As a seasoned cybersecurity professional with extensive experience in academia and industry, Alsa has excelled in teaching, research, and leadership. Her notable achievements include authoring a £100k technical proposal and leading an Innovate UK-funded project focused on machine learning, malware analysis, and data mining. In 2023, she was involved in a research project for DSIT, addressing the cybersecurity skills gap in the UK, demonstrating her dedication to advancing the field and her commitment to ongoing personal and professional development. Alsa, a seasoned researcher specialising in AI and cybersecurity, is devoted to exploring the convergence of Advanced Persistent Threats (APT) and explainable AI, collaborating with universities in the UK and Australia. She is also involved in the Soteria Projects at Manchester University, focusing on investigating Java vulnerabilities and enhancing fuzzing tools using AI, emphasising ARM security architecture. Additionally, Alsa is one of the organisers of the ABC Women event, which creates opportunities for women in AI and cybersecurity to network and share knowledge.
https://www.linkedin.com/in/alsa-tibbit/
X: @alsa_dat
- XAI: Unmasking cyber threats without crying wolf
After working with technologies, methodologies, and people, I have become passionate about cyber security and human risk management. Change is scary, and despite what others think, I believe change can be good. We just don't know how to show that. My goal is to teach people that knowledge isn't scary once you know what it can do for you.
- How to make cyber security everyone's business
Awais Rashid is co-founder and director of Hacktonics Ltd. He is also Professor of Cyber Security at University of Bristol. He has been involved in cyber security research and training for >30 years. He has led the development of multiple ICS testbeds, is Director of the EPSRC Centre for Doctoral Training focusing on cyber security of large-scale infrastructures and was the founder and director of the MSc in Cyber Security (Infrastructure Security) at University of Bristol. He has led many research programmes on ICS cyber security including projects as part of RITICS (EPSRC-NCSC Research Institute on Trustworthy Interconnected Cyber-Physical Systems) and the PETRAS National Centre on Cyber Security of IoT. He is also the editor-in-chief and lead of CyBOK, the Cyber Security Body of Knowledge.
- The se7en deadly sins of OT security
- Ethical hacking for Industrial Control Systems 101
Part of the Tines team helping Security & IT teams improve efficiency & reduce burnout through automation.
- Automating detection and response with Tines
- The squid that lost its shell
Highly experienced Information Security professional, passionate about coaching/mentoring cyber skills and encouraging diversity, inclusion and wellbeing in the industry.
https://www.linkedin.com/in/colette-k/
- Behind the scenes of BSides
Cory is a senior penetration tester at KPMG. He has worked across the trade in testing infrastructure, web, desktop, and mobile applications, and cloud environments. He primarily focuses on the Defence & National Security space, but has worked with a range of clients in industries from banking to health & care, CNI, and NGOs. He became a penetration tester after reading War Studies at King's College London, during which he exchanged at Yonsei University, South Korea, where a budding love of all things tech began.
Having come from a non-traditional subject, he seeks to support the the entry of individuals from non-traditional backgrounds into the trade, the sharing of new techniques, and the professionalisation of the trade as a whole. Outside of the pentesting world, he volunteers as a school governor, does some sound design, and has developed a passion for teaching generally. He does most things armed with several mugs of coffee.
- OfCORS! How to do Cross Origin Resource Sharing (im)properly.
Studied Aerospace Engineering at Uni, but realised computers are more interesting than things that fly. Then discovered computer science is way more difficult than rocket science. Spent most of my career in cyber threat research and building security strategies and implementing those for businesses around the globe.
- IPv6? I thought we only used IPv4?
A recently re-skilled University of Bath BSc Applied Computing graduate, embarking on a new career path. I have a love for reading, research, all things cyber, CS education and a passion for continued learning.
- Building the future of cyber with neurodiversity in mind
Emma is a Senior Manager, Cloud Security Architect at EPAM Systems, with a specialized focus on cloud security and DevSecOps. In her role, she designs and architects security solutions for consulting projects in cloud transformation and software development. Formerly at Microsoft, she delivered cybersecurity projects and technical workshops to a diverse range of clients from tech startups to established FTSE 100 firms. Alongside her professional work, Emma is dedicated to advocate for a more diverse workforce in cybersecurity through mentorship and community programs. She volunteers as the Executive Lead at WiCyS UK&I, and serves as a member of Industry Advisory Board and guest speaker at the University of Buckingham.
https://www.linkedin.com/in/emma-fang-67b8b250
- Metrics that matter: How to choose cloud security KPIs for your business
Chief Information Security Officer | Keynote Speaker | WiTCH Mentor | BSides Director | Awarded Most Inspiring Women In Cyber 2024 | Founder of 4FOX Security
A poem about me:
Prefers dogs to people.
Makes terrible food choices.
Collector of hobbies.
Would rather be on water than land.
Absolutely not a morning person.
Send me all your swag.
https://www.linkedin.com/in/hazelmcpherson/
https://www.4fox.uk/
- Behind the scenes of BSides
A loud and proud neurodiverse leader and Founder of the Women in Tech and Cyber Hub, Illyana has a passion for all things DEI. With her own late diagnosis, she speaks through shared experience and the science that backs it up in hopes to change the ways leadership works with and supports neurodiverse staff and help other neurodiverse leaders embrace their own unique leadership skills.
- Decoding neurodiversity
- Want to speak at BSides? How to write your CfP
Proactive and result-driven Product Manager with a strong background in Product Discovery, Product Strategy, Agile methodologies, and Innovation frameworks, and 4 years of hands-on experience in such domains, as Health Tech, Ed Tech, HR Tech, Cyber, Fin Tech. Foster product growth and innovation in start ups by direct involvement in product development, cross-functional team leadership, and strategic vision. Succefully delivered innovative AI-driven product that meets market demand and drives business growth. Passionate about AI, Cyber, and Innovation. Current postgrad student at Aston Business School, studying Management in a Digital Economy. Set up my own innovation consultancy to help startups launch new products with minimum risk.
https://www.linkedin.com/in/iryna-ok/
- Managing cyber security risk in health tech
I’m a SOC analyst with a passion for tech. I found my role with the help of meeting a speaker at Bsides 2023. I enjoy looking at how we can protect the younger generation through cyber security. I’m a dad and governor at my children’s school where I try to help them protect children in the modern age of technology.
https://www.linkedin.com/in/jack-wise-251747191/
- The QR code conundrum: Navigating convenience and cyber security in the post-COVID era
James Bore has a varied and eclectic background in IT security, with expertise covering a range of industry sectors, organisations and IT disciplines. However, his main passion and focus is on the promotion and improvement of security.
When he is not researching security or preaching the virtues of security best practices, he can be found breaching security with his fascination with locks, keeping bees, running obstacle races and drinking copious amounts of coffee.
For those with the interest and ability to sit still for long enough he is a regular speaker on the topic of cyber and security in general. From crowded lecture theatres to wine bars and coffee shops he has done his bit to promote the importance of security and plans to continue doing this into the future.
He has an ability to explain complex technical issues in a way appropriate to the audience making it engaging and straightforward. He is always looking for new opportunities to educate further on this topic.
- The numbers game: Lies, damn lies, and statistics
- The perks of not being a wallflower
Cyber Security CDT (PhD) researcher at University of Bristol and University of Bath, conducting interdisciplinary research about the cyber security and resilience of space infrastructure.
I enjoy raising awareness of cyber security challenges within the space domain, leading to participation at events such as CySat, SpaceSec (within NDSS) and a Roundtable on Electromagnetic Threats to Satellites at Cranfield University.
Jessie.hamill-stewart@bristol.ac.uk
- Investigating cyber threats to space infrastructure
Currently, work in an Information Security team within the healthcare and life sciences sector. Formerly, worked in Brussels in an EU affairs capacity at the European Parliament and the public-private partnership, Clean Aviation (previously Clean Sky).
Adept communicator and strategic thinker who is politically astute, socially conscious and highly motivated with a collaborative instinct, enquiring mind, global outlook and keen eye for detail.
Thrives in horizontal-oriented roles, diverse teams and international environments which are mission-driven. Above all, a passion that lies at the intersection of geopolitics, security and technology.
Specialities / interests: UK politics, EU affairs, international relations, diplomacy, languages, content management systems and web development, cyber security, internet governance, aerospace and aviation.
- Brexit to Bsides: My personal journey into security
Dr Joe Gardiner is Director and Instructor at HacktonICS, a specialised training provider for Industrial Control Systems Security, and also a Lecturer in Cyber Physical Systems security at the University of Bristol. He is also aHe has been involved in cyber security teaching and research for more than 10 years.
TheCyberJoe
- The se7en deadly sins of OT security
- Ethical hacking for Industrial Control Systems 101
From a young age, technology captured Josie’s imagination, leading her on a self-taught journey into coding, Linux system experimentation, and open-source contributions. With over seven years of professional experience, Josie has enriched enterprises, SMEs, and startups. Her roles have spanned platform engineering, DevOps, Site Reliability Engineering, and technology management. Currently, Josie is a Cloud Native Consultant at Red Hat where she helps customers with Infrastructure and Security topics.
josie@redhat.com
https://github.com/pfeifferj
https://josie.lol
- 9001 ways to break out of a container
Accident-prone pilot, security researcher and founder of Pen Test Partners.
https://www.linkedin.com/in/ken-munro-17899b1/
- [KEYNOTE] Hacking planes. What can we learn on the ground from vulnerabilities in the air?
I am an award winning serial social entrepreneur who talks passionately about neurodiversity. I grew up in a neurodivergent family without realising it, I thought my family were normal but turns out not… well depends how you look at things really. I have never done things in a traditional way - got married at 18, went to uni at 25, when microfiche was still a thing and I still don’t do things in expected ways. Thats why I am submitting a paper to bsides because I am probably not the typical cyber speaker. I ended up in a career in change management after 16 years in law enforcement, doing some of the most exciting jobs you can imagine but the OSA means i can’t talk about that. I have won awards from the BBC for the work we have done at Inclusive Change and even suffered significant head injury when that award literally went to my head (it landed on my head after falling from a shel). I have been recognised by the prime minister for community work and development of a neurodivergent mentoring programme. I now run an organisation that employs 90% neurodivergent thinkers (the other 10% just haven’t admitted it yet). Harry is probably my fave.
- Building the future of cyber with neurodiversity in mind
Head of Cybersecurity Tribe @Theodo, Marine du Mesnil is particularly interested in cybersecurity. She is involved in the Theodo Security Guild, helping developers to create compliant products by training them and participating in various projects.
She follows OWASP publications and is particularly interested in access control, which has become the main cause of website vulnerabilities, and has been placed in the Top 1 of the new OWASP Top 10.
@marine_mesnil
- Security automation: Look at your vulnerabilities in the eyes
Mat is an experienced developer turned application security 'expert'. He loves reviewing code and breaking things, making bug bounty hunting his dream job.
https://www.linkedin.com/in/mat-rollings/
https://twitter.com/stealthcopter
- Breaking into bug bounty with WordPress
Despite also being a Malaysian, now based in the UK, self-proclaimed comedian, and a fried rice enthusiast named Nigel Ng, I unfortunately do not own the Uncle Roger persona though I will claim I've made half his jokes before he blew up.
Since 'retiring' from esports, I'm now a junior pentester at KPMG UK.
https://www.linkedin.com/in/nigel-ng-1a4206241/
- Operationally Struggling Corporate Pentesters (OSCP): Building good processes as a junior tester
Solution Engineering, Customer Success, Technical Account Management, Technical and Product Training and I tell the odd joke! 🫡
- Automating detection and response with Tines
Paul is a certified information systems security professional with a first class honours degree in Intelligence and Cyber Security. He has over fifteen years experience in security and risk management. Including senior level experience in information technology security in Financial Services, National Security and Critical National Infrastructure (CNI).
https://www.linkedin.com/in/paul-m-00b89440/
- CTI; it's all about the process...or probably should be!
Paul Molin is the CISO of the Theodo Group.
After training in information systems security, he joins Theodo in 2013 and becomes passionate about web development. Very quickly, he specializes in security issues by helping Theodo teams to succeed in their post-production audits. He eventually becomes group CISO, and he is committed to creating a security culture in a developer company. He loves giving talks, especially to help developers understand the cybersecurity world. Convinced that it is developers who will change the world of cybersecurity, he leads trainings and develops tools to help them code flawlessly the first time.
- Once upon a flaw: 5 AppSec stories, and what we can learn from them
I am a PhD student at University of Bristol
- Unveiling the hunter-gatherers: Exploring threat hunting practices and challenges in cyber defense
Raffi is Cyber Security student at the University of Warwick and is the President for CyberWomen@Warwick. Within the Cyber Security field, Raffi's interests lie within the areas of cyber networks, information management, and cyberpsychology. Having attended a single-sex school for 15 years with primarily female teachers, Raffi is passionate about increasing gender diversity within the Cyber Security field.
- Gone phishing: Why do we take the bait?
Rhiannon studied Cyber Security and Forensic Computing at the University of Portsmouth and is the Southern Branch Manager for CyberWomen C.I.C. Rhiannon has a strong interest in threat intelligence, focusing on the effects of human factors on threat levels. Rhiannon is passionate about increasing the diversity of students in higher education studying cyber security-related degrees, through initiatives aimed at school pupils of all ages.
- Gone phishing: Why do we take the bait?
Richard Tweed is a Kubernetes specialist at Tessl. Over the last five years he has been ensuring security, scalability and compliance across all major Kubernetes cloud platforms. He's also the lead maintainer of kube-audit-rest.
Mastodon https://infosec.exchange/@RichardoC
LinkedIn https://www.linkedin.com/in/richardftweed/
- Using LLMs to accelerate threat detection
Rohit, better known as 'Leo' online, is a cybersecurity professional and the founder of The PC Security Channel, one of the most popular cybersecurity channels on YouTube with over 500,000 subscribers and 50 Million views, and a trusted source for cybersecurity tests, threat research and product reviews. Leo helps businesses make informed decisions about cybersecurity and consults with technology vendors to improve their products.
He has a specific interest in endpoint security, threat analysis, AI, psychology and interdisciplinary research. During free time he enjoys tennis, hiking, doing talks, playing games, and flying planes.
@leotpsc
- Cybersecurity Lessons from Jurassic Park
Ryan is a senior software engineer at Overwatch Data, specializing in the research and development of effective human-machine teams. Before joining Overwatch Data, he worked at a cyber threat intelligence firm and contributed to offensive cyber R&D programs for the U.S. government. Interested in all things intelligence and grokking data at scale.
ryan@overwatchdata.io
linkedin linkedin.com/in/reevesrs24
mastodon: infosec.exchange/@reevesrs24
- Data, Agents and OSINT: Expanding the Frontiers of the World's Second Oldest Profession
Sara Anstey is the Director of Data Analytics and Risk at Novacoast who is passionate about empowering businesses to use everyday data to make strategic business decisions. She believes that the intentional adoption of a data-driven culture can be a key differentiator to companies in today’s security climate. Sara has experience in cyber risk quantification, artificial intelligence, data analytics, business intelligence, and applied statistics.
sanstey@novacoast.com
https://www.linkedin.com/in/sara-anstey/
- The human factor: Quantifying human risk
Operating at the forefront of the cybersecurity industry, Sarah Armstrong-Smith is the Chief Security Advisor at Microsoft. She has led a long and impactful career, helping businesses evolve their security strategy and capabilities to support digital transformation and cloud adoption. Working with Microsoft’s largest enterprise customers and partners across Europe, Sarah offers valuable advice on the complex and dynamic world of cybersecurity to protect people and data, ensuring stronger defences against attackers, to deliver effective resilience.
Sarah is a Fellow of the British Computer Society and has been recognised as one of the most influential and inspiring people in UK Tech, regularly contributing to thought leadership and industry publications. In 2022, Sarah published her first book ‘Effective Crisis Management’ which explores the traits and leadership skills required to succeed in the face of adversity and uncertainty. Her second book, is Amazon best seller ‘Understand the Cyber Attacker Mindset’, which explores the psychology of cyber warfare and how organizations can defend themselves against attacks.
- [KEYNOTE] The biggest cons, and why they work
Simon leads security and internal IT at OVO. He has led the strategic development and operational execution of information security, infrastructure and intelligence programmes for government departments, financial institutions, global retail, and energy companies. He has coached boards, executive committees and engineering teams on cyber security risk and technology regulations and has lived and worked in Asia, mainland Europe, the Middle East and currently resides in the UK.
Simon has implemented risk reduction operations and technologies for national security, security and privacy, financial crime, cloud and DevOps in both large and small enterprises. He co-authored the ISO Standard for DevOps (ISO32675) and is a Chartered Engineer.
Simon is a passionate advocate for security as a team sport, the need for allies for the diverse talent already in the information security and technology professions and the urgent need to recruit more diversity into those professions.
- The squid that lost its shell
Sophia McCall works as a strategic threat intelligence lead in the cyber security industry and is a founding member of Security Queens, a brand created to promote inclusion and diversity in tech. Sophia is also a chapter administrator for the Ladies of Cheltenham Hacking Society, captained Team UK at the European Cyber Security Challenge 2019 and is also a Cyber Hunter on Channel 4's Hunted. With an additional keen interest in automotive security, her awards from industry include “Best Newcomer to Security” (2017), “Best New Security Blog” (2018), Highly Acclaimed “Rising Star” (2019), “Cybersecurity Student of the Year” (2020) and most recently was a Top 21 winner of “Most Inspiring Women in Cyber” (2021).
Twitter/X: @spookphia
- Ctrl+Alt+Defeat: Using threat intelligence to navigate the cyber battlefield
The SWRCCU investigate cyber crimes affecting South West organisations. Our Cyber Protect Officers provide free and impartial cyber security guidance, workshops and resources to organisations of all sizes and sectors. This is a service offered both by ourselves and your local force's cyber crime unit.
- Investing in Infrastructure (Lego 1.5)
- Cyber: It doesn't need to be technical
- On-line of Duty: How police are cracking down on global cyber crime
A pioneering researcher and lead developer in a password-less authentication system, this speaker brings expertise in authentication protocols, steganography, biometrics, and cryptography. Their postgraduate research has produced a cutting-edge password-less system, demonstrating a comprehensive understanding from concept to implementation.
Key achievements include:
- Conducting an in-depth study on password vulnerabilities and usability issues
- Prototyping and testing a password-less architectures for web and mobile platforms
- Implementing advanced security controls such as anti-replay mechanisms, liveness detection, and secure key storage
Their work has been published in the peer-reviewed Journal of Cyber Security and Privacy, solidifying their contribution to the field.
https://www.linkedin.com/in/tunde-oduguwa/
- Passwordless authentication using a combination of steganography, cryptography and biometrics
With a Master degree in Computing specializing in Cybersecurity and a First-Class Honours in Computer Engineering, I'm not just a lecturer, I am a catalyst for cybersecurity excellence at Teesside University. My diverse background in IT Security Analysis, Research Assistance, and Software Engineering across utilities, healthcare, and management consulting sectors fuels my passion for fortifying cyber resilience. Seamlessly integrating practical industry experience into academic discourse, I empower the next generation with the tools to combat evolving cyber threats. As a Lead IT Trainer at CodeYourFuture, I further extend my impact by nurturing talent in the tech community. Eager to share insights and spark dialogue, I am poised to captivate audiences at your esteemed tech event. Let us collaborate to inspire and innovate in the ever-evolving landscape of cybersecurity and tech education.
https://www.linkedin.com/in/victor-onyenagubom/
- Decrypting ransomware: Understanding, preventing, and responding to cyber extortion
I have over five years of experience in the industry as a pentester, managing engagements and leading teams. My recent focus has been on mobile app testing, a field that intrigues me deeply. I hold certifications such as GIAC Mobile Device Security Analyst (GMOB), Offensive Security Certified Professional (OSCP), and CREST Registered Penetration Tester (CRT). My publications include work on geofencing for UAVs and risks associated with remote work.
My passion and enthusiasm for sharing knowledge and inspiring others, especially women in the industry, have been key drivers in my career. I believe this talk will not only provide valuable insights but also motivate others to grow and excel in the field of mobile app security.
www.linkedin.com/in/vihangivagal
- @CrackingtheCode
Viktor, a seasoned entrepreneur, initiated his journey in the business world during his college years. His first venture, YippieMove, emerged as a pioneering email migration service, setting the stage for his future successes. Demonstrating a keen sense for uncharted territories, Viktor then co-created Blotter, a productivity app for macOS that not only was bootstrapped but also climbed to the top 10 in the Mac App Store before its discontinuation.
Prior to the widespread adoption of remote work spurred by the COVID-19 pandemic, Viktor had already recognized the transformative potential of a decentralized workforce. He leveraged this insight to lead his early ventures, particularly Blotter, towards prosperity as bootstrapped operations, embracing remote-only models long before they became a global norm.
Following these successes, Viktor co-founded Screenly, where he currently leads as a visionary. Screenly, also a bootstrapped venture, was created with the ambition of developing the world’s first developer-friendly digital signage product. Under Viktor’s stewardship, the company has introduced revolutionary products like Anthias, the top-ranked open source digital signage solution, and Screenly’s flagship offering, which now powers over 10,000 screens globally. Viktor’s innovative mindset and relentless entrepreneurial spirit continue to propel the digital signage industry into the future.
Viktor is currently working on the SBOM management platform sbomify.
@vpetersson
- Navigating the SBOM landscape: Formats, relevance, and tooling in 2024
I am the site owner of scamsurvivors.com, which is a volunteer site designed to help those targeted by scams and provide help and advice in both spotting scams and avoiding being scammed. The site was created in 2012, but I have been a member of the antiscam community since 2005. As a representative of the site I have appeared in the media around the world as an "expert" in scams. The site is run by a small group of volunteers who give up their time and knowledge freely.
@ScamSurvivors
- Calling scammers
- So you wanna be a baiter.
I am a Senior Analyst at Ontinue, a world class Microsoft based MXDR provider, with nearly 4 years total SOC experience. I don't think I could choose a favorite member of One Direction as I adore them all equally....
- The prevenance of PlugX and hardening against it
Hi, I’m Zafrin, an Information Security Operations Analyst at ALD Automotive Limited, where I’ve been working for the past 7 months. Before this, I spent 5 years as a telecom engineer for a major telecom operator and vendor in Bangladesh.
My interest in cybersecurity really took off during the pandemic as I read more about various cyber incidents, which led me to switch careers from telecom to cybersecurity. I earned my MSc in Cyber Defence and Information Assurance from Cranfield University in 2022, and since then, I’ve been growing my skills and knowledge in the cyber field.
These days, I’m focused on expanding my expertise in security and policy. I started researching the security concerns of voice assistants during my master’s thesis, and it’s a topic I’m passionate in. At this conference, I’ll be speaking on “Is your voice private? Security concerns with voice assistants,” exploring how secure our smart homes are, the privacy risks of IoT devices like voice assistants, and why user awareness is crucial.
I’m excited to share my journey and insights with you all.
https://www.linkedin.com/in/zafrin-malek-mithila-685552107/
zmmithila@outlook.com
- Is your voice private? Security concerns with voice assistants
Zara is currently the CTO/Co-founder of Overwatch Data, a start-up which focuses on cyber threat intelligence, fraud prevention, supply chains and geopolitical risk. She studied Artificial Intelligence and Cybersecurity at MIT LIDS/CSAIL, focusing on active learning for malware detection and risk-limiting post-election audits. After graduating, Zara worked on Google Assistant, then at Google’s Threat Analysis Group, where she built machine learning and software systems to use threat intelligence and malware analysis to better protect against targeted threats and disinformation by state-sponsored actors.
zara@overwatchdata.io
linked in: https://www.linkedin.com/in/zperumal/
signal: zara.79
twitter: https://twitter.com/zaraperumal
- Data, Agents and OSINT: Expanding the Frontiers of the World's Second Oldest Profession