2015 CONFIRMED SPEAKERS


Click on a speakers name to view their Bio.


Dave Barnett

Commercial Director
Zscaler
(UK)
Chris Blunt

Consulting Partner
Axenic
(New Zealand)
Pascal de Koning

Senior Security Consultant
Ideas-to-Interconnect
(The Netherlands)
Mary Dunphy

Program Manager
Google
(USA)
Vince Gallo

Managing Director
Residual Data
(UK)
Efrain Gonzalez

Enterprise Security Architect
(USA)
Rob Hale

Lockheed Martin
(USA)
G. Mark Hardy

President
National Security Corporation
(USA)
Richard Hollis

Chief Executive Officer
Risk Factory
(UK)
Lynette Hornung

Senior Privacy & Enterprise
Security Architecture Manager
Turner Consulting Group
(USA)
Zbynek Houska

Security Consultant
Espion Group
(Ireland)
Silvia Knittl

IAM Solution Architect
Accessec
(Germany)
Jason Kobes

Principal Cyber Architect
& Research Scientist
Northrop Grumman
(USA)
Lisa Lorenzin

Principal Solutions Architect
Pulse Secure
(USA)
David Lynas

COSAC Chairman
& CEO SABSA Institute
(Northern Ireland)
John O’Leary

President
O’Leary Management Education
(USA)
Muhammed Z. Omarjee

Enterprise Security Architect
Standard Bank
(South Africa)
Conor O’Neill

Senior Security Consultant
Espion
(Ireland)
Richard Peasley

Director of Enterprise
Solution Architecture
Blue Coat Systems
(USA)
Matthew Pemble

Technical Director
Goucher Consulting
(UK)
Vernon Poole

Head of Business Consultancy
Sapphire
(UK)
Michael Price

Senior Consultant
Axenic Ltd
(New Zealand)
Mark Rasch

Former US Cybercrime
prosecutor
(USA)
Fabio Rosa

Senior Consulting Architect
Blue Coat Systems
(USA)
Helvi Salminen



(Finland)
Char Sample

CERT
Carnegie Mellon University
(USA)
William Schultz

Enterprise Architect
Vanderbilt University
(USA)
John Sherwood

Head of SABSA Academy
SABSA Institute
(UK)
Malcolm Shore

Technical Director
Applied Intelligence, ISS,
BAE Systems
(Australia)
Jacoba Sieders

Head of I&AM
ABN AMRO Bank
(The Netherlands)
Pieter Siedsma

Security Architect
ING Bank
(The Netherlands)
Werner Thalmeier

Director Security Solutions
EMEA & CALA
Radware
(Germany)
Ancilla Tilia



(Netherlands)
Andrew S. Townley

Chief Executive Officer
Archistry
(South Africa)
Esther van Luit

Cybersecurity Consultant
Deloitte
(Netherlands)
Marc Verboven

Security Architect
ING Bank
(Belgium)


    Dave Barnett Commercial Director, Zscaler (UK)    

Dave has worked in IT for 18 years, in security for 11 of those, he is a Commercial Director at Zscaler. Previously he has been security strategy director at Symantec and held similar roles at Thales eSecurity and McAfee prior to this. Dave currently works for zscaler a web security company as commercial director for the UK and Ireland. Dave is the co-author for PAS555 the UK’s national standard for Cyber Security.



TOP OF PAGE


    Chris Blunt Consulting Partner, Axenic (New Zealand)    

Chris is a Consulting Partner at Axenic Ltd, an independent security consultancy he co-founded in 2009. He is passionate about developing and delivering pragmatic information security strategies and architectures to ensure that they enable and support his clients in achieving their business goals and objectives.

Chris has a Masters in Information Management (MIM) and holds SCPA, SCPR, CISSP, CRISC, CISM, CISA and ISO/IEC 27001:2013 Lead Auditor certifications.



TOP OF PAGE


    Pascal de Koning Senior Security Consultant, Ideas-to-Interconnect (The Netherlands)    

Pascal de Koning MSc CISSP SCF is a Senior Security Consultant with i-to-i. He is active participant of The Open Group TOGAF-SABSA integration work and has worked on information security projects for the Dutch central government, European Union and KPN, to name just a few. Pascal is a frequent speaker at conferences on the topics of Cyber Security and Enterprise Security Architecture. In his free time, Pascal likes to design and build solar air heaters.



TOP OF PAGE


    Mary Dunphy Program Manager, Vendor Solutions & Integrations, Google (USA)

Mary is Program Manager for Vendor Solutions/Integrations for Google headquarters in Mountain View, CA

Mary is the former CTO for Pro-Tec Design where clients included DHS, MSP, Best Buy Corp headquarters, City of Minneapolis, FBI and many departments at all levels of government. She also provided consulting services such as project/program management for Attorney General Settlement Agreement, Office of the Comptroller of the Currency as well as National Servicing Standards for Wells Fargo Bank. GLBA encryption remediation project for Target Corporation, Portfolio Manager for Cargill and USBank -Network Services and currently Program Manager for USBank Security Assesment -Application and Device.

Mary has earned a Masters in Information Technology Management from Saint Mary’s University and is on the adjunct faculty there. On hiatis from the pursuit of her PhD in Management and Decision Sciences (currently in the EBD phase).

Mary holds a SABSA Practitioner certificate among many other industry certifications and has previously attended the 17th annual COSAC conference.



TOP OF PAGE


    Vince Gallo Managing Director, Residual Data (UK)    

Vince has been actively developing security technology since 1979 ranging from commercial and high-grade hardware, through to software based cryptography. The skills acquired thus have been applied to both the protection of information and, by viewing the other side of the same problem, to examine means for extraction of information both to analyse content and advise on improved methods of protection. After a career largely built on small companies Inforenz, his most recent startup, was acquired by Detica in 2006 where he continued to work on security analysis and implementation.

Vince has presented at international conferences for most of his career, and in particular is pleased to have been able to present his work at COSAC on several occasions, commencing in 1997. He is particularly proud of receiving the COSAC Award in 2002. Vince is delighted to return to COSAC this year and will share his ideas and opinions accumulated after a full career as a security industry player and watcher.



TOP OF PAGE


    Efrain Gonzalez Enterprise Security Architect (USA)    

Efrain Gonzalez is an Enterprise Security Architect currently employed in the financial industry.

Efrain comes from a network engineering background and has over 20 years of information security experience. Areas of specialization include enterprise security architecture, network security, Smart Grid cybersecurity, and regulatory compliance. Most recently, Efrain worked for Marengo Systems, a cybersecurity and compliance consulting firm in Southern California. Efrain recently completed a Systems Engineering certification program through the University of California at Irvine and has a new found appreciation for the application of systems engineering principles to information security especially as they pertain to emergent properties of complex systems.

Efrain is a Distinguished Toastmaster (DTM) and has spoken at COSAC on the subject of Emergent Security. He has also spoken at various conferences such as Grid-Interop, Grid Week and CS Week on the topic of Smart Grid cybersecurity. Efrain is a certified SABSA Chartered Security Architect at the foundation and practitioner levels (SCF, SCPA and SCPR). Efrain is currently working toward his SABSA Master (SCM) certification. Efrain holds a Bachelor of Science degree in Electrical Engineering from Stanford University.



TOP OF PAGE


    Rob Hale Lockheed Martin (USA)    


TOP OF PAGE


    G. Mark Hardy President, National Security Corporation (USA)    

G. Mark Hardy serves as President of National Security Corporation, an information security management consulting firm he founded in 1988. He has been providing cyber security expertise to government, military, and commercial clients for over 30 years, and is the author of over 100 articles and presentations on security, privacy, and leadership. He serves on the U.S. National Science Foundation's CyberWATCH Advisory Board, and is a retired U.S. Navy Captain. He wrote and taught information operations curriculum for NATO military officers. A graduate of Northwestern University and the U.S. Army War College, he holds a BS in Computer Science, a BA in Mathematics, a Masters in Business Administration, a Masters in Strategic Studies, and is designated as a Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM).



TOP OF PAGE


    Richard Hollis Chief Executive Officer, Risk Factory (UK)    

Richard Hollis has been the Chief Executive Officer/Receptionist at Risk Factory Ltd since its inception and hasn’t had a night’s sleep since. His dream if he could remember it, is to design and deliver simple, cost-effective information risk management services that don’t stick to the roof of your mouth.

Born at a very young age, he was voted “Most Likely to Take a Life” at Our Lady of Perpetual Guilt Elementary School in 1968. A gifted child, Richard took up amateur dentistry at age 7 and was performing extractions and routine root canals on friends and neighbourhood cats throughout middle school. Turning down the coveted “Nijinsky Scholarship” from the Bolshoi Ballet in 1973, Richard wrote the original screenplay for “Star Wars” but refused screen credit due to “creative differences” with Carry Fisher. After a brief stint with the Black Panthers in the late 70s, he worked as a deckhand on the Calypso for Jacques Cousteau until his dismissal for refusing to smoke and wear one of those little French swimsuits.

Over the course of his career Richard has served as a professional hairstylist, a prison guard in a women’s correctional facility, a Domino’s Pizza “Cheese Technician”, a freelance bounty hunter, a rodeo clown and a neutron particle accelerator physicist all while pursuing his lifelong obsession with origami.

A man of mystery and power, whose power is exceeded only by his mystery, Richard has presented to hundreds of audiences across the world on a wide variety of information risk management and bridal cake design techniques. As a recognised industry authority, he has plagiarised numerous articles and white papers and can calculate π to two decimal places. He has also appeared in a variety of news, television and print media including the BBC, MSNBC, Jerry Springer, the Home Shopping Network, Keeping Up With the Kardashians, Quaker Kickboxing Quarterly, Guns & Ammo magazine and others. Every mistake he ever made in life got him to where he is now.



TOP OF PAGE


    Lynette Hornung Senior Privacy & Enterprise Security Architecture Manager, Turner Consulting Group (USA)    

Lynette Hornung-Kobes is currently a Senior Privacy and Enterprise Security Architecture Manager with Turner Consulting Group. I have my CIPP (Certified Information Privacy Professional) and SABSA SCF (Foundation) and SCPA and SCPR (Practitioner’s in Architecture and Design and Risk Management) Certifications. I have a Master of Science in Information Assurance from Iowa State University, a NSA Center of Excellence, as well as a Master of Arts in Political Science from Iowa State University. I have provided project leadership to a variety of Department of Justice components, including the Office of the Solicitor General, Interpol and the Office of the Chief Information Officer with security and privacy services. I have worked with a variety of federal agencies, including OMB and Treasury. I am applying enterprise security architecture, privacy and security solutions and services in my current position.

I was a contributing author to two books on Identity Theft by Dr. Steffen Schmidt and Michael McCoy, including “Who is You?” and “The Silent Crime: What You Need to Know About Identity Theft”. I have been an invited speaker at various computer security conferences, including COSAC, NetSec, the Computer Security Institute and the Cyber Information Security Conference where she has presented on various topics dealing with security and privacy. She was top speaker at the Cyber Information Security Conference.



TOP OF PAGE


    Zbynek Houska Security Consultant, Espion Group (Ireland)    

Zbynek Houska is an information security professional with 12+ years of hands on experience in enterprise / data centre and service provider networking, programming, network and system security. He is currently specialising in infrastructure penetration testing, security testing and reviews at Espion. Zbynek holds MSc. in Information Security.



TOP OF PAGE


    Silvia Knittl IAM Solution Architect, Accessec (Germany)    

Dr. Silvia Knittl is an Identity & Access Management (IAM) Solution Architect at the accessec GmbH. She has over ten years of experience in this field and a comprehensive knowledge both of management and governance aspects of IAM. For several years she was responsible for IAM and IT service management at the Leibniz Supercomputing Centre – supporting the whole application lifecycle starting from design, to implementation, running and maintenance. She holds a doctoral degree from the Technische Universität Müchen and a diploma in Informatics from the Ludwig-Maximilians-Universität München. Her main focus now is on business-driven security architecture based on standards like SABSA, COBIT or TOGAF. She wrote several IT-related articles and is invited regularly as a speaker at seminars or conferences.



TOP OF PAGE


    Jason Kobes Principal Cyber Architect & Research Scientist, Northrop Grumman (USA)    

Jason Kobes works as a Principal Cyber Architect & Research Scientist. Jason has over eighteen years of experience concentrated in information systems design analytics, business/mission security architecture, enterprise risk management, information assurance research, and business consulting. Jason has a Master's of Science in Information Assurance (MSIA) and a Bachelor's of Science in Computer Science from Iowa State University. Jason holds a SABSA Practitioner of Risk and Governance as well as Architecture. Jason's areas of research are cloud security architecture, accountable anonymity systems and applying actionable enterprise security architecture. Jason has recently spoken about security, enterprise security architecture and business process & architecture improvement methods at the SABSA World Congress, the Computer Security Institute (CSI) annual conferences and the Cyber Information Security Conference (CISCON). Jason also is an Enterprise Security Architecture instructor for the Zachman/FEAC Institute, SABSAcourses and Cyber Academy.



TOP OF PAGE


    Lisa Lorenzin Principal Solutions Architect, Pulse Secure (USA)    

Lisa Lorenzin is a Principal Solutions Architect with Pulse Secure, specializing in security and mobility solutions, and co-chair of Trusted Network Connect, a work group of the Trusted Computing Group that defines an open architecture and standards for endpoint integrity and network security. She has worked in a variety of Internet-related roles since 1994, with more than a decade of that focused on network and information security, and is currently concentrating on enterprise security including network segmentation, end-to-end identity-based access control, and integration of mobile security.



TOP OF PAGE


    David Lynas COSAC Chairman & CEO SABSA Institute (Northern Ireland)    

David Lynas, the COSAC Founder and Chairman, is currently enjoying his thirty-third year of experience in Information Security, during which he has been invited to provide strategic advice to governments and industry clients on every continent. A globally renowned Enterprise Security Architect, Security Strategist, and Thought-Leader, he has been awarded Fellowship of the British Computer Society and is the only non-American ever to be honoured with the prestigious Computer Security Institute Lifetime Achievement Award.

He is the co-author of SABSA (the world’s leading free-use, open-source Security Architecture Methodology) and the CEO of the SABSA Institute charged with providing assurance and confidence over the competencies of SABSA Security Architects.

A widely-published author and commentator, his articles have appeared in publications such as CSI Alert, Information Security Bulletin and the BCS publication Information Security Now. He has served on the editorial board of Computers & Security magazine and has authored a series of opinion columns for SC Magazine. David has been quoted widely in the media and major trade and broadsheet press, including: BBC Television, BBC Radio Ulster, Independent Television News, The Irish Times, ITs Monday, Wired.com, CIO Magazine, Technology Ireland, Korea News and the Harvard Business Review.



TOP OF PAGE


    John O’Leary President, O’Leary Management Education (USA)    

John O'Leary, CISSP, is President of O’Leary Management Education. His background spans four decades as an active practitioner in information systems, IT Security and contingency planning. He has designed, implemented and managed security and recovery for networks ranging from single site to multinational. John has trained tens of thousands of practitioners, and conducted on-site programs at major corporations and government facilities worldwide. He has also facilitated meetings of Working Peer Groups, where security professionals from diverse corporations share ideas, concerns and techniques. John was the recipient of the 2004 COSAC award and the 2006 EuroSec Prix de Fidelite. He has never been convicted of anything really serious or run for public office.



TOP OF PAGE


    Muhammed Z. Omarjee Enterprise Security Architect, Standard Bank (South Africa)    

Muhammed Zubayr (Mz) Omarjee is an Enterprise Security Architect,  that is responsible for the Information Security Architecture practice within the Enterprise Technology Architecture and Design(ETAD) division of Standard Bank Group, South Africa. In this capacity, he plays a pivotal role  as a change agent, driving a transformation strategy to re-shape the  information security practice as  a business driven and risk oriented discipline to support various lines of business units across 17 countries, both regionally and globally.

Together with 15 years of experience in the banking and IT sectors,  Muhammed Zubayr(Mz) has architected and delivered a  diverse portfolio of successful  IT projects, ranging from innovative mobile and speech banking solutions, been instrumental in key enterprise wide IT initiatives  as it relates to establishing an enterprise architecture practice, defined strategies and sequenced roadmaps for replacing legacy mainframe core banking  platforms, drove the  implementation of  a strategic enterprise wide Identity and Access Management initiative, as well as designed  a  multi-channel architecture aiming to integrate vertical and horizontal business domains within Standard Bank.

As part of an international team Muhammed Zubayr(Mz) has written extensively, and has contributed to the global IT community by co-authoring a couple of  technical  books and research  papers on the subject of  Pervasive and Mobile Technologies in the early 2000's. Furthermore,  he has also been invited as a guest speaker to local and international conferences, as well as being  nominated as an intra-company workshop facilitator to provide thought leadership on  applying emerging architectural practices to solve banking related IT challenges.



TOP OF PAGE


    Conor O’Neill Senior Security Consultant, Espion (Ireland)    

Conor is a senior security consultant with Espion and has been with the company for over a year. With 8 years information security experience, including 5 years as a CREST certified penetration tester, Conor will make use of his real-life experiences to present this talk.



TOP OF PAGE


    Richard Peasley Director of Enterprise Solution Architecture, Blue Coat Systems (USA)    

Richard Peasley, Director of Enterprise Solution Architecture for Blue Coat Systems Inc, has over 33 years of Industry experience primarily in security and enterprise systems management. Richard has worked for Control Data, EDI-Soutions, CapGemini, Gateway, and most recently BMC Software before joining Blue Coat in 2013. He has personally directed and delivered professinal services to many of the Global Forbes 500. He has writen and published several books and holds 5 Patents as well as ESCA and CHFI certifications. Past experience also includes IT service management certification training in ITIL V2 V3, and is an ITIL Expert.



TOP OF PAGE


    Matthew Pemble Technical Director, Goucher Consulting (UK)    

Matthew Pemble is a recognised leader in information security, particularly in governance, incident management and compliance. Having worked in the consultancy, government and finance sectors, dealing with the operation security of a major international bank and with the security requirements of billion-dollar projects, he is expert in the aligning of information security with innovative business solutions.

A regular speaker at international conferences and a regular author for professional journals, the trade and mainstream press, he is a visiting lecturer at a number of UK universities and an industry expert on online banking security.

Matthew specialises in assisting organisations to develop operational security models to fulfil complex regulatory and contractual requirements and to ensure that business can operate effectively within the chosen controls framework. Working with executive, risk and technology managers, as well as with compliance teams and CSOs / CISOs, he helps to deliver pragmatic and effective operational security. He also acts as a usability and product development advisor to a number of security vendors, having helped to develop market leading products in the vulnerability analysis, risk management and internet security fields.

With over 20 years of experience in security, his clients include international financial organisations, government and military, health, manufacturing and service sector organisations. He has worked in the United States, Europe, the Middle East and the Pacific Rim, delivering training, risk analysis and business services, as well as specialist security consultancy.

A Fellow of the British Computer Society, Chartered Engineer, Member of the Institute of Information Security Professionals and of the Institute for Engineering and Technology, Matthew takes an active role in the development of the security profession and supports future professionals through a number of school, university and professional mentoring programmes. He has a BEng in Electrical and Electronic Engineering from Heriot-Watt University in Edinburgh, and is a qualified CISSP and ISO 27001 Lead Auditor.



TOP OF PAGE


    Vernon Poole Head of Business Consultancy, Sapphire (UK)    

Vernon is Head of Business Consultancy, at Sapphire – a leading UK Trusted Security Integrator, addressing information governance and all best practice standards on information security management and associated areas (including ISO27000 series; ITIL; & COBIT).

He is a member of ISACA’s COBIT 5 Task Force, a CISM/CRISC/CGEIT trainer and a frequent speaker at ISACA global conferences. He is a thought leader on Business Model for Information Security (BMIS). He was the EuroCACS/ISRM Conference Taskforce Leader in 2013.

Vernon is a subject matter expert on a wide range of topics, from Information Security Governance, ISO27001, COBIT5 and BCP. He is also a respected CISM & CRISC trainer for ISACA in UK/Europe.

At Sapphire, Vernon has worked with many organisations in developing tailored Information Security Governance models to enable clients to benchmark their information security improvements.

Vernon started in consultancy with Capita and has over 20 years experience in information security management consultancy and training. He has also worked in the public sector and with Aid to Industry (UK audit and security training group)—the latter being acquired by Deloitte which resulted in Vernon becoming the European IS leader performing assignments for blue chip companies across Europe and Middle East, with reviews also in USA & South America.

Vernon is also a founder member of the UK & International 27001 User Groups and a recognized UK adviser to the government and private sector.

Vernon was awarded the John Kuyers Award for Best Speaker/Conference Contributor in 2012 by ISACA.



TOP OF PAGE


    Michael Price Senior Consultant, Axenic Ltd (New Zealand)    

Michael is a Consultant at Axenic Ltd. He is enthusiastic about security architecture and exploring how different methodologies and techniques can be used to achieve business outcomes.

Michael has a Postgraduate Diploma in Computer Security and Forensics from the University of Canterbury and holds SCF, CCSK and Information Security Management System (ISMS) Lead Auditor (ISO/IEC 27001:2013).



TOP OF PAGE


    Mark Rasch Former US Cybercrime prosecutor (USA)    



TOP OF PAGE


    Fabio Rosa Senior Consulting Architect, Blue Coat Systems (USA)    

Fabio Rosa, Senior Consulting Architect for Blue Coat Systems Inc, has over 16 years of experience in security and networking. He gained his professional experience working as a systems engineer and expert at Telefonica, Tellabs Inc and Blue Coat in Latin America. Fabio is currently work on the Enterprise Solution Architecture team at Blue Coat North America leading the development of programs that help customers adopt the best practices in security and networking architecture. Past experience includes security management, penetration testing and network administration.



TOP OF PAGE


    Helvi Salminen (Finland)    

Helvi Salminen has worked full-time in information security since June 1990, first as security analyst and since April 2000 as information security manager. Before starting information security tasks she has 12 years experience in systems development.

Cooperation with colleagues is an important asset for security professionals. Helvi is founder member of Finnish Information Security Association which celebrated its 10th anniversary in 2007. Helvi is qualified CISA (1992), CISSP (1998), SABSA chartered security architect – foundation level (2008) and was one of the first to achieve Master of Security in 2003 (PD program in Helsinki University of technology lifelong learning centre Dipoli – now part of Aalto University). She has been the program manager of information security training in Dipoli in 2003-2008, and has given presentations in several information security seminars. She was awarded by Finnish Information Security Association as CISO of the year in Finland 2014.



TOP OF PAGE


    Char Sample CERT, Carnegie Mellon University (USA)    

Dr. Char Sample is has over 19 years of experience in the information security industry, and presently works for CERT at Carnegie Mellon University where she supports various cyber efforts. Dr. Sample recently defended her dissertation on “Culture and Computer Network Attack Behaviors” at Capitol College in Laurel, Maryland.“ Other areas of research interest include: Cloud Computing, Anomaly Detection methods, Big Data, and DNS.



TOP OF PAGE


    William Schultz Enterprise Architect, Vanderbilt University (USA)    

Bill Schultz is an enterprise architect who has worked in the Information Technology field for over 13 years, with the past 8 focusing on Enterprise Architecture, Security Architecture, Risk Management, and Compliance. This work has involved building a security program, a risk management program and the development of strategic organizational architectures and technical system architectures. Bill has led multiple risk management and security architecture initiatives to build secure systems that meet compliance with Federal, Healthcare, or Payment Card Industry Standards. His focus is on using strategic architecture and risk management frameworks to design and implement secure and compliant IT systems that will enable the organization to meet business objectives.

He has presented on his work with FISMA compliance, enterprise risk management, and security architecture at both national and international conferences. Bill currently volunteers for the SABSA Institute and is actively working with peers to lead initiatives aimed at improving the security architecture community and mentor new members. Bill has earned a Master's of Science in Computer Information Systems. His certifications include the Certified Information System Security Professional (CISSP), SABSA Foundation (SCF), SABSA Risk, Assurance, and Governance Practitioner {SCPR), and SABSA Architecture and Design (SCPA) credentials. Bill was the first professional in the USA to gain the SABSA Master (SCM) credential.



TOP OF PAGE


    John Sherwood Head of SABSA Academy, SABSA Institute (UK)    

John Sherwood is a Consulting Fellow at Sherwood Associates Limited bv in The Netherlands, where he is the thought-leader in the development and deployment of information risk management services. He is also the Head of the SABSA Academy at The SABSA Institute. He has 40 years experience as an information-systems professional, the last 26 of which have been as a specialist in operational risk management and information security. He is also a leading expert in enterprise security architectures and information assurance and is the Chief Architect and main author of the SABSA methodology (see www.sabsa.org). The great majority of this experience is in the banking and financial services industry, but covers also aerospace, chemicals, construction management, media, oil & gas, retailing, government, military and telecommunications. John is a well-known speaker and author and has worked in many countries across Western and Eastern Europe, Scandinavia, North America, the Middle East, Australia, Africa and South East Asia.



TOP OF PAGE


    Malcolm Shore Technical Director Applied Intelligence, ISS, BAE Systems (Australia)    

Dr Shore was born in England and started his IT career with International Computers Ltd. He emigrated to New Zealand and served in the RNZAF as an IT specialist in applications, mainframe systems programming, and policy. On retiring from the RNZAF he headed the Information Security Division at the Government Communications Security Bureau, and concurrently completed his PhD in information security. During this time he was responsible for the introduction of ISO 27000 and the Common Criteria into New Zealand.

After heading the design and development of commercial landline, satellite, and radio encryption products in an electronics startup in Christchurch, New Zealand, Dr Shore took the position of Head of Security at Telecom NZ where he introduced ISO 27011 and the SABSA frameworks, and was responsible for the Sarbanes Oxley and PCI security compliance activities. Dr Shore relocated to Australia in 2011 where he was Principal Security Officer at the Australian National Broadband Network Company for three years. He is now Technical Director (Australia) at BAE Systems Applied Intelligence.

Dr Shore has held an adjunct position as Senior Fellow at Canterbury University, Christchurch and is currently an adjunct Professor at Deakin University, Melbourne and at the Australian Defence Force Academy campus of the University of New South Wales. He is also the Director of Education for the Australian Information Security Association and is an author on cybersecurity issues for Lynda.com.



TOP OF PAGE


    Jacoba Sieders Head of I&AM, ABN AMRO Bank (Netherlands)    

Drs. Jacoba Sieders - security architect and certified auditor - dedicated to Identity- and Access Management 15 years ago in a global role for the ING Group. After that she lead the global security integration team for Rabobank International. In her current position as global Head Identity- & Access Management in the Corporate Information Security Office at ABN AMRO Bank, she is accountable for all digital identities and digital access management for both customers and employees throughout the bank worldwide. Her experience ranges from setting up global identity infrastructures, creating one e-id for a multinational bank across 60 countries, developing the related legal data protection framework, introducing role-based, developing models for functional management, data quality, and attribute based access management for Service Oriented Architectures and data centric security. Jacoba is also knowledgeable on European and international privacy legislation. She is a member of the advisory board of the platform IDNext, an independent European think-tank focusing on all relevant areas related to digital identities, is involved in the EU Digital Agenda Initiatives, and is driving innovation and new concepts for identity strategies within, but also outside ABN AMRO Bank.



TOP OF PAGE


    Pieter Siedsma Security Architect, ING Bank (Netherlands)    

Pieter is a security architect who uses a practical approach to handle the old and the new threats (are they really new???) to the digital world. He currently works for the CISO office of ING and before that he worked in various other parts of ING including, CCERT, Insurance, the technical design authority.

Pieter was the first certified SABSA practitioner in the Netherlands, and he uses SABSA as a source of inspiration. Pieter uses COSAC for many years to convince himself that he is not completely nuts.



TOP OF PAGE


    Werner Thalmeier Director Security Solutions EMEA & CALA, Radware (Germany)    

Werner Thalmeier is active in the IT industry for over 20 years, with extensive field experience of work with vendors, customers, technology partners and resellers in various management and engineering positions.

As Director of Security Solutions EMEA & CALA Werner Thalmeier is responsible to drive the Security Product Strategy for Radware in EMEA and work closely with partners, customers and the IT Security community.

Before joining Radware Werner Thalmeier was heading the global product management team at M86 Security as VP of Product Management and was responsible for the overall security product strategy. At Finjan he was also VP of Product Management and responsible for the global Secure Web Gateway business and as Director of global Sales Engineering he managed the world wide SE team. Prior to that, Werner acquired a vast experience on customer sites as CIO. Mr. Thalmeier holds a degree in communication engineering.



TOP OF PAGE


    Ancilla Tilia (Netherlands)    



TOP OF PAGE


    Andrew S. Townley Chief Executive Officer, Archistry (South Africa)    

Andrew S. Townley is the founder and Chief Executive of Archistry, a consultancy whose mission is to provide you and your organization the tools and knowledge you need to execute your strategy with the confidence of knowing you’re doing the right things at the right time across all levels of your organization and with the safety of knowing you have cost-effective controls in place required to manage the risks of achieving your objectives in a structured, transparent and monitored way. company connecting people, information and actionable insights to enable exceptional performance.

Andrew is an international speaker, published author and thought leader for business execution, risk management, governance, compliance, cyber security, and SABSA security architecture who also has extensive practical, hands-on experience working in the US, Europe, Africa, the Middle East and Latin America. He is also a former Management Consultant with Deloitte and Bearing Point after starting his career over 20 years ago with Informix (acquired by IBM).

As an experienced Management Consultant on multi-million US dollar projects for both public and private sector clients and a serial entrepreneur on four continents, Andrew offers a unique blend of theory, practical experience and international, multi-cultural business execution that is in great demand as an advisor, consultant, speaker and mentor.

Prior to founding Archistry in 2006, Andrew's experience includes working with a wide-range of organizations in both the U.S. and Europe such as BearingPoint, Deloitte, Informix Software, MobileAware, Nortel, OniWAY, Telefonica, Telenor, Avaya, Nestlé France, the US DoD, the Irish Government and Houghton Mifflin Harcourt.



TOP OF PAGE


    Esther van Luit Cybersecurity Consultant, Deloitte (Netherlands)    

Esther van Luit is a cybersecurity consultant for Deloitte Netherlands. Combining hands on experience in the cybersecurity industry with university degrees in Economics and Management, she understands how to tie boardroom discussions and business needs to cybersecurity. Esther specializes in the Cybersecurity as a Social Construct, looking at developments in Cyber as a field, human error, security awareness and Cybersecurity policy making. Together with her colleagues at Deloitte, she is part of the project seeking to turn the WEF’s Cyber Value-at-Risk concept into an implementable cybersecurity environment assessment with quantifiable results. Furthermore, by continuing her (by origin, Master Thesis) research on skill gaps and skill acquisition methodologies in her current cybersecurity career, she seeks to build a methodology and framework for defining cybersecurity skills in high demand, and ways to address the excessive demand for cybersecurity talent in the job market. Lastly, she is actively involved in stimulating participation of women and of those with a non-IT background in the cybersecurity sector, based on the view that increased diversity will make for a healthier cybersecurity industry. As a young and ambitious woman in cybersecurity, she hopes to bring unusual and unorthodox points of view to this symposium.



TOP OF PAGE


    Marc Verboven Security Architect, ING Bank (Belgium)    

Marc Verboven is an experienced IT security architect with over 30 years of experience. After obtaining a PhD in Physics in he worked in process information and process control with Dow Chemical at Terneuzen (NL). After eight years in this challenging environment Marc changed course and joined a consultancy company, Cimad that became later part of IBM. Here he witnessed the start of the internet and all the related technologies and interesting evolutions that have lead us to the current state of cybersecurity. In IBM Marc was also one of the first European consultants trained in IBM's security methodology.

In 1999 he left IBM to work for Ubizen, a high tech company specialized in the field of developing products in the area of Identity & Access Management. During this period Marc also worked for one year in the US subsidiary of Ubizen. After returning to Belgium in 2001 he decided to leave Ubizen temporarily for one year to try out a career as an independent consultant, specialised in e-business and security solutions. In January 2003 he finally joined ING where he started working on projects in the area of Retail & Commercial Banking Channels, acting both as a security & application architect. Since 2006 Marc is member of the Enterprise Architecture group of ING with continued focus on the area of Risk & Security. Currently the focus of Marc is on developing reference architectures that balance global governance versus local solutions."



TOP OF PAGE



Copyright © 2015 COSAC - All Rights Reserved -