COSAC 2024

Ghariba Bourhidane

CyberSecurity Consultant, TreeBridgeMosaic srl (Belgium)

Ghariba is a dreamer, sensitive and unconditional coffee lover. She is currently working as Cybersecurity Transformation Consultant providing services in CyberSecurity Culture and giving deeper experiences advice in Security Awareness, two main topics which drive her passion for the field. Previously, she worked as Deputy CISO of an insurance group by managing the Third-Party Security, IT project security, responsible for IT-Security communication and becoming a security awareness specialist. She has two degrees in Business Sciences and in Business Financial Engineering.

Recently volunteering as TSI Community Manager, she previously worked as Deputy CISO of an insurance group by managing the Third-Party Security Risk concept, dealing with IT project security aspects, being responsible for IT-Security communication and becoming a security awareness specialist. She has completed two university degrees in Business Sciences and in Business
Financial Engineering.
Stephen Bowes

Practice Director, BSI Group (Ireland)

Stephen cut his teeth in the financial services industry working his way up the technology stack from mainframe programmer (he wrote the code for the left-handed cheque book for AIB) through to Head of Technical Delivery with companies such as AIB, ACCBank, Anglo Irish Bank, IBRC and Bank of Ireland. Following the fallout of the banking inspired financial crash Stephen has spent the last 10 years on the other side of the fence with BSI Group Consulting Services engaging with dozens of clients across UK, Ireland, and Europe to assist them meet their digital, regulatory and security objectives.
Hugh Boyes

Honorary Fellow, Loughborough University (UK)

Hugh Boyes is a security adviser and an Honorary Fellow at Loughborough University. He is a Chartered Engineer, Chartered Cyber Security Professional and a Principal member of the UK NPSA-sponsored Register of Security Engineers and Specialists (RSES). Hugh has been the technical author for several standards issued by BSI and is a regular standards reviewer and contributor.

As a security adviser Hugh works across a range of information intensive public sector initiatives, particularly those involving infrastructure and complex geospatial data. His research interests relate to the security of cyber-physical systems, industrial IoT and digital twins, particularly those in the
built environment and the critical national infrastructure.
Steven Bradley

Consulting Security Architect, Cyber Enterprise Modelling (Belgium)

Steven is a Belgium-based independent security consultant at Cyber Enterprise Modelling (CEM) and has been a regular presenter at COSAC since 2018 on the topic of security by design through automation and modelling. He is the principal author of the SABSA Institute / Open Group paper “Modelling SABSA with ArchiMate” and chairs the associated SABSA Working Group. He holds several security, architecture and privacy certifications including SABSA Chartered Practitioner and ArchiMate.
Glen Bruce

Cybersecurity Consultant, GDB Cyber Security Consulting (Canada)

In his 50+ years of in-depth experience in IT and security consulting, systems management and technical implementations, Glen Bruce has focused on Security Frameworks, Strategies, Architectures, PKI and Governance supporting business and governments in their approach to managing information and cybersecurity risk. He has led many information/cyber security engagements, where he has helped clients establish effective strategies, governance, architectures, frameworks, policies, PKIs and infrastructure implementations in support of a wide range of business and technical requirements. Glen is the leader of the SENC workgroup project.
Rob Campbell

Enterprise Security Architect, PA Consulting (UK)

Rob Campbell is a seasoned Enterprise Security Architect with nearly 30 years of experience in cyber and information security. Passionate about advancing the profession, he focuses on innovating security architecture approaches and enabling knowledge-sharing among practitioners.

Rob has developed practical tools, methodologies, and frameworks to help architects navigate complex enterprise environments. His expertise spans security architecture, risk management, compliance, and incident response, with a strong focus on aligning security strategies with business objectives.

At COSAC, Rob shares his deep technical knowledge and pragmatic insights, providing actionable takeaways for building resilient and future-proof security models.
Jonathan Cassam

Cyber Security Senior Manager, PwC (UK)

Jonathan is a Senior Manager in the PwC Cyber Security practice with diverse experience across both public and private sectors helping organisations tackle some of their most complex security challenges. He is also leads our Secure-By-Design proposition and works with a number of clients to securely delivery solutions.

Jonathan has proven delivery capability and offering real value to businesses with experience that covers a broad range of areas including, strategy, architecture, policy and procedures and training, with particular focus on security architecture
John Ceraolo

Head of Information Security, Verifiable Inc. (USA)

John Ceraolo, an internationally recognized author, and speaker on multiple security topics including social engineering, security services and awareness, brings more than 30 years of experience in the information security industry. Ceraolo is currently the Head of Information Security at Skilljar, a Seattle-based customer education SaaS platform provider.
James Chinn

Enterprise Cloud Security Architect, Admiral (UK)

As the Enterprise Cloud Security Architect for Admiral Insurance in the UK, I bring more than a decade of cloud computing expertise to the table. In the last 7 years, I have worked with Fintech companies of all sizes, from startups to FTSE 100 Giants. I shape the vision and strategy for cloud security at Admiral, and I have shared my insights and hosted events in the industry as a security Architect.
Andy Clark

Director, Primary Key Associates (UK)

Prof Clark is an acknowledged expert in Cryptography, I.S. Security, Systems Engineering, Information Forensics & Cyber Security. He has worked in the field of Computer and Information Systems Security and Cryptology since 1984 and is a registered expert witness with 20+ years’ experience of presenting computer and information systems evidence in a wide range of criminal & civil cases. He is a co-author of the SABSA Blue Book & was the first recipient of the COSAC award.
Paul Dorey

Visiting Professor, Royal Holloway University of London (UK)

Paul Dorey is facilitator for the UK Energy Emergencies Executive Cyber Security Task Group (E3CC), the UK Aviation Cyber Security Forum and is co-lead for the UK NCSC ICS Community of Interest Supply Chain Expert Group. His leadership roles have included Global CISO at BP and Barclays and other CISO roles in financial services, technology and pharmaceutical sectors. He currently advises security leaders, business executives and governments on cyber security strategy and risk reporting and acts as an expert witness. He is a Visiting Professor in Information Security at Royal Holloway, University of London.
Rob Epskamp

Security Architect, Alliander (Netherlands)

Rob believes that security architecture should be designed to support business goals and objectives. Making new solutions and technologies possible with a risk-based approach. With a reliance on digital technologies, and an evolving landscape, there is a need for a more strategic integration. Flexibility and adaptability are necessary to quickly adjust security measures in response to emerging threats. Agility is essential to respond to new challenges. Close collaboration with security teams and other business units will ensure that security measures are aligned with business priorities.
Todd Fitzgerald

CISO, Cybersecurity Leadership Author and Advisor, CISO SPOTLIGHT, LLC (USA)

Todd Fitzgerald promotes CISO/CPO leadership via advising CISOs, advisory board participation, podcasts, and international speaking engagements. Todd founded the successful CISO STORIES leadership podcast and hosted the first 190 episodes. Todd authored 5 books, including #1 New Release (2024) Privacy Leader Compass: A Comprehensive Roadmap for Building and Leading Practical Privacy Programs, and #1 Best-selling (2019-2024) and 2020 CANON Cybersecurity Hall of Fame book, CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers. Named 2016–17 Chicago CISO of the Year, Todd’s senior leadership positions include Northern Trust, Grant Thornton International, Ltd, ManpowerGroup, Wellpoint/National Government Services, Zeneca/Syngenta,
IMS Health and American Airlines. Todd earned MBA with highest honors from Oklahoma State University, Business Administration from UW-Lacrosse, and certifications of CISSP, CISA, CISM, CIPP/US, CIPP/E, CIPP/C, CGEIT, CRISC, PMP, ITILv3, HI TRUST, and ISO27000.
Clara Grillet

Cyber Threat Intelligence Analyst, Centre for Cybersecurity Belgium (Belgium)

Clara Grillet holds political science and law degrees but quickly found herself drawn to cybersecurity for its intersection of IT, economics, strategy and (geo)politics. As a cyber threat intelligence analyst, she enjoys delving into complex and dynamic situations. Clara is a keen public speaker on matters related to cyber threat intelligence and ransomware. She is also a teacher with Cyberwayfinder, a Benelux-based cybersecurity school for adults looking to transition professionally into cybersecurity. Prior to this, Clara worked in the financial and data protection sectors.
Rob Hale

Fellow, Information Operations, Lockheed Martin (USA)

I have been teaching Governance and Compliance at Boise State since 2022 and have been working in the Cyber Security and Information Operations career field for over 35 years. I have been a Fellow at Lockheed Martin since 2008, where I lead cyber security architecture and integration efforts for the 5G.MIL(TM) program. I have also led a number of certification and accreditation efforts for customers in the law enforcement and intelligence communities.
G. Mark Hardy

President, National Security Corporation (USA)

G. Mark Hardy serves as President of National Security Corporation and co-host of the award-winning CISO Tradecraft podcast. He has been providing cyber security expertise to government, military, and commercial clients for over 35 years, and is the author of over one hundred articles and presentations on security, privacy, and leadership. A graduate of Northwestern University and Loyola University, he holds a BS in Computer Science, a BA in Mathematics, a Masters in Business Administration, a Masters in Strategic Studies, and is designated as a Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM).
Lynette Hornung

Principal Security Architecture Manager, Iowa State University (USA)

Lynette Hornung is a Principal Security Architecture Manager at Iowa State University. She has her MS in Information Assurance from Iowa State University, CIPP-US and SABSA security architecture certifications. Senior Member of IEEE. She enjoys researching a variety of topics in information security, such as Artificial Intelligence and its many complexities, such as ethics, privacy and security. She likes to study and analyze the many aspects of security architecture, cybersecurity, financial technology and the intersection with the legal landscape and geo political events.
Jaco Jacobs

Director - Cybersecurity Advisory, David Lynas Consulting (Netherlands)

Jaco is the Director of Consulting Services for David Lynas Consulting based out of the Netherlands. He has been a “security guy” for more than 25 years during which time he has provided security consulting services to many of the largest organizations around the world. He has spent most of his career developing security IP, training and services for the largest global security providers as well as co-authoring several security publications.
Gordon Jenkins

Head of Security Architecture, Admiral (UK)

Dr Gordon Jenkins heads up the security architecture team at Admiral Insurance in the UK. He has 25+ years’ experience in IT and security for large financial services organisations in the UK and US, across investment banking, life & pensions, asset management, and general insurance. He has worked as a security architect for the last 14 years, providing guidance to dozens of major business and infrastructure projects and helping to shape enterprise security functions.
Siân John MBE

Chief Technology Officer, NCC Group (UK)

Siân John MBE is Chief Technology Officer at NCC Group responsible for intelligence, insight and innovation within the company. Siân has worked in Cybersecurity for 25 years across strategy, business risk, privacy, and technology. She is a Fellow of the UK Chartered Institute of Information Security, Chair of the techUK Cybersecurity committee, and a council member for the Engineering and Physical Sciences Council (EPSRC). Siân was awarded an MBE in the Queen’s 2018 New Year’s Honours List for services to Cybersecurity.
Dr. Connie Justice

Professor Emeritus, Indiana University (USA)

Dr. Connie Justice is Professor Emeritus at Indiana University. Dr. Justice has an extensive background in cybersecurity education and research where she built and maintained the Indiana Cybersecurity Living Lab where she taught students in a hands-on integrated environment in both building and attacking cybersecurity solutions. Dr. Justice has research interests in education, fake news and Artificial Intelligence
Steven Kintakas

Lead Security Architect, Astralas (Australia)

Steven is a cyber security professional with a career spanning over 21 years of experience across a range of industries including finance, energy & utilities, resources, transport, manufacturing, government, health, education, and telecommunications.

As a Lead Security Architect at Astralas, Steven is a practitioner and leader focused on building trust. In providing business-driven and outcome-based value to manage risk effectively, Steven has contributed to the improvement of cyber risk management across many ASX-listed companies and some of Australia’s largest organisations in fields such as security architecture & strategy, managed services, incident response, research and development, and technical solutions and controls.

Previously a Director and sector leader within Deloitte Australia’s Cyber practice, he has also held various leadership and technical positions at Computer Associates, CGI, Fujitsu Australia, Dimension Data, and Zimbani. Steven’s post-nominals include: SCF, CISSP, CISM, CCSP, CDPSE, and is the Board Secretary of the ISACA Melbourne Chapter.
Lesley Kipling

Chief Security Advisor, Microsoft (UK)

Previously lead investigator for Microsoft’s detection and response team (DaRT), Lesley has spent 16+ years responding to Microsoft customers’ largest and most impactful cybersecurity incidents. As Chief Security Advisor, she now provides customers, partners and agencies around the globe with deep insights into how and why security incidents happen, how to harden defences and more importantly, how to automate response and contain attacks with the power of the cloud and machine learning.
Jason Kobes

Sr. Staff Cyber Architect & Research Scientist, Northrop Grumman Corporation (USA)

Jason Kobes works as a Sr. Staff Cyber Architect & Research Scientist in Washington, DC for Northrop Grumman Corporation. Jason has over 20 years of experience concentrated in security digital transformation, systems engineering, information systems design analytics, business/mission security architecture, enterprise risk management, information assurance research, and using AI for automation. Jason has a Master’s of Science in Information Assurance (MSIA) and a Bachelor’s of Science in Computer Science from Iowa State University. Jason holds a SABSA Practitioner of Risk and Governance as well as Architecture. Jason’s areas of research include enterprise risk architecture, accountable anonymity systems and applying actionable enterprise security architecture. Jason is also an adjunct professor at Marymount University for the Criminal Justice department Cyber Crime and Digital Terrorism class.
Karel Koster

Manager Cyber Security, FedEx Express Corporation (Netherlands)

Karel Koster is an information security professional with over 15 years of experience is various information roles. He currently manages a global
information security team for FedEx.

Prior to FedEx Karel fulfilled positions as Head of information security, information security officer, security architect and operational risk manager within financial services companies. Karel is a People, Process and Technology person, in that order.
Rosanna Kurrer

Educator, CyberWayFinder (Belgium)

Rosanna runs a rapidly expanding European platform growing next-generation diverse cyber security professionals. She consults and leads design think, corporate innovation and coding seminars to corporates and individuals (e.g. BNP Paribas, Salesforce.com, the 27 EU Director Generals as individuals). An accomplished public speaker, she emphasizes the doing of things. A native of the Philippines, via formal architecture education in Japan she now identifies as German and Belgian.
Mikko Larikka

Senior Principal Consultant, Nixu, a DNV Company (Finland)

Mikko has over 20 years of experience in building and assessing security for continuously digitalizing business. Latest assignments relate to a world-class automated recovery requirements management for businesses in fields of energy, media, government, national security, health, and finance business. Mikko has a solid background: he started as in intern at Nixu in the early 00’s and worked with Active Directory, Symantec Enterprise Security Architecture, Digital Services Development and Security Operations Center related assignments as Solution Specialist and Project Manager.
Anne Leslie

Cloud Risk & Controls Leader, IBM (France)

Anne Leslie is the Cloud Risk and Controls Leader for EMEA at IBM. With 18+ years of experience spanning financial services and technology, she is a distinguished expert at the intersection of AI, cloud, operational resilience, and cybersecurity.

Since joining IBM, Anne has been instrumental in guiding clients worldwide in securely accelerating their adoption of public cloud and AI technologies, while also preparing them for the future landscape shaped by quantum computing. Her work ensures these organisations can adapt their operating models and enhance their resilience in a rapidly changing digital environment.

Co-editor of The AI Book and co-author of The RegTech Book, Anne excels at facilitating outcome-oriented dialogue on complex industry issues, building positive relationships across diverse stakeholder groups. She is actively driving industry momentum around post-quantum readiness by advising clients on strategies to mitigate risks and embrace quantum-resistant solutions. Well-established as a trusted voice in the industry, Anne regularly contributes her thought leadership to C-level conferences and working groups convened by public authorities.

Irish by nature and French by design, Anne lives with her family in Paris, France, which has been her home for almost 30 years.
Genevieve Liveley

Professor of Classics, University of Bristol (UK)

Genevieve is Professor of Classics and Turing Fellow at the University of Bristol. As a narratologist, she has particular research interests in stories and their impact on futures thinking – especially in the context of emerging technologies and cyber security. She is the Futures Challenge Fellow for the UKRI’s Digital Security by Design (DSbD) Discribe Hub+ programme, and is Director of RISCS – the UK’s Research Institute for Sociotechnical Cyber Security.
Ashling Lupiani

Cognitive Solutions Developer, City of Hope (USA)

Ashling Lupiani, SABSA SCF is a Cognitive Solutions Developer at City of Hope. She is a neuroscientist and biomedical engineer with experience in speech and gait research. She spent 5 years running neurorehabilitation engineering studies with human participants and conducting data analysis to investigate sensorimotor systems. She co- authored 5 papers and presented at conferences in Toronto and Boston, USA, COSAC APAC 2023 & 2024, and COSAC 28, 29 & 30.
David Lynas

Chairman, COSAC (Northern Ireland)

David Lynas is currently enjoying his 42nd year of experience in Information Security, during which he has been invited to provide strategic advice to governments and industry clients on every continent. A globally renowned Enterprise Security Architect, Security Strategist, and Thought-Leader, he is the co-author of SABSA (the world’s leading free-use, open-source Security Architecture Methodology), CEO of the SABSA Institute and CEO of David Lynas Consulting.
Valerie Lyons

COO, BH Consulting (Ireland)

Included in the ‘Top 100 Women in Cybersecurity in Europe’, Dr. Valerie Lyons is executive director and COO at BH Consulting, where she leads data protection, cybersecurity, and AI governance consulting initiatives. Prior to BH Consulting, Valerie spent 13 years leading the cybersecurity risk management team in KBC Bank. She is a recognised expert in building cybersecurity and data protection governance into corporate strategies, and in 2024 published The Privacy Leader Compass: A Comprehensive Business-Oriented Roadmap for Building and Leading Practical Privacy Programs. This book has been adapted into a sold-out workshop at several IAPP conferences. Valerie holds an award-winning PhD researching the influence of Privacy as a CSR on consumer trust and privacy concerns and is currently undertaking a Post Grad in Corporate Governance. She is a Certified Data Protection Systems Engineerௗ(CDPSE), a Certified Information Privacy Professional (CIPP/E), and a Certified Information Systems Security Professional (CISSP). She is a member of the Institute of Directors, honorary fellow of the Irish Information Security Forum, a member of the EDPB pool of experts, a member of the Privacy as a CSR Stakeholder Group (Maastricht University), and a committee member of the Irish Internet Governance Forum.
Sophia Mexi-Jones

Security Architect, PwC (UK)

Sophia is a Senior Associate at the Cyber Security Practice at PwC UK with a keen focus in architecture and engineering. Her main experiences and interests lie in cloud security working with a range of different cloud specific technologies such as kubernetes. Her work spans across different industries such as private sector, public sector and governmental bodies.

Sophia has a strong technical background with a MsC in Cyber Security. Her focus within architecture lies with threat modelling where she has focused on a range of systems such as Cloud to Operational Technology. Asides for this, Sophia has a wide range of knowledge of various cloud platforms such as Google, AWS and Azure.

Sophia is an avid speaker at various security/technology conferences and aims to continue to spread her knowledge in cloud security and threat modelling.
Kathleen Mullin

CIO | CISO, MyCareGorithm (USA)

Kathleen Mullin is an influential information security practitioner and international speaker with over twenty-five years of experience. She started her career in Accounting and Internal Audit before moving into Information Technology and Cybersecurity. She has been CISO at various organizations, focusing primarily on healthcare. Most recently, she is CIO|CISO for MyCareGorithm a SaaS startup focused on transforming the Doctor/Patient experience.

Throughout her career, Kate has volunteered and contributed to information security as a profession, including serving on multiple board and advisory positions. Currently she is a Board member of the SABSA Institute (TSI) and
Chair of the TSI EMEA-NA Liaison Group.
Kirk Nicholls

Consultant, SABSA World (Australia)

Kirk is a security advisor with a focus on disaster and incident response exercises. He develops and manages exercise programs through the discipline of serious games, using research-based practice. Through the lens of serious games, simulation and a military background he enables clients to gracefully handle the unexpected.
John O’Leary

President, O'Leary Management Education (USA)

John G. O’Leary, CISSP, is President of O’Leary Management Education. A computer security practitioner since 1977, he has designed, implemented, maintained, administered, broken, troubleshot, fixed, re-fixed, managed, consulted on and taught security for networks ranging from single-site to multi-national. Winner of the 2004 COSAC award, the EuroSec 2006 Prix de Fidelite and the 2011 ISC2 Lifetime Achievement Award and the first ever ISS Guardian Award in 2015, his background spans programming, systems analysis, auditing, project management, operations and quality assurance. John taught graduate school at the University of Texas at Dallas for 10 years (yes, there are universities in Texas, some of them even accredited). A few years ago he received breach notification letters from TJX and the VA in the same week. He is still waiting for OPM to reveal that the Chinese now have all his security clearance information. The Target “situation” got him new credit cards. He does not admit to knowing any Russians or CCP members. Although he completely missed out on early bitcoin gathering, the March 2023 Silicon Valley Bank failure cost him nothing. He is firmly convinced that COSAC is the absolute best information security conference on earth.
Mz Omarjee

Head: IT Client Security and Moonshots, Standard Bank Group (South Africa)

Muhammed Zubair (MZ) Omarjee, is a former Enterprise Security Architect providing advisory to leading banking institutions in South Africa and abroad. He is instrumental in crafting technology strategies as it relates to digital transformation, mobile banking and cyber security. He plays a pivotal role in shaping information technology practices as a transformative business driven and risk-oriented discipline.

Having a proportionate balance of real-world practical experience and technical competence, Muhammed Zubair excels in changing the mind-set required for Digital Transformation. He has a unique ability to operate end to end working interchangeably from strategy development, product design, solution engineering, and full stack software development. His current scope of responsibility covers 18 countries across the African subcontinent.
Mark Rasch

Attorney, Law Office of Mark Rasch (USA)

Mark Rasch is a lawyer and computer security and privacy expert in Bethesda, Maryland and is the General Counsel of Threat Intelligence firm Unit 221B, and of-counsel to KJK law.

Rasch’s career spans more than 35 years of corporate and government cybersecurity, computer privacy, regulatory compliance, computer forensics and incident response. This includes expertise in GDPR, CCPA, and US and international privacy laws and regulations. Earlier in his career, Rasch was with the U.S. Department of Justice where he led the department’s efforts to investigate and prosecute cyber and high- technology crime, starting the computer crime unit within the Criminal Division’s Fraud Section, efforts which eventually led to the creation of the Computer Crime and Intellectual Property Section of the Criminal Division. He was responsible for various high-profile computer crime prosecutions, including Kevin Mitnick, Kevin Poulsen and Robert Tappan Morris. He was also the Chief Privacy Officer of Fortune 100 company, SAIC and Chief Security Evangelist for Verizon

Mark has taught white collar crime, computer law, and legal ethics courses, at various institutions including GW, AU and Catholic University Law Schools. He is a frequent media contributor on issues related to technology and the law.
Char Sample

Professor, Marshall University (USA)

Dr. Char Sample is a cybersecurity researcher and professor at Marshall University where she currently teaches Cybersecurity and Computer Science. Dr. Sample has over 40 years of industry experience beginning in software development, through product test and integration, and finally as a researcher (both applied and academic). Dr. Sample’s research areas are all cybersecurity related with an interest toward cybersecurity decision-making. Past projects have focused on the influence of cultural values on cybersecurity, cyber deception including but not limited to “fake news”, and AI/ML vulnerabilities. Other research areas include data resilience, cyber- physical systems and industrial control systems.
Esther Schagen-Van Luit

Chief Security Advisor NL, Microsoft (Netherlands)

Esther Schagen-van Luit is the Chief Security Advisor for the Netherlands at Microsoft, where she helps Chief Information Security Officers and policymakers from leading private and public organizations in the Netherlands adapt their security strategies and policies to support their business to seize opportunities with digital transformation. Previously she served as the European Principal for the Information Security Forum, Chief Information Security Officer (CISO) of Deloitte Netherlands, Dutch Caribbean, Belgium and Deloitte Legal, and as cybersecurity strategy consultant with Deloitte Netherlands and UK. She takes a special interest in cybersecurity governance of executive and supervisory boards, and diversity and inclusion in the cybersecurity industry.
Dan Schoemaker

Information Security Manager, Phoenix HSL (Australia)

Dan has been working in the IT support, Infrastructure/Operations and Security fields for the past decade. Currently working in a Group Security role, he is driven to ensure security is business driven and architected properly. Being a self-driven techie he ultimately believes in learning by doing and having a go.
William Schultz

Senior Director, Vanderbilt University Medical Center (USA)

Bill Schultz is a practicing security architect who has worked in the Information Technology field for over 17 years, with the past 13 focused on Enterprise Architecture, Security Architecture, RiskManagement, and Compliance. Bill has built security programs, risk management programs, anddeveloped strategic organizational architectures and technical system architectures. Bill has led multiple risk management and security architecture initiatives.
Pradeep Sekar

Managing Director, Optiv Security Inc. (India)

Pradeep Sekar is a seasoned cyber security leader who has worked closely with and guided Fortune 100 and Fortune 500 Chief Information Security Officers (CISO), Chief Information Officers (CIO) and their teams across various industries on developing and sustaining a secure, adaptive and robust cyber security program. His unique expertise includes the delivery of innovative cyber strategy solutions and benchmarking insights for global organizations as they look to transform their cyber programs.
Anton Tkachov

Managing Director - Cyber, PwC (UK)

Anton is leading the Cyber Security Architecture and Transformation for PwC and has been with the firm for more than 9 years. Prior to that, he has been delivering security transformations as a consultant, and running security architecture team as part of his industry role at a blue chip financial services organisations.

Anton is an active member of leading architecture forums. His passion, experience and interest lies with the ‘enterprise’ architecture which allows him to solve security problems by looking at those from a diverse set of perspectives, considering opportunities for the business (not only risks) and simplifying things.

The most enjoyable aspect of Anton’s client work is around connecting with the like-minded architects to solve problems.
Raymond Van Dijk

Security Architect, Alliander (Netherlands)

Raymond is an Enterprise Security Architect at Alliander. He believes that in today’s complex (cloud, agile and (partly) outsourced) environments it is imperative that security is built-in and strives for business enablement. He is using the digital transformation to improve the usability of security and push for security innovation.
Jan Van Kemenade

Information Security Officer, Durmazon (Netherlands)

I’m a 61 year old dutchman with 35+ years experience in various roles in IT and 10+ years insecurity. Currently working, self-employed, as an Information Security Officer assigned to a (relatively) small company – a pension administration service that works for 40+ pension providers in the Netherlands. In the past I have worked for a number of companies, mostly in the financial sector. Once I start talking I’m hard to stop but I’m not that great at writing, so I’ll leave it at this.
Edwin Vos

Principal Consultant, Nivo (Netherlands)

Edwin is a principal consultant at Nivo, working for more than 35 years in IT. His main focus is architecture and IT security. As a consultant he worked for many large companies within the Netherlands. The last years focusing merely on the Dutch Government. His interests lies in the unknown things.
Ben Stephen Woods

Head of Cyber Risk Assurance, The LEGO Group (Denmark)

Ben leads the Cyber Risk and Assurance team at the LEGO Group:, a global function that includes Human Risk, Risk Management, Technical Risk, and Assurance. Ben is also the Deputy CISO.

Start
where
others
stop.

COSAC Ethos #1

Be inspired by a blend of leading-edge information security strategy with pragmatism & realism.

COSAC
Patrons

A completely new COSAC experience pushing the boundaries of cybersecurity further than ever before. Smart people, inspiring guest speakers and a ton of passion. Become a COSAC Patron and gain access like no other.

Become a patron

COSAC APAC
2026.

24th - 26th Feb: Melbourne, Australia

More Info Call for Papers

Contact

Get in contact with us by email, phone or just stay social and connect with us on LinkedIn

COSAC 2024

Ghariba Bourhidane

Stephen Bowes

Hugh Boyes

Steven Bradley

Glen Bruce

Rob Campbell

Jonathan Cassam

John Ceraolo

James Chinn

Andy Clark

Paul Dorey

Rob Epskamp

Todd Fitzgerald

Clara Grillet

Rob Hale

G. Mark Hardy

Lynette Hornung

Jaco Jacobs

Gordon Jenkins

Siân John MBE

Dr. Connie Justice

Steven Kintakas

Lesley Kipling

Jason Kobes

Karel Koster

Rosanna Kurrer

Mikko Larikka

Anne Leslie

Genevieve Liveley

Ashling Lupiani

David Lynas

Valerie Lyons

Sophia Mexi-Jones

Kathleen Mullin

Kirk Nicholls

John O’Leary

Mz Omarjee

Mark Rasch

Char Sample

Esther Schagen-Van Luit

Dan Schoemaker

William Schultz

Pradeep Sekar

Anton Tkachov

Raymond Van Dijk

Jan Van Kemenade

Edwin Vos

Ben Stephen Woods

Start where others stop.

COSAC Ethos #1

COSAC Patrons

COSAC APAC 2026.

Contact

Sponsors

NAAS

MELBOURNE

Start
where
others
stop.

COSAC
Patrons

COSAC APAC
2026.