Advertise on ITWeb         Thu, 02 Jul, 19:52:40 PM
ABOUT OUR SPEAKERS New strategies and tactics: Lessons from the battlefield

International keynote speakers
International speakers
Local speakers
Alphabetical listing of confirmed speakers
International keynote speakers -
Misha Glenny, investigative journalist, author and broadcaster
There's an unseen, generally unacknowledged, cyber war on the go
Misha Glenny is an investigative journalist, author and broadcaster. He is one of the world's leading experts on cyber crime and on global mafia networks. His most recent book, Dark Market, led to his recent TED Talk.
Click here for biography

Richard Bejtlich, chief security officer, MANDIANT
Formulating an attack-focused security plan
Richard Bejtlich was previously Director of Incident Response for General Electric, where he built and led the 40-member GE Computer Incident Response Team (GE-CIRT). Prior to GE, he operated TaoSecurity LLC as an independent consultant, protected national security interests for ManTech Corporation's Computer Forensics and Intrusion Analysis division, investigated intrusions as part of Foundstone's incident response team, and monitored client networks for Ball Corporation.
Click here for biography
International speakers -
Phil Allen, director, identity and access management, Dell EMEA
Click here for biography
Mike Armistead, vice president and general manager, Enterprise Security Products, Fortify, Hewlett-Packard
An in-depth look at the trends that are emerging in the world of cyber-crime, cyber-security, and the threat landscape. Can we use what we know about our adversaries in order to create a more effective response?
Click here for biography
Francisco Artés, research director, NSS Labs
Cybercrime Kill Chain vs. effectiveness of Defense Layers
Click here for biography
Jason Clark, chief information security and strategy officer, Websense
Transforming your security organisation to be next generation and business enabling
Click here for biography
Doug DePeppe, JD, LL.M., Director, Cyber-Risk Solutions,
The Soufan Group co-founder,
Western Cyber Exchange
Executive cyber risk responsibility: defence in depth, breadth and width for the enterprise
Click here for biography
Ben Gatti, independent software hacker
Cryptanalysis of the Enigma
Click here for biography
Patrick Gray, Risky Business
The year gone by: highlights of the most interesting stories infosec of 2012, and a hypothesis on what the rest of 2013 holds in store for the industry
Click here for biography
Robert McArdle, senior advanced threat researcher / manager: Forward Looking Threat Research Team, Trend Micro
Click here for biography
Alexander Polyakov, chief technology officer, ERPScan
Breaking, Forensicating and Anti-Forensicating SAP Portal and J2EE Engine
Click here for biography
Runa Sandvik, developer, security researcher, and translation coordinator, The Tor Project
Internet Censorship and the Tor Project
Click here for biography
Vinod Vasudevan, chief operations officer, Paladion

Enterprise Fraud: Are you battle ready?

Click here for biography
Robert Weiss, founder, Password Crackers
Cryptanalysis of the Enigma
Click here for biography
Local speakers -
Kayode Adesemowo, information assurance consultant, chartered engineer and project manager
IT Asset Disposal – A View into a Telco World
Click here for biography
Marinus van Aswegen, security architect, Telic Consulting
Click here for biography
Beza Belayneh, chief executive officer and chief information security officer, South African Centre for Information Security
Socially Engineered Trojans: How to defend your organisation from targeted attacks with Trojans and social engineering
Click here for biography
Yolandé Byrd, director, FACTS Consulting
The role of big data and analytics in forensics and incident response
Click here for biography


Vernon Fryer, chief technology security officer, Vodacom SA
DDOS the Silent Thunder
Click here for biography


Gary Hardy, leader IT governance centre of excellence, risk advisory: Deloitte South Africa

Governance of information security – COBIT5 for Security

Click here for biography
Frans Lategan, security engineer, Amazon Web Services

SHA256 Vulnerabilities exposed by Bitcoin

Click here for biography
Gordon Love, regional director for Africa, Symantec

Click here for biography
Jeremy Maggs, journalist, radio host and television presenter

Click here for biography
Maeson Maherry, solutions director, LAWtrust
The benefits of Advanced Electronic Signatures
Click here for biography
Johann van der Merwe, global head of information security, De Beers Group
Integrating information security with world-class physical security: What can we learn
Click here for biography
Nils, head: security research, MWR InfoSecurity
Click here for biography
Tony Olivier, managing director, Performanta Consulting & Mobile Security
Recovery from chaos: a practical look at a real-world example
Click here for biography
Craig Rosewarne managing director, Wolfpack and founder and chairman, ISG
Cyber threat combatting initiatives planned for Africa
Click here for biography
Adam Schoeman, information security officer, First National Bank Private Clients
Amber: A zero-interaction honeypot system with modular intelligence
Click here for biography
Prof Basie von Solms, research professor, Academy for Computer Science and Software Engineering: University of Johannesburg
An overview of the cyber security legal and regulatory landscape in SA – facts, promises and wishes
Click here for biography
Jon Tullet, senior editor: news analysis, ITWeb
A guide to ITWeb Security Summit 2013
Click here for biography
Charl van der Walt, co-founder and managing director, SensePost
A guide to ITWeb Security Summit 2013
Click here for biography
Duncan Waugh, managing director, DSSS
The paper peril - thinking outside the hard drive
Click here for biography
Dominic White, chief technical officer, SensePost
Offence oriented defence
Click here for biography

A | B | C | D | F | G | H | E | L | M | N | O | P | R | S | T | V | W

Kayode Adesemowo
Information assurance consultant, chartered engineer and project manager
Kayode Adesemowo, a consummate information assurance consultant, chartered engineer and project manager, consults on information assurance, strategy and project management.

With a background in electronics/electrical engineering, he plunged into ICT as an IT support technician, and has progressively taken on varying roles as systems engineer, solution developer, policy analyst, auditor and consultant.

He was a deputy director in the Western Cape Government, where he championed a number of ICT and e-government policy initiatives. He has since had a brief stint with two of the ‘big 4’ and global telcos in the UK. He is experienced in making representations on technology policy-related issues across the board. He was active in the National Open Source Policy (GITOC). He is conversant with and employs best practices and international standards: ISO 38500/27001/20000/31000/24762/22301, Cobit, ITVal, PAS77, ITIL, Prince2, and PMBOK among others.

Adesemowo obtained his MSc (Computer Science) from the University of the Western Cape, and holds number of certifications across ISACA, ISC2, Microsoft and Cisco.

When not consulting, he is active in audiovisual solutions, especially live visual projection.

Phil Allen
Director, identity and access management, Dell EMEA
Phil brings over fourteen years' experience in the Information Security space and has spent this time working in the field with global organisations enabling them to more rapidly realise the business value out of Identity Management and Access Governance programs and ensuring successful deployment of their strategies.

As the European leader of the Identity Management business in Quest Software, now a part of Dell, his primary goal is to work with strategic customers wishing to tackle their Access Governance challenges and help them to both deliver business value and decrease risk through the investments that they make.

Mike Armistead
Vice president and general manager, Enterprise Security Products, Fortify, Hewlett-Packard
Mike Armistead is the vice president and general manager of HP Enterprise Security Products, Fortify. In this role, he is responsible for driving the growth of Fortify’s software security business and managing all operational functions for the group.

Armistead is an industry veteran with more than two decades of industry leadership experience in the software security, application development and Internet arenas. He co-founded Fortify Software in 2003 and was a driving force behind the company’s product, go–to-market, and strategic alliance strategies.

Prior to joining HP, Armistead held executive and key product development positions at companies that include Pure Atria (IBM Rational) and Lycos. While vice president and general manager at Lycos, he led development and data center teams in the financial, directory and web-based email services.

Armistead holds bachelor of science and master of science degrees in Management Science and Engineering from Stanford University.

Francisco Artés
Research director, NSS Labs
Francisco Artes is a recognised information security executive who has helped form many of the best practices for securing intellectual property within the computer gaming, motion picture and television industries. Artes is also know for his work on cyber crime, hacking, and forensic security with various federal, state, and local government law enforcement agencies, such as the US Department of Homeland Security, FBI, Texas Rangers, and US Marshals.

Prior to his appointment as research director with NSS Labs, Artes served as VP, chief architect/content protection for Trace3, and as VP, Security Worldwide for Deluxe Entertainment Services Group. Artes has presented on six of the seven continents.

Marinus van Aswegen
Security architect, Telic Consulting
Marinus van Aswegen is a well-known security consultant, architect, trainer and speaker. In 2006, he founded Telic Consulting, based in Johannesburg, South Africa, where he currently focuses on delivering large enterprise projects in the financial services sector. He has more than a decade's worth of field experience and holds numerous certifications: CISSP, ISSMP, ISSAP & CSSLP. Previously, he consulted as a principal consultant with Deloitte, serving customers in Europe, Africa, Japan and Australia. Passionate about building security competency and solving real world security problems, he strives to deliver demonstrable, secure business systems.

Richard Bejtlich
Chief security officer, MANDIANT
Richard Bejtlich is chief security officer at Mandiant. He was previously director of Incident Response for General Electric, where he built and led the 40-member GE Computer Incident Response Team (GE-CIRT).

Prior to GE, he operated TaoSecurity as an independent consultant, protected national security interests for ManTech Corporation's Computer Forensics and Intrusion Analysis division, investigated intrusions as part of Foundstone's incident response team, and monitored client networks for Ball Corporation.

Bejtlich began his digital security career as a military intelligence officer in 1997 at the Air Force Computer Emergency Response Team (AFCERT), Air Force Information Warfare Centre (AFIWC), and Air Intelligence Agency (AIA). Bejtlich is a graduate of Harvard University and the United States Air Force Academy. He wrote The Tao of Network Security Monitoring and Extrusion Detection, and co-authored Real Digital Forensics. He also writes for his blog ( and Twitter (@taosecurity).

Beza Belayneh
Chief executive officer and chief information security officer, South African Centre for Information Security
Beza Belayneh is co-founder and chief security architect for the South African Centre for Information Security (SACfIS), where he leads regional cyber crime prevention initiatives.

In this position, he leads a team of experts to help clients in creation, promulgation, execution, and oversight of the information security programmes in Southern, Central and Eastern Africa.

His particular expertise extends to cyber warfare programmes, cloud security, Web application security, penetration testing/ethical hacking, policy development, and social engineering, and detecting and mitigating insider threats to information and systems security.

Before SACfIS, Belayneh worked for a regional consulting firm based in Botswana – IDM – for 10 years as a senior consultant, providing IT and security solutions. With 17 years of experience in IT and security space, Belayneh is a certified information security manager and holds a degree in information systems from Andrews University, Michigan, and post-graduate qualifications from Buckinghamshire Chilterns University, plus a string of IT and security certifications.

His experience in speaking engagements has taken him from Europe and the Middle East to Africa.

Yolandé Byrd
Director, FACTS Consulting
Yolandé Byrd has a Bachelor of Science degree with an accounting background, and is also certified by the Association of Certified Fraud Examiners (ACFE) as a qualified Certified Fraud Examiner. She has over 17 years’ experience in the data analysis and programming fields.

Byrd is considered to be one of the most innovative data analysts in her field. She has programmed and project managed numerous electronic data solutions for a variety of organisations (public and private sector) in a number of countries. She is able to improve, develop and customise electronic solutions within any context, whatever the scope. She has customised data solutions for reconcilements and recalculations, and provided data analysis and interrogation services on various forensic engagements.

Byrd is currently a director at FACTS Consulting, a company that specialises in forensic technology and data analytics. During 2008, Byrd was responsible for developing best practices for the forensic data analytics unit of a government statutory body. She was also responsible for designing and implementing various systems to cater for the specific needs of this government body. Byrd has extensive experience in government systems and performing data analytics in the public sector space.

Jason Clark
Chief information security and strategy officer, Websense
Jason Clark is chief information security officer for Websense. As a previous customer and early adopter of Websense products, Clark is responsible for leveraging his technical knowledge and deployment expertise to help CXO executives and advise them on how to best take advantage of the Websense TRITON architecture and unified content security solutions. Clark brings more than a decade of senior IT security leadership to Websense. He previously served as CISO at Emerson Electric, a global Fortune 100 company, where he significantly decreased risk by building the security program for its 140 000 employees across 1 500 locations. This was Emerson Electric’s single largest IT security project ever conducted. Prior to Emerson Electric, Clark was the director of information security at The New York Times and senior manager of security and infrastructure architecture at EverBank. Clark also served as a senior network and security engineer for BB&T, and as a US Army security systems engineer.

Doug DePeppe
JD, LL.M., Director, Cyber-Risk Solutions, The Soufan Group co-founder, Western Cyber Exchange
Doug DePeppe, a former advisor to the White House 60-Day Cyberspace Policy Review, is an entrepreneur and cyber law attorney with a broad background in multiple cyber space verticals. He offers interdisciplinary consulting, legal services, training, and full-scope cyber security solutions. His core capability is in helping businesses design and implement commercially reasonable security practices to mitigate the growing liability exposure from cyber security threats. His expertise expands into government and industry information sharing frameworks, public-private partnerships, cyber-resilience community programmes and instrumentalities, cyber crime and public safety, legislation, international co-operation frameworks, privacy, breach coaching, and executive cyber risk management solutions. He leads his international cyber security work through The Soufan Group, an international security consultancy headquartered in New York City, with offices in Singapore, London, and Qatar.

Through his multidisciplinary practices and experience, DePeppe has a broad network of professional contacts, affiliations, resources, and expertise from the fields of law, cyber crime, cyber security, emergency management, international relations, intelligence, military, homeland security, and energy. DePeppe applies his cross-sector and multidisciplinary experience to advise in the commercial markets about cyber risk. Drawing from his inside knowledge of the cyber space adversary, and applying advanced skill in legal and risk management frameworks, DePeppe mentors executives and boards regarding due diligence and fiduciary responsibilities for corporate headquarters-level cyber risk management.

DePeppe offers services and solutions through his professional ventures and affiliations, which can be reviewed at DePeppe’s work as co-founder of the Western Cyber Exchange has been recognised as one of the leading cyber security initiatives in the United States.

DePeppe is a published author and blogger, international speaker, and a recognised cyber security leader. He is also adjunct faculty with the UMUC Cybersecurity Masters Program, and maintains affiliations with other universities.

Vernon Fryer
Chief technology officer, Vodacom SA
Vernon Fryer is the chief technology security officer at Vodacom, and manages Technology Security and Forensic Investigations. He has been involved in the IT industry since 1971, coming from an IBM background, where he worked as an operation specialist in the financial sector.

During his career in the South African Police Service, he served in the following roles: head of Information Security; head of Cyber Crime for Interpol Southern Africa; and the national head of the Computer Crime Unit. Fryer has also served on the International Computer Crime Work Group. As a member of this workgroup, he travelled extensively as a consultant, specifically in the USA, Europe, China, Africa and the Middle East.

He is the president of the International Information Systems Forensic Association, South African Charter. As a qualified IT forensic analyst, he has obtained various international certifications in information security and audit. Over the past 30 years, he has investigated computer-related fraud, assisted in tracking assets in various liquidations, and has testified in intellectual property disputes. In addition, Fryer is member of good standing and a contributor to the following bodies:

Association of Certified Anti-Money Laundering Specialist (Professional Member)
Ethics Institute of South Africa (Normal Member)
Information Systems Audit and Control Association (Normal Member)
Institute of Electronic, Electrical Engineering (IEEE) (Professional Member)
Institute of Professional Engineers (Normal Member)
Information System Security Association (ISSA) (Normal Member)
Information Systems Forensic Association (Past President and founding member of South African Chapter)
American Society for Industrial Security (Normal Member)

Ben Gatti
Independent software hacker
Benjamin Gatti was born to hippies in the late 60s, grew up in California and taught himself electronics and software, travelled the world in the 90s, married abroad, and settled in Charlotte, North Carolina, where he works as an independent software slacker. His hobbies include micro-controllers, music, sustainable energy and eco-villages, hacker-spaces, atheism, activism, cooking, and healing sick electronic appliances.
Misha Glenny
Investigative journalist, author and broadcaster
Misha Glenny is an investigative journalist, author and broadcaster. He is one of the world's leading experts on cyber crime and on global mafia networks. His most recent book, Dark Market, led to his recent TED Talk.

He has also written The Rebirth of History, The Rise and Fall of Yugoslavia and A History of the Balkans. His book, McMafia, was widely acclaimed for its dissection of criminal networks worldwide, and led to his 2009 TED Talk on the subject. He contributes regularly to the Guardian, Observer, The New York Times and New York Review of Books, as well as specialist journals and books dealing with south-eastern Europe.

A regular broadcaster on radio and television, he has most recently advised several southern European countries on policy-making and legislation (sponsored by the Greek government) and is informally consulted on a regular basis by the British Foreign Office, the US State Department and the British Army, as well as by US, European and south European think-tanks. He is also a regular keynote speaker at conferences on organised crime, globalisation, south-eastern Europe and US-Europe relations.

Patrick Gray
Risky Business
Patrick Gray is an Australian journalist best known as the host of the Risky Business security podcast. He's been reporting on IT security issues for nine years, with his articles appearing in The Sydney Morning Herald, The Age, Wired News, ZDNet, CNet, SecurityFocus, and curiously, Australian Men's Style Magazine.

Gary Hardy
Leader IT governance centre of excellence, risk advisory: Deloitte South Africa
Gary Hardy has 30 years’ experience in the IT industry and is recognised globally as a thought leader and expert in business and IT performance improvement. Hardy is a longstanding and past member of ISACA. He is one of the originators of the COBIT initiative in 1992, and a key member of ISACA’s COBIT development team for the past 19 years. He is a lead developer of COBIT5 and advisor to ISACA, and author of many of the ISACA products. For the past 30 years, Hardy has helped many private and public sector enterprises around the world implement improved IT governance and business performance. Together, they champion IT governance nationally, along with a team of highly skilled IT governance professionals across SA.

Adam Ely
Founder & chief operations officer, Bluebox
Adam Ely is the founder and COO of Bluebox. Prior to this role, Ely was the CISO of the Heroku business unit at Salesforce, where he was responsible for application security, security operations, compliance, and external security relations. Prior to Salesforce, Ely led security and compliance at TiVo and held various security leadership roles within The Walt Disney Company, where he was responsible for security operations and application security of Walt Disney Web properties, including,, and

Frans Lategan
Security engineer, Amazon Web Services
Dr Frans Lategan is a security engineer with Amazon Web Services, where he currently looks at most aspects relating to computer security, from privacy of information to Web application security and cryptography, specifically as it relates to security in the cloud.

Some of his previous IT Web Security Summit presentations covered hacking iOS applications, and ways to improve online banking security using Turing tests.

He has previously worked as a pen tester and security consultant for a large bank, and as a Java architect for a health insurer. Dr Lategan received his Master’s degree in Mathematics and a Doctorate in Computer Science from the University of Johannesburg.

Gordon Love
Regional director for Africa, Symantec
Gordon Love is the Regional Director for Africa at Symantec, responsible for managing enterprise accounts across the region, including both large and small to medium enterprises within the public sector, and Symantec's various channel partners. He is also in charge of growing regional sales and nurturing and motivating sales executives internally.

Love has 19-years experience in various roles including sales, operations, business development, and corporate innovation within The Johannesburg Stock Exchange, Standard Bank, First National Bank, IBM and Faritec.

Before joining Symantec in mid-June 2009, Love worked with the company for five years through a channel partnership. Love had always been impressed with the Symantec brand and the performance-driven culture of the company.

Love has an MBA Degree (Cum Laude) from the University of Pretoria. He has also completed an Executive Development Programme focused on Strategies for Emerging Market Economies from the Gordon Institute of Business Science, which he completed with distinction. Love also completed a Management Advancement Programme at the University of Witwatersrand with distinction.

Jeremy Maggs
Journalist, radio host and television presenter

Jeremy Maggs has been a journalist for over 20 years and has worked across all media platforms – newspapers, radio, television and magazines. He started his career as a cadet reporter at The Herald newspaper, in Port Elizabeth, and later moved to the Sunday Tribune, in Durban. He still writes an irreverent weekly column for The Herald called ‘Daze of My Life’.

Maggs spent 10 years at Radio 702, eventually rising to head of News, and was instrumental in developing the Eyewitness News brand. He then ventured into television and was lead anchor on am-today on SABC2 – the respected morning news and current affairs programme. He hosted the hit quiz show, ‘Who Wants to be a Millionaire’ for its four-season, 100 episode run on M-Net and SABC3. During the time he also joined SABC radio and started the long-running Sunday morning “Media @SAFM” programme, which focused on the advertising and communications industry. The programme ran for 10 years.

He also presented PM Live, and latterly, AM Live. He left the SABC in April 2008 to join the e-news channel, where he is now chief anchor and lead presenter of the flagship programme, News Night.

Maeson Maherry
Solutions director, LAWtrust

Maeson Maherry is the solutions director of LAWtrust, a business that specialises in trust services such as advanced electronic signature solutions, positive identity and encryption in business systems. Maherry started as an electronic engineer in the field of telecommunications, but moved into the emerging field of Internet security in 1997, becoming a specialist in public key encryption and digital signatures. Maherry consulted in this field to all the major banks in South Africa, as well as in Germany and the Middle East, being involved in the design and implementation of number of trust centres and PKI projects. His interest and expertise in the field led him to co-author a book on e-commerce and e-commerce security, as well as numerous white papers and articles on the topic.

In 2007, he was a co-founder of the LAWtrust business, acting first as the business development director and then as the solutions director and CIO. He firmly believes in standards, legal principles and pragmatism in designing electronic signature solutions that change the way we do business for the better.

Robert McArdle
Senior advanced threat researcher / manager: Forward Looking Threat Research Team, Trend Micro

Robert McArdle is currently working as the manager of Trend Micro's Advanced Threat Research team for EMEA, where he is involved in analysing the latest malware threats, specialising in researching the future threat landscape, criminal underground and co-ordinating investigations with international law enforcement. McArdle is a regular presenter for the press and at security conferences. He also lectures in Malware Analysis and Cybercrime Investigations on MSc modules at Cork IT and UCD in Ireland, and is a trainer for several SANS qualifications. He worries that his hobby and job are one and the same, and constantly wonders if ‘normal’ people have that problem. He enjoys long walks on the beach, puppies, and Guinness.

Johann van der Merwe
Global head of information security, De Beers Group
Johann van der Merwe is group head of Information Security for the De Beers Group of Companies. Van der Merwe leads the global information security team that focuses on protecting critical information and technology systems in high risk areas across the De Beers value chain. The information security team integrates into the group physical security team that safeguards approximately 40% of the global diamond production by value.

Van der Merwe’s industry involvement includes leading South Africa at the International Organisation for Standardisation (ISO) meetings on information security management. Lately, he has been involved in major revisions of the two main information security standards, namely ISO 27001 and ISO 27002.
Van der Merwe received his Bachelor of Science, Master of Science and PhD degrees in Electronic Engineering (specialising in information security and distributed systems) from the University of KwaZulu-Natal.

Head: security research, MWR InfoSecurity
Nils is heading the security research at MWR InfoSecurity. He likes to break and exploit stuff, which he demonstrated at pwn2own 2009 and 2010. He has spent most of 2010 and 2011 researching different mobile platforms and how to evade the exploitation mitigations techniques in place on these platforms. His current interest are embedded payment devices. Nils has previously presented at the ITWeb Summit on Android security.

Tony Olivier
Managing director, Performanta Consulting & Mobile Security
Tony Olivier, founder and host of the IT Security Pubcast, is one of South Africa’s most respected information security practitioners. Olivier is a strategic thinker who has a fascination with people and how society works.

Alexander Polyakov
Chief technology officer, ERPScan
Alexander Polyakov is CTO at ERPScan. He is the father of ERPScan Security Scanner for SAP, and the organiser of ZeroNights deep-technical security conference. His expertise covers security of enterprise business-critical software like ERP, CRM, SRM, banking and processing software.

He is the manager of OWASP-EAS (OWASP subproject), a well-known security expert of enterprise applications of such vendors as SAP and Oracle, which published a significant number of the vulnerabilities found in the applications of these vendors with acknowledgements from SAP.

He is the writer of multiple white papers and surveys devoted to information security research in SAP. Polyakov was invited to speak and train at international conferences such as BlackHat, RSA, HITB and 30 others around the globe, as well as in internal workshops for SAP and fortune 500 companies.

Craig Rosewarne
Managing director, Wolfpack and founder and chairman, ISG
Craig Rosewarne is the MD of Wolfpack – a local company specialising in information risk and cyber threat management. Wolfpack helps companies manage complex information risk threats through research, mentoring, training and awareness solutions.

Rosewarne is also the founder and chairman of the Information Security Group of Africa, a section 21 company established in 2005 with over 4 100 subscribers.

Rosewarne was previously an associate director of Deloitte's Risk Advisory division. He ran the Deloitte School of Risk Management and was responsible on a national level for learning and innovation for a team of over 430 professionals.

Rosewarne has many years of management experience in the fields of IT and information security. He is often invited to speak or chair information security, risk, crime and counter-terrorism events, as well as provide opinion pieces via TV, radio and print/online media. He is proudly South African and an even prouder husband and father to three healthy “cubs”.

Runa Sandvik
Developer, security researcher, and translation coordinator, The Tor Project
Runa A Sandvik is a security researcher and developer for the Tor Project. She has worked for the Tor Project since 2009, after successfully completing a project during Google Summer of Code.

She describes herself as a future hacker who is interested in all things security, cryptography, and online anonymity. Her work for the Tor Project includes analysing Internet censorship events and testing new releases of Tor, as well as project management, user support, and training.

Sandvik has given Tor talks to a number of different audiences, including activists, law enforcement, and university students. This includes EuroPython 2012, 44Con 2012, and EINS Summer School at the Oxford Internet Institute.

Adam Schoeman
Information security officer, First
National Bank Private Clients
Adam Schoeman has been involved in information security for more than seven years, the last four of which have been as a security consultant. Prior to that, Schoeman was an investment banker and musician.

He is currently the information security officer for FNB Private Clients and holds both CISSP-ISSAP and CISA certification. He is an avid researcher, and is part of the Security and Networks Research Group (SNRG) within the department of Computer Science at Rhodes University, where he is working toward his Masters Degree.

He has published papers in the field of social engineering, and is an active researcher in both technical and theoretical subjects spanning low-interaction detection systems and core information security concepts.

Prof Basie von Solms
Research professor, Centre for Cyber Security: University of Johannesburg
Prof SH (Basie) von Solms is a research professor in the Academy for Computer Science and Software Engineering at the University of Johannesburg, in Johannesburg, South Africa.

He is also the director of the newly established Centre of Excellence in Cyber Security, jointly created by the UN’s International Telecommunications Union (ITU) and the University of Johannesburg. Von Solms specialises in research and consultancy in the area of information and cyber security, critical information infrastructure protection, cyber crime and other related cyber aspects. He has written more than 100 papers regarding this field – most of which have been published internationally. In addition, he has supervised more than 100 post-graduate students in the ICT field. In 2009, his book, Information Security Governance, co-authored with his brother, Prof Rossouw von Solms, was published by Springer International.

Von Solms is the immediate past president of IFIP, the International Federation for Information Processing (

He is a fellow of the Computer Society of South Africa, and a fellow of the British Computer Society, and a Chartered Information Technology Professional.

Jon Tullet
Senior editor: news analysis, ITWeb
Jon Tullett has been in the IT media for almost two decades, covering South Africa, the UK and the Middle East. He is currently ITWeb’s senior editor: news analysis.

Tullett’s career in the IT press started in 1994 at ComputerWeek, where his roles included networking editor and features editor. He moved to ComputingSA as features editor, then emigrated to Dubai to edit CommsMEA and Network Middle East. A move to the UK followed, with five years working with the security specialist SC Magazine as UK editor, then global technology editor. Tullett helped launch the US brand TechTarget in South Africa in 2008.

Vinod Vasudevan
Chief operations officer, Paladion
Vinod Vasudevan is a co-founder and COO of Paladion. He has 17 years of experience in the technology and information risk management domain. As the COO at Paladion, Vasudevan has serviced large enterprise organisations across the globe, setting up integrated risk management systems and streamlining systems-based operations. He drives the service, technology strategy and roadmap at Paladion.

He regularly presents in leading forums and conferences. He sits on the expert panel of industry consortiums. He is the lead author of the book: Application Security in the ISO 27001 Environment from IT Governance, UK.

Vasudevan is the co-author of: Enhancing Computer Security with Smart Technology, published by Auerbach. He has also authored several white papers. He is a CISSP and he has held key positions with global firms, including Microsoft.

Charl van der Walt
Co-founder and managing director, SensePost
Charl van der Walt is a founder member of SensePost. He studied computer science at Unisa, mathematics at the University of Heidelberg, in Germany, and has a diploma in information security from the Rand Afrikaans University. He is an accredited BS7799 lead auditor with the British Institute of Standards in London. Van der Walt has a number of years’ experience in information security and has been involved in a number of prestigious security projects in Africa, Asia and Europe. He is a regular speaker at seminars and conferences nationwide, and is regularly published on internationally recognised forums like ITWeb’s IT Security Summit.
Duncan Waugh
Managing director, Trash Trackers
During his civil and military police career, Duncan Waugh was extremely fortunate to learn from many different experts in the field of forensic medicine and intelligence gathering. The former included Questioned Document Examination; the latter included how to locate damaging evidence in the most unobtrusive way. Waugh found the two disciplines complemented each other where no laws were broken and the rights of accused persons were not infringed upon.

In May 1985, Waugh founded the loss adjusting firm MacDonald-Waugh, in Johannesburg, specialising in the investigation and adjustment of complex insurance claims involving fire, fraud and liability matters. MacDonald-Waugh is still active.

In 2007, Waugh was approached by one of the IT chiefs employed by one of the South African banks with regards to testing the integrity of hard copy information. A controlled exercise followed, which clearly demonstrated that hard drive security is not the only area of concern when it comes to the protection of personal information, as well as other sensitive information. A raid on the dustbins of one of the bank’s leading branches in Sandton, Johannesburg, harvested enough information to cause havoc if the information fell into the wrong hands.

As a result, Waugh has monitored and researched the Protection of Personal Information Act from its embryo status to present, and seeing the need to provide an exceptionally unique and necessary service to government, commerce and industry alike, he founded and established Trash Trackers, a specialist company in the identification and integrity testing of document security relating to personal information and data, in line with the Protection of Personal Information Act.

Robert Weiss
Founder, Password Crackers
Bob Weiss is the founder of Password Crackers ( and a Defcon Goon. Weiss spent his early career doing political and marketing work, and lives with his family in Gaithersburg, Maryland.
Dominic White
Chief technology officer, SensePost
Dominic White is SensePost's Chief Technology Officer, and previously ran their consulting team. Before that he was a manager in the Deloitte Security & Privacy group in South Africa. Dominic graduated from Rhodes University with a Masters degree in Computer Science, specialising in information security.
Operators monitor for attacks
17 Apr 2013 – Distributed denial of service strikes can cause major traffic headaches for cellphone companies.
Desperately seeking cyber security skills
17 Apr 2013 – Skills training in SA is on par with international standards, but the country does not have enough experts to prevent cyber attacks, says UJ’s Basie von Solms.
Spending needed to thwart attacks
11 Apr 2013 – Most security issues can be contained to some extent, if companies are prepared to invest.
SA fails on forensic readiness
4 Apr 2013 – Forensic readiness is crucial to successful investigations and prosecutions, yet few South African firms are prepared, says Cyanre.
Cyber security risk cannot be eliminated
25 March 2013 – In the past two years, there has been remarkable development and spread in organised hacking of corporates, says expert.
IT-based fraud on the increase
25 March 2013 – The ease with which fraudsters can acquire tools needed to commit fraud and the explosion in data are contributing to the growth, says Paladion.
BYOD - no turning back
20 March 2013 – For most organisations, it's too late to stop BYOD, but it's not too late to manage it, says a security expert.
Formulating an attack-focused security plan
26 Feb 2013 – To successfully formulate an attack-focused plan, start with an assessment to find live attackers on the network, says MANDIANT.
Info security needs new focus
12 Feb 2013 – Information security has to shift beyond perimeter protection to understanding the attacker, says De Beers.
SA progresses in cyber crime fight
8 Feb 2013 – Moves are afoot to get SA’s cyber crime policing up to speed with the rest of the world, says ISG.
Understanding "bad guys" key in cyber warfare
6 Jan 2013 – Offence-oriented defence has become key in the battle against cyber crime, according to a security expert.
For the latest headlines visit our Security Summit news portal
in partnership with

in partnership with

in partnership with
in partnership with
in partnership with
in partnership with             
in partnership with



About our speakers
About our sponsors
View the post-event video
View picture gallery
Cyber Readiness Challenge


in partnership with
Established in 2009, Performanta specializes only in the discipline of Information Security. The company provides technology, services and consulting solutions allowing them to give customers an end to end information security service. Their focus on pragmatic solutions is reflected in their motto: Practical Trust Performanta.

Symantec protects the world’s information, and is a global leader in security, backup and availability solutions. Our innovative products and services protect people and information in any environment – from the smallest mobile device, to the enterprise data center, to cloud-based systems. Our world-renowned expertise in protecting data, identities and interactions gives our customers confidence in a connected world.

Unified security management key to rapid response
24 Apr 2013 - Visibility of the entire ecosystem, and immediate access to necessary information, is key to effectively managing information security, says McAfee.
Consolidation: a new infosec imperative
17 Apr 2013 – Addressing multiple security areas with a variety of solutions can result in weak points and areas being overlooked, says McAfee.
Security certificates 'an infosec weak spot'
12 Apr 2013 – Malware with embedded digital security certificates can easily penetrate enterprise systems, says Venafi.
For the latest headlines visit our Security Summit news portal

Follow us on twitter and tweet about your thoughts around this event, #itwebsec

Do you want to join other leading security vendors and firmly position your company, brand, products and services to a high-level business decision maker audience at southern Africa’s only business focused information security event?
Don’t miss out on the opportunity to capitalise on the valuable marketing opportunities ITWeb’s annual Security Summit offers and 
click here to learn about available sponsorship options or contact Debbie Visser, for a customised proposal designed to meet your objectives and budget.

Sensepost is an independent company that provides services in the Information Security Services area. Combining experience and knowledge, SensePost specialises in Information Security Consulting, Training, Security Assessment Services and IT Vulnerability Management.


Tweet about the ITWeb Security Summit