COSAC 2023 COSAC Connect COSAC APAC 2023

COSAC's event format holds post-session networking as a priority, providing unparalleled access to industry experts, long after the day's sessions have finished.

The COSAC 2023 Call for Papers is currently open but you can view our 2022 Speaker Panel below. Click on a speaker to view their profile.

Ali Abdollahi Infosec Engineer, Picnic Technologies B.V. (Netherlands)

Ali Abdollahi

Infosec Engineer, Picnic Technologies B.V. (Netherlands)

Ali is an Infosec engineer at Picnic Technologies B.V. and researcher with a decade of experience working in a variety of fields. He was a trainer at OWASP summer of security 2020, 2021 July training and reviewer for Springer Cluster Computing Journal as well as 2021 Global AppSec US event. In addition, He was speaker or trainer at IEEE AI-ML-Workshop-2021, SSD TyphoonCon, c0c0n2019, BSides Toronto, Budapest, Calgary, Newcastle, Barcelona, OWASP Ottawa chapter, Defcon RedTeam, AppSec and Aerospace villages, Confidence Conf2020, NoNameCon20, YASCon2020, COUNTERMEASURE Conference, DragonCon etc.
X
Chris Blunt Enterprise Security Architect, Aflac NI (Northern Ireland)

Chris Blunt

Enterprise Security Architect, Aflac NI (Northern Ireland)

Chris is a seasoned cybersecurity professional. He has recently moved to Belfast from New Zealand where he co-founded and ran a highly successful information security and privacy consultancy. He is an exponent of business-driven security and is passionate about delivering pragmatic advice that enables organisations to achieve their business objectives.
X
Hugh Boyes Principal Engineer, University of Warwick (UK)

Hugh Boyes

Principal Engineer, University of Warwick (UK)

Hugh Boyes is a Chartered Engineer, a Fellow of the Institution of Engineering and Technology (IET) and holds the CISSP. He divides his time between working as a Principal Engineer at the University of Warwick and undertaking cyber security consultancy assignments. Hugh is a Member of the Register of Security Engineers and Specialists (RSES).
X
Steven Bradley Consulting Security Architect, Cyber Enterprise Modelling (Belgium)

Steven Bradley

Consulting Security Architect, Cyber Enterprise Modelling (Belgium)

Steven is an independent security consultant based in Brussels with 25+ years in IT. He has undertaken major assignments for clients in the national & European public sector, finance, telecoms & utilities and also lends his support to local cyber-security initiatives. His work in recent years has broadened geographically while becoming more specialised in the field of security by design through automation & modelling, leading to the foundation in 2021 of a niche consultancy in this domain. He holds numerous security and privacy certifications including SABSA.
X
Phil Bridgham Cyber Architect, Northrop Grumman (USA)

Phil Bridgham

Cyber Architect, Northrop Grumman (USA)

Dr. Phillip Bridgham is a Cyber Architect and researcher for Northrop Grumman and applies AI, Machine Learning, and Information Fusion techniques to achieve advanced automation and risk management. Dr. Bridgham brings 25 years of software engineering and technical leadership experience across a wide range of industries, including: Aerospace, Industrial Controls, Robotics, Banking and Finance, Medical Devices, Fraud Detection, Risk Analysis, and more.
X
Glen Bruce Cybersecurity Consultant, GDB Cybersecurity (Canada)

Glen Bruce

Cybersecurity Consultant, GDB Cybersecurity (Canada)

Glen Bruce is focused on Security Strategies, Architectures, PKI and Governance supporting business and governments in their approach to managing information security risk. He has over 47 years of in-depth experience in IT consulting, systems management and technical positions. He has led many information security engagements, where he has helped clients establish effective strategies, governance, architectures, policies, PKI and infrastructure implementations in support of both business and technical requirements.
X
Rob Campbell Security Architecture, PA Consulting (UK)

Rob Campbell

Security Architecture, PA Consulting (UK)

I'm a consulting security architect in the UK. I have over 30 years experience in IT with 25+ focused on security across sectors. I consider myself more as an Enterprise architect who works in security rather than and Enterprise Security Architect because I end up having to do both more often than not. I love learning and also contributing and am known to share useful personal intellectual capital to help bring on our great profession. I am a nerd with interests that extend beyond security and IT into the realms of Scouting and Classic cars so if you get bored talking shop come see me and I...
X
John Ceraolo Head of Information Security, Skilljar, Inc. (USA)

John Ceraolo

Head of Information Security, Skilljar, Inc. (USA)

Mr. Ceraolo has been an information security professional for over 25 years in industries ranging from publishing, software, automotive, mobile technology and now healthcare analytics. He has frequently spoken at COSAC and other US-based security conferences. He holds his CISM, CISSP, and CISA as well as his Masters in Information Assurance from Norwich University.
X
Andy Clark Director, Primary Key Associates (UK)

Andy Clark

Director, Primary Key Associates (UK)

Prof Clark is an acknowledged expert in Cryptography, I.S. Security, Systems Engineering, Information Forensics & Cyber Security. He has worked in the field of Computer and Information Systems Security and Cryptology since 1984 and is a registered expert witness with 20+ years’ experience of presenting computer and information systems evidence in a wide range of criminal & civil cases. He is a co-author of the SABSA Blue Book & was the first recipient of the COSAC award.
X
Thomas Clevely Product Cyber Security Specialist, Rolls-Royce (UK)

Thomas Clevely

Product Cyber Security Specialist, Rolls-Royce (UK)

I am a product cyber security specialist at Rolls Royce in the UK with 15 years’ experience working a broad spectrum of cyber security roles, including Supply chain integration and risk management, Enterprise network security, Industrial controls systems security and most recently product cyber security. Product cyber security, or the security of safety/mission critical embedded systems is a fast paced and fascinating challenge. I feel privileged to be part of a global team and global community tackling these challenges, ensuring Rolls-Royce continues to pioneer the power that matters.
X
Dimitrios Delivasilis Director - Risk & Resilience, David Lynas Consulting (UK)

Dimitrios Delivasilis

Director - Risk & Resilience, David Lynas Consulting (UK)

Strong technology executive, specialising in business-driven security strategy, architecture and operational resilience. Dimitrios has more than 22 years of extensive experience in leadership roles predominantly within financial services (Head of Enterprise Security Architecture at Visa and Global Head of Information Risk Strategy at HSBC). He has built a success record of simplifying security decisions, delivering future proof information security strategies and helping organisations implement their digital transformation plans with a commensurate level of assurance.
X
Bonnie Demeyer Security Consultant, Cyber Enterprise Modelling (Belgium)

Bonnie Demeyer

Security Consultant, Cyber Enterprise Modelling (Belgium)

Bonnie is a freelance Security Analyst and Information Security Manager who has been working in, and advocating for, a model-driven approach to security since 2016. She returns for her third COSAC as the co-founder of Cyber Enterprise Modelling: a niche consultancy specialising in the application and advancement of model-driven security. Bonnie holds certifications in security, information risk management, privacy and ArchiMate.
X
Lawrence Dietz General Counsel, TAL Global Corporation (USA)

Lawrence Dietz

General Counsel, TAL Global Corporation (USA)

Lawrence Dietz, Attorney has served as General Counsel of TAL Global since April 2010 where he had extensive experience in international contracts. Prior to joining TAL Global Dietz served in senior roles at Symantec Corporation to include Director of Market Intelligence and Global Public Sector Evangelist. He retired as a Colonel in the U.S. Army Reserve and is the author of the authoritative Blog on Psychological Operations (PSYOP).
X
Elizabeth O. Dietz Professor Emerita, San Jose State University (USA)

Elizabeth O. Dietz

Professor Emerita, San Jose State University (USA)

Dr Elizabeth 'Liz' O. Dietz, EdD, CS-NP, CSN, FAAN began her nursing career as a Lieutenant Junior Grade, Charge Nurse for the US Public Health Service during the Vietnam Conflict. She is a Professor Emeritus of Nursing from San Jose State University after a 29-year career there. She has been a volunteer with American Red Cross in Service to Armed Forces, Disaster Health Service Manager, Expert Instructor in International Humanitarian Law program, as well as Regional Disaster Lead for the Disability Integration program.
X
Todd Fitzgerald Vice President, Cybersecurity Strategy, Cybersecurity Collaborative (USA)

Todd Fitzgerald

Vice President, Cybersecurity Strategy, Cybersecurity Collaborative (USA)

Todd Fitzgerald promotes cybersecurity leadership collaboration and serves as VP, Cybersecurity Strategy and Chairman of the Cybersecurity Collaborative Executive Committee. Todd authored 4 books including #1 Best Selling and 2020 CANON Cybersecurity Hall of Fame Winner CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers (2019) and ground-breaking CISO Leadership: Essential Principles for Success. Todd also hosts the popular SecurityWeekly CISO STORIES Podcast. He was named 2016–17 Chicago CISO of the Year, ranked Top 50 IS Executive.
X
Peter De Gersem Security Management Specialist, SWIFT (Belgium)

Peter De Gersem

Security Management Specialist, SWIFT (Belgium)

Peter is a security management specialist at SWIFT, the world’s leading provider of secure financial messaging services. He has over 22 years of experience in information security, having covered a broad spectrum of security domains. His current role is managing the SWIFT security assessment practice, from business objectives over threat landscape to deriving the security painpoints and identifying security requirements that speak to both business as technical stakeholders.
X
Rob Hale Fellow, Lockheed Martin (USA)

Rob Hale

Fellow, Lockheed Martin (USA)

Rob is a Lockheed Martin Fellow with over 25 years of experience in information systems and security. During his career he has been responsible for conducting and supporting information assurance and cyber security activities for federal, state and commercial organisations in the defense, law enforcement, financial services, utility and healthcare industries. Additionally, he has designed and implemented secure networks to support nuclear emergency response teams and top US banks.
X
G. Mark Hardy President, National Security Corporation (USA)

G. Mark Hardy

President, National Security Corporation (USA)

G. Mark serves as President of National Security Corporation, an information security management consulting firm he founded in 1988. He has been providing cyber security expertise to government, military, and commercial clients for over 30 years, and is the author of over 100 articles and presentations on security, privacy, and leadership. A graduate of Northwestern University and Loyola University, he holds a BS in Computer Science, a BA in Mathematics, a Masters in Business Administration.
X
Michael Hirschfeld Director, David Lynas Consulting (Australia)

Michael Hirschfeld

Director, David Lynas Consulting (Australia)

Michael has 20 years’ experience in Information Security and is a Director of David Lynas Consulting and the Chair of the SABSA Founders Bursary. He has provided high level assistance on information security related matters to a range of clients within Australia and internationally. He was formerly the Chief Information Officer and CISO at the Australian Commonwealth Department of Finance where he had executive responsibility for ICT as well as physical security.
X
Martin Hopkins Consultant, Attributive Security (UK)

Martin Hopkins

Consultant, Attributive Security (UK)

Martin is an independent information security consultant with a current focus on security advisory to small businesses in the UK. He has over 25 years’ experience in technology, primarily in security related fields. A regular speaker on cyber security topics, he is a strong advocate of business driven security, security architecture and secure software development practices.
X
Lynette Hornung Security Architecture Manager, Catapult Systems (USA)

Lynette Hornung

Security Architecture Manager, Catapult Systems (USA)

Lynette has her MS in Information Assurance from Iowa State University and her SABSA certifications. She has over 20 years of experience with security architecture and data privacy serving as a trusted advisor with customers and working on cross functional teams. She is currently a Security Architecture Manager with Catapult Systems.
X
Jaco Jacobs Senior Security Principal, Accenture (Netherlands)

Jaco Jacobs

Senior Security Principal, Accenture (Netherlands)

Jaco is Cyber Operations and Resilience offering lead for Europe at Accenture Security based out of the Netherlands. He has been a “security guy” for around 19 years during which time he has provided security services to several companies in Africa, Europe, the Middle East and the US. He has spent a large part of his career developing security IP and services and co-authoring security publications.
X
Siân John MBE Director SCI Business Development, Microsoft (UK)

Siân John MBE

Director SCI Business Development, Microsoft (UK)

Siân John MBE is EMEA/APJ Director of Cybersecurity Strategy at Microsoft. She leads a team of chief security advisors in EMEA and APJ who work with Microsoft’s customers as they evolve their security strategy to support digital transformation and cloud adoption. Siân has worked in Cybersecurity for nearly 25 years across strategy, business risk, privacy, and technology. Siân is a recognised thought leader in the industry. She is Chair of both techUK’s CyberSecurity Management committee and the Digital Economy Advisory Board for the UK Research Councils.
X
Lesley Kipling Chief Security Advisor, Microsoft (UK)

Lesley Kipling

Chief Security Advisor, Microsoft (UK)

Previously lead investigator for Microsoft’s detection and response team (DaRT), Lesley has spent 16+ years responding to Microsoft customers’ largest and most impactful cybersecurity incidents. As Chief Security Advisor, she now provides customers, partners and agencies around the globe with deep insights into how and why security incidents happen, how to harden defences and more importantly, how to automate response and contain attacks with the power of the cloud and machine learning.
X
Gordon Jenkins Head of Security Architecture, Admiral (UK)

Gordon Jenkins

Head of Security Architecture, Admiral (UK)

Dr Gordon Jenkins heads up the security architecture team at Admiral Insurance in the UK. He has 25+ years’ experience in IT and security for large financial services organisations in the UK and US, across investment banking, life & pensions, asset management, and general insurance. He has worked as a security architect for the last 13 years, providing guidance to dozens of major business and infrastructure projects and helping to shape enterprise security functions.
X
Dr. Silvia Knittl Director Cyber & Privacy, PwC (Germany)

Dr. Silvia Knittl

Director Cyber & Privacy, PwC (Germany)

Dr. Silvia Knittl is focused on Enterprise Security Architecture and supporting public and business clients in enabling their cyber capabilities. She manages security transformation projects and has led many cyber engagements helping organizations to improve on governance, processes, or tooling in the domains like IAM, SIEM/SOC or network. Sie is Director at PwC Germany in the Cyber & Privacy practice and has over 15 years of experience working in Cyber.
X
Jason Kobes Architect, Research Scientist, Professor, Northrop Grumman (USA)

Jason Kobes

Architect, Research Scientist, Professor, Northrop Grumman (USA)

Jason Kobes works as Tech Fellow Senior Architect & Research Scientist in Washington, DC for Northrop Grumman Corporation. Jason also is an adjunct professor for Marymount University teaching Cyber Crime and Digital Terrorism. Jason has over 24 years of experience concentrated in cyber digital transformation, information systems design analytics, business/mission security architecture, enterprise risk management, information assurance research, and business consulting. Jason has a Master's of Science in Information Assurance (MSIA) and a Bachelor's of Science in Computer Science.
X
Karel Koster Manager IT - Information Security, FedEx Express Int (Netherlands)

Karel Koster

Manager IT - Information Security, FedEx Express Int (Netherlands)

Karel Koster is an information security professional with over 15 years of experience is various information roles. He currently manages a team of security analyst with a global remit at FedEx, owning implementing and executing various GRC processes. Prior to FedEx Karel fulfilled positions as Head of information security, information security officer, security architect and operational risk manager within financial services companies.
X
Robert Laurie Enterprise Security Architect, David Lynas Consulting (Australia)

Robert Laurie

Enterprise Security Architect, David Lynas Consulting (Australia)

Rob is an Enterprise Security Architect with 17+ years’ experience in the IT, Application and Security industries and holds several security designations within the sector. He is a committee member for the Australian Information Security Associates (AISA) and is a member of the GIAC Advisory Board.
X
Genevieve Liveley Professor of Classics, University of Bristol (UK)

Genevieve Liveley

Professor of Classics, University of Bristol (UK)

Genevieve is Professor of Classics, RISCS Fellow, and Turing Fellow at the University of Bristol. As a narratologist, she has particular research interests in stories and their impact on futures thinking – especially in the context of emerging technologies and cyber security. She leads the Futures strand for the UKRI’s Digital Security by Design (DSbD) programme, and as RISCS Fellow, heads the ‘Anticipation and Futures Literacy’ research theme.
X
Ashling Lupiani Cognitive Solutions Developer, Cancer Treatment Centers of America (USA)

Ashling Lupiani

Cognitive Solutions Developer, Cancer Treatment Centers of America (USA)

Ashling is a neuroscientist & biomedical engineer with experience in speech and motor research. She has spent 5 years running neurorehabilitation studies with human participants. As part of this work, she co-authored 5 papers and presented at international conferences in Toronto & Boston. She also has an interest in hacking & social engineering, attending conferences such as DEFCON for 8 years. She earned a BA in Neuroscience from Boston University in 2017, and a MS in Biomedical Engineering from the Joint Department of Biomedical Engineering at UNC Chapel Hill and NC State.
X
David Lynas Chairman, COSAC (Northern Ireland)

David Lynas

Chairman, COSAC (Northern Ireland)

David Lynas is currently enjoying his thirty-eighth year of experience in Information Security, during which he has been invited to provide strategic advice to governments and industry clients on every continent. A globally renowned Enterprise Security Architect, Security Strategist, and Thought-Leader, he is the co-author of SABSA (the world’s leading free-use, open-source Security Architecture Methodology), CEO of the SABSA Institute CEO of David Lynas Consulting.
X
Valerie Lyons COO, BH Consulting (Ireland)

Valerie Lyons

COO, BH Consulting (Ireland)

Recently included as one of Europe's top 100 women in cybersecurity, Dr. Valerie Lyons is a highly experienced senior cybersecurity and privacy professional. Currently COO of BH Consulting (a data protection and cybersecurity firm based in Ireland), Valerie is also a subject matter expert in European data protection and privacy. She recently completed an award-winning PhD, researching organisational approches to Information Privacy. She lectures on the topic of cybersecurity, privacy and ethics in several Irish academic institutions including Dublin City University.
X
Richard Morgan Chief Architect, Verizon Communications (USA)

Richard Morgan

Chief Architect, Verizon Communications (USA)

Richard Morgan is the director of Enterprise Security Architecture and Chief Architect at Verizon Communications, a US-based telecommunications firm. Mr. Morgan was previously the Sr. Director of Strategy & Execution at the Verizon Media Group, and spent about 14 years in varying roles at AOL before that. He has a background that includes work in the Open Source and Linux communities back to the 1990s and feels the same sort of positive energy and camaraderie in the COSAC community.
X
Kathleen Mullin CISO, My Virtual CISO (USA)

Kathleen Mullin

CISO, My Virtual CISO (USA)

Kate Mullin CISSP, CCSFP is an influential information security practitioner with 30+ years of experience. Kate has been a VCISO and was CISO at various organizations, including publicly traded (WageWorks), private equity (HealthPlan Services, HPS), not-for-profit (Adventist Health), and governmental entities (Tampa Airport, TIA); establishing the role at TIA and HPS. Throughout her career, Kathleen has volunteered and participated in maturing information security as a profession. Kate currently volunteers with ISC(2).
X
John O'Leary President, O'Leary Management Education (USA)

John O'Leary

President, O'Leary Management Education (USA)

John O'Leary, CISSP, is President of O’Leary Management Education. His background spans four decades as an active practitioner in information systems, IT Security and contingency planning. He has designed, implemented and managed security and recovery for networks ranging from single site to multinational. John has trained tens of thousands of practitioners, and conducted on-site programs at major corporations and government facilities worldwide. John was the recipient of the 2004 COSAC award.
X
Char Sample Cybersecurity Principal, MTSI (USA)

Char Sample

Cybersecurity Principal, MTSI (USA)

Dr. Char Sample is Chief Scientist Cybersecurity at the Idaho National Laboratory and a research fellow with the University of Warwick, UK. Dr. Sample has over 20 years experience in the information security industry. Most recently Dr. Sample has been advancing the research into the role of national culture in cyber security events. Presently Dr. Sample is continuing research on modeling cyber behaviors by culture, other areas of research are information weaponization and complexity.
X
Timothy Sewell CIO / CISO, Reveal Risk (USA)

Timothy Sewell

CIO / CISO, Reveal Risk (USA)

Tim is a lifelong technology and security enthusiast with broad experience in multiple industries. He spent over a decade at Lockheed Martin designing and deploying solutions to some of the hardest cybersecurity problems in the national security space: Cryptography, weapon systems, aircraft, satellites, critical networks, APTs, hardware security, supply chain and third-party security, anti-tamper and industrial control systems using a blend of best-of-breed from the commercial space, coupled with groundbreaking custom technology.
X
Pieter Siedsma Domain Architect Technology & Security, Heineken (Netherlands)

Pieter Siedsma

Domain Architect Technology & Security, Heineken (Netherlands)

Pieter is currently the domain architect for technology & security for HEINEKEN. As a security architect he is working for over 20 years in the overlap of technology and security. He worked mainly for a large global financial with some side steps to the military and engineering. Now he works for the best beer company. Pieter acts also quite often as a threathunter, engineer or “a guy with an opinion”.
X
Maurice Smit Principal Security Architect, David Lynas Consulting (Netherlands)

Maurice Smit

Principal Security Architect, David Lynas Consulting (Netherlands)

Maurice is a Principal Security Consultant and SABSA Instructor at David Lynas Consulting, with over 15 years of experience in IT Security operations, management, governance and architecture, in a variety of industries including finance, healthcare and pharmaceuticals. Maurice delivers accredited SABSA training in Europe, India, Africa and the Middle East and is a founding member of the SABSA Institute Board of Trustees.
X
Andrew S. Townley Chief Executive, Archistry (South Africa)

Andrew S. Townley

Chief Executive, Archistry (South Africa)

Andrew S. Townley helps information and cyber security leaders build more effective security programs by applying 25 years of hard-won lessons across a diverse career from starting as a Software Engineer to building Archistry from the ground-up starting in 2006. Andrew is an international speaker, published author and thought leader on Information Security, Security Architecture, SABSA, Risk Management, Enterprise Architecture, SOA and Technology Strategy, and he has extensive practical, hands-on experience working in the US, Europe, Middle East, Africa, Australia and Brazil.
X
Andy Wall Chief Security Officer, Office for National Statistics (UK)

Andy Wall

Chief Security Officer, Office for National Statistics (UK)

Andy Wall is a cyber, information security & assurance leader with 25+ years’ experience within global & national commercial organisations and UK Govt providing business focused security advice & management. Currently Chief Security Officer at the Office for National Statistics, developing new approaches to secure operations of leading edge big data analytics that support the organisational mission of statistics production on a range of key economic, social & demographic topics.
X
Todd Wilkinson Chief Information Security Architect, Elanco Animal Health (USA)

Todd Wilkinson

Chief Information Security Architect, Elanco Animal Health (USA)

Todd Wilkinson has been in the technology Industry for 23 years and most recently is serving as the Chief Information Security Architect for Elanco Animal building their new security program as part of a divestiture and IPO. He has advised and was accountable for the technology direction and product development of solutions that Elanco offers to our animal health customers, developed innovation in disease detection, wearables, implantable and mobile imaging capabilities with Elanco.
X