Program Committee

Overview

FIRST is a member driven, non-profit organization with emphasis on information sharing within its global membership as well as the incident response community at large. The Program Committee is a volunteer opportunity, open to non-members and managed through an open call submission process. The Program Committee comprises members who are nominated by the Conference Program Chair and approved by the FIRST Board of Directors. Program Committee members are selected for their expertise in key areas relating to program objectives, regional balance, and previous program & content committee experience.

2026 Program Chair

Merike Kaeo is CEO and founder of Double Shot Security.

She has over 25 years of experience in pioneering Internet technology deployments and developing strategic security initiatives. Her passion for building cooperation and collaboration between operational, technical, law enforcement and policy sectors in all things related to ‘information security’ has led to many unofficial global liaison roles. In 2007, Merike was instrumental in fostering cooperation and trust among the global operational security community and the Estonian National CERT during the cyber attacks against Estonia.

Merike instigated and led the first security initiative for Cisco Systems in the mid 1990s and authored the first Cisco book on security, Designing Network Security, which was translated into multiple languages and widely used in security accreditation programs. She has held a variety of executive leadership positions and has a deep rooted history in the global Internet community.

Merike is a member of the IEEE, a pioneer member of ISOC and has been an active contributor in the IETF since 1992. She was named an IPv6 Forum Fellow in 2007 for her continued efforts to raise awareness of IPv6 related security paradigms. Merike was appointed to the American Registry for Internet Numbers (ARIN) Board of Trustees in 2016 to serve a one-year term from Jan 1, 2017 to Dec 31, 2017. From 2010-2024 she was an active member on ICANN's Security and Stability Advisory Council (SSAC) and from 2018 through 2021 served as the SSAC Liaison to the ICANN Board.

In recent years Merike has led and contributed to several global threat intelligence sharing initiatives. In 2014 she was part of the EU Network and Information Security (NIS) Working Group 2 that created guidelines and recommendations to promote the sharing of cyber threat information and incident coordination in both the public and private sectors in the EU. She was a founding co-chair of the FIRST Information Exchange Policy SIG.

Merike earned a MSEE from George Washington University and a BSEE from Rutgers University.

  • Merike Kaeo

    Chair

  • Adli Wahid

    APNIC, AU 

    Adli Wahid is a Senior Internet Security Specialist at APNIC. He has been involved in the CSIRT community for more than 10 years. His previous role includes leading Malaysia CERT (MyCERT) and working for a CERT in the financial sector. Adli is also serving board member of FIRST.Org

  • Andreas Bråthen

    mnemonic, NO 

  • Angela Matlapeng

    BOCRA , BW 

  • Derrick Scholl

    Juniper Networks, US 

  • Enrico Lovat

    Siemens, DE 

  • Harish Shankar

    Schneider Electric, IN 

  • Jeffrey J. Carpenter

    Accuray, US 

    Jeffrey Carpenter has dedicated more than 30 years to improving the state of information security. In 1995, Jeffrey joined the CERT® Coordination Center at Carnegie Mellon University's Software Engineering Institute, initially as an incident response analyst, then five years later managing more than 50 technical individuals. He was instrumental in helping the U.S. Department of Defence and the U.S. Department of Homeland Security create teams to exchange incident information and indicators between government and critical infrastructure organizations. He also worked closely with the U.S. Department of Homeland Security on the formation of US-CERT, the national computer security incident response team (CSIRT) for the United States.

    Jeffrey helped many other governments and regional organizations around the world establish national incident response capabilities. He founded a successful annual conference for technical staff working for CSIRTs with national responsibility to promote collaboration among these organizations. Jeffrey's active involvement in the incident response community over the years has included presenting in various forums and serving on Forum of Incident Response and Security Teams (FIRST) committees and working groups.

  • Jeroen van der Ham

    University of Twente, NL 

  • Justin Murphy

    CISA, US 

  • Krassimir Tzvetanov

    Hydrolix/Purdue University, US 

  • Lawrence Muchilwa

    FIRST, KE 

    Mr. Lawrence Muchilwa is a highly accomplished professional in the fields of cybersecurity, IT operations, strategy, policy, and stakeholder engagement, with a particular focus on National CSIRTs, critical information infrastructure, cyber threat intelligence, and incident response management. Building on his academic background in Information Systems Technology, and Computer Science, he has over a decade of experience in diverse roles such as senior consultant, subject matter expert, lead trainer, and departmental head. He is currently the African Regional Liaison for the Forum of Incident Response and Security Teams and lead the Research and innovation working group at the Kenya Cybersecurity and Forensics Association.

  • Lisa Lobmeyer

    Security Research Labs, DE 

    Lisa Lobmeyer works as a Lead Security Consultant at Security Research Labs. She is an experienced DFIR-Specialist, leading and building teams that help organizations affected by IT security incidents while at the same time trying to minimize the impact by upping organizations' Cyber Defense capabilities.

  • Mars Cheng

  • Martin Johannes Nagel

    Niantic, Inc. , CH 

  • Milan Pikula

    SK-CERT, SK 

  • Morton Swimmer

    Trend Micro, DE 

  • Olivier Caleff

    csirt.fr, FR 

  • Sergio H. Guivala

    National Institute of ICT , MZ 

  • Shinichi (Shin) Adachi

    Consulting Business, US 

  • Stephen Cudjoe-Seshie

    Cyber Security Authority, GH 

  • Sung-ting Tsai

    TeamT5, TW 

  • Susan Ballestero

    US Bank, IE 

  • Tim Myers

    National Cyber Security Centre, NZ 

  • Tobias Dussa

    DFN-CERT Services GmbH, DE 

  • Tom Millar

    CISA, US 

  • Trey Darley

    BE 

  • Ulf Bremer

    Juniper Networks, DE 

  • Ulrich Stadie

    Energy Baden-Württemberg AG (EnBW), DE