Committed to connecting the world

Biographies

Matt Barrett NIST Program Manager, Cybersecurity Framework Matt Barrett leads Cybersecurity Framework activities at the National Institute of Standards and Technology. Not only do Matt and his team manage awareness and education of Framework, but also the on-going collaboration between public and private sectors to evolve Framework. Mr. Barrett and his team are responsible for establishing and maintaining relationships with both private and public sector (Cybersecurity) Framework stakeholders. Mr. Barrett works through those relationships to provide perspective and guidance, as well as gather input on use and evolution of the Framework. To fulfill stakeholder needs, Mr. Barrett also collaborates with a variety of NIST cybersecurity programs. Matt previously led NIST’s Security Content Automation Protocol program and support of the Office and Management and Budget’s Federal Desktop Core Configuration initiative. Matt has also served in various executive roles including roles such as president and chief executive officer.
SangMyung Choi Chief, Computer Emergency Response Team (CERT) and Director, Security Intelligence Research, Hauri, Inc SangMyung Choi is chief of the Computer Emergency Response Team (CERT) and director of the Security Intelligence Research at Hauri, Inc. His primary areas of expertise include malware and vulnerability analysis. Driven by his deep interest in cyber warfare, he founded the IssueMakersLab and Cyber Warfare Intelligence Center (CWIC) in 2008 as an association for white hackers to monitor cyber terrorism by North Korea. He is an adjunct professor of the Department of Information Security Engineering at SoonChunHyang University and serves as a mentor to the Best of the Best (BoB) program under the Korea Information Technology Research Institute, dedicated to training the next generation of cyber security professionals. Regarded as one of the most skilled malware analyst in South Korea, he was selected in 2016 by the South Korean government as one of seven experts to participate in the Cyber Guardians program. He has had extensive experience in working together with the National Intelligence Service, National Police Agency, R.O.K. Cyber Command and many private companies in preventing acts of cyber terrorism. He was awarded the Security Merit Ministerial commendation from the Ministry of Public Administration and Security in 2012 for his active contribution and participation in national cybersecurity.
Vasily Dolmatov Vice-Chairman of ITU-T SG17, Russia Vasily Dolmatov was born 21 January 1960 in Moscow, USSR. Graduated with honors from the Moscow State University's Department of Physics and from the Higher Commercial School with the Ministry of Economic Development of the Russian Federation (МВА degree). In 1983 he joined the Institute of Radio Engineering and Electronics of the Russian Academy of Sciences (IRE RAS). On different occasions Vasily Dolmatov held managerial offices with the Russian Internet companies. Several years he serviced in Ministry of Communication and Mass Media of Russian Federation. In 2017 he joined "Rostelecom" company as Projects director of Centre of Cybersecurity and Defense. Vasily Dolmatov participated in work of IETF, he has been contributing to the development of several RFCs setting international standards in the area of Internet technologies. Vasily is actively working in ITU-T Study Group 17 and is a Vice-Chairman of SG17 since 2016.
Thomas Hemker Director Security Strategy, Symantec Thomas Hemker is Director Security Strategy at Symantec with over 22 years of experience in information security. When joining the company in 2010, he also became part of the Symantec CTO Office and is responsible for exchanging ideas with security professionals in the corporate world, the public sector, and actors of the security industry in general. He advises customers regarding their security strategy, cyber resilience, current threat scenarios and technological development.Prior to his position at Symantec, Thomas Hemker was in charge of the Central-European presales department at PGP (PGP Deutschland AG). He also gathered experience as a systems engineer, consultant and product manager at Network Associates and a security distributor, with a focus on encryption, PKI and key management, as well as network security and analysis (Firewall, IDS/IPS). Furthermore, Thomas Hemker is a distinguished speaker at security conferences and holds several security industry certifications, for instance the Certified Information Systems Security Professional (CISSP). He represents Symantec at ISF, TeleTrust e.V. Bitkom and ENISA. As a security professional he is a member of ISACA and (ISC)2, where he cofounded the (ISC)2 Chapter Germany and served as member of the board.
Bilel Jamoussi Chief of the Study Groups Department, Telecommunication Standardization Bureau, ITU Tunisian born, Dr. Bilel Jamoussi is Chief of the Study Groups Department of ITU Standardization Bureau in Geneva Switzerland. Since 2010, he has been leading the bureau’s standards making activities into a new era characterized by rapid convergence and the need for increased collaboration with vertical sectors and partnership between developed and developing countries. Prior to 2010, Jamoussi worked for a Telecommunication equipment and solutions provider for 15 years in Canada and then in the United States where he held several leadership positions and was granted 22 US patents in diverse areas including packet, optical, wireless, and quality of service. He holds a BSc, MSc and PhD degrees in Computer Engineering from the Pennsylvania State University, USA. He is fluent in Arabic, French, and English and speaks some Spanish and German.
Bret Jordan Symantec In his role at Symantec, Bret Jordan works on advanced technologies, cybersecurity architecture, and leads cybersecurity standards. Through his role he collaborates with government agencies, critical infrastructure, industry thought leaders, and academic researchers around the world to help drive creative new technologies and solutions that can protect systems and data crucial to our way of life. During his past 5 years at Symantec, Bret has led several initiatives to drive internal innovation, create new technologies, and advance automated and collaborative cyber threat intelligence and mitigation/remediation sharing across the industry. In addition, he has supported and worked with product management and product engineering teams to help build and deliver award winning cybersecurity solutions. Bret has over 20 years of experience leading global enterprises, startups, academic institutions and nonprofits. His current positions include Director, Office of the CTO at Symantec, CIO pro bono at Carden Memorial School, co-chair and editor on several internet standards from OASIS (including STIX, TAXII, and OpenC2), and contributor to several IETF working groups. Previously he was a Board Member of the OpenSEA Alliance, co-authored a book on Big Data Security, and has presented several times at RSA, ISC2 Security Congress, FS-ISAC, and ENISA conferences. He enjoys working on hard problems and helping design solutions that can change the world.
Youki Kadobayashi National Institute of Information and Communications Technology, Japan Dr. Youki Kadobayashi has been assisting ICT regulatory agencies in Japan for 10 years as a subject matter expert. He has also been working within ITU-T Study Group 17 as the rapporteur of Q.4 (Cybersecurity) and more recently on Q.14 (DLT security). In addition to his service on international standards development, he also closely works with research communities worldwide to further progress the state of cybersecurity. Based on his working experience across research, standardization and education sectors, he firmly believes that promising new technologies can be transformed into technological infrastructure only after considerable amount of efforts by each of these sectors.
Richard Kerkdijk Senior Security Consultant, TNO Richard Kerkdijk MSc. is a Senior Security Consultant at TNO. He obtained his master’s degree in applied physics in 1997 and has been an active player in cyber security ever since. His present role involves strategic advisory work, technical and non-technical security evaluations and coordination of cyber security research and innovation projects. Richard mostly conducts assignments for (CISOs of) telecoms providers and financial institutions, but he has also done commissions for the Dutch National Cyber Security Center (NCSC), the Dutch Cyber Security Council and the Dutch MoD. In addition he acts as vice-chair of the ETIS Information Security WG, an industry body that facilitates collaboration among the CISOs of European telecoms providers. Richard has been involved in a variety of CTI oriented research and advisory projects. Among other things, he led pan-European trials for automated cyber threat intelligence sharing among telecoms providers.
Jong Hyun Kim Q4 Rapporteur, ITU-T Study Group 17, Security He began participating in ITU-T SG 17 in 2006 and has actively contributed to the work of SG17 as a core member of security experts for more than 12 years. He was an associate Rapporteur of SG 17 Question 4/17 from 2009 to 2016. For the Study Period (2017 – 2020), he has served as a Rapporteur of Question 4/17. He has been a Project Editor or Co-editor for several ITU-T Recommendations in the area of Cybersecurity information exchange and Cybersecurity policy. He was a researcher with the Samsung Electronics in 1995-1997 and the Samsung SDS in 2000. He joined the Electronics and Telecommunications Research Institute (ETRI) in 2005. He is currently a project manager of government-funded R&D projects. His research interests include Cyber Security, Network Forensics, cloud security(SecaaS) and Network Security Function Virtualization.
Orkhan Mamedov Malware Analyst, Kaspersky Lab Orkhan Mamedov is a Malware Analyst at Kaspersky Lab, whose primary work has been focused on analyzing Ransomware. In 2016 he found a way to decrypt the Polyglot (aka MarsJoke) ransomware, in 2017 he researched and then wrote a number of articles about such trojans as ExPetr (aka NotPetya), WannaCry, Bad Rabbit and the latest generation of Mamba ransomware (aka HDDCryptor). This year he spotted the first ransomware employing the Process Doppelgänging technique – SynAck ransomware and a new modification of Rakhni ransomware that chooses between a cryptor or a miner when infecting a victim. Orkhan is one of the principal developers of free decryption tools that are provided by Kaspersky Lab.
Jinghua Min Chief Standardization Officer, CECGW Dr. Jinghua Min works as Chief Standardization Officer at CECGW, a subsidiary of CEC (China Electronics Corporation). His research focuses on Information security and its applications in different fields such as cloud computing, big data, smart cities and etc. He has over ten years of international standardization experience at ISO/IEC JTC 1/SC 27, WG 9 and WG 11, ITU-T SG 17 and SG 20, IEC SyC Smart Cities, and etc. He was the project leader of ISO/IEC 27035-1:2016 “Information security incident management — Part 1: Principles of incident management” which has been published, and currently is the project leader of ISO/IEC 20547-4 “Big data reference architecture — Part 4: Security and privacy” which is under development. Dr. Min is the member of Chinese National Information Security Standardization Technical Committee, and Vice-Convener of Information Security Management Working Group.
Koji Nakao Distinguished Researcher, NICT; Guest Professor, Yokohama National University Koji Nakao received the B.E. degree of Mathematics from Waseda University, in Japan, in 1979. Since joining KDDI in 1979, Koji has been engaged in the research on communication protocol, and information security technology for telecommunications in KDDI laboratory. He has started to additionally work for NICT (National Institute of Information and Communications Technology) in 2004 and for Yokohama National University as a guest professor in 2015. Since 2000, he has been conducted for governmental security research projects and involved in International Security Standardization activities. His present positions are "Distinguished Researcher" to manage research activities for network security technologies in NICT and “Guest Professor” of Yokohama National University. Koji has also been a Security Advisor for CABINET SECRETARIAT in Japanese government since 2017.
Chris O'Brien EclecticIQ A fully qualified SANS Cyber Guardian, STIX geek and all around nerd, Chris has led teams across both UK Public and Private sector Cyber Security and Intelligence arenas. Chris started out as an Intrusion Analyst in UK Intelligence, tracking and responding to incidents, and was one of the first technical analysts to help establish NCSC UK. Prior to his current role, Chris held the post of Deputy Technical Director at NCSC UK specialising in technical knowledge management to support rapid response to cyber incidents, and is now Director Intelligence Operations at EclecticIQ.
Sang Jin Oh Director General in Ministry of Science and Information Technology, Korea (Rep. of) Sang Jin OH, before returning to government, worked as a director general of technology in organizing committee for 2018 PyeongChang Olympic Games. In 2014, he joined the committee to prepare ICT services, such as communications infrastructure, SW, ICT devices, data centers, cyber security and cutting edge ICT services including 5G technology. Since 1993, he has worked as a public employee in Korean government for ICT R&D promotion, privacy protection, radio regulation, ICT infrastructures and so on. He studied electrical engineering in Hanyang University in Seoul ('89 ~ '93) and received MBA from University of Oregon, US ('03 ~ '05).
Fyodor Skvortsov Senior Cybersecurity Specialist, BI.ZONE LLC Fyodor Skvortsov is a Senior Cybersecurity Specialist at BI.ZONE LLC. He proved his professionalism while working at Kaspersky Lab and BI.ZONE by solving the most complex cybersecurity incidents in Russia and abroad, and conducting detailed analyses of the latest cyberthreats. He participated in the analysis and investigation of such APTs as Duqu 2.0, and carried out many investigations of the attacks by the Carbanak gang. Now he mostly focuses on cybersecurity threats to banking and finance sector in Russia, such as attacks by Buhtrap and RTM gangs.
Arnaud Taddei Symantec M. Arnaud Taddei is Director, Standards and Architectures, Digital Service Providers in the Office of the CTO, reporting directly to M. Hugh Thompson, CTO of Symantec Corporation. M. Taddei is an industry specialist covering the Digital Service Providers with whom he works extensively for the past 20+ years. As such he is as well chairman for the Working Party 3 – Application Security in the Study Group 17 – Security at the International Telecom Union (ITU) and participates to other Standard Defining Organizations (SDOs) like IETF, IEEE, ETSI, etc. Graduated as Telecom Engineer from the Ecole Nationale Supérieure de Télécommunication de Bretagne, France, M. Taddei owns as well a French research Diploma (called DEA) with INRIA, which lead him to the Institute of Control Sciences, Russian Academy of Sciences, Moscow in 1992. Both French and Swiss citizen, he was drafted in the French Army with the special status of ‘Troops Scientist' in the Flight Simulator Section of the French DGA. He started his career in 1993 as solution architect at CERN IT Division in Geneva. Having the chance to work on the first ever Web Server as Sir Tim Berners Lee invented it at CERN, he lead several key IT projects across the High Energy Physics global community. In 1994, when Messaging became a critical issue, he designed a unique architecture at that time to scale what was the largest Internet based messaging platform outside of the United States. Promoted Section Leader in the IT division he lead a team responsible for Communication, Authentication and Authorization and had the chance to work with key mentors such as Brian Carpenter, at that time, chair of IETF. In 2000, he joined Sun Microsystems as Solution Architect for EMEA professional services team, then world wide, and finally became one of the 100 elected global principle architects. He developed specific architecture methods, consultancy approach and executive advisory with his partners while designing joined solutions for their markets, conforming to regulations and in particular legal interception. Finally he joined Symantec in April 2007, as EMEA Chief Architect for Service Providers and covering the entire Symantec portfolio including Norton. M. Taddei moved to the corporate level as Director to influence the Product Teams. After 10 years in the company he was offered to join the Office of the CTO, opening a new chapter in regards to Standardization and disruptive Architectures and Design.
Tian Tian APT Project Manager, ZTE Tian graduated from TU Dortmund in Germany majoring in Electronic Information Engineering, and worked at Infineon Technologies AG in Germany as a wireless sensor network R&D engineer before joining ZTE Corporation in 2009. She is a senior system architect and product expert with more than 10 years of experience in tel-communication and security area, and has worked on 3GPP SA3 and IETF standards for several years. She has been involved in pre-research in various fields, such as IMS security, M2M security, WLAN, SDN/NFV, and owns more than 10 granted patents in Europe and the US. She is now the APT project manager at ZTE and has more than 3 years of experience in anti-APT solution and product development, which includes advanced threat cloud analysis platform, Email/Web advanced treat prevention system and cyber behavior analysis system.
Yu Tsuda Researcher, National Institute of Information and Communications Technology (NICT) Dr. Yu Tsuda is a researcher at National Institute of Information and Communications Technology (NICT). His research interest is in countermeasures against targeted attacks, e.g. observation of adversaries' activities, application of cyber threat intelligence, information security operation by using visualization systems, host-based intrusion detection systems, etc. He is also interested in CTF (Capture the Flag) games. He is a member of SECCON Executive Committee, which is the largest CTF organizer in Japan.
Junzhi Yan Engineer & Researcher, China Mobile Research Institute Junzhi Yan received his PhD degree in Xidian University, Xi'an, China, in 2010. Currently he is an engineer and a researcher in China Mobile Research Institute. His research interest includes 2/3/4/5G mobile network security, WLAN security, IoT security, DLT security and services, challenges and countermeasures of quantum computing, and also includes the innovative applications of PKI technology. He has been responsible for many work items in international and regional SDOs, including ITU-T, GSMA (GSM Association), CCSA (China Communications Standards Association).
Heung Youl Youm Chairman, ITU-T Study Group 17, Security He is Chairman of ITU-T SG17 (Security). He is working as a professor for the Department of Information Security Engineering of the Soonchunhyang University, Korea from September 1990. He is currently the Director of SCH Cybersecurity Research Centre from Dec. 2013. He began participating in ITU-T SG 17 in 2003 and has actively contributed to the work of SG17 as a core member of security experts. He was an associate Rapporteur of SG 17 Question 10/17 from 2003 to 2004. For the Study Period (2005 – 2008), he served as a Rapporteur of Question 9/17. He was a Vice Chairman of ITU-T Study Group 17 from 2009 to 2016. He was a Chairman of Working Party 2 (Application Security) of SG17 for the Study Period (2009–2012) and was a Chairman of Working Party 3 (Identity management and cloud computing security) of SG17 for the Study Period (2013–2016). He has been a Project Editor or Co-editor for many approved ITU-T Recommendations or agreed Supplements in the area of IPTV security, home network security, authentication protocol, USN security, mobile security, and cybersecurity. He was a president of KIISC (Korea Institute on information security and cryptology) in 2011 and is an emeritus president of KIISC. He had worked for ETRI as a senior research engineer from 1982 to 1990. He had been involved in developing high speed transmission system. He had been involved in many (advisory or self-performance evaluation) committees for the Korea Communications Commission (KCC) from 2008 to 2016, the Ministry of Science, ICT and Future Planning (MSIP) from 2013 to 2017, the Ministry of Industry and Energy (MoTIE) from 2015 to 2017. He has been involved in self-performance evaluation) committees for the Ministry of Science and ICT since 2017. He is a Chairman for the ISMS/PIMS certification committee in Korea since 2007 and had been the chairman for the committee on information security in the PyeongChang Organizing Committee for the 2018 Olympic & Paralympic Winter Games from January 2015 to May 2018. He received a Bachelor degree in 1981, a Master degree in 1983, and a Ph.D. degree in 1990, all in Electronics Engineering from Hanyang University, Korea.
Ella Yu Team leader, 360 Advanced Threat Response Team Ella Yu is team leader of 360 Advanced Threat Response Team, an emergency response team focused on discovering advanced threat attacks including 0day vulnerabilities, has been the first in the world to capture and respond to dozens of in-the-wild 0day attacks, filling the gap in the China’s emergency response in the 0day vulnerability. The team is also dedicated in APT attack discovery and tracking, threat incident emergency response and underground economy industrial chain research. By integrating the company's big data, it achieved a rapid tracing and attribution of threat intelligence, and exclusively discovered and disclosed more than 30 APT organizations and hacker groups.
Gavin Willis UK National Cyber Security Centre Gavin Willis has worked for the UK government for over 30 years. Much of that time was spent in what is now the UK National Cyber Security Centre. He has represented the UK at cybersecurity meeting and panels in the UN, OSCE, NATO, EU, ESA and the ITU. His ITU work includes representing the UK on cybersecurity at a number of major ITU conferences. He is UK lead at ITU-T SG20.
Yunwei Zhao CNCERT/CC (China) Yunwei Zhao received her Ph.D degree in Computer Science from Tsinghua University in 2015 and served as a postdoc researcher in Nanyang Technological University till 2017. From August 2017 till now, she has been working as an engineer and a researcher in CNCERT/CC. Her research interest includes cyber security, recommendation, text mining, user behavior analysis, DLT security and services. She has been actively involved in international and regional SDOs, including ITU-T, TC-260 (National Information security standardization technical committee), CCSA (China Communications Standards Association).