Professor Andrew Clark
BSc, CEng, CITP, FIET, FBCS
Andrew's career in the information security industry started in 1984 when he joined Open Computer Security as Research & Development Manager for the company's range of commercial encryption products aimed at the banking and finance sector. He remained with the company during its acquisition by new owners and relaunch as Computer Security Limited. Subsequently he joined Logica's Secure Systems Division where he was responsible for the business and technical success of a range of secure programmes in the government sector.
Since the mid 1990's he has been involved in five new business start-ups in secure systems development and analysis and computer and cryptographic forensics. In 2010 he left Detica, where he was Head of Forensics, to found his latest venture, Primary Key Associates Limited, a multidisciplinary team that specialises in addressing a wide range of information security and forensics challenges from physical to cyber security.
His current research interests include the challenges of successfully acquiring and forensically analysing increasing levels of data stored in mobile and cloud based systems. He is an experienced expert witness and has prepared and given evidence in chief in a wide range of civil and criminal cases in the UK courts. He maintains a particular interest in cryptographic research and served on the Board of Directors of the International Association for Cryptologic Research (I.A.C.R.) for seventeen years. The membership elected him Vice President between 1995 and 2001 and subsequently elected him President of the Association between 2002 and 2007. In 2010 he was awarded Fellowship of I.A.C.R.
He is a co-author of the book 'Enterprise Security Architecture: A Business Driven Approach' published in 2005. The SABSA methodology detailed in the book is now used in both commercial and government sectors for designing secure business systems. He is a Director and Trustee of The National Museum of Computing at Bletchley Park.
Professor Paul Dorey
BSc, PhD (Southampton), CISM, FInstISP, MIBiol
Paul has over 25 years management experience in information security gained as a senior security and risk executive at Morgan Grenfell/Deutsche Bank, Barclays Bank and BP. His work has encompassed information security management, operational risk management, business continuity planning and crisis management, privacy and the security of process control systems.
Paul has consulted to several governments in protecting critical national infrastructure, was a founder of the Jericho Forum, and was the founder Chairman of the Institute of Information Security Professionals (IISP) and now carries the title Chairman Emeritus. He has sat as an independent expert on the Permanent Stakeholders Group of the European Network Information Security Agency (ENISA). His industry recognition includes being awarded Chief Security Officer of the Year (2006), IT Security Executive of the Year (2008) and his induction into the IT Security Hall of Fame (2009).
His interests include the problem of establishing and communicating trust in IT systems, risk convergence (integrating IT Security with physical security and other risk disciplines) and demonstrating the value of security investment through alignment with management risk frameworks and business strategy. In addition to his academic interests, he currently runs two consultancy firms specialising in developing commercial security strategies and building programmes to improve security team capability and knowledge sharing in the industry. Details of his work and some of his publications can be found here.
Professor Dieter Gollman
Dipl-Ing, Dr techn (Linz), Dr habil (Karlsruhe)
Dieter received his Dipl-Ing in Engineering Mathematics (1979) and Dr techn (1984) from the University of Linz, Austria, where he was a research assistant in the Department for System Science. He was a Lecturer in Computer Science at Royal Holloway, University of London, and later a scientific assistant at the University of Karlsruhe, Germany, where he was awarded the 'venia legendi; for Computer Science in 1991. He rejoined Royal Holloway in 1990, where he was the first Course Director of the MSc in Information Security.
He joined Microsoft Research in Cambridge in 1998, and in 2003, he took the chair for Security in Distributed Applications at Hamburg University of Technology, Germany.
Dieter Gollmann is an editor-in-chief of the International Journal of Information Security and an associate editor of the IEEE Security & Privacy Magazine. His textbook on 'Computer Security' has appeared in its third edition.
Professor Igor Muttik
BSc (Hons), PhD
Igor received his BSc (Hons) and PhD in Physics and Mathematics from Moscow State University (MSU) in 1985 and 1989 respectively.
He was a lecturer in Low Temperature Physics and in Applied Computing at the Physics Faculty of MSU in 1988-1995. He started researching computer viruses in the 1980's when the anti-virus industry was in its infancy.
In 1994, Igor Muttik joined Computer Antivirus Research Organization (CARO) and then took a position of Senior Virus Researcher at Dr Solomon's Software, UK in 1995. Igor shaped the current state of the anti-malware industry by pioneering detection of non-replicating malware in 1997 when he introduced the generic protection from AOL password stealing trojans. He discovered IRC worms in 1998. He implemented the first global commercial anti-malware telemetry and meta-data gathering system for McAfee in 2007. In 2010 he introduced the concept of cryptographically marking sources of obfuscated software (now known as 'software taggants').
Igor was the founding member and a member of the Board of Anti-Malware Testing Standards Organization (AMTSO), a Vice Chair of Industry Connections Security Group (ICSG) of IEEE and a Chair of the IEEE Taggant working group. He held the position of a Senior Principal Architect at McAfee Labs (part of Intel in 2011-2016) focusing on mobile, IoT and hardware-assisted security technologies. Igor authored more than 100 patents (issued and pending) and more than 100 publications (including 5 co-authored books) in four areas: low-temperature physics, malware reverse-engineering, anti-virus technologies and security industry cooperation.
He is a regular speaker at major international computer security conferences (BlackHat, RSA, DEFCON and many others). Since 2016 he runs Cyber Curio, a UK security research company.
Professor David Naccache
BSc, MSc, PhD
David heads the Ecole normale supérieure’s Information Security Group. His research areas are code security, forensics, the automated and the manual detection of vulnerabilities.
Before joining ENS David was a professor during 10 years at Université Panthéon-Assas Paris 2 (UP2, Sorbonne Universités) after working for 15 years for Gemplus (now Gemalto), Philips (now Oberthur) and Thomson (now Technicolor). He studied at UP13 (BSc), UP6(MSc), IMAC (Eng), TPT (PhD), UP7 (HDR), IHEDN and ICP (STB underway).
He is a forensic expert by several courts, a member of OSCP and the incumbant of theLaw and IT forensics chair at EOGN. He is affiliated with IUF, SnT and ISG.