Reports and Chapters

Academic reports, book chapters, technical documentation and professional blogs.

Reports and chapters

• EU Institute for Security Studies — Guardian of the Galaxy: EU sanctions in cyberspace (2019)
• UN Internet Governance Forum — Establishing and Supporting Computer Security Incident Response Teams for Internet Security (2017)
• Organization of American States & Inter-American Development Bank — Incident Response Capacity Building in the Americas (2016)
• Research report — Managing the Targeted cyber threat (2008)

IGF Best Practices Forum

For several years, I was lead expert to the Best Practices Forum on CSIRTs and Cybersecurity in the UN Internet Governance Forum. These reports were compiled with help from stakeholders in various communities.

• BPF Cybersecurity — Cybercrime versus Cybersecurity (2022)
• BPF Cybersecurity — The Use of Norms to Foster Trust and Security (2021)
• BPF Cybersecurity — Exploring Best Practices in Relation to International Cybersecurity Initiatives (2020)
• BPF Cybersecurity — International Cybersecurity Agreements (2019)
• BPF Cybersecurity — Cybersecurity Culture, Norms and Values (2018)
• BPF Cybersecurity — Establishing and Supporting CSIRTs for Internet Security (2017)
• BPF Cybersecurity — Best Practices in Cybersecurity (2016)
• BPF CSIRTs — Establishing and Supporting CSIRTs for Internet Security (2015)
• BPF CSIRTs — Establishing and Supporting CSIRTs for Internet Security (2014)

Blogs

• InformationWeek — Top 5 Strategies for Cybersecurity Red Teaming (January 2025) — thanks to Justin Tiplitsky for his work on this entire space
• CircleID — The Operationalization of Norms and Principles on Cybersecurity (2019)
• FIRST — FIRST at the Global Conference on Cyberspace (2018)
• O'Reilly — Incident Management at the Edge (2016)
• Fastly — Engineering a more resilient internet, Best Practices for protecting your domain, How college security competitions help us build great security teams
• SANS — Guarding the guardians: a story of PGP key ring theft, Non-malicious compromise pointing to a benign VBScript!, Responding to a file-parsing application attack, Cyber attacks against Tibetan communities, Overview of cyber attacks against Tibetan communities, Extracting scripts and data from suspect PDF files
• Microsoft MSRC — Exploitability Index Improvements Now Offer Additional Guidance, Details on the New TLS Advisory
• Microsoft Ecostrat — Inside the MAPP Program, Building a safer internet... together!, and others
• Microsoft SRD — MS10-049: An Inside Look at CVE-2009-3555, the TLS Renegotiation Vulnerability, More Information About the DLL Preloading Remote Attack Vector, Extended Protection for Authentication, MS09-008: DNS and WINS Server Security Update in More Detail (2009)

Earlier work

• WOMBAT Workshop on Information Security Threats — The SANS Internet Storm Center (2008)
• Journal of Information Warfare — Belgium's intelligence community: new challenges and opportunities (2006)
• Australian Conference for Information Warfare and Security — Deception on the network: thinking differently about covert channels | slides (2006)
• Research report — Forensic investigation and its relationship with IA and Corporate Governance (2005)
• SANS GCIA — IT Crime Profiling using Intrusion Detection (2004)
• [Book] Communicating for Diversity — Culture, ethnicity and their impact on risk communication (2008)