Head Of Cyber SecurityMoonpig
During the day Tash is Head of Product Security for Moonpig. Working on all things CloudSec and AppSec related, with a particular fondness for Threat Modelling.Outside of work Tash is one of the co-leads for OWASP Women in AppSec London, and an OWASP project contributor. Tash is also a frequent speaker on blue teaming and threat modelling, a quantum computing nerd and is currently working on a project utilising threat modelling to help target resources against poachers to protect game reserves.
Director of Cyber Security Strategy, Culture and Service OptimizationLSEG (London Stock Exchange Group)
Reena is the Director of Cyber Security Strategy, Culture and Service Optimization at Refinitiv, having recently been Head of the Information Security Culture and Skills at M&G Prudential. Apart from employee learning, Reena is passionate about the broader information security challenges businesses will continue to face and excited about continuously building awareness and culture initiatives that have sustainable impact. She’s keen to explore how human behaviour can help to reveal the root causes of cyber-attacks, so that more effective, meaningful and creative solutions can be developed.
Co-Founder and CEOSecure Code Warrior
Pieter Danhieux is a globally recognized security expert, with over 12 years’ experience as a security consultant and 8 years as a Principal Instructor for SANS teaching offensive techniques on how to target and assess organizations, systems, and individuals for security weaknesses. In 2016, he was recognized as one of the Coolest Tech people in Australia (Business Insider), awarded Cybersecurity Professional of the Year (AISA - Australian Information Security Association) and holds GSE, CISSP, GCIH, GCFA, GSEC, GPEN, GWAPT, GCIA certifications.
Global Head of Product SecurityPayU
Global head of product security at PayU. For the past 10 years, Ori has been specializing in Application security, technologies, SDLC, cloud, mobile in different sized companies. Ori is also the co-chairman of the Israel OWASP chapter.
Director, Global Cyber SecurityFiserv
Cyber Security Director leading the Application Security & Software Assurance Program at Fiserv. Neil oversees enterprise cyber security services governing 5,000 developers worldwide, including DAST/SAST, web app pen testing, secure coding training, security champions, and DevSecOps. With 7 years of experience leading 50+ resources in Information Security, he has driven multiple process reengineering efforts, improved service delivery functions, and expanded the supporting cyber security technology footprint.
Managing Director Paladin Capital GroupPaladin Capital Group
Mourad is a Managing Director at Paladin Capital Group.
He is an investment lead for the firm’s Cyber Fund, which focuses on investing in early stage companies in the US and Europe with solutions for cyber security and digital resilience. Mourad is currently actively involved in several of Paladin’s investments including Expel, RiskSense, Secure Code Warrior, Ursa, RiskLens, and previously worked with Unitrends (acquired by Insight Venture Partners). Prior to joining Paladin in 2009, Mourad was VP of Finance and a corporate officer at a Nasdaq-listed leading industrial infrastructure company, where he led the build-out of the company’s financial planning and risk management functions during a period of rapid growth in operations and nearly tenfold increase in revenue to over $700 million. He also played a key role in structuring and negotiating over $500 million of equity and debt financing working with major institutional investors and a global lender syndicate. Prior to this, Mourad was a senior consultant at a boutique advisory firm focused on M&A, turnaround, and restructuring assignments for middle market clients. Mourad holds an MBA and BS in Finance from Fresno State University.
VP/CISOPrincipal Financial Group
Meg Anderson leads the Information Security & Risk team for Principal Financial in the role of VP-Chief
Information Security Officer. She drives information security strategy for the global Fortune 500 company
including security operations, identity and access management, data protection, governance, risk and
Meg participates on a wide variety of CISO councils, is a Board member of the Financial Services
Information Sharing and Analysis Center (FS-ISAC) and is chair of the Security and Risk Committee of the board. Previous to the role of VP-CISO, Meg acquired over twenty years of technical and leadership experience in application development. Meg graduated from the University of Iowa with a Bachelor of Business Administration in Management Information Systems.
CTO & Co-FounderSecure Code Warrior
Matias Madou, Ph.D. is a security expert, researcher, and CTO and co-founder of Secure Code Warrior. When he is away from his desk, he serves as an instructor for advanced application security training courses and regularly speaks at global conferences including RSA Conference, Black Hat, DefCon, BSIMM, OWASP AppSec, and BruCon. He also loves a Fortnite battle or two (or three, or four… ).
Global Cybersecurity Services ManagerMotorola Solutions
Marilyn Barrios is the Global Cybersecurity Services Manager at Motorola Solutions. She leads the cybersecurity training, education, and awareness for their workforce. She serves as an advisory board member for the Illinois Institute of Technology's Center for Cybersecurity and Forensics Education, and for ASPIRA of Illinois STEM program. She has also served as an adjunct faculty member at the College of Dupage teaching courses for the STEM program in the Department of Youth Education. In addition, Ms. Barrios serves as a coach/mentor for the United States Air Force (USAF) CyberPatriot program. She presented on cybersecurity workforce development at the National Institute of Standards and Technology-National Initiative for Cybersecurity (NIST-NICE) Conference in 2019 and on MP3 Steganalysis at ForenSecure. Ms. Barrios holds a Master’s degree in computer & information security from the Illinois Institute of Technology.
Lucian Corlan is a Director Application Security at SagePay. Lucian holds a number of security certifications – MSc ITSec, MA Security Studies, CISSP, CSSLP (a), CISM, CISA, CEH, OSCP, SABSA Foundation and has previously worked for Betfair in the InfoSec/AppSec Manager and Acting Head of AppSec roles. Lucian has also led one of the Romanian OWASP Chapters and is still involved in OWASP. Before that he worked for several multi-national organisations in the banking (chip card security & app security) and telecom (infra & app security) sectors. If there’s any free time left…, he spends it meddling with astronomy (planetary & galactic), reading philosophy/crypto detective books and dissecting bits of geo-economy politics.
CEO, Bramfitt Labs
Head of AppSecMarks and Spencer
Lee Thurlow is the Head of AppSec for Marks and Spencer.
Passionate and driven CISO who specialises in building teams and delivering security strategy for businesses. Kevin firmly believes that security must enable the business. His mantra is ‘Enabling secure business and technical agility’ and he achieves this by ensuring the security strategy is appropriate for the organisation. He enables businesses to securely achieve their goals and to be trusted by their to their customers, partners and third parties, by building the right strategy for the organisation, taking into account goals, culture, threat and regulatory landscapes. Kevin builds high performing teams to deliver strategies that align to this goal. He is happy hiring people more technical than himself to build the best team. He is comfortable flexing to converse as a ‘business person with a security lens’ with the business and exec, then as a ‘technical person with a security lens’ to the tech teams. This enables him to ensure delivery of improved security behaviour across all areas of the business, plus means he has to keep his technical understanding sharp! Kevin has a proven ability to lead and deliver significant transformational security change in dynamic, fast paced business environments. Kevin believes in building a strong network and giving back to the community, he regularly speaks at, supports and hosts events to bring diverse people together in order to promote and further our industry. He is passionate about improving how we share information, ideas and resources to better protect all of us.
Jo (Shua) Gamradt
Service Manager Rugged DevOpsOptum
Shua has over 15 years of experience in Technology Development and Process Improvement, IT Security, Business Process, Data Management (Data Quality, Data Governance, and Metadata Management), Reporting, Security, and DevOps culture across multiple organizations and platforms.
Jim is the founder of Manicode Security where he trains software developers on secure coding and security engineering. He has an 18 year history of building software as a developer and architect and is a frequent speaker on secure coding practices.
James Bore is a cybersecurity Jack of all trades by vocation and choice. In over a decade he has gathered experience meandering across a range of industry sectors, organisations, and disciplines in IT, always with a focus on championing and improving security. He spends much of his spare time either researching security, keeping bees, running obstacle races, playing with locks, drinking coffee, or preaching the virtue of good security practices and reasons to be fascinated with the field to anyone who will sit or stand still long enough. He has spoken to crowded lecture theatres and sparsely populated wine bars and coffee shops about cyber, has experience communicating clearly with both experts and the merely interested, and always looks forward to new opportunities to promote the field.
OWASP Global board member, Grant Ongers is well known in the international InfoSec community (it's hard to forget the beard!). His 10 years plus experience in Dev, 20 years in Ops and 30 years in Sec (mainly white hat) has made him a firm believer that there's no such thing as DevSecOps - just DevOps done right. He is the co-founder of Secure Delivery.
SVP of Customer Success and OperationsSecure Code Warrior
Fatemah Beydoun is a founding team member of Secure Code Warrior, having been an integral part of the company since 2014.
Fatemah began her time at Secure Code Warrior as Chief Awesome and Regional Director of APAC between 2014 and 2018. Now as Senior Vice President of Customer Success and Operations, Fatemah is responsible for turning Secure Code Warrior’s customers into its biggest advocates, improving Customer Success maturity, and leading the Customer Success teams globally. Prior to Secure Code Warrior, Fatemah held security analyst, operations management, and national director roles at BAE Systems Applied Intelligence and the Australian Information Security Association (AISA), a not-for profit organisation which aims to improve Cyber Security in Australia at a Government, Industry and Community level. In 2021, she was announced by The Software Report as one of the Top 25 Women Leaders in Cybersecurity. Fatemah holds a Bachelor of Science in Computing and Information Systems from Macquarie University.
Director of Application Security (AppSec) EngineeringForgeRock
Derek Hill has over 20 years of IT and security experience. He is an active community and mentor instructor in the SANS Institute and for the past two years has served as the Director of AppSec Engineering at ForgeRock
Security ArchitectCyberProof, a UST Global company
Originally an embedded systems developer working on military grade secure communications systems in South Africa, Colin has over 20 years of development and security expertise in the telecommunications, consumer, medical and financial service industries. His most recent experience was as the technical expert leading a large scale application security programme in a large multinational investment bank, where he was responsible for the deployment and operation of the Veracode service, leading the remediation programme and even deploying a RASP solution.
As the CEO of Cetome, Cedric provides advisory on cyber security to IoT manufacturers and critical infrastructure operators.
- Training of UK regulators on the NIS Directive.
- Security strategy, improvement roadmap and budget
- Governance and CISO support
- Security by design and DevSecOps Contribution to:
- ENISA (IOTSec expert)
- OWASP IoT Top 10 and ISVS
Director of Security & Privacy ComplianceDroneDeploy
Ashutosh Agrawal is an experienced Information Security Leader with a long history of building security and privacy programs around NIST 800-53, ISO 27000 series standards. He has implemented key security capabilities for Fortune 500 organizations including secure code-review, penetration testing, threat modelling, DevSecOps, security metrics, vulnerability management, open-source management, security training etc.
Managing PartnerDelve Risk
Anthony Johnson is a Managing Partner at Delve Risk, where he leads a practice focused on driving technology and risk management transformation on behalf of their clients. He brings extensive technical and executive leadership experience to the practice while also serving as a technology advisor to a number of software solution providers. Anthony is a graduate of Indiana University, where he received a Masters of Business Administration (MBA) and of Regis University where he received a BS in Computer Information Systems
AppSec & Software Engineering Team LeadSBB Berufswelten
Currently working as AppSec team lead at SBB, Andreas has a passion for software architecture, agile methods, code design, DevSecOps and of course, his team. He has many years of experience in these areas, both in an SME environment and on large scale projects.
Senior Software EngineerDRW
Aaron Bedra is always exploring new and interesting ways to break and defend software. He is a Senior Software Engineer at DRW, where he works at the intersection of software, security, and business.
Aaron has served as a Chief Scientist, Chief Security Officer, Chief Technology Officer, and Principal Engineer/Architect. He has worked professionally on programming languages, most notably Clojure and ClojureScript. Aaron is the creator of Repsheet, an open source threat intelligence toolkit. He is the co-author of Programming Clojure, 2nd and 3rd Edition and a contributor to Functional Programming: A PragPub Anthology.