Public Speaking

A subset of presentations and talks I've given over the years.

Keynotes

• "Storytelling in Cybersecurity", Australian Cyber Conference, Canberra, 2021
• "Revisiting the State", OPCDE Security Conference, Dubai, 2017 — slides
• "Towards the future of cyber attacks", Regional Cybersecurity Week, Muscat, Oman, 2015 — session
• "The future of Cyber Defense", NATO Cyber Defence Workshop, Berlin, 2015
• "Incident Response: Art, Science and Engineering", HITCon, Taipei, 2015 — slides
• "Protecting large scale web properties", Cyber Secure Pakistan, Islamabad, 2013

Talks and panels

• "The Hacker, The CISO & The Chatbot", ISSA Silicon Valley, 2025 — event
• "Securing tomorrow together", Bowie State University, 2023 — flyer
• "Storytelling for CISOs", RSA CISO Bootcamp, 2023 — program
• "Hackers into the UN? Engaging in the cyber discussions on war & peace", DEF CON Policy Panel, 2021 — session
• "Cybersecurity Norms: Where Rules Meet the Road", IGF BPF Cybersecurity, Katowice, 2021 — session
• "Disclosing Security Incidents from Routine to Breach", Heavybit, San Francisco, November 2019 — video
• "Putting agreements into action: operationalizing cybersecurity norms", IGF BPF Cybersecurity, Berlin, November 2019 — session · IGF 2019 videos
• Panel: "CISO Ventures: Are Cybersecurity Startups Meeting Expectations of Buyers Taking a Risk on Them?", SecureWorld Bay Area, Santa Clara, August 2019 — agenda
• Address to the Global Commission on the Stability of Cyberspace, GCSC, Singapore, 2018 — statement
• "How governments became interested in cyber", FIRST Conference, Kuala Lumpur, 2018 — slides
• "AI: Lethal Autonomous Weapons Systems and Peace Time Threats", RightsCon, Toronto, 2018 — session
• "An Internet of Governments", USENIX LISA, San Francisco, 2017 — slides
• "International Cooperation in Cybersecurity", International Conference on Cybersecurity, Riyadh, 2017
• "Incident Management at Fastly", O'Reilly Security Conference, New York, 2016 — article
• Best Practice Forum on Cybersecurity (Moderator), IGF, Guadalajara, December 2016 — session
• "Engineering a resilient internet", Iranian Conference on Information Security, Tehran, 2016
• "Engineering a resilient internet", Australian Cyber Security Conference, Canberra, 2016
• "A living history of Incident Response", SRI Security Congress, Perth, 2015
• "Functionality, Security and Stability", 20 años cgi.br, São Paulo, 2015
• "Tech Talk on Cybersecurity", Institute of Business Administration, Karachi, 2013
• "Update on DNS Hijackings", ICANN, Durban, 2013 — slides
• "Collective Defense: How the Defenders can Play to Win", RSA Conference, San Francisco, 2012
• "Securing the internet: a Microsoft perspective", Cyber Security Week, Sri Lanka, 2011
• "Mindful numbers: the science and art of rating software vulnerabilities", AusCERT, Brisbane, 2011
• "Five years of Persistent Targeted Attacks", GovCERT.nl conference, Rotterdam, 2010
• "Five years of Real-World Content Type Attacks", RSA Conference, San Francisco, 2010 — slides
• "Is Troy Burning? An analysis of targeted cyber attacks", SANSFire, Washington DC, July 2008 — slides
• "Security Architecture in Agile Development" workshop, XP Days, Brussels, November 2007
• "Crouching Powerpoint, Hidden Trojan", Chaos Communications Congress, Berlin, 2007 — video · slides
• "Information Security Intelligence", ISSA Brussels-European chapter, 2007 — slides
• "Deception on the network: thinking differently about covert channels", Australian Conference for Information Warfare and Security, Perth, 2006 — slides
• "Network security", Linux User Group, Belgium, 2002

Classes I have taught

• Cyber Bootcamp, Valencia, 2021 and 2022 — program
• Incident Response for policymakers: Lima (2019), Seoul (2018), Geneva (2017)
• Incident Response: Fiji (2019), Panama (2018)
• Incident Response: Shahid Beheshti University, Tehran (2016)

Podcasts

• "AI and Cybersecurity", Top of Mind, 2025 — webcast
• "The Importance of Storytelling in Cybersecurity", eXecutive Security, 2022 — episode
• "Program Management and the Chief of Staff role within today's modern CISO organization", The Hitch Cast, 2021 — episode
• "Managing SaaS-to-SaaS: How CISOs Can Mitigate Third-party Integration Risks", Valence Security, 2020 — video