Speakers 2011

Brian Krebs is an award-winning investigative reporter who focuses almost exclusively on cybercrime. Krebs is the author of KrebsOnSecurity.com, a daily blog dedicated to in-depth security news and investigation.  [more]

From 1995 to 2009, Krebs was a reporter for The Washington Post, where he authored hundreds of stories for the washingtonpost.com Web site and the dead tree edition of the paper. From 2005 to 2009, Krebs was the curator of The Washington Post's Security Fix blog.
Krebs holds a bachelors degree in International Studies from George Mason University. He enjoys cooking, hacking, breaking stuff, biking, playing guitar, reading and learning Russian.  [ukryj]

Raoul "Nobody" Chiesa was born in Torino, Italy, in 1973. After being among the first Italian hackers back in the 90's (1986-1995), Raoul decided to move to professional InfoSec, founding in 1997 @ Mediaservice.net Srl, a vendor-neutral and well known security consulting company.  [more]

The company operates worldwide, being as well the oldest ISECOM Training Partner for the OPST, OPSA, OPSE and OWSE international security certifications. The company's Red Team held also the following industry certifications: PCI-DSS QSA, PCI-DSS ASV, ISO/IEC 27001 Lead Auditor, CISA, CISSP, ITIL, SANS GCFA, ECCE. Raoul is among the founder members of CLUSIT - the Italian Information Security Association - and he is a Board of Directors member at ISECOM, CLUSIT, OWASP Italian Chapter, Italian Privacy Observatory (AIP/OPSI). Both Raoul and its security team work on research areas such as X.25 and PSDN networks, VoIp Security, Malware Analysis, Social Engineering, SCADA & Industrial Automation, Home Automation, Satellite communication, Mobile Security, SS7 threats and much more.
Since 2003 he started its cooperation with the UN agency "UNICRI" (United Nations Interregional Crime and Justice Research Institute), working on "HPP", the Hackers Profiling Project run by ISECOM and UNICRI; in 2005 he has been official recognized as a cybercrime advisor. Nowadays his role at UNICRI is "Senior Advisor on Cybercrime".
Since February 2010, Raoul Chiesa is a Member of the ENISA Permanent Stakeholders' Group (PSG). The PSG is composed of 30 high-level experts who have been appointed by the Executive Director of ENISA to serve as a sounding board for all relevant stakeholders on issues concerning network and information security. The mandate of the Members of the PSG is 2,5 years. [less]

Joost van Dijk has been working as a technical product manager for SURFnet in the Netherlands since 2008. He holds a Master's degree in Computer Science from Utrecht University.

Tomasz Salacinski is working as an IT Security Specialist at CERT Polska division of NASK in Security Projects Team. He is responsible for malware binary analysis and data gathering and management.  [more]

He holds an MSc degree from Military University of Technology in Warsaw, Poland (IT at Cybernetics Division, specialty: Cryptology). He has experience in performing software and attack vector analysis, low-level programming. He conducts trainings in reverse engineering and botnet analysis. He spoke about his research at number of conferences, including Honeynet 2011 in Paris and AusCERT 2011 in Gold Coast. [less]

Tomasz Bukowski is a graduate of the Faculty of Physics Warsaw University of Technology. He works in NASK works as a IT Security Specialist since August 2009.  [more]

Tomasz is a member of the Security Incident Response Team in Poland CERT and is responsible for analysis of malware and testing of new vulnerabilities. He is interested in security of network applications and protocols, and the functionality and evolution of malware. Hobby Linux administrator and programmer.  [less]

Przygodę z branżą IT rozpoczął w brytyjskim oddziale Philips Electronics, obecnie jest kierownikiem zespołu bezpieczeństwa w Compendium CE. [more]

Absolwent Glasgow Caledonian University, współorganizator krakowskiego cyklu wykładów LUMD (Linux - U mnie działa!) oraz założyciel i autor największego w Polsce serwisu o bezpieczeństwie komputerowym http://niebezpiecznik.pl. Od 5 lat pomaga polskim i zagranicznym firmom w zabezpieczaniu sieci oraz (web)aplikacji.  [less]

Wojciech is a system administrator and a specialist in security of Windows / Linux/ *BSD operating systems, and an experienced pentester. He develops incident response tools.

Marcin is a Linux / *BSD system administrator and a web application security specialist. He also manages penetration tests.

I'm Godert Jan van Manen. Over 11+ years of experience in discovery, research and investigative analysis of (possible) threats from malcodes, malicious websites, exploits and others targeting data confidentiality, integrity and availability. [more]

Currently hired as a incident handler at the Dutch Government Computer Emergency Response Team, GOVCERT.NL. Previously worked for Defense, Internationals, Finance, ISPs and small businesses.  [less]

I'm Dave Woutersen. For the past 7 years I've been working as a incident handler at the Dutch Government Computer Emergency Response Team, GOVCERT.NL. Apart from working as a duty officer within the technical team, my main focus surrounds malware-analysis and honeypot techniques.

Jarosław Jantura is a Technical Project Manager at NASK, Research and Academic Computer Network. He graduated with a master degree in Computer Science from Kielce University of Technology.  [more]

After two years as a lecturer, he moved to the industry, first starting with C, C++, and then moving to Java. At NASK he specializes at security and large-scale computing including virtualization techniques, grids, and general-purpose computation on graphics hardware.  [less]

Member of the Polish government Computer Emergency Response Team CERT.GOV.PL. For over 10 years in the government administration responsible for IT security.  [more]

Michal graduated from Warsaw University of Technology. He was involved in creation and implementation of national and European documentation in IT area – from critical infrastructure protection, through personal data protection to classified data protection. He’s actively involved in many initiatives for increasing security in the Internet.  [less]

Information security administrator in the company Nasza Klasa, specialist in computer forensics, CIS-IS auditor / manager. A graduate of Computer Science at University of Mining and Metallurgy in Krakow, From 1997 to 1999 he headed Technical Department of the Solidex Group. Since 1999, he worked at portal Onet.pl, initially as a designer and administrator of IT systems.  [more]

Later, he was appointed Head of Security Department at Grupa Onet.pl, Chief Security Officer and Information Security Administrator/Advisor. During his work as Head of Security Department he coordinated the implementation of Information Security Policy for companies of TVN Group Since 2010 he works as Information Security Administrator for the company Nasza Klasa. Apart from that, he runs his own consulting firm dealing with personal data protection and data communications.
Consultant and lecturer in the field of information security and computer networks. Computer forensics specialist, CIS-IS Auditor / Manager. Engaged in several projects including: - high-performance, multi-platform of internet portal, Onet.pl - Onet.pl Data Center - Integrated Security Systems - Internet banking system BPH Sezam v.1, - Internal Network and Registration System of Medical University Hospital in Krakow, - safety study for Krakow's municipal computer network. Expert in the field of personal data protection  [less]

Paweł Jacewicz has been working as an IT Security Specialist at NASK's department CERT Polska since 2009. He is a member of the R&D Team responsible for development of projects like Arakis and HoneySpider Network.  [more]

His main field of interest are client-side attacks and new methods of malware propagation. Paweł is a student at The Faculty of Electronics and Information Technology at Warsaw University of Technology.  [less]

Adam Kozakiewicz is Assistant Professor at NASK - Research and Academic Computer Network. Received the degree of PhD in Telecommunications in 2008 from Warsaw University of Technology. With NASK since 2006, since late 2008 as head of the Network and Information Security Methods Group - a part of NASK Research Division focused on security problems.  [more]

The group leads or is involved in a number of security-related projects, closely cooperating with CERT Polska in several of them. Also part-time Assistant Professor at the Warsaw University of Technology (Institute of Control and Computation Engineering). Research interests include network and systems security (mainly heuristic threat detection methods), network traffic modeling and parallel and distributed computation.  [less]

Dick Hardt is a serial entrepreneur and popular public speaker. Notable companies include ActiveState and Sxip Identity. Dick promoted the Identity 2.0 and user-centric identity meme, was a founding board member of the OpenID Foundation and is an author of the OpenID 2.0 and OAuth 2.0 specifications. Dick now resides in San Francisco, CA with his wife building his next venture, Bubbler.

Attorney at law, Partner at the Law Firm Olesiński & Wspólnicy. He has gained experience in leading a commercial law team (with a more profound focus on tax issues) for several years.  [more]

Currently he also leads a team specializing in electronic media law. He is also engaged as a representative in the work of a lobby group (EU Social Networks Group) operating within the frame of the European Commission. A member of the working group engaged in the works on the amendment to the Act on Providing Electronic Services.
Lecturer at Polish and international conferences, author of specialist press publications. In his spare time he sails and skis.  [less]

Attorney at law trainee at the Law Firm Olesiński & Wspólnicy. Since 2008 he has been engaged in electronic media issues, with a particular emphasis on protection of personal data in the Internet, and electronic services.  [more]

For three years now he has been a member of advisory team for Nasza Klasa Sp. z o.o. in the scope of intellectual and industrial property law, personal data protection and litigations. He has participated in numerous conferences on forensic computer science and privacy in the Internet. Member of the Electronic Media Law expert team, providing advisory for the major Polish Internet portals in the scope of e.g. industrial property matters, personal data protection and copyright / intellectual property law. Author of press publications in e.g. "Dziennik Internautów" ("Net surfer Daily"), "Dziennik Gazeta Prawna" ("Law Journal") and "IT w Administracji" ("IT in the Administration").  [less]

Piotr Linke joined Sourcefire as Security Engineer for Central and Eastern Europe region. Despite short time being on board Piotr has vast experience with Snort (since 2002) and Sourcefire solution (since 2004). Prior to Sourcefire Piotr worked with other well known IT Security vendors deploying their solutions in both telecommunications and enterprise networks within EMEA region.  [more]

Piotr has strong Unix and IP security skills which make him fluent in areas of network intrusion detection, threat mitigation, event analysis and vulnerability assessment. In spare time he performs forensic analysis on compromised hosts and develops exploits to recent vulnerabilities. Sourcefire, Inc. (Nasdaq:FIRE), is a world leader in intelligent cybersecurity solutions. Sourcefire is transforming the way Global 2000 organizations and government agencies manage and minimize network security risks. Sourcefire's IPS, Real-time Network Awareness and Real-time Adaptive Security solutions equip customers with an efficient and effective layered security defense - protecting network assets before, during and after an attack. Through the years, Sourcefire has been consistently recognized for its innovation and industry leadership by customers, media and industry analysts alike - with more than 50 awards and accolades. Today, the names Sourcefire and founder Martin Roesch have grown synonymous with innovation and network security intelligence. For more information about Sourcefire, please visit http://www.sourcefire.com.  [less]

Sandro Gauci is the owner and Founder of EnableSecurity (www.enablesecurity.com) where he performs R&D and security consultancy for mid-sized companies. Sandro has over 10 years experience in the security industry and is focused on analysis of security challenges and providing solutions to such threats.  [more]

His passion is vulnerability research and has previously worked together with various vendors such as Microsoft and Sun to fix security holes. Sandro is the author of free and commercial security tools and can be contacted at [email protected] Read his blog at blog.enablesecurity.com.  [less]

As an IT security specialist with more than two decades of experience, Gavin Reid works with some very interesting people - from leaders in the vanguard of information security to hackers in the computer underground.  [more]

Gavin leads the Computer Security Incident Response Team (CSIRT) at Cisco Systems - a global team of information security professionals responsible for the 24/7 monitoring, investigation and response to cyber security incidents. His team actively manages computer security risk for Cisco-owned businesses through proactive threat assessment and analysis, mitigation planning, incident detection and response. Because of his role and extensive experience, Gavin's advice is keenly sought by Cisco customers and he is a regular contributor to the company's Executive Briefing Program.
As a contributing member of the computer security community, Gavin also supports security training with the security community and chairs the FIRST working group responsible for the Common Vulnerability Scoring System. FIRST (the Forum of Incident Response & Security Teams) brings together security and incident response teams from academia, government and business. CVSS is an open industry standard for rating IT security vulnerabilities that helps organizations prioritize and coordinate a joint response to computer security risks.
Gavin joined Cisco in 1999 from the National Aeronautics & Space Administration (NASA) where he oversaw IT Security at the Johnston Space Center. Gavin lives in North Carolina (USA), and counts guitar and skateboarding among his personal interests. Specialties:
Information incident response, IDS, forensics, SIMS, event analysis, Welwitschia, alchemy, CSIRT, information security, computer underground, jiang shi, skokiaan, cybersecurity, FIRST, SANS, CVSS  [less]

Richard Perlotto is one of three directors running the Shadowserver Foundation, an all volunteer watchdog group of security professionals that gather, track, and report on malware, botnet activity, and electronic fraud.  [more]

Mr. Perlotto runs the technology and operational side of the organization with a focus on streamlining the processes and information gathering techniques. Personal: Richard Perlotto is an Information Security Adviser for Cisco Systems providing assistance and guidance on Information, Internet Risks and Threats to Cisco and their Customers. Previously he ran Security Operations worldwide for all of Cisco for almost four years. He is a 13-year Cisco veteran.  [less]

Juliusz Brzostek is a graduate of the Faculty of Electronics and Information Technology Warsaw University of Technology with 10 years professional experience in computer software engineering. Hi is especially involved into network security projects and is working in CERT Polska division of NASK as Security Research and Development Manager.

Peter Doggart is the Director of Product Strategy at Crossbeam. He brings 15 years of product and marketing management experience for international blue-chip companies.  [more]

Prior to Crossbeam, Doggart held senior positions at 3Com Corporation and founded a networking reseller company in the UK. He holds two patents and a first class honors degree in Electronic, Electrical Engineering from Loughborough University, UK.  [less]

Ryan Jones currently leads the SpiderLabs Incident Response Team in EMEA. The team commonly manages data compromises related to cardholder data but are also regularly involved in other projects such as ATM compromises and data breaches caused by internal staff.  [more]

The Incident Response team also carry out proactive engagements to ensure that customers have an effective incident response plan; drawing upon extensive knowledge of how it goes wrong in real data security breaches to improve companies' approach to Incident Response.
During Ryan's incident response career Ryan has worked for both UK National Law enforcement and private companies. He has been involved with both criminal and corporate investigations with scope ranging from a single mobile telephone to multinational networks. For the past 4 years, Ryan has been a corporate first responder involved with a wide variety of businesses from small companies to multinationals during times when they have been struggling to react to a rapidly changing data compromise situation. Ryan firmly believes that a consultative approach coupled with the appropriate technical knowledge is key to successful incident response engagements.
Ryan graduated from the University of Kent with a First Class BSc in Computer Science. He is also a PCI QSA. In his spare time he can be found skydiving at various dropzones around the country.  [less]

Monika Josi has joined Microsoft as Chief Security Advisor EMEA in January 2011. In this role, she leads a team of national Chief Security Advisors across EMEA who work with organizations in the commercial and public sector on information technology issues and strategies, mainly related to cybersecurity critical infrastructure protection and cloud security.  [more]

Monika has a background in business information system management and 20+ years of experience in IT across various domains and industries including consulting and auditing. Most recent to joining Microsoft, she was Global Head of Information Governance and Management Policies and Frameworks for a multi-national pharmaceutical company with the purpose of bringing information security, IT security, risk management, privacy, records management and IT compliance together in one single company-wide framework.  [less]

Robert Korzeniowski is a former Polish racewalker. He has won four gold medals at the Summer Olympics and has won three world championships.  [more]

Korzeniowski is a three-peat winner of the 50 km walk at the Summer Olympics. He won 1996 in Atlanta, 2000 in Sydney, and 2004 in Athens. In addition, he became the first athlete to claim both the long distance and the short distance crown, when he won the 20 km title at the 2000 games. He won world championship titles in 1997, 2001, and 2003. He won two times a European Championship in Budapest 1998 and in Munich 2002. He is also the former world record holder in the 50 kilometers race. Since February 2011 Robert is appointed as PR & Marketing Corporate Hospitality Consultant by UEFA EURO 2010T  [less]

Ryan is a Security Engineer at Facebook where he splits his time between hardening Facebook's ever-expanding infrastructure and handling various security incidents around the company.  [more]

In his previous life, Ryan worked to secure Barnes & Noble Inc. from payment card breaches and prior to that, he worked at United Parcel Service as a network security engineer. Ryan is CISSP certified and holds a BS in Electrical Engineering from Cornell University.  [less]

Joffrey Czarny (France), working for Devoteam Security Business Unit (FR). Since 2001, Joffrey is a pentester, he has released advisories on VoIP Cisco products and spoken at various security-focused conferences (Wireless Conference at Infosec Paris and Wireless Workshop at Hack.lu 2005, VoIP at Hack.lu 2007/2008 and ITunderground 2008/2009).  [more]

On his site, www.insomnihack.net, he maintains the Elsenot project ("http://insomnihack.net/elsenot/") and posts video tutorials and tools on several security aspects.
VoIP Forensic' analysis introduces some aspects which are not necessarily found during Forensic study on Web server or Workstation. Indeed, VoIP technology is a mix of telecommunication (PBX) / computer, all these parts must be well known by the auditor in order to not forget something during investigation and unfortunately to see that all phreaking aspects are always exploited on VoIP systems. Moreover, some technology/product are as black boxes, it's not possible to obtain full right on it (root access) without be deprived of the maintenance support which severely limits the investigation. The presentation is organized around 4 real Case Study in order to demonstrate which kind of fraud is exploited on Internet and between operators:
- Pownage Asterisk server
- Pownage of Web server in order to perform VoIP dialing
- Pownage of Cisco Unity server (voice messaging) in order to performe free call
- Fraud between VoIP operators
Each case will be presented with attack perspectives and how it is possible to perform investigation with some limits due of VoIP infrastructure. Of course, some security advices will also be given on each case.  [less]

Dr Giles Hogben is programme manager for secure services at the European Network and Information Security Agency in Greece. He is currently leading ENISA's work on Botnets, Measurement, Disinfection and Defence.  [more]

He has published numerous papers on Network and Information security, including on topics such as Smartphone security, Cloud computing, Social Network security and European Identity card privacy. Before joining ENISA, he was a researcher at the Joint Research Centre in Ispra, Italy and led work on private credentials. He has a PhD in Computer Science from Gdansk University of Technology in Poland and graduated from Oxford University, UK in 1994 in Physics and Philosophy.  [less]

Born in Castrop-Rauxel in 1955, Udo Helmbrecht completed high school in 1974. He then served for two years in the German Federal Armed Forces. From 1976 to 1981, Helmbrecht studied Physics, Mathematics and Computer Science at the Ruhr University in Bochum.  [more]

Having received his Diploma in Physics, he then went on to obtain a Doctorate in Theoretical Physics in 1984. Between 1981 and 1983, Helmbrecht worked as a research assistant for the Institute of Theoretical Physics at the Ruhr University. For the following two years, he ran the Software Development Department of the Bergische University in Wuppertal.
Moving to Messerschmitt-Bölkow-Blohm GmbH (MBB) in Munich, the predecessor of today´s EADS, in 1985 Helmbrecht began his career as a systems analyst, working on a German Chinese project. He advanced to project leader one year later. Over this period, he successfully completed a two-year executive management training programme for high potentials. Between 1988 and 1989, he was personal assistant to the Head of the Military Aircraft Division. In 1990, Helmbrecht was assigned the position of Head of the Technical Data Systems Department and between 1992 and 1995 he functioned as Information Technology Programme Manager, assuming responsibility for the programme and project management of information technology in the military aircraft product group. In 1995, Helmbrecht was appointed CIO of the Bayerische Versorgungskammer, a public insurance institution for pensions. As Director and Division Manager of Information Processing, he was responsible for data processing, information technology and security, application development, as well as data centre and network infrastructure. Here, he succeeded in introducing several entrepreneurial operating methods.
Since March 2003, Udo Helmbrecht has served as President of the Federal Office for Information Security (BSI) in Bonn. He has successfully developed the agency´s central service provision for information security within the German Federal Government. In addition, he has spearheaded the cooperation between BSI and the IT security industry, as well as raised public awareness of information security issues.
In April 2009, Dr Helmbrecht was appointed Executive Director of ENISA by its Management Board and after a presentation for the European Parliament's ITRE committee; a position he assumed on 16th October.  [less]

Paweł is a member of the CERT Polska team. He graduated from the Faculty of Electronics and Information Technology of Warsaw University of Technology. For many years he has been an administrator of linux systems, including ones that are critical for the Polish Internet.  [more]

Long-time passionate about IT security, both in theory and in practice. Years of experience with DNS systems allowed him to trigger a project on DNS traffic analysis.  [less]

Bartosz Kamiński is a Leading Solution Consultant for Information Security in Hewlett-Packard Poland. Bartosz was involved in Information Security related projects for customer from public and private sector for the past five years.  [more]

Within the scope of his duties, he also took a role on an IT Security auditor and was responsible for preparing audit procedures basing on ISO27001. Presently delivers Cloud Computing security solutions.  [less]

Rafał Jaczyński is the director responsible for IT systems security management in TP Group. This means ensuring appropriate and business justifiable level of security in all processes and services involving IT technologies in TP Group.  [more]

Rafał is also responsible for stimulation of extension of commercial security services offer in TP portfolio. In years 1997-2003 Rafał was the head of the team responsible for security of GSM network and services as well as supporting IT systems at Polkomtel SA. At the same time he cooperated with international organizations and committees preparing concepts and technical norms for IT systems security - European Telecommunications Standards Institute (ETSI), 3rd Generation Partnership Project (3GPP), GSM Association (GSMA). He holds prestigious certificates Posiada prestiżowe certyfikaty branżowe, między innymi SABSA (Sherwood Applied Business Security Architecture), CISM (Certified Information Security Manager).  [less]

Alexander Raczynski is a Systems Engineer at Websense. He is responsible for technical support of Websense solutions during the whole sales process in Central and Eastern Europe. Alexander represents the company at customer site; he works close with Websense channel partners and participates at many IT Security events.  [more]

Alexander Raczynski has studied Computer Science at the University of Paderborn (Germany). His experience is based on 15 years of work for many IT security Companies in Central and Eastern Europe.  [less]