Keynote Speakers

Prof. Yvo G. Desmedt

Department of Computer Science, University College London, UK

Title:
Why Security Engineering Fails

Abstract:
On a daily basis we see cyber attacks getting more powerful than before. For example, lately we have seen cyber security failures at Sony (their playstation network and later their web services) that made international news. So, it becomes essential we understand why such systems fail. Depending on the industrial sector, the company policy, national customs, laws and regulations, the reaction after a failure varies. Indeed, after the cybertheft at Citibank in 1995, the revelation of it made the stock drop. In general, companies, engineers, humans in general, prefer avoiding talking about failures. This is often motivated by commercial interest, nationalistic reasons, humans self esteem, etc. The resulting overconfidence may have dramatic consequences. The Fukushima accident seems to have been such an example. Although we often do not have access to detailed information about why security engineering failed, in the case of Electronic Passports and E-Voting, we have clear evidence. These examples will be used to analyze why (information) security engineering fails.

Bio:
Yvo Desmedt received his Ph.D. (Summa cum Laude) from the University of Leuven, Belgium (1984). At present he is the Chair of Information Communication Technology at University College London. He has held visiting appointments at AIST (Japan), Macquarie University (Australia), Technion (Israel), Tokyo Institute of Technology (Japan), Universite de Montreal (Canada), University of Karlsruhe (Germany), etc. He is an (associate) editor of Information Processing Letters, The Journal of Computer Security, Computers & Security, and Advanced Mathematics of Communications. He is also the Editor-in-chief of IET Information Security. He was program chair of Crypto 1994, the ACM workshop on Scientific Aspects of Cyber Terrorism 2002, PKC 2003, ICITS 2007, and co-program chair of CANS 2005. He was an invited speaker at conferences and workshop in 5 continents. He has authored over 200 refereed papers. He is a Fellow of the International Association of Cryptologic Research (IACR), since 2010. He has worked on cryptography, computer security, identification (entity authentication), information hiding, malware, network security, etc.

Dr. Alastair MacWillson

Global Managing Partner Security Practice, Accenture

Title:
Into the danger zone - the cyber threat

Bio:
Dr. Alastair MacWillson is the Global Managing Partner of Accenture's global security practice, which comprises of over 3,500 security and risk professionals, and works with business and government leaders around the world on critical issues relating to technology strategy and risk, operational performance and management, cyber and information security, and critical infrastructure protection. He also serves on the leadership council of Accenture's global technology consulting business and, for four years, has been the Chairman of the Accreditation Committee of the Institute of Information Professionals.

Prior to joining Accenture in 2002, Dr. MacWillson was the global leader of the technology consulting practice in PricewaterhouseCoopers. During his time with PwC he also had responsibility for the PwC technology venture fund, which had $50m invested in new business activities, and was also the founder and interim global CEO for beTRUSTed, a managed service e-security business of PwC. Having successfully established the beTRUSTed business, he handed over responsibilities to a full-time CEO in early 2002.

Over the past 20 years Dr. MacWillson has lead technology transformation and security projects for major organizations such as BP, Shell, Gazprom, Exxon, Petronas, DuPont, Boeing, Northrop Grumman, NASA, QinetiQ, Barclays, JPM-Chase, World Bank, Ericsson, BT, as well as intelligence, security and defense departments of the UK, US, European, Australian and Indian Governments. He has advised clients on information and cyber security in the nuclear research and nuclear energy sector and has worked on projects for the UKAEA and Lawrence Livermore National Laboratory.

Dr MacWillson has acted as an adviser to a number of governments on technology strategy critical infrastructure protection, cyber security and counter terrorism and has sat on related committees for the US and UK governments, the European Commission and the United Nations.

Prior to moving into consultancy in 1990, Dr. MacWillson worked in government service and held senior advisory positions on security and risk related strategy with the UK Foreign Office and, through secondment, with the US State Department. During his government career, Dr. MacWillson completed tours of duty in the Middle East, Moscow and Washington DC as well as working for shorter periods in a variety of other countries.

With over 20 years of experience in information technology, security and applied cryptography, Dr. MacWillson is internationally recognised as an expert in the field. As such, he is a frequent speaker and commentator on technology and security issues and his insights have been featured by some of the top media outlets such as the BBC, CNN, Defense News TV, The Wall Street Journal, Washington Post, Economist and the Financial Times. During his career Dr. MacWillson has published many articles and papers on technology and risk and has authored journals on cyber and information security, risk, cryptography and cyber terrorism, the Black Book on Government Security (Larsten 2006), as well as a widely selling textbook on Hostage Taking Terrorism (McMillan 1992).

Dr. MacWillson has a B.Sc. in Physics, postgraduate diplomas in Computer Science and Digital Imaging, a Ph.D. in Theoretical Physics, and a D.Phil in Cryptographic Integrity.