34th Annual FIRST Conference | Neart Le Chéile - Strength Together
FIRST is a member driven, not-for-profit organization with emphasis on information sharing within its global membership as well as the incident response community at large. The Program Committee is a volunteer opportunity, open to non-members and managed through an open call submission process. The Program Committee comprises of 20 members who are nominated by the Conference Program Chair and approved by the FIRST Board of Directors. Program Committee members are selected for their expertise in key areas relating to program objectives, regional balance, and previous program & content committee experience.
We are no longer accepting Program Committee volunteers for the 2022 conference.
2022 Program Chair
Brian Honan CEO of BH Consulting, a world leading consulting firm in the areas of cybersecurity and data protection, and he is a recognised internationally as an expert on cybersecurity. He has acted as a special advisor to Europol's Cybercrime Centre (EC3), he is founder and head of IRISSCERT which is Ireland's first CERT, and sits on the advisory board for several innovative security companies. Brian is the author of several books and regularly contributes to various publications. For his contribution to the cybersecurity industry Brian was inducted into the Infosecurity Hall of Fame and has also been awarded the "SC Magazine Information Security Person of the Year."
2022 Program Committee
Juniper Networks, US
Derrick Scholl is the Sr. Director of Juniper Network’s Security Incident Response Team (SIRT). Derrick has been leading Product SIRTs for more than 20 years with previous positions at Oracle and Sun Microsystems.
Since attending his first FIRST conference in Chicago in 2000, Derrick has been a huge FIRST enthusiast. He’s been to every Annual Conference since and attended countless regional conferences, symposia, and TCs. He was elected to the FIRST Board of Directors in 2006 and served two terms as the Chairman of FIRST in 2007 and 2008. He stepped down from the Board in 2009 but came back to serve an additional 8 years from 2011-2019.
Because of his passion for the Annual Conference, Derrick served as the Board Liaison or Conference chair for the conferences in Berlin, Puerto Rico, and Edinburgh. Since leaving the Board, Derrick has served on the Program Committee for the last two conferences.
Concinnity Risks, GB
Eireann Leverett is CTO of Waratah Analytics, and a has an interest in quantitative risk within the digital forensics and incident response community. He has written academic papers on vulnerability forecasting, ransomware, ddos, cyber insurance, liability and the internet of things, and industrial systems. He is a proud FIRST member, and looks for collaborative research capturing cyber problems from a interdisciplinary perspective.
Fatema Bannat Wala
Berkeley Lab/ESnet, US
Fatema Bannat Wala is a Security Engineer at the LBNL/ESnet where her responsibilities include monitoring network traffic for intrusions and malicious activities, threat hunting and incident response. Fatema has held prior roles in security research and software engineering and she holds CISSP certification together with GIAC security certifications in intrusion analysis, incident handling, penetration testing, cloud security automation and intrusion detection.
Recorded Future, US
Gavin Reid is the CSO for Recorded Future. Recorded Future delivers advanced security intelligence to disrupt adversaries, empower defenders, and protect organizations. Reid has global responsibility for ensuring the protection, integrity, confidentiality, and availability of all customer-facing services, internal operational systems, and related information assets. Gavin has 20 years of experience in the management of all aspects of security for large enterprises. Strong ability to create and direct fast-moving technical security teams with industry-leading incident response, security research, and threat intelligence capabilities. Creator of Cisco's Security Incident Response Team (CSIRT), Cisco's Threat Research and Communications (TRAC) and Fidelity's Cyber Information Group (CIG).
Hendrik Adrian was a bachelor of Electrical Engineering when received Master of Science in Computer & Information Sciences & Support Services. Hendrik was working straight in the IT security field with UNIX skills in security hardening on various systems, his noted achievement was as co-founder and CEO of Kaspersky Labs regional office in Japan acted as technical leader & business executive, his retired to establish his own security protocol filtration product in a Japan security entity. Hendrik has joined LACERT works afterwards, he is in Japan government support for various educational security lecture activities in IPA, he is putting more efforts in contribution to local (Japan) and international security communities as an active speaker in various conferences i.e. IOTSecJP, R2CON, BotConf, AV Tokyo, ROOTCON, Brucon, DefCon Japan HACK.LU, etc, along with contribution as lecturer in security educational events in Japan at All Japan Security Camp and IPA ICSCoE's CyberCrest supporter. Aside of his daily work, in August 2012 he gathered world-wide security/network engineers to form a malware analysis initiative movement to then known as MalwareMustDie.org, an organization formed to suppress the growth of malware distribution, his shared technical writing on UNIX cyber threats can be viewed in https://blog.malwaremustdie.org with achievement listed in https://en.wikipedia.org/wiki/MalwareMustDie
Individual Contributor, US
Jamie Tomasello has been combating internet abuse, addressing security and compliance issues, and establishing trust for over 20 years at internet service providers, security companies, law firms, and nonprofits. Jamie is a hybrid policy technologist with a focus on practical, sustainable operations aligned with business risk. She/he is also a Certified Information Privacy Professional (CIPP/US and CIPT). In addition to being passionate about protecting customers and their data, Jamie finds joy in building teams and providing support to burgeoning leaders.
Jeroen van der Ham
NCSC-NL & UTwente, NL
Jeroen van der Ham is senior researcher at NCSC-NL and associate professor of Cyber Security Incident Response at the University of Twente. At NCSC-NL he focuses on the many developments in coordinated vulnerability disclosure and ethics of the security profession. At the University of Twente he focuses on incident response, ethics of incident response and internet security research, denial of service attacks, and anonimization in network measurements.
John is a PhD candidate in Computer Science at the University of Illinois Chicago studying under the tutelage of Chris Kanich. He is a principal analyst at NETSCOUT on the ATLAS Security Engineering and Response Team (ASERT). John is also adjunct faculty in the College of Computing and Digital Media at DePaul University. He currently serves as a research fellow at ICANN, sits on the NANOG program committee, and operates DataPlane.org.
Koen Van Impe
cudeso.be Comm.V., BE
Incident Response, Security Monitoring and Threat Intelligence https://www.vanimpe.eu
Mnemonic , GB
Dr. Marie Moe is a Senior Security Consultant at mnemonic, where she works with threat intelligence and incident response. She has previous work experience as a team leader at NorCERT and at the Norwegian research institute SINTEF. She is also a part-time Associate Professor at the Norwegian University of Science and Technology, where she teaches incident response and has been supervising Master students on ethical hacking of medical devices.
Marina Krotofil is a cyber security professional with over a decade of hands-on experience in advanced methods for securing Industrial Control Systems (ICS) and other cyber-physical systems. She is also an experienced Red/Blue Teamer who contributed research on novel attack vectors, exploitation techniques and design of novel defence methods. She is an experienced incident responder, forensic investigator and ICS malware analyst. Marina frequently collaborates with international organizations on the topics of critical infrastructure security and is a regular speaker at the leading conference stages worldwide. She is also a frequent reviewer of academic manuscripts and talk proposals including Black Hat and USENIX WOOT. Marina currently works as Product Owner for Industrial and IoT Security at Maersk. She holds an MBA in Technology Management, MSc. in Telecommunications, and MSc. in Information and Communication Systems.
Michael Dwucet graduated as a MSc. in Computer Science at the University of Bonn in 2008, where he focused on cyber security in military networks. After his graduation, he worked as an agent for the Federal Office for Information Security (BSI) in Germany. Beginning as an Incident Responder and later as an Incident Manager for the Computer Emergency Response Team for the Federal Government (CERT-Bund), he handled many high profile cases in the Government, in Critical Infrastructures and in major organisations. In addition, he was one of the main relation officers for CERT-Bund and cooperated with many national and international bodies, like ENISA, Europol EC3, FIRST, the EU CSIRTs network and the European Government CERTs group. Michael Dwucet is currently the head of the section "CERT-Bund Incident Response and Liaison Office to the National Cyber Response Centre" in the Department for Operational Cyber Security in the BSI. Furthermore he is the acting head of the section “CERT-Bund Mobile Incident Response Team”.
Munich Re, DE
Dr.-Ing. Michael Spreitzenbarth graduated from the University of Mannheim with a degree in business informatics majoring in digital forensics and earned 2013 his doctor degree in mobile forensics and mobile malware detection from the University Erlangen-Nuremberg.
As Senior Key Expert of the SiemensCERT he was in charge of analysing the mobile threat landscape, providing standards to secure mobile devices and incident response for the entire Siemens Group. Within this context he also developed a framework to test business critical iOS and Android application for security vulnerabilities and critical design flaws. Subsequently, he structured and guided the Siemens CustomerCERT as key contact to support end customers in the event of security incidents and developed a portfolio to increase security in customer production environments. In this context he also worked as an auditor for internal facilities and products of Siemens. From 2018 to 2020 he was working as a Cyber Security Underwriter for Munich Re and assessed cyber risks in all industries (mainly within Europe and Latin Amerika). Starting October 2020 he changed back to the world of incident response and is since then working as a Senior Risk Manager for Incident and Crisis Readiness at Munich Re.
Niall Heffernan leads security detection, monitoring and response at Informatica. As part of this role he links with other FIRST members regularly and has taken part in the program committee for the last number of years, as well as previously sitting on program committees for OWASP conferences and being active in the security community. He lectures on an MSc in security across multiple modules and participates as a subject matter expert with Comptia globally also.
Nicole Harris joined GÉANT in March 2013 as a Project Development Officer to support the global GÉANT Community Programme. She works primarily in the security and middleware areas and specialises in managing global IT initiatives, policy and legal issues and open source developments. Nicole is responsible among other activities for TF-CSIRT, GÉANT’s forum for CSIRTS, and works to support GÉANT’s successful TRANSITS training programme as well as managing a variety of security related projects for National and Research Education Networks (NRENs). Prior to joining GÉANT, Nicole worked at JISC for 10 years, supporting a range of programmes and services in the middleware, research and open source spaces.
Nicole holds a Master of Arts degree in Children’s Literature, which has been more useful in her technical career than people might think.
FIRST Liaison, FR
Based in France, Olivier CALEFF has been involved in incident management and CSIRT-related organizations (FIRST, TF-CSIRT, CSIRTs Network, InterCERT-FR) since 1996. He contributed to setting up some CSIRTs in France and performed FIRST site visits to assess the maturity of the teams CSIRT. He is an advocate of OpenCSIRT Foundation’s SIM3 (Security Incident Management Maturity Model), and a SIM3 Certified Auditor. He is a Liaison member in the FIRST community, and co-chairs the Membership Committee, the Malware Analysis, and Cyber Exercises Special Interest Groups (SIG). He also actively contributes to other SIGs such as the CSIRT Framework and Traffic Light Protocol (TLP). He also contributes to ENISA publications as an independent Subject Matter Expert. Olivier CALEFF is currently a Cyber Resilience and CSIRT Expert at a global healthcare supplier. Prior to that, he was in charge of the international relationships for CERT-FR – the French governmental CSIRT – liaising with partners, other CSIRTs and institutional bodies. He has been teaching security for 30 years in French and English, including the delivery of TRANSITS and FIRST security trainings since 2014 in both French an English. His LinkedIN profile is available at https://www.linkedin.com/in/caleff/
CISSP, CISM, CISA and PMP. A seasoned incident responder for decades with the Internet Protocol based information systems design and administration experience for decades, including carrier grade multinational networks as well as multinational corporate IT. Based in Silicon Valley now after living and working experience in both east and west coast of the United States, Japan and other APAC, and Europe in my life.
FVT SecOps consulting , IE
Thomas has over 30 years of experience in the IT industry ranging from software development to infrastructure & network operations and architecture to settle in information security. He has an extensive security background covering roles from incident responder to security architect at fortune 500 companies, vendors and consulting organisations. He is currently security advocate and threat researcher focused on advising companies on understanding their data protection activities against malicious parties not just for external threats but also compliance instigated.
Thomas is also an active participant in the InfoSec community not only as a member but also as director of Security BSides London, ISSA UK chapter board member and speaker at events like SANS DFIR EMEA, DeepSec, Shmoocon, and various BSides events.
Munich University of Applied Sciences, DE
Thomas Schreck is a Professor for IT-Security at the Munich University of Applied Sciences. Prior he was a Principal Engineer for IT-Security at Siemens and the Head of Siemens CERT. He served between 2015 and 2021 on the Board of Directors of FIRST.org and was the Chairman from 2017 to 2019. He holds a PhD in Computer Engineering from the Friedrich Alexander University Erlangen-Nuremberg and a Diploma in Computer Science from the University of Applied Sciences Landshut.
Vic Chung is the Head of Product Security Response Team at SAP. He is passionate about PSIRT and has experience in building functional and high-performing security teams. Vic is a Berkeley Haas executive alumni, holds a MBA from Open University Business School and a Masters degree in Information Systems from University of Toronto.