Chen Zhao and his team are responsible for IT Security infrastructure engineering, monitoring and incident response activities at ADB. Prior to joining ADB, he led security operations at venture capital firm Sequoia Capital.

He started his career as a cyber security consultant in PwC Hong Kong and US, providing security and risk services for Fortune 100 companies in several continents.

Martin Paulinyi has more than 13 years of experience in Information security. Before joining WHO, Martin he held positions covering multiple domains of Information security like risk management, BCP, vulnerability management and data protection in companies and organizations in financial, technology pharmaceutical sectors. In his current position in WHO, Martin was responsible for designing and leading the implementation of Integrated Cybersecurity service that included Managed services like EDR, Vulnerability management, incident response and SOC service across the WHO. 

Martin is father of 2 kids therefore his hobbies include playing in sand and mud, building puzzles and reading books. In addition, he is Lego and space enthusiast, and he really enjoys cooking and baking (which is well accepted by his family). 

With a master’s degree in Computer Science Engineering, Gabriella has more than 10 years of experience in Computer Networks and IT Security fields, most of them working with the United Nations. She currently is leading the Common Secure Operations Centre (CSOC) within UNICC and is SME on Network Security, Monitoring and Detection, and Incident Response. 

Francesco started out as a professional developer during the day, but his nightly passion for information security quickly switched to a full time InfoSec and DFIR consultant role. He obtained a Computer Science degree and a Ph.D. in “Intelligent Electronics for Security” and achieved a real-time log correlation patent. Also passionate about reverse engineering, he still practices it during his spare time to implement a so-called offensive digital investigation, which aims at gaining access to protected data. Aware that the sharing of knowledge and experiences is essential in the information technology field, he shares observations from his daily job on the Zena Forensics blog, on GitHub repositories and on Twitter. 

Ingo Naumann received his university diploma and doctorate degree in electrical engineering from the Universities of Hannover and Kiel, Germany, respectively. He started his career as a research scientist at the Computer and Communications Research Laboratory of NEC Europe Ltd. where he worked on numerical algorithms for analog circuit simulation. He then specialized in information security and became a project officer at the German Federal Office for Information Security (BSI) in Bonn. In this position he was involved in the development of technical specifications for machine-readable travel documents and represented Germany’s interests on international committees. Later, he was seconded for three years to the European Union Cyber Security Agency (ENISA) in Heraklion, Greece and headed the electronic identity (eID) programme. 

He currently holds the position of Security Systems Engineer at the International Atomic Energy Agency (IAEA) in Vienna, Austria, where he functions as an internal adviser on all aspects related to authentication, encryption and compliance with IT security standards within the Department of Safeguards, Division of Technical Support (SGTS), and in addition is the Divisional Security Representative. Ingo is a member of IACIS, IEEE, ISC2 and SANS. 

Sebastian is a data protection specialist working in the cybersecurity unit of WFP. He has six years of experience in privacy data protection, particularly focusing on IT security and data governance. He ensures cybersecurity operations and advisory services are consistent with WFP and international rules and that cyber risks are appropriately mitigated with administrative controls.

Prior to joining WFP, Sebastien He has worked in law firms in Paris, Milan, and Rome, assisting organizations in business litigation.

He holds a degree in law from the Sorbonne, and an LLM from Queen Mary University of London.

John Kindervag joined ON2IT in March of 2021 as Senior Vice President Cybersecurity Strategyand ON2IT Global Fellow.Previously he was Field CTOat Palo Alto Networksanda VicePresident and Principal AnalystatForrester Research. John is considered one of the world’sforemost cybersecurity experts. He is best known for creating the revolutionary Zero TrustModel of Cybersecurity.In 2021, John was namedto the President’s NSTAC Zero Trust Sub-Committee and was aprimary author of the NSATC Zero Trust report that is being delivered to the President of theUnited States. Additionally, John was names CISO Magazine’s 2021Cybersecurity Person ofthe Year.In 2022, John joined the Cloud Security Allianceas theSecurity Advisor to the CEO and thePresident, focusing on helping to bring Zero Trust Concepts to the cloud.John has a practitioner background, having served as asecurity consultant, penetration tester,and security architect.He has been interviewed and published in numerous publications,andhas also appeared on television networks. Heis a frequent speaker atsecurity conferences and events  

Katherine has worked professionally in IT since 1994, with expertise in cyber security beginning in 1997 following graduation from Johns Hopkins University with a degree in Computer Science.  Having worked in multiple roles across both private and public sectors, the last 13 years have been spent in international civil service, including World Bank, UNICC, and now where she serves as CISO at WFP.  Her secondment to UNICC which began in 2015 brought expertise to launch the original Common Secure service, encouraging threat sharing and enrichment across the UN system following years of running the World Bank’s cyber threat intelligence program.  More recently, in addition to building WFP’s cyber agenda since 2018, she has also spent the last few years running IT operations, including Service Management, and overseeing Emergency Preparedness & Response, allowing for a more holistic understanding of cyber concerns across foundational IT domains within WFP.

Marc Henauer is the Head of the MELANI Operation and Information Centre (OIC) since 2010. This unit is part of the Federal Intelligence Service within the Swiss Ministry of Defence, Civil Protection and Sports. The MELANI OIC Unit is responsible for the analytical and operative parts of the Swiss Analysis and Reporting Unit for Information Assurance (MELANI), as well as for establishing the Situational Picture on Cyber-Threats. MELANI’s mandate lays with supporting the Swiss Critical Infrastructures within their Information Assurance Process.

Mr. Henauer was the strategic analyst for economic and cyber criminality within the Service of Analysis and Prevention from 2001 to 2003, before heading MELANI and part of the Cybercrime Coordination Unit (CYCO) from 2003 to 2009.

He studied at the University of Zurich Economic Science, as well as Media and Communication Management at the University of St. Gallen. Mister Henauer got his Master of Arts in Foreign Service (National Security Studies) from the Georgetown University in Washington DC in 1999.

Mr. Alvaro Gascon – CCN-CERT Incident Response Team Leader. 

Working as cyberthreat analyst and incident responder at CCN-CERT for 10+ years. 

Telecommunications Engineer MSc. SANS “letal forensicator”. Instructor in CCN-STIC Cybersecurity Courses on Advanced Incident Handling and Cyberintelligence. 

A generalist civil servant for the past 19 years, Eleanor has undertaken a range of policy and security roles, at home and overseas, in immigration, security policy and corporate services. Eleanor previously led cyber threat assessment in NCSC and now heads up the Incident Management function where she is responsible for managing the NCSC response to nationally significant incidents that hit the UK.  

Mick Baccio fell in love with the idea of cyberspace around nine years old after reading Neuromancer, thinking “I could do that.” 

Before joining Splunk, he held the title of Chief Information Security Officer at Pete for America, holding the honor of being the first CISO in the history of presidential campaigns. Mick was also the White House Threat Intelligence Branch Chief in both the Obama and Trump administrations and helped create a threat intelligence program during the rollout of the Affordable Care Act at the Department of Health and Human Services. He is still trying to do ‘that’. 

As a Global Security Advisor at SURGe, Mick leverages his background and expertise to help customers solve complex security problems. In his spare time, when not posting pictures of his cator Air Jordans to social media, Mick is a Goon at DefCon, and teaches lockpicking.  

Robert is a recognized authority in the industrial cybersecurity community. He is CEO and co-founder of Dragos, a global technology leader in cybersecurity for industrial controls systems (ICS)/operational technology (OT) environments.  

In addition, Robert serves on the Department of Energy’s Electricity Advisory Committee as the Vice Chair of the Department of Energy’s Grid Resilience for National Security Subcommittee, and is a member of the World Economic Forum’s subcommittees on Cyber Resilience for the Oil & Gas and Electricity communities.  

Robert is routinely sought after for advice and input on cybersecurity for industrial infrastructure and is regularly asked to brief national leaders. He testified to the U.S. House of Representatives Committee on Energy and Commerce–Subcommittee on Oversight and Investigations, and to the U.S. Senate Energy and Natural Resources Committee, to advise on policy issues related to critical infrastructure cyber threats. He has also presented at the World Economic Forum Annual Meeting in Davos, and industry leading conferences such as RSA, SANS, BlackHat, and DefCon on the topic of industrial cybersecurity and threats. He serves on the board of the National Cryptologic Foundation.  

Robert began his pioneering work in ICS/OT cybersecurity as a U.S. Air Force Cyber Warfare Operations Officer tasked to the National Security Agency, where he built a first-of-its-kind mission identifying and analyzing national threats to industrial infrastructure. He went on to build the industrial community’s first dedicated monitoring and incident response class at the SANS Institute (ICS515) and the industry recognized cyber threat intelligence course (FOR578). 

Forbes named Robert to its 30 under 30 (2016) list as one of the “brightest entrepreneurs, breakout talents, and change agents” in enterprise technology. A business leader but also technical practitioner, he helped lead the investigation into the 2015 attack on Ukraine’s power grid, the first time an electric system was taken down due to a cyberattack. With his team at Dragos he has been involved in the most significant cyberattacks on industrial infrastructure, including the investigation and analysis of the 2016 attack on Ukraine’s electric system, the 2017 TRISIS attack on a Saudi Arabian petrochemical facility in the first attempt to try to kill people through malicious software, and the 2021 Colonial Pipeline ransomware attack. In 2022, his team at Dragos uncovered PIPEDREAM, a highly flexible framework to attack industrial infrastructure globally. Robert’s work has been featured in the book Sandworm and on 60 Minutes.  

Patricia A. Soler, Ph.D. is the Section Chief for JCDC International in the Cybersecurity Division of the Cybersecurity and Infrastructure Security Agency. She joined CISA in March of 2021 and is responsible for operations and the sharing of actionable technical information with CERTs overseas.   

Before joining CISA, Dr. Soler was the IT Governance Director for the Office of Public and Indian Housing in the Department of Housing and Urban Development. She was also responsible for the modernization of various IT systems used to disperse funding to public housing authorities and tribally designated housing entities. This funding is used to house some of the nation’s most vulnerable populations.   

And before joining the federal government, Dr. Soler taught courses at Georgetown University while completing her Ph.D. in Latin American Literature and Cultural Studies. She has lived and traveled extensively in Latin America, Brazil, and Spain.  

For many years, Jim Reavis has worked in the information security industry as an entrepreneur, writer, speaker, technologist and business strategist. Jim’s innovative thinking about emerging security trends have been published and presented widely throughout the industry and have influenced many.

Jim has been an advisor on the launch of many industry ventures that have achieved a successful M&A exit or IPO. Jim is widely quoted in the press and has worked with hundreds of corporations on their information security strategy and technology roadmap. Jim has a background in networking technologies, marketing, product management and systems integration.

Specialties: Accelerate emerging growth information security companies, guide risk mitigation strategies for executives, advise investors.

Erik Van Buggenhout is a SANS Senior Instructor and author and a co-founder of NVISO, a European cybersecurity firm. At SANS, Erik is responsible for the purple team curriculum, including courses “SEC599: Defeating Advanced Adversaries” and “SEC699: Purple Team Tactics – Adversary Emulation for Breach Prevention & Detection”. At NVISO, he is the partner responsible for both the CSIRT and SOC teams, delivering both managed and professional services. Erik has an interesting mix of experiences and skills that range from offensive security topics (pen test, red team, adversary emulation) to defensive security topics (security monitoring, threat hunting, incident response) over his 10+ years in the industry. Erik holds a master’s degree in Cyber Security from Royal Holloway University of London and has earned a number of professional certifications over the years including: GSEC, GCIH, GCIA, GNFA, GPEN, GWAPT, and GSE certifications.  

Marco MOLTENI is UNICC Senior Cyber Threat Intelligence Administrator with ten years of experience in cyber investigations, tracking multiple adversary groups and threat hunting. During my different work experiences, Marco led cyber intelligence operations profiling multiple Threat Actor groups and led OSINT and HUMINT investigations against cyber criminals around the world. 

Mario Guerra Soto is a Spanish engineer who served for 16 years as a Navy officer before moving to the private sector. While on active service, he hold different commissions related to naval intelligence and naval shipbuilding before being assigned to Spanish Joint Cyber Defense Command, where for seven years he assumed roles of DFIR, threat hunter, malware analyst, and threat intelligence analyst. Currently, he works for an international consultancy company providing advanced defensive cyber security services to a Spanish resources company. He holds different cyber security certifications like GCFA, GREM, GCTI, CCPA, CASA, and the NATO School of Oberammergau Cyber Security Professional diploma. He also holds the Intelligence and Security diploma of the Spanish Army War College, and the Cryptology Specialist diploma of the Spanish National Cryptologic Center. He has lectured in different renown Spanish CONs like Rooted CON, C1b3rwall, Cybercamp, Hackron, and Sh3llCON. He is also lecturer in different post graduate courses of UAM, USAL, ULe, and VIU Universities. He is author of two cyber security books. 

I’m a Security Operation Analyst, with a particular focus on Malware Analysis and Threat Hunting. My mind is always moved by the desire to deeply understand how things work. 

Digital Solutions Strategy Lead Officer at UNICC.
Previously:
Head of IT Infrastructure Transformation at the European Medicines Agency,
Head of IT Security Infrastructure at the International Atomic Energy Agency
Head of Courtroom Technologies at the Special Tribunal for Lebanon and Sierra Leone
IT Systems Specialist Leader at the International Atomic Energy Agency
In parallel
Adjunct Professor at the Webster University on Cybercrime.

For many years, Jim Reavis has worked in the information security industry as an entrepreneur, writer, speaker, technologist and business strategist. Jim’s innovative thinking about emerging security trends have been published and presented widely throughout the industry and have influenced many.

Jim has been an advisor on the launch of many industry ventures that have achieved a successful M&A exit or IPO. Jim is widely quoted in the press and has worked with hundreds of corporations on their information security strategy and technology roadmap. Jim has a background in networking technologies, marketing, product management and systems integration.

Specialties: Accelerate emerging growth information security companies, guide risk mitigation strategies for executives, advise investors.

A native New Yorker, Ms. Jourdain began her technology career in the 1990’s as a field technician. In 2007, she joined UNDP as a Network Engineer, supporting country offices (170), regional offices and headquarters offices.  Transitioning to the dedicated cyber security team in 2019, Ms. Jourdain has witnessed and been an integral part of the further evolution of UNDP’s  technology team from “ break/fix” technical support, to a resilient, accredited technology team which focuses on governance, risk management and organizational resiliency utilizing international best practice frameworks.  

In addition to spending time with her husband, children, siblings, nephews, and nieces- her favorite pastime outdoor activities are hiking and running. 

Alexis Hirschhorn , COO, Abilene Advisors

• Partner of the Abilene Group 
• COO of Abilene Advisors 
• Head of Advisory Services 
• CTO of Supplier Shield 
• 25 years of experience in Information Security and Business Continuity in international organizations worldwide  
• MSc in Security Management, CISM, CISA, CISSP, CCSP  
• Senior Lead Implementer and Auditor ISO 27001, 27701, ISO 22301  
• PECB Management Systems Certification Auditor  
• A track record of 38 successful ISO27001 implementation and over a 100 cybersecurity audits.  
• Former Lead Auditor for Nestlé, Bureau Veritas, Swift, Mastercard  
• Lecturer at University of Geneva 

Henri Haenni, CEO, Abilene Advisors

• Founder and President of the Abilene Group
• CEO of Abilene Advisors
• Head of Sales
• CEO of Supplier Shield
• 35 years of experience in Information Security and Business Continuity in international organizations worldwide
• MSC Mathematics & Computer Science EPFL, MBA
• Certified Senior Lead Implementer & Auditor ISO 27001, ISO 22301
• Certified ISO 22316 Organizational Resilience Manager
• Certified BCI professional, Certified DRI BC professional
• Certified ISO 31000 Lead Risk Manager
• Member of The Business Continuity Institute (BCI), VP of the BCI Swiss Chapter
• Certified trainer PECB & BCI
• Lecturer at Sorbonne University Paris 1
• Lecturer at Université de Genève, HEG-Ge

Lyle McFadyen has been working for UNICC for 20 years in various roles supporting DFS, OICT, UNDP, OIM, and UN Women to name just a few. Having worked worldwide in systems and data centre management, Lyle currently specializes in organizational resiliency (business continuity and disaster recovery), operations and emergency management, IT service management, and team building. Lyle is a Certified Business Continuity Professional (CBCP). In 2021, Lyle was a finalist in Disaster Recovery Institute Awards of Excellence for the category of Program Leader of the Year, Public Sector for his work in building the Organizational Resiliency Management Service for the United Nations family. 
 
Before joining the UNICC, Lyle lived and worked in British Columbia, Canada. He worked in public sector for the BC Ministry of Forests, and Office of the Ombudsman, as well as in the private sector. He was also a volunteer Ambulance Attendant with the BC Ambulance Service for 13 years. Lyle holds a Master of Arts degree in Leadership and Training from Royal Roads University, and a Bachelor of Science degree with double major in Computer Science and History from the University of Victoria. He is currently on the Board of Directors for the Canadian Information Processing Society (CIPS), BC chapter, and he participates on the CIPS National certification board. Lyle lives with his wife, two children, and two rescue dogs. He is an active dance father for his daughter, and a Boy Scouts merit badge counsellor for his son’s scout troop. In his free time, Lyle enjoys working with his hands, learning different crafts from building outdoor furniture, to designing and making silver jewelry.  

Stephanie Derdouri has nearly 20 years of diversified experience in IT security and risk management across multiple core cyber domain areas. She has worked as a federal employee, government contractor, and cyber security operations and risk management professional in the aerospace and financial industries. Currently Derdouri serves as a Senior Director in Information Security for a large financial services company. She is also a mom of two and speaker/ mentor advancing diversification in Cybersecurity. Derdouri earned a B.S. in Computer Science from The George Washington University and an M.S. in Information Systems Engineering from Johns Hopkins University. 

Serge Droz is a senior IT-Security expert and seasoned incident responder. After more than twenty years work in different CSIRTs he now works as a senior adviser for the Swiss FDFA. He studied physics at ETH Zurich and the University of Alberta, Canada and holds a PhD in theoretical astrophysics. He has worked in private industry and academia in Switzerland and Canada in different security roles as well as at the national CERT in Switzerland. 

Serge is a member of the board of directors of FIRST (Forum for Incident Response and Security Teams), the premier organization of recognized global leaders in incident response. In this role he actively participates in discussion relating to cyber security at various policy bodies, related to norm building. 

Serge is an active speaker and a regular trainer for CSIRT (Computer Security Incident Response Team) courses around the world. 

Oleksiy Kuzmenko is an accomplished cybersecurity professional with 15 years of experience in the international organizations’ environment. Oleksiy is currently working as a Deputy CISO at the United Nations Development Programme. He started his career as a System Administrator and an ICT manager in UNDP office in Ukraine before joining the UNDP Headquarters.  

As part of the cybersecurity team Oleksiy helped UNDP to establish and maintain an award-winning Information Security Management System certified under the ISO 27001. Throughout the years with UNDP Oleksiy also handled an impressive number of cybersecurity incidents ranging from hacktivism to state-sponsored attacks.  

Oleksiy holds a master’s degree in computer science with distinction from National Technical University of Ukraine as well as multiple professional certifications in the field of threat intelligence, detection and response. His professional interests are automation of incident detection and response in the cloud environment and implementation of security controls with open-source and commercial components using SecDevOps principles.  

Oleksiy is the father of one little hacker princess who is currently 2.5 years old and believes that pterodactyl is the best dinosaur of all times.  

With a master’s degree in Computer Science Engineering, Gabriella has more than 10 years of experience in Computer Networks and IT Security fields, most of them working with the United Nations. She currently is leading the Common Secure Operations Centre (CSOC) within UNICC and is SME on Network Security, Monitoring and Detection, and Incident Response. 

Francesco started out as a professional developer during the day, but his nightly passion for information security quickly switched to a full time InfoSec and DFIR consultant role. He obtained a Computer Science degree and a Ph.D. in “Intelligent Electronics for Security” and achieved a real-time log correlation patent. Also passionate about reverse engineering, he still practices it during his spare time to implement a so-called offensive digital investigation, which aims at gaining access to protected data. Aware that the sharing of knowledge and experiences is essential in the information technology field, he shares observations from his daily job on the Zena Forensics blog, on GitHub repositories and on Twitter. 

Oleksiy Kuzmenko is an accomplished cybersecurity professional with 15 years of experience in the international organizations’ environment. Oleksiy is currently working as a Deputy CISO at the United Nations Development Programme. He started his career as a System Administrator and an ICT manager in UNDP office in Ukraine before joining the UNDP Headquarters.  

As part of the cybersecurity team Oleksiy helped UNDP to establish and maintain an award-winning Information Security Management System certified under the ISO 27001. Throughout the years with UNDP Oleksiy also handled an impressive number of cybersecurity incidents ranging from hacktivism to state-sponsored attacks.  

Oleksiy holds a master’s degree in computer science with distinction from National Technical University of Ukraine as well as multiple professional certifications in the field of threat intelligence, detection and response. His professional interests are automation of incident detection and response in the cloud environment and implementation of security controls with open-source and commercial components using SecDevOps principles.  

Oleksiy is the father of one little hacker princess who is currently 2.5 years old and believes that pterodactyl is the best dinosaur of all times.  

Joao is a professional with more than 20 years of experience and leads the Red Team and AppSec team at UNICC. He started out his career as a system administrator supporting finance and public sectors. His work at UNICC had over time to support different technologies, and handling cybersecurity incidents from the investigation to its remediation sparked his interest on security, with current focus on preventing bad things from happening.

Joao holds a post-graduate in Computer and Information Security from the University of Liverpool, and has a few technical certifications including CISSP, GWAPT, and GCFA. Joao is member of the OWASP foundation and likes to use their open-source tools and take ideas from the several developed projects.

With more than 14 years of experience in the field of Cybersecurity, Sandra is currently leading Vulnerability Management Capability and Tabletop Exercises in UNICC. Previously she was working as researcher at the Technology Branch of the NATO Cooperative Cyber Defence Center of Excelence during 3 years and as senior pentester at Spanish Joint-Cyber Command during many years.

Her area of expertise is mainly pentesting and exploitation, but also and previously forensic and incidence response. Throughout her career, she has led several projects in the field of Cybersecurity and pentesting, both nationally in Spain and internationally. Moreover, Sandra is a regular participant and part of the organization as red team leader in several international Cyber Exercises, including as Locked Shields, Crossed Swords, CWIX and has technically led the first national Cyber Exercise in the Joint Spanish Cyber Command. She is also a speaker at conferences related to Cybersecurity and a Professor of pentesting and exploiting to post-graduates.

Sandra is a Telecommunication Engineer with postgraduate Master’s Degrees in both Telecommunication Engineering and Information and Computer Systems Security/Information Assurance, from the European University of Madrid. She also has some technical certifications including OSCE, GXPN, OSCP, CEH, CNDA and ITIL.

Sandra is also a member of #SomosMujeresTech (WeAreTechWomen) group, which aims to promote the visibility of women in leadership positions within the world of the technology and innovation sectors.

Joao is a professional with more than 20 years of experience and leads the Red Team and AppSec team at UNICC. He started out his career as a system administrator supporting finance and public sectors. His work at UNICC had over time to support different technologies, and handling cybersecurity incidents from the investigation to its remediation sparked his interest on security, with current focus on preventing bad things from happening.

Joao holds a post-graduate in Computer and Information Security from the University of Liverpool, and has a few technical certifications including CISSP, GWAPT, and GCFA. Joao is member of the OWASP foundation and likes to use their open-source tools and take ideas from the several developed projects.

Kathleen Moriarty has over two decades of experience. Formerly as the Security Innovations Principal in Dell Technologies Office of the CTO, Kathleen worked on ecosystems, standards, and strategy. During her tenure in the Dell EMC Office of the CTO, Kathleen had the honor of being appointed and serving two terms as the Internet Engineering Task Force (IETF) Security Area Director and as a member of the Internet Engineering Steering Group from March 2014-2018. Named in CyberSecurity Ventures, Top 100 Women Fighting Cybercrime. She is a 2020 Tropaia Award Winner, Outstanding Faculty, Georgetown SCS. 

Kathleen achieved over twenty years of experience driving positive outcomes across Information Technology Leadership, IT Strategy and Vision, Information Security, Risk Management, Incident Handling, Project Management, Large Teams, Process Improvement, and Operations Management in multiple roles with MIT Lincoln Laboratory, Hudson Williams, FactSet Research Systems, and PSINet. 

Kathleen holds a Master of Science Degree in Computer Science from Rensselaer Polytechnic Institute, as well as a Bachelor of Science Degree in Mathematics from Siena College. 

Published Work: 

– Transforming Information Security: Optimizing Five Concurrent Trends to Reduce Resource Drain, July 2020.