David Ferbrache is the chair of the National Cyber Resilience Advisory Board for Scotland, advising the Scottish Ministers and government on all aspects of cyber. David has been involved in cyber security for over 35 years. He is the managing director of Beyond Blue, a cyber resilience consultancy. David also is the global head of cyber futures for KPMG, advising on innovation, emerging technologies and thought leadership. In his spare time, David is also a cyber reservist in the British Army. Over his career David has worked with some of the largest firms in the world to advise on cyber threats, security operations and resilience issues; as well as having advised many governments on their national cyber security strategies and policy frameworks. David was previously the Head of Cyber and Space for the Ministry of Defence, having spent 25 years in government service. He is fellow of the Chartered Institute of Information Security and the British Computer Society. David was made an OBE for his contribution to national security post 9-11.

Alex is an experienced director, manager, consultant, infosec professional and keynote speaker with a broad range of experience across the IT sector. With education and experience spanning finance, risk, strategy, sales/marketing, information security, managed services, distribution, and IT, he has worked with all levels of organisations across 3 decades of business ownership, board roles, management and consulting. Alex is co-founder and executive director for MyEmpire Group, a specialist information security consultancy. Via his virtual CISO work at MyEmpire, Alex provides security management and leadership to a range of organisations from start-up through to ASX50 listed enterprises and government organisations. Alex has extensive board experience having served as a non-executive director of the Australian Information Security Association for over 6 years, .au Domain Administration Ltd, and over 3 years as a member of Australian Conservation Foundation’s Finance, Audit and Risk Committee.

Basil brings more than 13 years of experience in Digital Forensics as an Expert Witness, working with legal professionals in Scotland and the rest of the UK, as well as a 30+ years overall industry experience.
His background includes working for organisations like IBM, Abbey National and HM Government. He has been running Strathclyde Forensics Ltd, one of the top Digital Forensics agencies in Scotland for over a decade.

Since 2017 he has been working at the School of Computing, with a primary scope of raising the profile of The Cyber Academy and help create awareness of cyber threats to businesses, individuals, the third sector and the state, in Scotland , the UK and around the world.

Working extensively with the Law Society of Scotland; he is a member of the Panel for the Accredited Legal Technologists, and he has developed (and delivers) the Cybersecurity Certification of the Society.

Basil is a regular speaker to Scottish Universities and Colleges, and a visiting lecturer at the Faculty of Law, at the Catholic University of Lyon and Sheffield Hallam University.

Benoit Heynderickx is a Principal Analyst with the Tools and Methodologies team at the ISF and joined in 2017. He is the subject matter expert for supply chain information risk management and is responsible for promoting the full ISF Supply Chain Security suite of research and tools. Benoit is also the project lead for the Cloud Security research and has developed expertise in Quantitative Information Risk.
Prior to the ISF, Benoit worked in information security risk, compliance and assurance for over 15 years both as a consultant, project manager and senior manager. Benoit covered various roles with responsibility for the SOX IT compliance programme, ISMS deployment and third-party risk assurance programme.

Benoit is a CIISec Full Member, holds the CISA and CRISC accreditation from ISACA, CCSK from CSA and an MSc in Information Security and Risk from London City University.

Bill Buchanan is a Professor who leads the Blockpass ID Lab at Edinburgh Napier University, and a Fellow of the BCS and Principal Fellow of the HEA. He was appointed an Officer of the Order of the British Empire (OBE) in the 2017 Birthday Honours for services to cybersecurity.
Bill lives and works in Edinburgh, and is a believer in fairness, justice, and freedom. His social media tagline reflects his strong belief in changing the world for the better: "A Serial Innovator. An Old World Breaker. A New World Creator." Bill’s work has led to many areas of impact, including three highly successful spin-out companies (Zonefox, Symphonic Software and Cyan Forensics), along with awards for excellence in knowledge transfer, and for teaching

Georgina's research combines a number of subareas of speech science. She is mainly interested in forensic speech technology (accent recognition and speaker recognition systems) and how we can use phonetic and sociophonetic research to uncover the inner workings and potential of these technologies.

Ian heads the NCA’s work on the biometrics of voice analysis, facial recognition and environmental geolocation. In each area he is pioneering the delivery of new capabilities to re-enforce criminal justice outcomes. Previously, he has held positions within the Agency regarding Financial Intelligence, Policy Development and Covert Operations. Prior to joining the Agency he served with the MoD and FCOD in a number of domestic and overseas positing including within the EU Intuitions as well as various European and Asian countries

Ivo is the Global account manager with the Account Management team providing support and reports to ISF Members and the ISF Management, is the first line of support for the ISF Benchmark Web portal and supports the Membership Plus rapid security assessment (RSA).

Ivo started at the ISF in 2014 as an account manager working with Members on a scheduled basis to better understand priorities and highlight ISF capabilities available as part of their ISF Membership.

Dr Jacques Ophoff is a Senior Lecturer (Associate Professor) in the Division of Cybersecurity at Abertay University. He teaches various security-related topics at undergraduate and postgraduate level, including security in software engineering, digital forensics, and human aspects of security. His research focuses on all levels of cybersecurity from individual to national level but is particularly focused on management and human aspects of security. He is the Scottish Informatics and Computer Science Alliance (SICSA) Cyber Security research theme co-lead, and current Vice-Chair of IFIP Working Group 11.8, which focuses on Information Security Education. He holds an Honorary Research Associate position at the University of Cape Town, South Africa.

Karen Renaud is a Scottish Computing Scientist based at the University of Strathclyde working on all aspects of Human-Centred Security and Privacy. She was educated at the Universities of Pretoria, South Africa and Glasgow. Her research been funded by the Association of Commonwealth Universities, the Royal Society, the Royal Academy of Engineers and the Fulbright Commission. She is particularly interested in deploying behavioural science techniques to improve security behaviours, and in encouraging end-user privacy-preserving behaviours. Her research approach is multi-disciplinary, essentially learning from other, more established, fields and harnessing methods and techniques from other disciplines to understand and influence cyber security behaviours.

Amanda Finch is the CEO of the Chartered Institute of Information Security (CIISec) and has specialised in Information Security management since 1991. She has always been an active contributor to the industry and for many years she has been dedicated to gaining recognition for the discipline to be recognised as a profession.  
 
Over her career she has been engaged in all aspects of Information Security Management and takes a pragmatic approach to the application of security controls to meet business objectives. Through her work she has developed an extensive understanding of the commercial sector and its particular security needs. In her current role she works with Industry, Government and Academia, assisting all sectors in raising levels of competency and education.

Amanda has a Masters degree in Information Security, Full Membership CIISec and is a Fellow of the BCS. In 2007 she was awarded European Chief Information Security Officer of the year by Secure Computing magazine, as well as most recently in June 2022 being awarded the inaugural ‘Editors Choice’ award by SC Media UK for her dedication to Diversity, Inclusion and Professional Standards within the industry. Amanda is frequently listed as one of the most influential women within the industry.

Kevin Streater is an expert in IT & Cyber Security skills development with over 20 years’ experience as a specialist in competency assessment, digital credentialing and educational technology.  Kevin is a vice president at ForgeRock, a leading provider of digital identity solutions, where he heads the global customer education business.  Before ForgeRock, Kevin was Executive Director, Employer Engagement at The Open University after 19 years in various technical and management roles at Sun Microsystems.

Kevin is chair of CEdMA Europe, the IT vendor education management trade association, Fellow of the Chartered Institute of Information Security, Trustee and Chartered Fellow of BCS - The Chartered Institute for IT, Chartered Fellow of the Chartered Management Institute and Fellow of the Learning and Performance Institute, Liveryman of the Worshipful Company of Information Technologists and head judge for the UK IT Industry Awards and has a degree in Computer Science from City University, London, and an MBA from The Open University.

IoT security is something of a conundrum. The team at Pen Test Partners publish independent research in to the security of numerous smart devices, exposing poor security practice by device manufacturers. Sadly, it’s often consumers that are the victims of this inattention to security.
Ken looks after vulnerability disclosure at Pen Test Partners and influences government policy on IoT cyber security. Whilst some disclosures are successful, the majority are a train wreck. Watching vendors try to ignore contact from researchers, fumble or try to silence the process led him to working with regulators in an effort to fix the problems at source. He considers carrot AND stick are the only way to resolve smart product security.
The work of his team on My Friend Cayla, the vulnerable talking kids doll, was cited as one of the catalysts for California Senate Bill 327, regulating IoT security for California residents. He’s briefed US government departments and spoken at TEDx, DEF CON villages, RSA, Black Hat, BSides and numerous other security events. If you want his attention, just market your smart device as ‘unhackable’. Ken is also a member of the CVE Board.

Paul Baird is an IT veteran with over 24 years’ experience, and has spent the last seven years focusing his efforts in cybersecurity. Paul’s background has included building a security ethos and security operations centre (SOC) from scratch for several leading enterprises in the UK housing and automotive industries. Having moved to the vendor side to join Qualys as their Chief Technical Security Officer (CTSO) in 2021, he now drives Qualys’ vision for cybersecurity at C-Level across customers and partners in the UK and North EMEA. He is a people-focused leader and passionate about supporting his team. Paul was awarded a fellowship by the Chartered Institute of Information Security (CIISEC) last year for his continued contribution to cybersecurity.

Andy is an experienced Chief Information Security Officer, with 17 years of managing cyber risk within the Oil & Gas sector and Financial sectors. He is currently a CISO, where he holds strategic responsibility for information and cyber security, data privacy and information governance within the organisation.

Prior to his current role, Andy was the Chief Information Security Officer for Corporate Functions at BP PLC, where he set the strategic direction and provided full oversight of information security and cyber security for BP’s twenty-one Corporate Functions.

Andy is also a Director of the Chartered Institute of Information Security, and a keen advocate of professionalization of the UK’s Information Security industry.

Piers is Head of Product Management for Huntsman Security, with responsibility for Huntsman’s security analytics, automation, control monitoring and cyber posture solutions.
As part of the security industry for 25 years, he provides strategic and technical direction to the development and deployment of Huntsman Security solutions and the creation of specific thought leadership on current and future security trends such as automation and threat response, threat intelligence, security analytics and operations, cyber security risk, ransomware and attack surface management. He is a regular speaker at conferences or industry forums and has written numerous articles and white papers.
Before joining Huntsman Security, he was in the senior team in the cyber security practice at PricewaterhouseCoopers where he advised clients on emerging technology risk, cyber security, monitoring, data loss prevention, cloud security, managed security service provision and enterprise mobility. He is also a director of the Chartered Institute of Information Security (CIISec).

Rich Macfarlane has been a Lecturer in the School of Computing at Edinburgh Napier University since 2009, playing a key role in the creation and development of the GCHQ certified MSc Advanced Security and Digital Forensics programme (www.napier.ac.uk/courses/msc-advanced-security-and-digital-forensics-postgraduate-fulltime) and leading the course for the last six years. Rich also collaborates with law enforcement, and industry within the Cyber Academy (thecyberacademy.org), which he co-founded with Prof. Bill Buchanan.

Working within the Networking, Cyber Security and Digital Forensics research group, and focused on research in the areas of Offensive Network Security, Pentesting, Digital Forensic Triage, and Online teaching and E-learning for cyber security. Research in teaching for cyber has focused on authentic, immersive virtualised environments and activities, as well as online learning pedagogy. Digital forensic research included techniques for triage which led to a ground breaking Forensic spin-out company Cyan Forensics (cyanforensics.com). Current research in offensive-security includes honeypots for attack analysis, and Ransomware detection methods including forensic triage of live memory.

Rich is also heavily involved with the wider cyber security community, especially in Scotland, such as as working with schools to support cyber security engagement and teaching, and helping to start and his current moderator role with the Cyber Scotland Connect (@SecScotland) community organisation. He is also an active member of the NCSC educational community group which is made up of course and research lab leaders from NCSC accredited institutions.

Rory has spent the last 22 years building and growing security teams to help companies the world over cope with ever increasing cyber threats, focusing not just on technology, but also on the behaviour and culture of consumers and users of technology. As an advisory member of various boards, a Fellow of the Chartered Institute of Information Security, and a volunteer with BSides, Defcon and Security Stack Exchange one of his ongoing goals is to help individuals, communities and organisations continually improve their security and safety.

Shortlisted Finalist for Scottish Cyber Awards Cyber Evangelist of the Year, Cyber Security Awards Financial Services team of the Year, Institute of Risk Management Cyber Risk Strategy of the Year award, and shortlisted Global Risk Management Team of the Year 2015. Rory was also was part of the committee that helped the ISACA Scotland chapter win the K Wayne Snipes award for best large chapter in Europe in 2016 and become a finalist for the Scottish Cyber Awards 2017.

Dr. Sanjana Mehta supports (ISC)²’s global advocacy strategy while also operating as the lead advocate in advancing the organization’s public policy and thought leadership goals in the United Kingdom. She joined (ISC)² in 2019 and was responsible for developing a strategic understanding of markets and customers in the EMEA region. Sanjana served on the UK Cyber Security Council formation project board to oversee the launch of the new Council. Sanjana has 20 years of experience in the education sector. She has worked in India, Belgium, and the UK in a variety of roles, such as research, program management, product development

Appointed as Chief Executive Officer of Sapphire in 2015, with a career spanning over 21 years in the cyber security industry, Annabel has been recognised by CRN as one of the most influential women in the UK IT channel and included in their A-List for 2019 and 2020. Excelling in leadership, the development and implementation of new strategies and identifying emerging technologies, Annabel also takes an active involvement in encouraging more women into the cyber security industry. She is proud to be on the advisory board for the Ladies of London Hacking Society and also a Leadership Fellow at St. George’s House, Windsor Castle.

Sally Walker spent 25 years in the national security community, 16 years of which were in the senior civil service in various crisis management and military support roles.

A civilian graduate of the Higher Command and Staff Course at Shrivenham, her final job in government was to design and deliver the National Cyber Force, as Director Cyber for GCHQ and in full partnership with Ministry of Defence. She also had joint responsibility for the National Offensive Cyber Programme, led many aspects of the UK’s partnership with US Cyber Command, and was GCHQ’s diversity champion for over a decade.

Now enjoying daylight and a second career in leadership and talent development, she is currently a board chair in local UK government and a non executive for her “new tribe”, WithYouWithMe, while also working with a portfolio of clients from all sectors of society.

Mary is the CISO for BAE plc, responsible for ensuring they maintain a strong cyber security posture as an organisation as well as in the products and services delivered to customers. Prior to this role Mary was the Director of Cyber for the Applied Intelligence division of BAE Systems, responsible for developing the cyber vision and strategy, as well as the roadmap and go to market strategy for their cyber products and services.  She joined BAE in January 2015 holding a number of roles including Product Director for the Managed Cloud and Security Services business. Prior to that she led the Technical Roadmap for the Cyber Security Division in QinetiQ having had various roles in QinetiQ since 2001, including heading up the Cyber Security Services business group and the Cross Domain Products business group.  

Mary has worked in the cyber security domain since 2009, prior to that working in semiconductors research and then specialising in Intellectual Property management.  Her PhD was in semiconductor physics.

Steven Coutinho is an Associate Director at Ipsos and leads on the Cyber Security policy area. He currently leads projects for the Department for Culture, Media and Sport (DCMS) in this area, including the UK Cyber Security Labour Market Research and the UK Cyber Sectoral Analysis Study.

Prof. Steven Furnell is a Board member of the Chartered Institute of Information Security and professor of cyber security at the University of Nottingham. His interests include security management and culture, usability of security and privacy, and technologies for user authentication and intrusion detection. He has authored over 350 papers in refereed international journals and conference proceedings, as well as various books, book chapters, and industry reports. Steve is also the UK representative to Technical Committee 11 (security and privacy) within the International Federation for Information Processing, and a member of related working groups on security management, security education, and human aspects of security

Tim is CEO and Co-Founder (with Dr Mike Butler) of Think Cyber Security Ltd. ThinkCyber offer the next generation in Security Awareness. Their Redflags™ software product applies behavioural and learning science theory, in a highly innovative approach to deliver context-sensitive just-in-time guidance.
Tim has worked in IT for more than 20 years both in consulting and corporate IT with organisations including Logica, PA Consulting, Sepura and was previously Global Head of IT for the cyber division of BAE Systems (previously known as Detica). Tim graduated top of his year in Computer Science with AI at the University of Leeds, holds an MBA from the Open University and a Post Graduate Diploma in Entrepreneurship from Cambridge University.
Tim posts daily on security awareness and behaviour change topics on LinkedIn and is proud to have helped ThinkCyber gain significant recognition for their Redflags™ product: TechUK Cyber Innovator of the Year 2021; SC Award Europe (Best Professional Training Programme); CyberTech100; TechInvest GovTech Top 10; Finalists in NYC Mayor’s Cyber Security Moonshot Challenge; members of TechNation Cyber 2.0 cohort; members of London Office for Rapid Cybersecurity Advancement (LORCA) cohort 1; Finalists Pitch@Palace 9.0.

Siân is Director of Security Business Development and Strategic Growth for Microsoft. She has worked in Cybersecurity for nearly 25 years working in strategy, business risk, privacy and technology.

She currently chairs the Programme Advisory Board for the Digital Economy theme and has supported several Department for Digital, Culture, Media and Sport and Engineering and Physical Sciences Research Council (EPSRC) review boards including the Cyber Centres of Doctoral Training and Academic Centres of Excellence for Cyber.

She is Chair of the Cybersecurity Management Committee for TechUK. She is a member of the advisory boards for ISCF Digital Security by Design and LORCA, the UK government startup accelerator.

Siân is a Fellow of the Chartered Institute of Information Security. In 2018 she was appointed MBE for services to Cybersecurity.

Established technology leader with 15 years of experience in IT and cybersecurity. Currently focused on solving complex cyber-related problems at SenseOn as a Senior Product Manager and Security Engineering Squad Lead. Security Operations subject matter expert and "Blue Team" obsessed! Active member (and founder) of the Scottish cyber community Cyber Scotland Connect.

Todd Wade is a Principal Consultant at CRMG and senior technology leader, having served as CTO at Skechers, a major retail presence globally. Todd brings a fresh perspective to the world of cyber security and risk, being able to apply the Senior Executive’s lens to fundamental cyber risk management concepts.

Jill is currently a Director of CIISec, with a focus on our relationship with the UK Cyber Security Council.

Jill has completed a number of roles in information security and resilience in different industries since joining the "computer audit department" of what is now PwC.

Her current focus is on reporting to the Board and Security with metrics that are meaningful and useful for decision making to both parties, as well as creating and maintaining policies which are used, readable, agreed, sensible and as short as possible.

A City of Edinburgh Councillor since 1984, Robert Aldridge became the city's 258th Lord Provost and Lord Lieutenant on 26 May 2022.
An elected member for Drum Brae/Gyle, Councillor Aldridge is the Council’s longest-serving member with over 30 years experience. He was part of the administration from 2007-12, serving as Environment leader, and has been a Bailie since 2012.