Incident Response Hall of Fame Inductees

Note: This list reflects Hall of Fame members in each calendar year.


  • TBA
Klaus-Peter KossakowskiKlaus-Peter Kossakowski

Klaus-Peter Kossakowski


Prof. Dr. Klaus-Peter Kossakowski has worked in the security field for more than 30 years. In 1988 he was one of the first members of the Virus Test Center in Hamburg where he focused on malicious network programs. In January 1993 when DFN-CERT became the first German CERT for an open network he started to work there and became managing director of it in 2003. He also founded PRESECURE Consulting GmbH, a privately-owned company specialized in cyber security, critical information infrastructure protection, situational awareness, early warning and developing specialized services like CERTs or SOCs. He successfully led the team from a research effort to a functional and well-respected operational entity. He was a visiting professor at the University of Hamburg from 2008 to 2011 and became a full professor at the University of Applied Science in Hamburg in 2014.

Since 1998 he is continuously providing feedback on research topics, operational experiences and lessons learned to the community. This started with the “CSIRT Handbook” in 1998, republished in 2003, that he co-authored with Moira West-Brown and Don Stikvoort. His research work was mostly supported by the CERT Coordination Center at the CMU/SEI for which he worked as visiting scientist from 1998 to 2011.

He was elected as a member of the FIRST Steering Committee in 1997 and had been on the committee until 2005, being re-elected three times and served the two last years as Chair of the FIRST Steering Committee. Frequently he has been involved with FIRST Conferences as volunteer, organizer and presenter or served on the program committee. In 2015 he was representing the local host of the FIRST Conference in Berlin, in 2017 he was the Program Chair for the FIRST Conference on Puerto Rico.

Together with Don Stikvoort he developed the accreditation and certification frameworks for CERTs and security teams including the now commonly accepted SIM3 maturity model adopted by ENISA and now maintained by the openCSIRT Foundation. Since 2011 he coordinates the Trusted Introducer framework providing infrastructure services, accreditation and certifications to nearly 400 security, product security and incident response teams internationally. Through the Trusted Introducer service and the support of his university he promotes and supports approaches like SIM3 or emerging frameworks or taxonomies for CERTs, most namely the “FIRST CSIRT Services Framework” and the “eCSIRT Incident Taxonomy”, which goes back to the project of 2003 successfully lead by him.

Prof. Dr. Kossakowski helped considerably to raise the awareness for CERTs concentrating on international issues, information sharing and coordinated cooperation, and establishing an international infrastructure for Cyber Defense.