Click on a speakers name to view their Bio.

Chris Blunt

Director, Consulting Partner
(New Zealand)
Glen Bruce

Director, Enterprise Risk
Andy Clark

Primary Key
Martin de Vries

Global Security Officer
(The Netherlands)
Dimitrios Delivasilis

Head of Enterprise Security Architecture
Todd Fitzgerald

Global Director, Infosec
Grant Thornton
Rob Hale

Lockheed Martin
G. Mark Hardy

National Security Corporation
Michael Hirschfeld

CIO & First Assistant Secretary
Department of Finance
Jaco Jacobs

Security Architecture
(The Netherlands)
Sían John

Chief Strategist
Jason Kobes

Principle Cyber Architect
& Research Scientist
Kobes, Infosec
Tuija Kohonen

Information Security Consultant
WeAre Solutions
Karel Koster

Information Security Architect
Ingenico ePayments
(The Netherlands)
Brenda Langedijk

Senior Security Consultant
Software Improvement Group
(The Netherlands)
Andrew Lea

Primary Key
Rahul Lobo

Senior Manager
Ernst & Young
Lisa Lorenzin

Principal Solutions Architect
Pulse Secure
David Lynas

COSAC Chairman
& CEO SABSA Institute
(N. Ireland)
Valerie Lyons

Irish Centre for Cloud
Computing & Commerce
John O'Leary

O'Leary Management
Matthew Pemble

Technical Director
Goucher Consulting
Narendra Ramakrishna

Business Solution Architect
SEAM Advisory & Consulting
Helvi Salminen

Information Security Manager
Char Sample

Research Fellow
University of Warwick
& Army Research Labs
William Schultz

Principal Security Architect
Vanderbilt University
Medical Center
Malcolm Shore

(New Zealand)
Maurice Smit

(The Netherlands)
Richard Thieme

Andrew S. Townley

(South Africa)
Marleen van Emmerik

(The Netherlands)
Esther van Luit

Senior Security Advisor
(The Netherlands)
K. Patrick Wheeler

Chief Security Officer
Catella Bank
John Willis

Senior Information Security Architect

    Chris Blunt Director, Consulting Partner, Axenic (New Zealand)    

Chris is a Consulting Partner at Axenic Ltd, a specialist independent information security and privacy consultancy he co-founded in 2009. He has over 22 years of experience in the IT industry, specializing in security and privacy for the last 11 years. He is an exponent of business-driven security and is passionate about delivering pragmatic advice that enables his clients to achieve their business goals and objectives. Chris has a Masters in Information Management (MIM) and holds SCM, SCPA, SCPR, SCP, CISSP, CCSP, CRISC, CISM, CISA and ISO/IEC.


    Glen Bruce Director, Enterprise Risk, Deloitte (Canada)    

Glen Bruce is focused on Security Strategies, Architectures and Policies supporting business and governments in their approach to managing information security risk. He has over 42 years of in-depth experience in information security consulting, systems management and technical positions. He has lead many information security engagements, where he has helped clients establish effective strategies, governance, architectures, policies and infrastructure implementations in support of both business and technical requirements. He is also the co-author of the book, “Security in Distributed Computing: Did You Lock the Door” published by Prentice-Hall. His experience and knowledge has taken him around the world to assist organisations with information security issues.

Glen is a Certified Information Systems Security Professional (CISSP), a Certified Information Security Manager (CISM), certified in Risk and Information Systems Control (CRISC), a trained ISO 27001 Lead Auditor, a certified ITIL practitioner in Risk Management and Governance (SCPR) and Architecture Design & Development (SCPA)


    Andy Clark Director, Primary Key (UK)    

Andy is an acknowledged expert in Cryptography, I.S. Security, Systems Engineering, Security Evaluation, Information Forensics, Cyber Security and Analytics. He has worked in the field of Computer and Information Systems Security and Cryptology since 1984.

He is a co-author of the book “Enterprise Security Architecture: A Business Driven Approach”

He is a Visiting Professor at the Information Security Group, Department of Mathematics, Royal Holloway University of London (RHUL).

Since the mid 1990's he has been involved in five new business start-ups in secure systems development and analysis and computer and cryptographic forensics.

He served on the Board of Directors of the International Association for Cryptologic Research (I.A.C.R.), which is an international body, with more than 1500 members in more than thirty countries, for seventeen years. The membership elected him Vice President between 1995 and 2001 and subsequently elected him President of the Association between 2002 and 2007. In 2010 he was awarded Fellowship of I.A.C.R.

He is currently a Director of Primary Key Associates Limited, a multidisciplinary team that specialises in addressing a wide range of information security and forensics challenges from physical to cyber security.

He is an established and registered expert witness with more than fifteen years’ experience of forensically analysing and presenting computer and information systems evidence in a wide range of cases in both criminal and civil matters.

He is a Director and Trustee of The National Museum of Computing at Bletchley Park, home of British codebreaking in World War II.


    Martin de Vries Global Security Officer, Rabobank (The Netherlands)    

I have been working for Rabobank my whole working life. Started in 1998 in project management right out of university (polytechnic). I moved to the international side of the organisation in 2005 starting as a Service Manager for our direct banking initiatives. And finally as of 2008 I changed to security. First as a Security Officer for the direct banks and later (2012) as a Global Security Officer in the Global Security Office with a focus on Retail (until 2014) and IT and Software Development to date.

Specialties: IT Infrastructure, Software Development, Retail banking, Direct banking; Outsourcing; Information Security; Service management; Experience with marketing, sales, contact centers, fulfilment; Prince2 project management; ITIL foundation.


    Dimitrios Delivasilis Head of Enterprise Security Architecture, VISA (UK)    

Strong technology executive, specializing in business-driven security architectures and business risk control management. I have more than 16 years of extensive experience gained within information security consultancy firms as well as financial services and telecom organizations. During the last eight years I have been offering enterprise security strategy services to C-Level executives across Europe due to my ability to simplify complex technological issues and explain them to non-technical professionals.


    Todd Fitzgerald Global Director, Infosec, Grant Thornton (USA)    

Todd Fitzgerald is the Global Director of Information Security for Grant Thornton International Ltd; the fastest-growing and one of the major global accounting firms, providing strategic information security leadership for Grant Thornton member firms supporting 48,00 employees in 133 countries. Leading large company information security programs for 18 years. Todd is a 2013 Top 50 Information Security Executive, 2013-2016 Ponenon Institure Distinguised Fellow and 2015 runner-up CISO of the year award Chicago by AITP, ISSA and Infragard. Todd has been recognized as a highly rated speaker at recent RSA Conferences. He is an author of 3 books (Information Security Governance Simplified: From the Boardroom to the Keyboard, CISO Leadership: Essential Principles for Success (ISC2 Press) and 2014 Certified Chief Information Security Officer (C-CISO) BOK) and a contributor to a dozen others. Todd is a frequent international security presenter. Todd has also earned multiple security and privacy designations including CISSP, CISA, CISM, CGEIT, CRISC, CIPP, CIPP/US, CIPP/E, CIPM. ITILv3f, ISO27000, PMP and has earned a Masters of Business Administration from Oklahoma State University.


    Rob Hale Fellow, Lockheed Martin (USA)    

Rob is a Lockheed Martin Fellow with over 25 years of experience in information systems and security. During his career he has been responsible for conducting and supporting information assurance and cyber security activities for federal, state and commercial organisations in the defense, law enforcement, financial services, utility and healthcare industries. Additionally, he has designed and implemented secure networks to support nuclear emergency response teams in the Former Soviet Union, to support secure e-banking applications for three of the top 5 banks in the United States and to enforce privacy laws for a Swiss Private Bank. Since joining Lockheed, Rob has lead security architecture and certification and accreditation efforts for customers in the law enforcement and intelligence communities. He is currently leading cyber security and information operations research and development activities for Lockheed’s Mission Development and Integration group in the areas of embedded hardware security, anti-tamper technologies, self-defending and self-healing networks, secure virtual architectures and disparate event correlation technologies. Prior to coming to Lockheed Martin, Rob led efforts to develop the Security Architecture and Implementation methodologies for Ernst & Young and KPMG, serving as the National Leader of Security Architecture Services for Ernst & Young’s eSecurity Services Practice and the Global Lead for Enterprise Identity Management for KPMG. Additionally, Rob led Information Technology audit teams in support of financial audits and Sarbanes-Oxley compliance teams at both Ernst &Young LLP and KPMG LLP. Rob has been an active contributor and presenter at numerous industry conferences and round tables and has a Master’s degree in Information Assurance. In addition to pursuing a doctoral degree in Cyber Security, Rob has achieved multiple industry certifications including the CISSP-ISSAP, Certified Ethical Hacker and the Lockheed Martin IISA certification in Information Assurance.


    G. Mark Hardy President, National Security Corporation (USA)    

G. Mark Hardy serves as President of National Security Corporation, an information security management consulting firm he founded in 1988. He has been providing cyber security expertise to government, military and commercial clients for over 30 years and is the author of over 100 articles and presentations on security, privacy and leadership. He serves on the US National Science Foundation’s CyberWATCH Advisory Board and is a retired US Navy Captain. He wrote and taught information operations curriculum for NATO military officers. A graduate of Northwestern University and the U.S Army War College, he holds a BS in Computer Science, a BA in Mathematics, a Masters in Business Administration, a Masters in Strategic Studies and is designated as a Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM).


    Michael Hirschfeld CIO & First Assistant Secretary, Department of Finance (Australia)    

Michael is acting Chief Information Officer and First Assistant Secretary, IT and Workplace Division in the Australian Commonwealth Department of Finance and has executive responsibility for ICT as well as physical security within that agency.

He has previously held senior roles with a number of Australian government agencies including as Assistant Secretary for ICT Planning and Governance at the Australian Department of Foreign Affairs and Trade and Assistant Secretary, ICT Efficiency Review undertaken in 2009. Through his public sector career, Michael has worked in nine agencies responsible for delivering a range of Commonwealth services to the Australian community. He has been involved in both business and technology systems, advising on issues such as security, audit outcomes and risk management.

He was head of Technology Security for the Australian Taxation Office in the early noughties.

Michael has been involved in Security for the past 15 years and has been effectively educated by a group of excellent technical staff. He has been involved in a number of working groups defining the direction of whole of government initiatives in both E-Government and e-security including the "Secure Communications" and "On-line Authentication" working groups and has been a member of the Protective Security Policy Committee.

He takes a leadership role in the delivery of ICT and security services to the organisation focusing on risk analysis, governance and assurance, policy and awareness in building effective and practical security measures.

He has a diverse background and has been managing major projects since the mid 80’s. He began his career as a programmer and project manager on Building Control and IT systems and holds a Bachelor of Engineering, a Diploma in Education and a Master of Business Administration. In 2011 he participated in the Executive Leadership Program delivered by the Lee Kuan Yew School of Public Policy at the National University of Singapore.


    Jaco Jacobs Security Architecture, Accenture (Netherlands)    

Jaco has been a “security guy” for around 18 years during which time he has provided security services to a number of companies in Africa, Europe, the Middle East and the US on behalf of companies such as ISS, Symantec and Accenture, where he is currently part of the security practice in the Netherlands. A large part of his career at IBM and Accenture was spent developing security IP and services and he also co-authored two Redbooks while at IBM.


    Sían John Chief Strategist,Symantec (UK)    

Sían serves as the Chief Strategist for the entire EMEA business, leading articulation around Symantec’s overall technology strategy with customers, partners, press, industry analysts and internal sales, technology sales and marketing teams.

Sían has worked in the IT industry for over 20 years, both as a security architect and as an independent security consultant.

Based in the UK, Sian has a strong media presence and regularly provides guidance around the latest cyber threats, breaches and issues to national, broadcast and IT journalists in the UK and Europe and is a frequent speaker at industry events.

She is actively involved with TechUK and was appointed Vice-Chair of the Cyber Security Steering Committee in July 2014. She is also a member of the Digital Economy Programme Advisory Board for the Engineering and Physical Sciences Research Council.

Sían holds both a BSc (Hons) in Economics, Computing and Business and an MSc in Economics and Social Policy Analysis from the universities of Northampton and York respectively. She also has an interest in classical history and recently completed a degree within the subject with the Open University.


    Jason Kobes Principle Cyber Architect & Research Scientist, Kobes, Infosec (USA)    

Jason Kobes works as a Principal Cyber Architect & Research Scientist in Washington, DC for Northrop Grumman Corporation. Jason has over 20 years of experience concentrated in information systems design analytics, business/mission security architecture, enterprise risk management, information assurance research, and business consulting. Jason has a Master's of Science in Information Assurance (MSIA) and a Bachelor's of Science in Computer Science from Iowa State University. Jason holds a SABSA Practitioner of Risk and Governance as well as Architecture. Jason's areas of research include enterprise risk architecture, accountable anonymity systems and applying actionable enterprise security architecture. Jason also is an Enterprise Security Architecture instructor for the Zachman/FEAC Institute, SABSA Institute and the Northrop Grumman Cyber Academy.


    Tuija Kohonen Information Security Consultant, WeAre Solutions, (Finland)     

Tuija Kohonen has worked full-time in information security since August 1997 as information security consult or architect. She was program manager of an information security program to one international telecommunication company. The work included building up Computer Emergency Response team (CERT) processes and tools as SIEM and workstation’s protection software. She has worked also in many Identity Management and PCI certification projects. Before starting information security tasks she has 10 years experience in system development and network administrator.

Tuija is qualified CISA (2002), CISSP (2001) and participated two times to COSAC (2009 and 2014). Tuija has worked with Helvi since 2003. Cooperation started from Dipoli training program where Tuija was leader of software development chapter (2003 – 2008) and was one schedule definer of training program. December 2015 she participated to SANS course of hacker techniques, exploits and incident handling.


    Karel Koster Information Security Architect, Ingenico ePayments (Netherlands)    

Karel Koster is an information security professional with over 14 years of experience in the various roles of security consultant, manager, officer and architect. He currently holds the position information security architect for Ingenico ePayments, one of the larger payment service providers on the web. Within Ingenico ePayments he serves as the Information Security expert in application development, database design, network and operating system security design, access and audit control development, and overall implementations.

Prior to Ingenico, Karel as an information security officer was responsible for information security awareness, vulnerability management and technical compliance at Aegon the Netherlands. Furthermore, he helped to develop and implement the information security management function within Aegon’s corporate headquarters. He also held positions as operation risk manager and network security consultant.

Karel has spoken on topics of security awareness and vulnerability management on several international conferences including the ISF World Conference 2013. Furthermore, Karel has co-founded and chaired the Dutch ISF Policy workgroup in the Netherlands, which enables ISF members to share best practices and co-create best of class information security policies.


    Brenda Langedijk Senior Security Consultant, Software Improvement Group (Netherlands)    

Brenda Langedijk is a security consultant for SIG (Software Improvement Group). She started in the infosecurity industry before 2000 and has not left since. Combining experience with hands on penetration testing, security architecture and security management with a university degree in IT-audit. A research study done on vulnerabilities in software systems performed by SIG showed that over sixty percent of the vulnerabilities relate to architectural choices. Building upon that study the vulnerabilities are described in terms of the SABSA architecture. With this analysis it is thought vulnerabilities in software systems that relate to architectural choices may be prevented or at least better understood.


    Andrew Lea Director, Primary Key (UK)    

Andrew has many years experience of applying artificial intelligence techniques to data analytics in an industrial context. Having graduated from Cambridge and studied computer science at London University, Andrew has founded several specialist companies. He is a fellow of the British Computer Society and a director of Primary Key Associates.


    Rahul Lobo Senior Manager, Ernst & Young (Australia)    

Rahul is an experienced Cyber Threat Management professional with 14 years of experience, including 6 years managing a high performance security team involved in attack and penetration testing, application security, vulnerability assessment, IT security risk management and mitigation, IT security remediation, security architecture and security consulting.

He Currently manages a team of penetration testers at the EY Advanced Security Centre in Melbourne and has spent the last 3 years researching the cryptocurrency ecosystem as a hobby; starting about 3 years ago mining Dogecoin (www.dogecoin.com) to learn more about blockchain and is currently exploring technologies such as Ethereum (www.ethereum.org) and smart contracts.

He is an MBA-Systems, CISA, CISSP, CISSP-ISSAP, OSCP, Crest Registered Tester and a SABSA Chartered Security Architect.


    Lisa Lorenzin Principal Solutions Architect, Pulse Secure (USA)    

Lisa Lorenzin is a Principal Solutions Architect with Pulse Secure, specializing in security and mobility solutions, and co-chair of Trusted Network Connect, a work group of the Trusted Computing Group that defines an open architecture and standards for endpoint integrity and network security. She has worked in a variety of Internet-related roles since 1994, with more than a decade of that focused on network and information security, and is currently concentrating on enterprise security including network segmentation, end-to-end identity-based access control, and integration of mobile security.


    David Lynas COSAC Chairman & CEO SABSA Institute (Northern Ireland)    

David Lynas, the COSAC Founder and Chairman, is currently enjoying his thirty-third year of experience in Information Security, during which he has been invited to provide strategic advice to governments and industry clients on every continent. A globally renowned Enterprise Security Architect, Security Strategist, and Thought-Leader, he has been awarded Fellowship of the British Computer Society and is the only non-American ever to be honoured with the prestigious Computer Security Institute Lifetime Achievement Award.

He is the co-author of SABSA (the world’s leading free-use, open-source Security Architecture Methodology) and the CEO of the SABSA Institute charged with providing assurance and confidence over the competencies of SABSA Security Architects.

A widely-published author and commentator, his articles have appeared in publications such as CSI Alert, Information Security Bulletin and the BCS publication Information Security Now. He has served on the editorial board of Computers & Security magazine and has authored a series of opinion columns for SC Magazine. David has been quoted widely in the media and major trade and broadsheet press, including: BBC Television, BBC Radio Ulster, Independent Television News, The Irish Times, ITs Monday, Wired.com, CIO Magazine, Technology Ireland, Korea News and the Harvard Business Review.


    Valerie Lyons Researcher, Irish Centre for Cloud Computing & Commerce (Ireland)    

Valerie Lyons is an accomplished Information Security Risk Manager for the last two decades, with extensive experience at senior management level. She is also a fully qualified Executive Coach, with a Masters in Business and Leadership. Increasingly over the last few years, having become aware that industry was hugely focussed on addressing security and privacy risks through the compliance lens, she has sought to find a more sustainable and effective way to address these risks. She traded her senior management position for the opportunity to undertake a PhD, researching information privacy and security protection approaches. Her particular research interest lies in the role of ethics in this domain and her long term objective is to bring that learning and research findings back into industry.


    John O'Leary President, O'Leary Management Education (USA)    

John O'Leary, CISSP, is President of O’Leary Management Education. His background spans four decades as an active practitioner in information systems, IT Security and contingency planning. He has designed, implemented and managed security and recovery for networks ranging from single site to multinational. John has trained tens of thousands of practitioners, and conducted on-site programs at major corporations and government facilities worldwide. He has also facilitated meetings of Working Peer Groups, where security professionals from diverse corporations share ideas, concerns and techniques. John was the recipient of the 2004 COSAC award and the 2006 EuroSec Prix de Fidelite. He has never been convicted of anything really serious or run for public office.


    Matthew Pemble Technical Director, Goucher Consulting (UK)    

Matthew has extensive experience as an operations manager and technical security specialist within both the public and private sectors. Beginning his career as a weapons engineering officer in the Royal Navy, he remains deeply involved in the delivery of military cyber capability as a Technical Security Team Leader within the Joint Force Cyber Group.

As well as working as a Security Consultant inn areas as diverse and ISO27001 and safety-critical security architecture, he has been heavily involved in the development of security incident response, creating and leading the Incident and Threat Management team for Royal Bank of Scotland Group, including developing highly efficient responses to phishing and anti-banking malware and subsequently providing incident management, capability audit and training services for government suppliers, through the Cabinet Office e-Delivery team.

He has a strong commitment to the professionalization of the information security industry, serving as a Director for the Institute for Communication Arbitration and Forensics and now as a member of the British Computer Society Lead Assessors’ Panel for the CESG Certified Professional Scheme, as well as an interviewer and assessor for the BCS Fellowship.

Working as the Technical Director of a niche security consultancy, he provides support to large and medium sized organizations in a wide range of industry sectors.

Matthew has also published extensively in both the academic and trade press and is contributing author to a number of security books, including the forthcoming CRC Press “The CIO’s Guide to Security Incident Management”.


    Narendra Ramakrishna Business Solution Architect, SEAM Advisory & Consulting (UK)    

Narendra Ramakrishna is an accomplished Enterprise and Solution Architect specializing in delivering solutions in the areas of Cybersecurity, CloudSecurity, and PCI-DSS.

He has worked in a variety of roles across security development design and security architecture since 1999, with more than a decade of that focused on various transformation programs which include process changes, implementation of various industry strength methods and is currently focusing on enterprise security. He is involved in the role of Secure Development Life Cycle of large financial service organizations in the United Kingdom and security architecture for card data protection initiative.


    Helvi Salminen Information Security Manager, Gemalto (Finland)    

Helvi Salminen has worked full-time in information security since June 1990, first as security analyst and since April 2000 as information security manager. Before starting information security tasks she has 12 years experience in systems development.

Cooperation with colleagues is an important asset for security professionals. Helvi is founder member of Finnish Information Security Association which celebrated its 10th anniversary in 2007. Helvi is qualified CISA (1992), CISSP (1998), SABSA chartered security architect – foundation level (2008) and was one of the first to achieve Master of Security in 2003 (PD program in Helsinki University of technology lifelong learning centre Dipoli – now part of Aalto University). She has been the program manager of information security training in Dipoli in 2003-2008, and has given presentations in several information security seminars – including COSAC in 2008, 2009, 2014 and 2015. She was awarded as CISO of the year in Finland 2014 by Finnish Information Security Association.


    Char Sample Research Fellow, University or Warwick & Army Research Labs (USA)    

Dr. Char Sample is currently a visiting research fellow at the University of Warwick and is employed as a research fellow for ICF International at Army Research Labs in Maryland. Dr. Sample has over 20 years experience in the information security industry. Most recently Dr. Sample has been advancing the research into the role of national culture in cyber security events. Presently Dr. Sample is continuing research on modeling cyber behaviors by culture, risk management, and various anomaly detection issues.


    William Schultz Principal Security Architect, Vanderbilt University Medical Center (USA)    

Bill Schultz is security architect who has worked in the Information Technology field for over 14 years, with the past 9 focusing on Enterprise Architecture, Security Architecture, Risk Management, and Compliance. This work has involved building security programs, risk management programs, and the development of strategic organizational architectures and technical system architectures. Bill has led multiple risk management and security architecture initiatives to build secure systems that meet compliance with Federal, Healthcare, or Payment Card Industry Standards. His focus is on using strategic architecture and risk management frameworks to design and implement secure and compliant IT systems that will enable the organization to meet business objectives. He has presented on his work with FISMA compliance, enterprise risk management, and security architecture at both national and international conferences. Bill currently volunteers for the SABSA Institute and is actively working with peers to lead initiatives aimed at improving the security architecture community and mentor new members. Bill has earned a Master's of Science in Computer Information Systems. He is a Certified Information System Security Professional (CISSP), and just last year became the first person in the USA to attain SABSA Master Status.


    Malcolm Shore Exosoft (New Zealand)    

Dr Shore was born in England and worked with International Computers Ltd prior to completing a BSc in Computer Science at the University of London. He emigrated to New Zealand and after two years in industry accepted a commission in the RNZAF during which time he held positions in Defence EP as Chief Systems Programmer, Assistant Director Air Staff Policy and Plans, and Assistant Director Information Systems in Defence Headquarters.

Malcolm retired from the RNZAF and moved to the Government Communications Security Bureau where he developed and implemented New Zealand's national information systems security policy. During this appointment, Malcolm also completed his PhD at Otago University. He retired from the Government Communications Security Bureau as Director INFOSEC. During this time he was responsible for the introduction of ISO 27000 and the Common Criteria into the country.

Since working for Government, Dr Shore has been the Technical Director for CES Communications Ltd in which position he was responsible for the design and development of commercial landline, satellite, and radio encryption products.

Following this he has held Head of Security positions in both Telecom New Zealand, where he was responsible for delivering Sarbanes Oxley and PCI compliance; and in NBN Co, where he was responsible for satisfying compliance with the Australian Protective Security Policy Framework.

Malcolm was also the Technical Director for BAE Systems Australia, which included management of the penetration testing and reverse engineering teams.

Over the last fifteen years, Dr Shore has held adjunct positions at Canterbury University, Deakin University, and the University of New South Wales where he has lectured in cybersecurity. Dr Shore was involved with the development of cybersecurity strategies in New Zealand, Australia, and ASEAN.


    Maurice Smit Director, IRSC (Netherlands)    

Maurice Smit is an independent Security Consultant, with over 15 years of experience in IT Security operations, management, governance and architecture.

Besides consultancy Maurice is an instructor for SABSACourses.com in Europe, India, and the Middle East, providing SABSA Courses. And a Founding Member of the Board of Trustees of the SABSA Institute.

In his former engagements he developed and improved risk management frameworks at Financial Institutes, i.e. by merging IT into the Enterprise Risk Management. Conducted SABSA Fast-Tracks at Pharmaceutical Companies, defined Security Strategies for IT in Hospitals. His more than 15 years of IT Security experience, from operational maintenance all-through policy development and risk management framework implementations, makes it possible for him to quickly understand the challenges and concerns people may have in their daily operations.


    Richard Thieme Author, ThiemeWorks (USA)    

Richard Thieme (www.thiemeworks.com) is an author and professional speaker focused on the deeper implications of technology, religion, and science for twenty-first century life. He speaks professionally about the challenges posed by new technologies and the future, how to redesign ourselves to meet these challenges, and creativity in response to radical change.

Thieme's early and creative use of the Internet to reach global markets earned accolades around the world. He is a member of the “cyber avant-garde,” according to CNN … "a prominent American techno-philosopher" according to LAN Magazine (Australia) ... “a father figure for online culture,” according to the (London) Sunday Telegraph ... "a keen observer of hacker attitudes and behaviors" according to Le Monde (Paris) ... "one of the most creative minds of the digital generation" according to the editors of CTHEORY and Digital Delirium ... "an online pundit of hacker culture" according to the L A Times ... and “extremely subtle and deep” according to the Linux Journal.


    Andrew S. Townley CEO, Archistry, (South Africa)    

Andrew S. Townley, CEO of Archistry is an international speaker, published author and thought leader on Information Security, Security Architecture, SABSA, Risk Management, Enterprise Architecture, SOA and Technology Strategy who also has extensive practical, hands-on experience working in the US, Europe, Middle East, Africa and Brazil. He is also a former Management Consultant with Deloitte and Bearing Point after starting his career over 20 years ago as a Software Engineer with Informix.

Andrew's Enterprise and Security Architecture experience includes being the Enterprise Architect and Technical Design Authority for Ireland's e-Government SOA project using a TOGAF-based methodology where he developed the Security Architecture and technology implementation for cross-department Single Sign-on (SSO) for Public Sector customers. He also developed and implemented the Security Architecture for the BPO division of a large Irish company serving international customers including Avaya US and Nestlé France.


    Marleen van Emmerik Consultant, Ideas-to-Interconnect (Netherlands)    

Marleen van Emmerik MSc is Security Consultant at I-to-I. She is currently employed as datascientist at a cyber security project for a large bank. Her areas of interest are datascience, IT architecture and security management.

Data science:

  • Research Master Methodology at the University of Amsterdam
  • Statistics teacher at the University of Amsterdam
  • Data scientist at Core Intel ING

IT architecture:

  • Architecture for a PID at PwC
  • TOGAF course

Security Management:

  • CISM exam
  • SABSA course

In her free time her areas of interest are: watersports like surfing, wintersports like skiing and snowboarding, and cooking.


    Esther van Luit Senior Security Advisor, Deloitte (Netherlands)    

Ester van Luit is a young and driven security advisor for Deloitte Netherlands. She specializes in security skill gaps, cyber risk quantification and security maturity assessments and has worked for many international clients. She was short listed for woman of the year 2015 for the British Cybersecurity Awards and is actively involved in getting more girls and women into the security industry. She is determined to advance the state of security knowledge management and education in her career.


    K. Patrick Wheeler Chief Security Officer, Catella Bank (Luxembourg)    

Patrick Wheeler has been involved in IT Consulting, Business, Engineering and Security for over 20 yrs. He has a Bachelors in Environmental Engineering, an MBA and is a registered Civil Engineer. His background includes fun job titles like Security Architect, Audit Manager, Inspector, Systems and Security Analyst, Project Manager, Operations Director, VP of Operations and Chief Information Security Officer.

Having never met a trendy topic he did not want to look into he enjoyed serving in California’s Silicon Valley and San Francisco Bay Area specializing in security, compliance and operational efficiency topics prior to moving to Europe. He now focuses on ‘Cybrepreneurship’ in the Continental financial sector using opportunistic approaches to security program uplift and dabbles in blockchains, clouds, big data sets, compliance-driven-security and rescuing feral cats.

Personal interests include driving old cars too fast while taking photographs (in a well-controlled secure environments). Oh, and waterwheels. He now regrets this hobby after writing an EU grant of 2.9€M to identify and convert old watermills to generate renewable electricity.


    John Willis Senior Information Security Architect, Infosec (USA)    

John M. Willis is a Senior Information Security Architect with a history of electronics engineering, programming, and configuration management. John’s first computer was a wire-wrap Z80 board he programmed in assembly.

John has been a consultant to commercial and government clients for over 30 years. He holds a number of professional certifications, including CISSP-Information Systems Security Architecture Professional (CISSP-ISSAP), Certified Secure Software Lifecycle Professional (CSSLP), and Certified Ethical Hacker (CEH). In addition, John completed the Advanced Computer Security Professional Certificate program at Stanford University in 2015.

Nowadays, John seeks to build security in by coming up with new and different ways of looking at things.


Copyright © 2016 COSAC - All Rights Reserved -