 6th Annual Conference in Boston.
I'm one of the founders of NTT-CERT and a member of NTT-CERT for 15 years. I'm a leader of analysis team, especially in charge of vulnerability and malware analysis. Recently, I'm interested in creating our own threat intelligence and feeding to our constituencies.