Click on a speakers name to view their Bio.

Chris Blunt

Director, Consulting Partner
(New Zealand)
Lex Borger

Security Consultant
Glen Bruce

Andreas Dannert

Enterprise Security Architect
Dimitrios Delivasilis

Head of Enterprise Security Architecture
Lawrence Dietz

General Counsel & Managing Director,
Information Security
TAL Global
Todd Fitzgerald

SVP, Chief Administrative Officer
Information Security and Technology Risk
Northern Trust
Rob Hale

Lockheed Martin
G. Mark Hardy

National Security Corporation
Michael Hirschfeld

CIO & First Assistant Secretary
Department of Finance
Martin Hopkins

Principal Consultant
Gotham Digital Science
Lynette Hornung

Senior Enterprise Security Architecture
& Privacy Manager
Andrew Hutchinson

Executive Director
Vanderbilt University Medical Center
Jaco Jacobs

Cyber Defense Domain Lead,
(The Netherlands)
Mark Keating

Global Information Security Architect
Jason Kobes

Principle Cyber Architect
Northrop Grumman
Karel Koster

Head of Information Security
Ingenico ePayments
(The Netherlands)
Lisa Lorenzin

Director, Emerging Technologies,
David Lynas

COSAC Chairman
& CEO SABSA Institute
(N. Ireland)
Valerie Lyons

Information Privacy Researcher
& PhD Scholar
Tal Melamed

Application Security
Tech Lead
AppSec Labs
Lori Murray

PhD Student
Iowa State University
Peter Nikitser

ALC Cyber Security
John O'Leary

O'Leary Management
Michael Price

Senior Security Consultant
(New Zealand)
Narendra Ramakrishna

Business Solution Architect
SEAM Advisory & Consulting
Mark Rasch

Chief Counsel
National Security Corporation
Helvi Salminen

Information Security Manager
Char Sample

Research Fellow, ICF
Army Research Labs
William Schultz

Principal Security Architect
Vanderbilt University
Medical Center
Malcolm Shore

David Lynas Consulting
(New Zealand)
Stephen Singam

Managing Director – Research
Distil Networks
Maurice Smit

Board Member
The SABSA Institute
(The Netherlands)
Ross Spelman

Manager Cyber Risk Services
Esther van Luit

Senior Security Consultant
(The Netherlands)
Marc Verboven

Security Architect

    Chris Blunt Director, Consulting Partner, Axenic (New Zealand)    

Chris is a Consulting Partner at Axenic Ltd, a specialist independent information security and privacy consultancy he co-founded in 2009. He has over 22 years of experience in the ICT industry, specialising in security and privacy for the last 11 years. He is an exponent of business-driven security and is passionate about delivering pragmatic advice that enables his clients to achieve their business goals and objectives.

He is also a committee member for BSides Wellington, which will hold its inaugural conference in Wellington, NZ on the 23rd and 24th November 2017.

Chris has a Masters in Information Management (MIM) and holds SCM, SCPA, SCPR, SCF, CISSP, CCSP, CRISC, CISM, CISA and ISO/IEC 27001:2013 Lead Auditor certifications.


    Lex Borger Security Consultant, I-to-I (Netherlands)    

Lex Borger is security consultant at I-to-I and advises large enterprises on the application of security in their environment.

Lex has more than 20 years of experience in information security and system security. He was involved in the development of operating systems, where he learned how to apply security from the inside out. He broadened his view on information security to all aspects of business automation. ex gathered most of his experience in the United States of America. Recently Lex focused on developing solutions in the areas of identity management, access management and security architecture.

Lex is the editor-in-chief of the professional magazine “Informatiebeveiliging” (Information Security), published by the PvIB (The Dutch Platform for Information Security Practitioners)


    Glen Bruce Director, Deloitte (Canada)    

Glen Bruce is focused on Security Strategies, Architectures and Policies supporting business and governments in their approach to managing information security risk. He has over 42 years of in-depth experience in information security consulting, systems management and technical positions. He has lead many information security engagements, where he has helped clients establish effective strategies, governance, architectures, policies and infrastructure implementations in support of both business and technical requirements. He is also the co-author of the book, "Security in Distributed Computing: Did You Lock the Door" published by Prentice-Hall. His experience and knowledge has taken him around the world to assist organizations with information security issues.

Glen is a Certified Information Systems Security Professional (CISSP), a Certified Information Security Manager (CISM), certified in Risk and Information Systems Control (CRISC), a trained ISO 27001 Lead Auditor, a certified ITIL practitioner and is a SABSA Certified Practitioner in Risk Management and Governance (SCPR) and Architecture Design & Development (SCPA).


    Andreas Dannert Enterprise Security Architect, Deloitte (Australia)    

Andreas is an Enterprise Security Architect in Deloitte’s Cyber Risk Advisory Services line with over 25 years of experience in IT and security consulting. He has worked on defining the security architectures and models for various global organisations across various industries and global locations.

In addition to his work at Deloitte Andreas is a long standing member of the ISACA Melbourne Chapter board where he held various positions as director and president. He is also an industry advisor to the Victorian’s Government Box Hill Institute, a working group member of the Security Architecture stream of the Internet of Things Alliance Australia (IoTAA) and an active member of the Oceania ISF Chapter.

Before joining Deloitte Andreas worked eleven years for Accenture with clients in Europe, Asia and Australia delivering and providing training in Technical Architecture to various clients across industries.

Prior to Accenture Andreas was working for Fraunhofer Society, the largest German Research organisation. At Fraunhofer he assisted in the research and development of open communication systems.

Andreas holds a Master of Computer Science degree from the Technical University of Berlin/Germany, is a Certified Information Systems Auditor (CISA), GIAC Security Essentials certified (GSEC exp.), ITIL Foundation certified, and a SABSA certified (SCF) professional.


    Dimitrios Delivasilis Head of Enterprise Security Architecture, VISA (UK)    

Strong technology executive, specializing in business-driven security architectures and business risk control management. I have more than 16 years of extensive experience gained within information security consultancy firms as well as financial services and telecom organizations. During the last eight years I have been offering enterprise security strategy services to C-Level executives across Europe due to my ability to simplify complex technological issues and explain them to non-technical professionals.


    Lawrence Dietz General Counsel & Managing Director, Information Security, TAL Global (USA)    

Lawrence Dietz, has extensive military and commercial intelligence and security experience. At TAL Global he has managed a variety of technically complex investigations involving intellectual property, sensitive data compromise, potential international illegal shipments, and celebrity reputation issues. As the company’s chief legal officer he is responsible for a variety of legal transactions. Prior to joining TAL Global Dietz served in senior roles at Symantec Corporation to include Director of Market Intelligence and Global Public Sector Evangelist. He retired as a Colonel in the U.S. Army Reserve with service in Military Intelligence and Psychological Operations. Colonel Dietz also serves as a Judge ProTem in Small Claims Court, Superior Court, San Jose, California. His degrees include BS in BA, MBA, JD, LLM in European Law. He is the author of the authoritative Blog on Psychological Operations (PSYOP), http://psyopregiment.blogspot.com.


    Todd Fitzgerald SVP, Chief Administrative Officer Information Security and Technology Risk, Northern Trust (USA)    

Todd is SVP and Chief Administrative Officer – Information Security and Technology Risk, Northern Trust. He led multiple Fortune 500/large company information security programs for 19 years, was named 2016 Chicago CISO of the Year by AITP, ISSA, ISACA, Infragard and SIM, ranked Top 50 Information Security Executive and authored 3 books-Information Security Governance Simplified: From the Boardroom to the Keyboard, CISO Leadership: Essential Principles for Success (ISC2) and E-C Council Certified Chief Information Security Officer Body of Knowledge. Prior senior leadership includes Grant Thornton International, Ltd, ManpowerGroup, WellPoint (now Anthem) Blue Cross Blue Shield-National Government Services, Zeneca/Syngenta, IMS Health, and American Airlines. Todd earned a B.S. in Business Administration from the University of Wisconsin-La Crosse and Master Business Administration from Oklahoma State University.


    Rob Hale Fellow, Lockheed Martin (USA)    

Rob is a Lockheed Martin Fellow with over 25 years of experience in information systems and security. During his career he has been responsible for conducting and supporting information assurance and cyber security activities for federal, state and commercial organisations in the defense, law enforcement, financial services, utility and healthcare industries. Additionally, he has designed and implemented secure networks to support nuclear emergency response teams in the Former Soviet Union, to support secure e-banking applications for three of the top 5 banks in the United States and to enforce privacy laws for a Swiss Private Bank. Since joining Lockheed, Rob has lead security architecture and certification and accreditation efforts for customers in the law enforcement and intelligence communities. He is currently leading cyber security and information operations research and development activities for Lockheed’s Mission Development and Integration group in the areas of embedded hardware security, anti-tamper technologies, self-defending and self-healing networks, secure virtual architectures and disparate event correlation technologies. Prior to coming to Lockheed Martin, Rob led efforts to develop the Security Architecture and Implementation methodologies for Ernst & Young and KPMG, serving as the National Leader of Security Architecture Services for Ernst & Young’s eSecurity Services Practice and the Global Lead for Enterprise Identity Management for KPMG. Additionally, Rob led Information Technology audit teams in support of financial audits and Sarbanes-Oxley compliance teams at both Ernst &Young LLP and KPMG LLP. Rob has been an active contributor and presenter at numerous industry conferences and round tables and has a Master’s degree in Information Assurance. In addition to pursuing a doctoral degree in Cyber Security, Rob has achieved multiple industry certifications including the CISSP-ISSAP, Certified Ethical Hacker and the Lockheed Martin IISA certification in Information Assurance.


    G. Mark Hardy President, National Security Corporation (USA)    

G. Mark Hardy serves as President of National Security Corporation, an information security management consulting firm he founded in 1988. He has been providing cyber security expertise to government, military and commercial clients for over 30 years and is the author of over 100 articles and presentations on security, privacy and leadership. He serves on the US National Science Foundation’s CyberWATCH Advisory Board and is a retired US Navy Captain. He wrote and taught information operations curriculum for NATO military officers. A graduate of Northwestern University and the U.S Army War College, he holds a BS in Computer Science, a BA in Mathematics, a Masters in Business Administration, a Masters in Strategic Studies and is designated as a Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM).


    Michael Hirschfeld CIO & First Assistant Secretary, Department of Finance (Australia)    

Michael is acting Chief Information Officer and First Assistant Secretary, IT and Workplace Division in the Australian Commonwealth Department of Finance and has executive responsibility for ICT as well as physical security within that agency.

He has previously held senior roles with a number of Australian government agencies including as Assistant Secretary for ICT Planning and Governance at the Australian Department of Foreign Affairs and Trade and Assistant Secretary, ICT Efficiency Review undertaken in 2009. Through his public sector career, Michael has worked in nine agencies responsible for delivering a range of Commonwealth services to the Australian community. He has been involved in both business and technology systems, advising on issues such as security, audit outcomes and risk management.

HHe was head of Technology Security for the Australian Taxation Office in the early noughties.

Michael has been involved in Security for the past 15 years and has been effectively educated by a group of excellent technical staff. He has been involved in a number of working groups defining the direction of whole of government initiatives in both E-Government and e-security including the "Secure Communications" and "On-line Authentication" working groups and has been a member of the Protective Security Policy Committee.

He takes a leadership role in the delivery of ICT and security services to the organisation focusing on risk analysis, governance and assurance, policy and awareness in building effective and practical security measures.

He has a diverse background and has been managing major projects since the mid 80’s. He began his career as a programmer and project manager on Building Control and IT systems and holds a Bachelor of Engineering, a Diploma in Education and a Master of Business Administration. In 2011 he participated in the Executive Leadership Program delivered by the Lee Kuan Yew School of Public Policy at the National University of Singapore.


    Martin Hopkins Principal Consultant, Gotham Digital Science (UK)    

Martin is a Principal Security Consultant and Head of R&D at Gotham Digital Science. He has over 24 years experience in the IT industry notably including development and testing of emulation and virtual machine technology, development of host and network security products, security architecture consultancy and pentration testing. During his career he has worked on a wide range of systems and platforms ranging from small embedded devices and custom enterprise network appliances to mid-range and mainframe systems. He is a strong advocate of business driven security, security architecture and secure software development practices.


    Lynette Hornung Senior Enterprise Security Architecture & Privacy Manager, TCG (USA)    

Lynette Hornung is a Senior Enterprise Security Architecture and Privacy Manager with TCG, Inc. She has her SABSA Foundation and SCPR and SCPA and her CIPP-US. She has over 20 years of experience in information security and privacy. She has worked with a variety of federal agencies providing various enterprise security architecture, computer security and privacy solutions and services working with a variety of stakeholders.


    Andrew Hutchinson Executive Director, Vanderbilt University Medical Center (USA)    

Andrew Hutchinson is the Executive Director of the Vanderbilt University Medical Center Information Technology (VUMC IT) Architecture and Portfolio Services groups. In this role, he oversees IT strategy, information security strategy, IT resource management (including service and portfolio strategy), and customer relationship management for VUMC IT Services delivered to Vanderbilt University Medical Center. Prior to his current role, Andrew served as the Executive Director of Strategy and Risk Management, overseeing the development, operation, and improvement of Vanderbilt’s ITIL based service management processes. Andrew also directed Vanderbilt’s Network Security team for a number of years prior to his involvement in IT Service Management. Before moving to Vanderbilt University, Andrew lived in Chicago, IL and Holland, MI and worked as an information security consultant for a shared security services company based in Grand Rapids, Michigan. Andrew holds a Bachelor’s degree from the University of Michigan and holds the ISC2 CISSP certification and SABSA SCF certification.


    Jaco Jacobs Cyber Defense Domain Lead, Gallia, Accenture (Netherlands)    

Jaco is Cyber Defense domain lead for the Gallia region at Accenture Security based out of the Netherlands. He has been a “security guy” for around 19 years during which time he has provided security services to a number of companies in Africa, Europe, the Middle East and the US. He has spent a large part of his career developing security IP and services and co-authoring security publications.


    Mark Keating Global Information Security Architect, Deloitte (UK)    

Mark is currently serving as a Global Information Security Architect for Deloitte, where he is responsible for helping define the global technology strategy and roadmap for over 250,000 people spread across 150 countries. He has been with Deloitte since 2002, and prior to his current position, was the Network & Security Architect for the UK & Switzerland where he was responsible for the design and implementation of most of the UK’s network and security platforms supporting 18,000 staff.


    Jason Kobes Principle Cyber Architect, Northrop Grumman (USA)    

Jason Kobes works as a Principal Cyber Architect & Research Scientist in Washington, DC for Northrop Grumman Corporation. Jason has over 20 years of experience concentrated in information systems design analytics, business/mission security architecture, enterprise risk management, information assurance research, and business consulting. Jason has a Master's of Science in Information Assurance (MSIA) and a Bachelor's of Science in Computer Science from Iowa State University. Jason holds a SABSA Practitioner of Risk and Governance as well as Architecture. Jason's areas of research include enterprise risk architecture, accountable anonymity systems and applying actionable enterprise security architecture. Jason also is an Enterprise Security Architecture instructor for the Zachman/FEAC Institute, SABSA Institute and the Northrup Grumman Cyber Academy.


    Karel Koster Head of Information Security, Ingenico ePayments (Netherlands)    

Karel Koster is an information security professional with over 15 years of experience is various roles. He currently holds a position as Head of Information Security within Ingenico ePayments, one of the larger payment service providers on the web.

Prior to Ingenico, Karel as an information security officer was responsible for information security awareness, vulnerability management and technical compliance at Aegon the Netherlands.

Karel has spoken on topics of security awareness and vulnerability management on several international conferences including the ISF World Conference 2013.


    Lisa Lorenzin Director, Emerging Technologies, Americas, Zscaler (USA)    

Lisa Lorenzin is the Director, Emerging Technologies, Americas at Zscaler, specializing in zero trust networks, and co-chair of Trusted Network Connect, a work group of the Trusted Computing Group that defines an open architecture and standards for endpoint integrity and network security. She has worked in a variety of Internet-related roles since 1994, with more than a decade of that focused on network and information security, and is currently concentrating on enterprise security including network segmentation, end-to-end identity-based access control, and integration of mobile security.


    David Lynas COSAC Chairman & CEO SABSA Institute (Northern Ireland)    

David Lynas is currently enjoying his thirty-fifth year of experience in Information Security, during which he has been invited to provide strategic advice to governments and industry clients on every continent. A globally renowned Enterprise Security Architect, Security Strategist, and Thought-Leader, he is the co-author of SABSA (the world’s leading free-use, open-source Security Architecture Methodology) and the CEO of the SABSA Institute charged with providing assurance and confidence to Government & Industry of the competencies of Security Architects globally. He is the COSAC Founder and Chairman, SABSA World Congress Chairman and the CEO of David Lynas Consulting the world’s pre-eminent provider of SABSA Training and Consulting Services.

A widely-published author and commentator, David’s has also been quoted widely in the media and major trade and broadsheet press, including: BBC Television, BBC Radio Ulster, Independent Television News, The Irish Times, Sydney Morning Herald, Wired.com, CIO Magazine, Technology Ireland, Korea News and the Harvard Business Review.


    Valerie Lyons Information Privacy Researcher & PhD Scholar (Ireland)    

I am an accomplished Information Security Risk Manager for the last two decades, with extensive experience at senior management level. I am also a fully qualified executive coach, with a Masters in Business and Leadership. Increasingly over the last few years, I became aware that industry was becoming hugely focussed on addressing security and privacy through the compliance lens. Seeking to find a more sustainable and effective way to address these risks, I traded my senior management position for the opportunity to undertake a PhD, researching information privacy and security protection approaches. My particular research interest lies in the role of ethics in this domain and my long term objective is to bring that learning and research findings back into industry.


    Tal Melamed Application Security Tech Lead, AppSec Labs (Israel)    

Tal is an Application Security Expert. As AppSec Labs' Technical Leader, he is leading a variety of security projects for IoT, Mobile, Web, and Client applications.

Prior to working at AppSec Labs, Tal has worked at Amdocs, CheckPoint and RSA, having more than a decade of experience in security research and security vulnerability assessment.

Tal is a keen speaker, training and lecturing world-wide for secure coding and hacking; a neat developer, participating and leading the R&D of security tools, including AppUse, iNalyzer and ProKSy. Breaking, building & teaching since '99.


    Lori Murray PhD Student, Iowa State University (USA)    

Lori Murray is a Senior Advanced 3 Information Assurance Systems Engineer, currently enrolled at Iowa State University as a PhD student studying Computer Engineering. She has her Masters of Science degrees in Information Assurance and Business Analytics from Iowa State University, along with her CISSP. Lori has 15 years of experience between Systems Engineering as a Cyber Security SME building security architecture from requirements definition to design implementation and enterprise network monitoring and detection.


    Peter Nikitser Director, ALC Cyber Security (Australia)    

Peter Nikitser is in his 30th year of IT, most of which has been spent in information security. He is a co-founding member of both AusCERT and SL-CERT. When he is not travelling teaching students or consulting, Peter spends time renovating his acreage, and can tell you all about lantana.


    John O'Leary President, O'Leary Management Education (USA)    

John O'Leary, CISSP, is President of O’Leary Management Education. His background spans four decades as an active practitioner in information systems, IT Security and contingency planning. He has designed, implemented and managed security and recovery for networks ranging from single site to multinational. John has trained tens of thousands of practitioners, and conducted on-site programs at major corporations and government facilities worldwide. He has also facilitated meetings of Working Peer Groups, where security professionals from diverse corporations share ideas, concerns and techniques. John was the recipient of the 2004 COSAC award and the 2006 EuroSec Prix de Fidelite. He has never been convicted of anything really serious or run for public office.


    Michael Price Senior Security Consultant, Axenic (New Zealand)    

Michael is a Senior Consultant at Axenic Ltd. He is enthusiastic about security architecture and exploring how different methodologies and techniques can be used to achieve business outcomes.

Michael has a Postgraduate Diploma in Computer Security and Forensics from the University of Canterbury and holds SCPA, SCPR, SCF, CCSK and ISO/IEC 27001:2013 Lead Auditor certifications.


    Narendra Ramakrishna Business Solution Architect, SEAM Advisory & Consulting (UK)    

Narendra Ramakrishna is an accomplished Enterprise and Solution Architect specializing in delivering solutions in the areas of Cybersecurity, CloudSecurity, and PCI-DSS.

He has worked in a variety of roles across security development design and security architecture since 1999, with more than a decade of that focused on various transformation programs which include process changes, implementation of various industry strength methods and is currently focusing on enterprise security. He is involved in the role of Secure Development Life Cycle of large financial service organizations in the United Kingdom and security architecture for card data protection initiative.


    Mark Rasch Chief Counsel, National Security Corporation (USA)    

Mark Rasch is an internationally recognized cyber attorney and technology risk executive, with a distinguished record establishing and leading world-class data privacy and resiliency, security consulting, incident response and investigations practices for commercial and government organizations. More than 30 years’ in information security, and high-technology litigation and advisory across the critical infrastructure. Highly sought as one of the world’s leading legal (cyber) experts in data breach investigations and forensics, remediation, and mitigation for international and domestic entities. Former head of U.S. Department of Justice Computer Crime Unit (later Computer Crime and Intellectual Property Section) of the Criminal Division. Successfully led computer crime and fraud investigations and prosecutions, including the first ever computer hacker prosecution, among other notable cases.


    Helvi Salminen Information Security Manager, Gemalto (Finland)    

Helvi Salminen has worked full-time in information security since June 1990, first as security analyst and since April 2000 as information security manager. Before starting information security tasks she has 12 years experience in systems development.

Cooperation with colleagues is an important asset for security professionals. Helvi is founder member of Finnish Information Security Association which celebrated its 10th anniversary in 2007. Helvi is qualified CISA (1992), CISSP (1998), SABSA chartered security architect – foundation level (2008) and was one of the first to achieve Master of Security in 2003 (PD program in Helsinki University of technology lifelong learning centre Dipoli – now part of Aalto University). She has been the program manager of information security training in Dipoli in 2003-2008, and has given presentations in several information security seminars – including COSAC in 2008, 2009, 2014 and 2015. She was awarded as CISO of the year in Finland 2014 by Finnish Information Security Association.


    Char Sample Research Fellow, ICF, Army Research Labs (USA)    

Dr. Char Sample is research fellow employed for ICF at the US Army Research Laboratory in Adelphi, Maryland and with the University of Warwick, UK. Dr. Sample has over 20 years experience in the information security industry. Most recently Dr. Sample has been advancing the research into the role of national culture in cyber security events. Presently Dr. Sample is continuing research on modeling cyber behaviors by culture, other areas of research are information weaponization and complexity.


    William Schultz Principal Security Architect, Vanderbilt University Medical Center (USA)    

Bill Schultz is security architect who has worked in the Information Technology field for over 14 years, with the past 9 focused on Enterprise Architecture, Security Architecture, Risk Management, and Compliance. Bill has built security programs, risk management programs, and developed strategic organizational architectures and technical system architectures. Bill has led multiple risk management and security architecture initiatives to build secure systems that comply with Federal, Healthcare, or Payment Card Industry Standards. He uses strategic architecture and risk management frameworks to design and implement secure and compliant IT systems that enable the organization to meet business objectives. Bill currently volunteers for the SABSA Institute and works with peers leading initiatives to improve the security architecture community and mentor new members. Bill holds a Master's of Science in Computer Information Systems and is a Certified Information System Security Professional (CISSP). In 2015 Bill became the first person in the USA to attain SABSA Master Status.


    Malcolm Shore Consultant, David Lynas Consulting (New Zealand)    

Dr Shore was born in England and worked with International Computers Ltd prior to completing a BSc in Computer Science at the University of London. He emigrated to New Zealand and after two years in industry accepted a commission in the RNZAF during which time he held positions in Defence EP as Chief Systems Programmer, Assistant Director Air Staff Policy and Plans, and Assistant Director Information Systems in Defence Headquarters.

Malcolm retired from the RNZAF and moved to the Government Communications Security Bureau where he developed and implemented New Zealand's national information systems security policy. During this appointment, Malcolm also completed his PhD at Otago University. He retired from the Government Communications Security Bureau as Director INFOSEC. During this time he was responsible for the introduction of ISO 27000 and the Common Criteria into the country.

Since working for Government, Dr Shore has been the Technical Director for CES Communications Ltd in which position he was responsible for the design and development of commercial landline, satellite, and radio encryption products.

Following this he has held Head of Security positions in both Telecom New Zealand, where he was responsible for delivering Sarbanes Oxley and PCI compliance; and in NBN Co, where he was responsible for satisfying compliance with the Australian Protective Security Policy Framework.

Malcolm was also the Technical Director for BAE Systems Australia, which included management of the penetration testing and reverse engineering teams.

Over the last fifteen years, Dr Shore has held adjunct positions at Canterbury University, Deakin University, and the University of New South Wales where he has lectured in cybersecurity. Dr Shore was involved with the development of cybersecurity strategies in New Zealand, Australia, and ASEAN.


    Stephen Singam Managing Director – Research, Distil Networks (USA)    

Stephen is an Information Security & Technology Management professional with extensive experience in the Financial Services, Startups, Media & Entertainment and Cybersecurity Consulting industries, who has held senior cybersecurity positions at Hewlett Packard (Asia Pacific & Japan), Commonwealth Bank of Australia (Sydney), 20th Century Fox/News Corporation (Los Angeles), Salesforce.com (San Francisco), IBM Corp (New York) and Nokia (Helsinki, Finland).

With multi-industry security experience, at 20th Century Fox, he developed its first Anti-Piracy Standards, Intellectual Property (IP) Security Architecture which covered all IP business risk i.e. From Movie Script Development to Home Entertainment DVD release, which was evidenced. with the most successful movie of all time – James Cameron’s AVATAR/ $US3.2B. The engagement on Avatar managing 60+ vendors worldwide via multiple technology platforms, legal requirements, and culture. Furthermore, 20th Century became the first Media & Entertainment firm to successfully attain a zero pre-release IP loss of major DVD production in Russia with the distribution of MGM’s Quantum of Solace.

He has an MS in Management of Technology from the Wharton Business School & the School of Applied Science & Engineering. And a Moore Fellow in Management of Technology at the University of Pennsylvania. Additional certifications are Certified Risk and Economic Analyst from Harvard University, CISSP; and C|EH. He has been on cybersecurity panels at Tech ROI; New York Times Business-Innovation; and Silicon Valley’s ISACA Annual Meeting, UK’s KTN and PwC’s Data Privacy & Big Data. In addition, he is on the Advisory Board at numerous Cybersecurity start-up ventures.

He was a reviewing member of the 9th working draft of the United States Government NIST Cloud Computing Standards Roadmap. In 2011, he was invited by the Chinese Government in Chongqing Municipality (重庆市) to advise on open internet strategies for multinational companies.


    Maurice Smit Board Member, The SABSA Institute (Netherlands)    

Maurice is a Principal Security Consultant and SABSA Instructor, with over 15 years of experience in IT Security operations, management, governance and architecture, in a variety of industries including finance, healthcare and pharmaceuticals.

Maurice delivers accredited SABSA training in Europe, India and the Middle East and is a founding member of the SABSA Institute Board of Trustees.


    Ross Spelman Manager Cyber Risk Services, Deloitte (Ireland)    

Manager - Deloitte Advisory - Cyber Risk Services
10 years+ IT Technical and Service Delivery Management
5 years in Information Security specialising in information governance and cloud security

MSc in Cloud Computing
MSc in Software Engineering
Numerous industry qualifications (CISM, ISO 27001, Prince2, ITIL, CCSK, SSCP etc.)


    Esther van Luit Senior Security Consultant, Deloitte (Netherlands)    

Ester van Luit is a young and driven security advisor for Deloitte Netherlands. She specializes in security skill gaps, cyber risk quantification and security maturity assessments and has worked for many international clients. She was short listed for woman of the year 2015 for the British Cybersecurity Awards and is actively involved in getting more girls and women into the security industry. She is determined to advance the state of security knowledge management and education in her career.


    Marc Verboven Security Architect, ING (Belgium)    

Marc Verboven is an experienced IT Security Architect with over 30 years of experience. After working for Dow Chemical, IBM and startups in Belgium, always in the area of IT Security, he joined ING Belgium in 2003. Since then he mainly worked on projects in the area of Retail & Commercial Banking Channels, acting both as a security & application architect. Since 2006 Marc is member of the Enterprise Architecture group of ING with continued focus on the area of Risk & Security. Recently Marc has been involved in topics like Data Privacy, API Security, APT, Cloud Security.


Copyright © 2017 COSAC - All Rights Reserved -