Thursday, 16th November 2023

The Aviva Stadium, Landsdowne Road, Dublin 4

Cyber Security Challenge

IRISSCERT holds an annual conference themed on cyber crime in November. This is an all day conference which focuses on providing attendees with an overview of the current cyber threats facing businesses in Ireland and what they can do to help deal with those threats.

Experts on various aspects of cyber crime and cyber security share their thoughts and experiences with attendees.

The conference is open to anyone with the responsibility for securing their business information assets. There is a nominal fee of €50 per person attending to cover the costs of catering and other organisational expenses.

The IRISS Annual Conference is an opportunity to not only increase your knowledge but also to meet and network with your peers in a relaxed environment.


Our Diamond Sponsors:


Agenda for the Day (Subject to change)

08.45 Gordon Smith & Brian Honan MC IRISSCERT Conference Opening
09:00 Viktor Zhora Deputy Chairman/Chief Digital Transformation Officer at the State Service of Special Communications and Information Protection of Ukraine An overview from the frontlines of a cyber war
09.30 Rik Ferguson VP Security Intelligence for Forescout Who Is Attacking your OT and Why?”
10.00 Dave Lewis Global Advisory CISO for Cisco Game of Pwns
Deryck Mitchelson
Global CISO for Check Point
Who is winning the AI cyber war and how to stack the deck in your favour
11.30 Ciaran Martin

Katie Moussouris

Jen Ellis

Joseph Stephens

Panel Discussion moderated by Gordon Smith Will government regulations improve cybersecurity or will it lead to a compliance led environment?
12:30 James Burchelli Sales Engineering Manager – Crowdstrike To Be Announced
14.00 Jude McCrory
CEO of the Cyber and Fraud Centre – Scotland
Lets talk Cyber enabled crime
14.30 Detective Superintendent Pat Ryan An Garda Siochana Cybercrime: The Future & The Now
15.00 Michelle L RISU Successfully communicating cybersecurity education and change to the board
16.00 Angie McKeown Security Architect – Microsoft Securing Privileged Identities across the org without causing a riot
16.30 Andrew Hay CxO, Cybersecurity Strategist, Data Scientist – LARES Be an Inspirational Coach, Not an Oppressive Security Executive

Eleanor DalLaway

Founder & Editor, Assured Intelligence and Co-founder at Assured Cyber Burnout: 30 Seconds From Death
17.30 Conference Close Conference Close & Networking Event Conference Close & Networking Event

Speaker Lineup

Rik Ferguson
Rik FergusonVice President Security Intelligence at Forescout

I’m a researcher, storyteller, and futurist. I help governments, law enforcement, businesses and individuals understand the complexities of technology, and its intersection with cybercrime.

Over my twenty-five plus years of professional practice, I’ve taken deep dives into the cybercriminal underground and helped the wider world understand the threats of today and explored how those threats will change over time.

I am a founding Special Advisor to Europol’s European Cyber Crime Centre (EC3), a multi-award-winning video producer and writer, a Fellow of the Royal Society of Arts, and board advisor to startups. A world-renowned speaker, I have presented at events including RSA Conference, Mobile World Congress, Milken Institute, Dubex, Infosecurity, IPExpo, CloudExpo, Webit, GovSec, and many more. In April 2011 I was inducted into the Infosecurity Hall of Fame.

We are all connected. Not everyone has positive intentions. I help the rest of us understand the risks and challenges of our digital world.

Who Is Attacking your OT and Why?

IT and OT environments are becoming increasingly interconnected and interdependent. Whilst this brings many operational benefits, it also introduces complexity for security teams and new risks to manage. At the same time, cyber adversaries are course adjusting around this converging and widening attack surface.

This session will share insights into the evolution of cyber threats, the challenges your customers are facing to protect their OT environments and how the IT/OT security stack is transforming

Victor Zhora
Victor ZhoraDeputy Chairman/Chief Digital Transformation OfficerDeputy Chairman/Chief Digital Transformation Officer at the State Service of Special Communication and Information Protection of Ukraine

Victor graduated with honours from the Institute of Physics and Technology of the National Technical University of Ukraine “Kyiv Polytechnic Institute” by specialty “Applied mathematics” in 2003 and finished post-graduate course at the Institute of Software Systems of the National Academy of Science of Ukraine in 2006. 

He is an author of nearly 50 scientific publications in information security and actively supports education programs for bachelors and masters in cyber security. 

From 2012 to 2021 Victor was a CEO and Co-Founder of Infosafe IT LLC – one of the leading cybersecurity companies in Ukraine.

In his current role at the State Service of Special Communication and Information Protection of Ukraine he supervises digital transformation and cybersecurity projects, CERT-UA and the State Cyberprotection Center.

To Be Announced

Michelle L
Michelle LRISU

I am an experienced cybersecurity education and communications strategist. After leading the early implementation of edtech in 2004, I switched careers from the Education sector into Cybersecurity and use my expertise and understanding to help cybersecurity professionals develop meaningful, outcome based strategies for education and communications.

I do voluntary work in harm reduction,particularly around intimate partner violence and tech facilitated abuse. My work on advisory boards and working parties has contributed to meaningful change in tech products, although there is still a long way to go!

Above all, I work towards a more intentional, inclusive tech and cybersecurity space.

Talk Abstract – Building trust with leadership and the wider organisation: why aren’t they listening? 

The most common issue that security professionals bring to me is that “leadership won’t listen to us”. Yet there are very simple solutions, if we are willing to reflect on our approach. The future will bring more accountability and regulation, but this won’t mean that we get more funding or support automatically. Just ask privacy people about that one! So I will offer you the strategies that I have seen work, and how to mould them to your ideas.

You will leave with actionable ideas ( and a free e-book link) for how to build the relationships and the trust that will get you where you want to be. It isn’t complex, but it does require intention and outcome focussed work. And I promise you that you can get them to listen.

Ciaran Martin
Ciaran MartinProfessor, University of Oxford

Ciaran Martin, CB, is Professor of Practice at the University of Oxford’s Blavatnik School of Government. From 2014 to 2020 he set up and led the UK’s National Cyber Security Centre, part of the intelligence agency GCHQ on whose board he served. For the previous decade and a half he served in a variety of positions in the UK Treasury and Cabinet Office. He is originally from Tyrone the home of the All Ireland champions 2021.

Panel Discussion: Will government regulations improve cybersecurity or will it lead to a compliance led environment?

Katie Moussouris
Katie Moussouris Founder and CEO - Luta Security

Katie Moussouris is the founder and CEO of Luta Security. With more than 20 years of professional security experience, Katie has an unparalleled background in security research, incident response, vulnerability disclosure, and bug bounty programs.

During her tenure with Microsoft, her work included industry-leading initiatives such as starting Microsoft Vulnerability Research, which formalized multiparty vulnerability and supply chain vulnerability coordination across hardware and software. She led the launch of the first bug bounty programs for the U.S. government (Hack the Pentagon) and Microsoft.

Katie worked with the U.S. State Department to help renegotiate the Wassenaar Arrangement. She is the co-author and co-editor of ISO 29147 and ISO 30111 and serves in three advisory roles for the U.S. government

Panel Discussion: Will government regulations improve cybersecurity or will it lead to a compliance led environment?

Jen Ellis
Jen EllisCybersecurity advocate and community convenor

I’m working to advance cybersecurity and improve public safety through active collaboration with security experts, policymakers, industry leaders, and other influencers. Adoption of innovative connected technologies delivers a wealth of benefits in every aspect of our lives, but it comes with risks of technical manipulation or failure. Addressing this risk involves creating positive social change to protect technology users (everyone) across the world.

I help security pros work with governments, the private sector, and nonprofits to reduce consumer and organisational cyber-risk. I have a strong focus on leveraging real world data and technical research to dispel security myths and uncover real threats, developing solid best practices and norms, collaboration and advocacy to drive their adoption, and participating in policy discussions to ensure legislative responses are helpful and productive.

I do these things through my company, NextJenSecurity, as a co-chair of the Ransomware Task Force, as a core member of I Am The Cavalry (, and through various board/advisory/mentoring positions in the security community, including for the Aviation Village (

Panel Discussion: Will government regulations improve cybersecurity or will it lead to a compliance led environment?

Dave Lewis
Dave LewisGlobal Advisory CISO for Cisco

Dave has 30 years of industry experience. He has extensive experience in IT security operations and management. Dave is a Global Advisory CISO for Cisco. He is the founder of the security site Liquidmatrix Security Digest & podcast as well as the host of DuoTV and the Plaintext podcast.

He is currently a member of the board of directors for BSides Las Vegas. Previously he served on the board of directors for (ISC)2 as well as being a founder of BSides Toronto conference. Dave has been a DEF CON speaker operations goon for over 13 years. Lewis also serves on the advisory board for the Black Hat Sector Security Conference and the CFP review board for 44CON as well as on the advisory boards of several companies.

He is currently working towards his graduate degree at Harvard. Dave has previously written columns for Forbes, CSO Online, Huffington Post, The Daily Swig, and others. For fun, he is a curator of small mammals (his kids) plays bass guitar, grills, and is part owner of a whisky distillery as well as a soccer team

Game of Pwns

In the dynamic interplay of cybersecurity, Artificial Intelligence (AI) has emerged as a double-edged sword, wielded by both defenders and attackers. This presentation builds on the original “Barbarians at the Gate(way)” talk that I last delivered 5 years ago where I discussed the tools and methodologies of attackers. It ventures into the burgeoning domain where attackers repurpose AI’s capabilities to launch sophisticated cyberattacks, turning defensive technologies against us. We explore the enhancement of traditional hacking methods with AI, the rise of intelligent malware, and the strategic use of AI in cyber espionage, underscoring the urgency for innovative defense mechanisms.

Simultaneously, we scrutinize AI’s role in reinforcing cybersecurity, spotlighting the adaptive and predictive analytics that safeguard our digital frontiers. By examining case studies and current trends, we underscore the necessity for ethical deployment and robust regulatory frameworks in the face of these evolving threats.

This talk distills the complexities of AI in cybersecurity into a strategic discourse, aiming to prepare stakeholders for a future where AI’s role is as much about defending the gateway as it is about anticipating the next move in the ‘Game of Pwns’.

Andrew Hay
Andrew Hay Chief Operating Officer (COO), Lares

Andrew Hay is a seasoned cybersecurity professional, proficient in data science and research, and a renowned international public speaker. With nearly 25 years of expertise in various IT, security, and risk fields, he has authored multiple books on endpoint, network, cloud, and security management topics.

Andrew has successfully led and expanded global engineering, research, and security teams, contributing to the growth of companies from their early stages to acquisition. Additionally, he maintains an active role as a certified rugby coach, strength & conditioning coach, and an internationally ranked competitive powerlifter.

To be Announced

Eleanor DallawayCo-founder & Content director, Assured Intelligence

Eleanor Dallaway is co-founder of Assured and content director of Assured Intelligence, an editorially independent cybersecurity content platform for senior execs. Eleanor has 16 years of experience as a tech journalist. Eleanor served as editor and editorial director of Infosecurity Magazine from 2006 to 2022, during which time she founded the Women in Cybersecurity networking events, advised the Conservative Government on its information security policy, and won several awards including the Women of influence award in the US and information security feature of the year. Eleanor is also published in The Guardian, The Sunday Times, The Times and Imbibe.

Cyber Burnout: 30 Seconds From Death

A combination of long to-do lists, (increasingly) high accountability, and a specific personality type mean that burnout can strike down even the most resilient CISO or cyber professional. A burnt-out sector is an underperforming sector, and cybersecurity is an industry that can’t afford to drop its guard. Eleanor Dallaway pools many of her most jaw-dropping interviews with industry professionals to share the cause and impact of burnout and puts forward a suggested resolution.

Jude McCorry
Jude McCorryCEO of the Cyber and Fraud Centre - Scotland

Jude has over 20 years of experience in the technology sector and started her career with Dell computers in Ireland, she joined SBRC in April 2020 from The Data Lab, where she was Director of Business Development, working with industry and academia to maximise the value of data for Scotland. She is one of the founders of the UNICEF Data Hub for Children, she also sits on the board of the Edinburgh Data-Driven Innovation Hub at Edinburgh University.

Jude is very passionate about data for good and inspiring the next generation into cyber and technology – particularly looking at female participation

Lets talk Cyber enabled crime

In this talk Jude will share the results of a 6 month trial she and her colleagues  have just finished around cyber enabled financial fraud working with banks and police.

Angie McKeown
Angie McKeownSecurity Architect - Microsoft

Angie is a Security Architect at Microsoft in one of the CTO teams, specialising in Security Operations (Defender and Sentinel, and AI for Security). She has a Masters in Applied Cyber Security, and has a keen interest in Digital Forensics.

She is also very involved in local community activity, and is on the steering group for InfosecNI and the committee for Bsides Belfast, as well as attending and speaking at tech community events.

Securing Privileged Identities across the org without causing a riot

Security is important, but is frequently disrupted by people who just need to get on with their normal workflow and have become used to a certain level of privilege. But the most powerful digital identities in your business are the ones with the potential to cause the most damage if compromised. So how do we secure them, and how do we do it in a way that people will accept?

James Burchell
James BurchellSales Engineering Manager - Crowdstrike

James is a passionate, multidisciplinary security specialist who has the ability to de-mystify the complexity that shrouds many IT security challenges. With many years of experience in both military and corporate cyber security worlds, he has the knowledge to help you protect your brands reputation, data and intellectual property.

The battle for IT security won’t end any time soon, James strives to make sure that everyone understands the challenges and are equipped to protect themselves from the most advanced modern threats.

Deryck Mitchelson
Deryck MitchelsonGlobal CISO, Check Point

Deryck is a commercially focused C-suite executive, distinguished by expertise in cyber security and cloud, with global experience across both private and public sectors. His leadership in Consulting, Oil and Gas, and Healthcare provides Deryck with the platform for building and delivering IT and Security strategies and the application of emerging technologies, delivering a positive impact on both business goals and bottom line.

In his current role at Check Point he acts as a security evangelist, advising C-Suite leaders on digital transformation, underpinned by security resilience and strategy. He is a recognized thought-leader and visionary, named in the top 20 IT influencers in the UK by Computer Weekly and winner of Holyrood’s prestigious digital leader of the year award, amongst others.

Who is winning the AI cyber war and how to stack the deck in your favour

Detective Superintendent Pat Ryan
Detective Superintendent Pat Ryan An Garda Siochana - National Cyber Crime Bureau

The Garda National Cyber Crime Bureau was established as the Cyber Crime Investigation Unit in 1991, and re-established as the Garda National Cyber Crime Bureau (GNCCB) in 2017.  The Bureau is the national Garda unit tasked with the forensic examination of computer media seized during the course of any criminal investigations. These include murders, cybercrime, online harassment, computer intrusions, child exploitation offences and any criminal investigation in which computers are seized or may contain evidential data. The unit also conducts investigations into cyber dependent crime which are significant or complex in nature network intrusions, data interference and attacks on websites belonging to Government departments, institutions and corporate entities.

The Bureau is part of Organised & Serious Crime is staffed by civilian personnel and Garda members of various ranks up to Detective Superintendent. Members of the unit undergo intensive training in the area of forensic computing and cybercrime investigations, and give expert witness testimony in all types of investigations and prosecutions in court. In addition to its forensic and investigative role, GNCCB acts as a liaison with various partner agencies and law enforcement bodies


Joseph Stephens
Joseph StephensDirector of Resilience at National Cyber Security Centre

The National Cyber Security Centre of Ireland (NCSC) engages in a comprehensive set of tasks around cyber security, with primary focus on securing Government networks and securing Critical National Infrastructure and encompasses the State’s National/Governmental Computer Security Incident Response Team (CSIRT-IE).

The initial focus of the NCSC and CSIRT-IE is to provide incident response services to Government networks and the main Critical National Infrastructure providers.

Our strategy details how the NCSC will engage with its primary stakeholders and outline the mandate for the NCSC as a whole. The mandate for the NCSC will include:

  • Activities to reduce the vulnerability of critical systems and networks within the State to incidents and cyber-attacks;
  • Effective response when such attacks occur;
  • Establishing and maintaining cooperative relationships with national and international partners.


Cyber Security Challenge

In parallel to the conference, IRISSCERT also hosts Ireland’s premier IRISSCON Cyber Security Challenge. The challenge allows Ireland’s top cyber security experts to compete against each other in a controlled environment to see who will be the first to exploit weaknesses in a number of systems and declare victory. The purpose of the competition is to demonstrate how attackers could gain access to your systems and allow you to learn from the event on how to prevent such attacks from impacting your network.

Registration for IRISSCON Cyber Security Challenge 2023 is now open!

Register Now

Sponsored by

Our Conference Sponsors

Thanks to the generosity of our sponsors IRISS is able to host this event. The following organisations kindly lent their support to our conference.

Our Diamond Sponsors

Our Gold Sponsors

Our Silver Sponsors

Our Lunch & Coffee Sponsors

We are Grateful to Our Supporters

Past IRISSCON Events

Our Diamond Sponsors

Go to Top