FIRST is a member driven, non-profit organization with emphasis on information sharing within its global membership as well as the incident response community at large. The Program Committee is a volunteer opportunity, open to non-members and managed through an open call submission process. The Program Committee comprises of 20 members who are nominated by the Conference Program Chair and approved by the FIRST Board of Directors. Program Committee members are selected for their expertise in key areas relating to program objectives, regional balance, and previous program & content committee experience.
2024 Program Chair
Takayuki Uchiyama is a member of Panasonic PSIRT and is responsible for product security activities at the business divisions overseas. His main roles include, the handling of vulnerabilities, creating and conducting product security training to product developers and providing assistance to product development teams related to product security as necessary. Aside from his role in Panasonic, Takayuki has been a CVE Board Member since 2016. Prior to joining Panasonic, Takayuki worked at JPCERT/CC, where his main tasks involved the coordination of vulnerability reports with PSIRTs, taking part in various discussions groups related to the identification / analysis / coordination / disclosure of vulnerabilities.
Program Committee Overview
Abner Tokai "Kolo"
Abner Tokai “Kolo” is a Security Analyst for CERT Tonga for 7 years. Abner is currently leading the Incident Response and also assist in Digital Forensics. This is my first time to join this committee and really keen to actively be part of this community.
Adli Wahid is a Senior Internet Security Specialist at APNIC. He is an active member of the security community and involved in many capacity development project. Adli is currently the lead for the APNIC Community Honeynet Project. Prior to joining APNIC, he had served the Bank of Tokyo Mitsubishi-UFJ & the Malaysia CERT (MYCERT).
Derrick Scholl is the Sr. Director of Juniper Network’s Security Incident Response Team (SIRT). Derrick has been leading Product SIRTs for more than 20 years with previous positions at Oracle and Sun Microsystems.
Since attending his first FIRST conference in Chicago in 2000, Derrick has been a huge FIRST enthusiast. He’s been to every Annual Conference since and attended countless regional conferences, symposia, and TCs. He was elected to the FIRST Board of Directors in 2006 and served two terms as the Chairman of FIRST in 2007 and 2008. He stepped down from the Board in 2009 but came back to serve an additional 8 years from 2011-2019.
Because of his passion for the Annual Conference, Derrick served as the Board Liaison or Conference chair for the conferences in Berlin, Puerto Rico, and Edinburgh. Since leaving the Board, Derrick has served on the Program Committee for the last four conferences.
Concinnity Risks, GB
Éireann Leverett is the co-author of Solving Cyber Risk, and a cyber risk entrepreneur. His career has taken him from hardhats and steel toed boots in industrial control systems to the implications for critical national infrastructure in policy. He works regularly with the international CERT community at FIRST.org, and writes papers when he finds the time. His proudest achievement is co-authoring a paper which has inspired legislation in the EU. He loves nature, travel, and reading when he gets away from computers.
VMware Security Response Center, IE
Emer has over 20 years of technology experience and has worked in VMware since 2007. Her current role is Director of the VMware Security Response Center, where she leads a global team of technical program managers and security engineers to ensure the company is responding to external security reports, influencing stakeholders across the business, and advocating for VMware customers. Emer is passionate about security, joining the security incident response team with limited experience, she has built her reputation through seeking out mentors and immersing herself in the field.
Siemens Technology, US
Enrico Lovat received his PhD from the Technical University of Munich for his research on the topics of usage control and information flow tracking. He joined Siemens CERT in 2016 in the dual role of Incident Handler and Cyber Threat Intelligence Team Lead. In 2022 he moved to Siemens Technology as Principal Key Expert, supervising the research in technologies and innovations for cybersecurity services.
Erik Alexander Løkken
Erik Alexander leads a team of more than 180 security experts within areas such as Threat Intelligence, Incident Response, 24/7 Threat Monitoring, and Research & Development (R&D). He has more than 25 years of security experience. He has primarily been focusing on cyber incidents with specializing in incident response, digital forensics and detection technology. He was a central part of establishing mnemonic's security services back in 2002, and has decades of first-hand experience handling large and critical incidents where advanced threat actors have been involved.
Schneider Electric, IN
Harish Shankar is a cybersecurity professional with 18 years of experience. He is currently working as Director – Head of Product Vulnerability Management in Schneider Electric. In this role, he heads Schneider Electric’s PSIRT Team which is represented as SE - Corporate Product Cyber Emergency Response Team (CPCERT) where he is responsible for defining and governing product vulnerability response.
Prior to this role, he handled Product Incident Response and has hands-on experience on Incident Response and Digital Forensics. He also held the positions of Information Security Officer for the APAC region in Schneider Electric. He is the winner of NEXT100 award in 2018. He is based in Bangalore, India.
Hendrik Adrian was a bachelor of Electrical Engineering when received Master of Science in Computer & Information Sciences & Support Services. Hendrik was working straight in the IT security field with UNIX skills in security hardening on various systems, his noted achievement was as co-founder and CEO of Kaspersky Labs regional office in Japan acted as technical leader & business executive, his retired to establish his own security protocol filtration product in a Japan security entity. Hendrik has joined LACERT works afterwards, he is in Japan government support for various educational security lecture activities in IPA, he is putting more efforts in contribution to local (Japan) and international security communities as an active speaker in various conferences i.e. IOTSecJP, R2CON, BotConf, AV Tokyo, ROOTCON, Brucon, DefCon Japan HACK.LU, etc, along with contribution as lecturer in security educational events in Japan at All Japan Security Camp and IPA ICSCoE's CyberCrest supporter. Aside of his daily work, in August 2012 he gathered world-wide security/network engineers to form a malware analysis initiative movement to then known as MalwareMustDie.org, an organization formed to suppress the growth of malware distribution, his shared technical writing on UNIX cyber threats can be viewed in https://blog.malwaremustdie.org with achievement listed in https://en.wikipedia.org/wiki/MalwareMustDie
Jacomo Piccolini joined Team Cymru in 2012 as part of the Outreach Team and is based in Brazil. Prior to working at Team Cymru, he worked at the Brazilian Research and Academic Network, at their Academic CSIRT, and acted as the Academic Coordinator for the Educational School’s security and IT governance curriculum. With 23 years of field experience, Jacomo holds a degree in Engineering and a post-graduate degree in Computer Science and Business Administration. Jacomo is known globally due to his long time involvement in FIRST (The Forum for Incident Response and Security Teams). He is a Liaison Member of FIRST and the team representative for Team Cymru. Jacomo is also Team Cymru representative at OIC-CERT. Previously Jacomo coordinated hands-on activities for FIRST and is now contributing on the Membership Committee. Jacomo is also known for his work and contributions within several security communities and trust-based groups, serving as an advisor, doing pro bono work and as an elected board member. Jacomo is responsible for Team Cymru's Community Services, including the CSIRT Assistance Program (CAP) and the Data Sharing Partnerships. When possible he returns to education, teaching network forensics and CSIRT security courses, at the post-graduate level, as an invited professor. When not working to make our networks safer places, Jacomo spends time doing his other great love, photography.
Jeroen van der Ham
University of Twente, NL
Jeroen van der Ham is associate professor in the Design and Analysis of Communication Systems (DACS) group at the University of Twente. He enjoys interdisciplinary research, bridging the gap between theory and practice, and is a proud member of the FIRST community. His research focuses on vulnerability prioritization and management, incident response, the many developments in coordinated vulnerability disclosure and ethics of cybersecurity and computer science.
Ken Lee is a Security Consultant at Amazon Web Services, providing professional security governance, risk management, and compliance consulting for the cloud. Before joining AWS, Ken served as manager and product security officer at Synology, managing the Bug Bounty Program and Security Incident Response Team to respond to all security incidents within the company.
Logan Wilkins currently leads a software engineering team in Cisco’s CSIRT, overseeing development programs related to incident detection and response, data management, and security metrics. Within FIRST he is the co-chair of the Metrics SIG and has served as a Candidate Sponsor for multiple groups. In addition to his experience in Cisco’s security organization, Logan has also worked in e-commerce, pharmaceutical drug discovery and was previously a high school teacher, giving countless students their first introduction to Computer Science.
Mark T. Zajicek
Carnegie Mellon University, Software Engineering Institute, CERT Division, US
Mark Zajicek is a Member of the Technical Staff in the CERT Monitoring and Response directorate in the world-renowned CERT Division at Carnegie Mellon University’s Software Engineering Institute (SEI). Zajicek’s current work is focused on helping other organizations to build their own computer security incident response team (CSIRT) or incident management capability. As a member of the CERT CSIRT Development and Training team, Zajicek is responsible for providing guidance to new and existing CSIRTs worldwide. He has co-developed a variety of documents and training materials, and he is an instructor for a suite of several courses that provide training for CSIRT managers and technical staff. Previously, Zajicek was the Daily Operations team leader for the CERT Coordination Center (CERT/CC), after having joined the CERT/CC’s incident handling staff in 1992. Prior to joining the CERT/CC, he was a user consultant for the Computing Facilities group at the SEI. Zajicek also helped support the CERT/CC during its initial start-up in 1988.
CIRCL – Computer Incident Response Center Luxembourg, LU
Michael Hamm has worked for more than 10 years as Ingenieur-Sécurité in the field of classical Computer and Network Security (Firewall, VPN, AntiVirus) at the research center “CRP Henri Tudor” in Luxembourg. Since 2010, he has been working as an operator and analyst at CIRCL – Computer Incident Response Center Luxembourg where he is working on forensic examinations and incident response.
Otgonpurev (Ogo) Mendsaikhan
Otgonpurev Mendsaikhan (Ogo) is a board member and international liaison at MNCERT/CC and has an interest in threat intelligence, information sharing and vulnerability research. He has written academic papers on automated cyber threat intelligence, utilization of natural language processing in cyber threat intelligence. He holds a PhD in Informatics from the Nagoya University of Japan and Masters in Information Security from Carnegie Mellon University of USA. He is a proud FIRST member, and looks for collaborative research and intelligence sharing in FIRST community.
Canadian Centre for Cyber Security (Government of Canada), CA
Red Hat, AU
Rob Lowe has been involved in Incident Response, Security Operations and Threat Intelligence for over 20 years. Previously, Rob worked at AusCERT and CERT.AU where he assisted constituents with incident response coordination and capacity building. For the last twelve years, Rob has been a part of Red Hat’s enterprise security team, including leading the broader Information Security function as well as Incident Response, Security Operations and Cyber Threat Intelligence teams. Rob also has a long involvement with FIRST, and is proud to have delivered FIRST Annual Conference presentations in 2005 and 2019, served on the program committee and delivered TRANSITS training.
Sheryane is a security consultant at EY CSIRT where she specializes in threat intelligence and Digital Forensics and Incident Response engagements.
CISSP, CISM, CISA and PMP. A seasoned incident responder for decades with the Internet Protocol based information systems design and administration experience for decades, including carrier grade multinational networks as well as multinational corporate IT. Based in Silicon Valley now after living and working experience in both east and west coast of the United States, Japan and other APAC, and Europe in my life.
CSC.fi / Funet CERT, FI Timo is a seasoned security specialist with over three decades of experience in the field. He has dedicated his career to safeguarding the digital world. He currently leads Funet CERT, team taking care of the Finnish national and research network's security.
Tobias holds an MSc in Computer Science, specializing in Systems Security, Cryptography, and Networking. After working as a sysadmin at the Scientific Supercomputing Centre Karlsruhe (SSCK) since 2004, he became a founding member of the Karlsruhe Institute of Technology's CERT (KIT-CERT) in 2008, which he headed as team lead from 2011 to 2018. Since 2020, he is a senior analyst and team leader of the Cyber Threat Intelligence team at DFN-CERT, the German NREN CERT. He is also a member of the EGI CSIRT and the eduGAIN CSIRT.
Tom Millar has served in CISA for 15 years, working to strengthen the agency's information sharing capabilities, increasing the level of public, private and international partner engagement, and supporting initiatives to improve information exchange by both humans and machines, such as the standardization of the Traffic Light Protocol and the development of the Structured Threat Information eXpression. Prior to his cybersecurity career, he served as a linguist with the 22nd Intelligence Squadron of the United States Air Force. Mr. Millar holds a Master's of Science from the George Washington University and is a Distinguished Graduate of the National Defense University's College of Information and Cyberspace.
Energie Baden-Wuerttemberg EnBW, DE
Ulrich holds an MSc in Computer Sciences (main topics: forensic, security and robotics). After serving in the German Navy as a Naval Flight Officer for 15 years and completing his universal degree, he joined the KIT-CERT of the KIT (Karlsruher Institute of Technology in Karlsruhe, Germany) from 2011 to 2019. Since 2019 he is a senior IT security manager at the "Energie Baden-Württemberg AG" (EnBW; German energy provider and power authority) and is one of two team leaders of the EnBW-CERT.