Thursday, 10th November 2022

The Aviva Stadium, Landsdowne Road, Dublin 4

Cyber Security Challenge

IRISSCERT holds an annual conference themed on cyber crime in November. This is an all day conference which focuses on providing attendees with an overview of the current cyber threats facing businesses in Ireland and what they can do to help deal with those threats.

Experts on various aspects of cyber crime and cyber security share their thoughts and experiences with attendees.

The conference is open to anyone with the responsibility for securing their business information assets. There is a nominal fee of €50 per person attending to cover the costs of catering and other organisational expenses.

The IRISS Annual Conference is an opportunity to not only increase your knowledge but also to meet and network with your peers in a relaxed environment.


Our Diamond Sponsors:


Agenda for the Day

08.30 Registration IRISSCON Registration
09.00 Gordon Smith & Brian Honan MC IRISSCERT Conference Opening
09.30 Mikko Hyppönen Chief Research officer for WithSecure If It’s Smart, It’s Vulnerable
10.00 Dave Lewis Global Advisory CISO for Cisco Ransomware: The Security Debt Collector
10.30 Raj Samani Senior Vice President, Chief Scientist, Rapid7 To Be Announced
11.30 Jaya Baloo Chief Information Security Officer, AVAST To Be Announced
12.00 Christian Heggen Senior Threat Intelligence Advisor, Crowdstrike The Increasing Diversification of the eCrime Ecosystem
12.30 Detective Inspector Gerard Doyle
An Garda Siochana – National Cyber Crime Bureau
Cyber – The Irish Landscape
14.00 Rich Mogull
SVP Cloud Security, Firemon
The DevSecOps Approach Cloud Native Threat Detection and Response
14.30 Georgia Bafoutsou Cybersecurity Officer, European Union Agency for  Cybersecurity (ENISA) SMEs: Boost awareness on cybersecurity- ENISA tools and guidance
15.00 Sharon Conheady Director, First Defence Information Security Limited Performing a legal and ethical social engineering test
16.00 Colm Gallagher Forensics Director, Commsec To Be Announced
16.30 Joseph Stephens & James Caffrey National Cyber Security Centre Overview of The Threat Landscape and Capacity Building
17.00 Éireann Leverett Chief Technology Officer for Concinnity Risks To Be Announced
17.30 Conference Close Conference Close & Networking Event Conference Close & Networking Event

Speaker Lineup

Mikko Hyppönen
Mikko HyppönenChief Research officer for WithSecure

Mikko Hypponen is a global security expert. He has written on his research for the New York Times, Wired and Scientific American and lectured at the universities of Oxford, Stanford and Cambridge. Mr. Hypponen works as the Chief Research Officer for WithSecure.


Companies are facing new kinds of online risks. Fighting online attacks requires us to understand the attackers. As connectivity opens new opportunities for imagination, they also open new opportunities for online attackers. What will the next arms race look like? And what does the future hold for us?

Jaya Baloo
Jaya BalooChief Information Security Officer, AVAST

Jaya Baloo is Avast’s Chief Information Security Officer (CISO) and joined Avast in October 2019. Previously, Ms. Baloo held the position of CISO at KPN, the largest telecommunications carrier in the Netherlands, where she established and led its security team whose best practices in strategy, policy, and security operations are today recognized as world leading. Prior to this, Ms. Baloo also held the position of Practice Lead Lawful Interception at Verizon, and worked at France Telecom as a Technical Security Specialist.

Ms. Baloo is formally recognized within the list of top 100 CISOs globally and ranks among the top 100 security influencers worldwide. In 2019, she was also selected as one of the fifty most inspiring women in the Netherlands by Inspiring Fifty, a non-profit aiming to raise diversity in technology by making female role models in technology more visible.

Ms. Baloo has been working in the field of information security, with a focus on secure network architecture, for over 20 years and sits on the advisory boards of the NL’s National Cyber Security Centre, PQCrypto and the EU Quantum Flagship’s Strategic Advisory Board. She serves on the audit committee of TIIN capital, a cybersecurity fund, and is also a member of the IT Committee of Sociale Verzekeringsbank. She is a board member of the cybersecurity firm NIXU in Finland. Since 2021 she is also a board member of the RvT of the Dutch Broadcasting station, the NOS.

Ms. Baloo has spoken widely at high profile conferences such as RSA, TEDx and Codemotion on topics including Lawful Interception, VoIP ; Mobile Security, Cryptography, and Quantum Communications Networks. Additionally, Ms. Baloo is a faculty member of the Singularity University since 2017, where she regularly lectures.

To Be Announced

Rich Mogull
Rich MogullSVP Cloud Security. Firemon

Rich is the SVP of Cloud Security at FireMon where he focuses on leading-edge cloud security research and implementation. Rich joined FireMon through the acquisition of DisruptOps, a cloud security automation platform based on his research while as CEO of Securosis.

He has over 25 years of security experience and currently specializes in cloud security and DevSecOps, having starting working hands-on in cloud over 12 years ago. He is also the principle course designer of the Cloud Security Alliance training class, primary author of the latest version of the CSA Security Guidance, and actively works on developing hands-on cloud security techniques.

Prior to founding Securosis and DisruptOps, Rich was a Research Vice President at Gartner on the security team. Prior to his seven years at Gartner, Rich worked as an independent consultant, web application developer, software development manager at the University of Colorado, and systems and network administrator.

Rich is the Security Editor of TidBITS and a frequent contributor to industry publications. He is an industry speaker at events including the RSA Security Conference, Black Hat, and DefCon, and has spoken on every continent except Antarctica.

Talk Abstract – The DevSecOps Approach Cloud Native Threat Detection and Response

Every SOC on the planet is grappling with the challenges of integrating detection techniques and response processes for public cloud computing. This session will delve into the details with a framework for modernizing response operations, combined with technical details and examples. * Understanding the key cloud security feeds of the big 3 providers and how to collect them without falling behind attackers. * How, and why, to treat cloud misconfigurations as threats. * Building cloud IoCs, including top examples and why they matter. * The role of key security feeds and response tools from AWS, Azure, and GCP. * Balancing log volume and storage locations. * Top tips for integrating cloud events into an existing SOC. * Leveraging DevOps techniques for a distributed response process, and how engaging cloud teams will reduce SOC pressure while improving response. This session will include technical demonstrations (using AWS native capabilities) to illustrate key concepts. Attendees should have existing response experience and be familiar with major cloud computing features on at least one of the major providers (e.g. CloudTrail or Defender for Cloud).

Georgia Bafoutsou
Georgia BafoutsouThe European Union Agency for Cybersecurity

Georgia Bafoutsou holds a PhD in Electrical and Computer Engineering with a background in electronic communications security and privacy. From 2006-2020, she has been a member of the Hellenic Authority for Communications Security and Privacy, investigating security incidents on providers’ networks, auditing the implementation of proposed security measures and promoting security best practices.

Since 2020 she is a cybersecurity expert in the Policy Development and Implementation Unit of the European Union Agency for Cybersecurity, focuses on telecom security, security in the core internet, and cloud security, working on technical and policy topics.

She is also a member of the Awareness Raising and Education Team of ENISA having as a goal to assist citizens, businesses and organizations with achieving mind-set and behavioural change towards cybersecurity.

SMEs: Boost awareness on cybersecurity- ENISA tools and guidance

In a time of increased remote work and growing cyber threats, SMEs are facing major cybersecurity challenges. Low-security budget, lack of employee awareness, lack of management support, lack of cyber-skills and increase in cyber-attacks can seriously impact SME’s competitiveness and compromise even the value-chain they are connected to.

ENISA’s main goal is to raise awareness to SMEs and educate them on cyber security hygiene and prominent cybersecurity threats, e.g.  ransomware and phishing.

During the event,  ENISA will present its work to support and guide SMEs to take measures that would help anticipate cybersecurity threats and risks. Additionally ENISA will give a sneak preview of the soon-to-be launched “ARinABox”, a complete toolkit with guidelines, templates , plans and games that can help a company build its own cybersecurity awareness  program.

Raj Samani
Raj SamaniSenior Vice President, Chief Scientist, Rapid7

Raj Samani is a computer security expert responsible for extending the scope and reach of Rapid7’s research initiatives. Immediately prior to Rapid7, Raj was McAfee Fellow and Chief Scientist after serving as the company’s VP and Chief Technical Officer in EMEA. Raj has assisted multiple law enforcement agencies in cybercrime cases, and is special advisor to the European Cybercrime Centre (EC3) in The Hague. In addition to speaking at myriad cybersecurity industry events, Raj is sought after for his commentary on breaking news such as major security breaches and emerging threats.

To Be Announced

Detective Inspector Gerard Doyle
Detective Inspector Gerard DoyleNational Cyber Crime Bureau

The Garda National Cyber Crime Bureau was established as the Cyber Crime Investigation Unit in 1991, and re-established as the Garda National Cyber Crime Bureau (GNCCB) in 2017.  The Bureau is the national Garda unit tasked with the forensic examination of computer media seized during the course of any criminal investigations. These include murders, cybercrime, online harassment, computer intrusions, child exploitation offences and any criminal investigation in which computers are seized or may contain evidential data. The unit also conducts investigations into cyber dependent crime which are significant or complex in nature network intrusions, data interference and attacks on websites belonging to Government departments, institutions and corporate entities.

The Bureau is part of Organised & Serious Crime is staffed by civilian personnel and Garda members of various ranks up to Detective Superintendent. Members of the unit undergo intensive training in the area of forensic computing and cybercrime investigations, and give expert witness testimony in all types of investigations and prosecutions in court. In addition to its forensic and investigative role, GNCCB acts as a liaison with various partner agencies and law enforcement bodies.

Cyber – The Irish Landscape

Dave Lewis
Dave LewisGlobal Advisory CISO for Cisco

Dave Lewis has 30 years of industry experience. He has extensive experience in IT security operations and management including a decade dealing with critical infrastructure security. Lewis is a Global Advisory CISO for Cisco. He is the founder of the security site Liquidmatrix Security Digest and cohost of the Liquidmatrix podcast as well as the host of the Plaintext podcast. Lewis serves on the advisory boards for several firms. He is currently enrolled in a graduate program at Harvard University. Lewis has written columns for Daily Swig, Forbes and several other publications.

Ransomware: The Security Debt Collector

High-profile ransomware news stories grabbed headlines a few years ago, but faded in popularity through 2018 as other attacks like cryptojacking grew more profitable. Since the first months of 2020, ransomware attacks are on the rise and in the news again! Join this session with Global Advisory CISO Dave Lewis from Cisco Secure to catch up on the historical rise and fall (and rise…) of ransomware from floppy disks to RaaS (ransomware as a service), why it’s seen a resurgence in popularity along with recent data on the state of ransomware currently, and how you can improve your defenses against ransomware attacks

Christian Heggen
Christian Heggen Senior Threat Intelligence Advisor

Currently working with CrowdStrike’s Strategic Threat Advisory Group, Christian is tasked with helping customers operationalize their own threat intelligence capabilities, and to grow their own threat intelligence business.

Christian spent 4 years working for INTERPOL, based in both Europe and Asia, where he helped to facilitate multi-national policing operations on matters such as anti-human trafficking, border management, and counter-terrorism. His roles included the analysis and dissemination of relevant operational intelligence.

Subsequently, having seen the exponential rise in cyber-related criminality during his time at INTERPOL, Christian spent the next 5 years working in cyber threat intelligence at the tactical, strategic, and operational levels. Positions spanned both the banking and managed security service (MSS) sectors.

Particular topics of interest include the rise of ransomware-as-a-service (RaaS), the strategic priorities of Chinese-based actors, emerging threats to the Cloud environment, and targeting of the energy sector in western Europe.

The Increasing Diversification of the eCrime Ecosystem

Whilst the sheer volume of cyber-attacks continues to rise exponentially, a large proportion of this increase relates specifically to a rise in the activities of financially-motivated eCrime adversaries. CrowdStrike is observing a greater diversification in the number, type and specialisation of eCrime adversaries, whether it’s an increase in initial access brokers, ransomware-as-a-service (RaaS) operators, or malware-as-a-service (MaaS) operators. These various and distinct groups are collaborating more frequently, which in turn is facilitating an increase in the number of financially-motivated.We will review some of the most active eCrime adversaries targeting both Western Europe, and Ireland, such as BITWISE SPIDER and WIZARD SPIDER, and look at their methods and how they target potential victims. Furthermore, we will review some of the key trends and statistics that we have observed via our endpoint telemetry data.

Colm GallagherForensics Director, Commsec

Colm is an experienced Investigator with a wide range of experience in the Security and Investigations industry. Skilled in Computer Forensics, Cyber Crime Investigation, Prosecution and Expert testimony in Criminal cases, Case Management, Systems Administration, Implementation and Configuration of Endpoint Protection and Backup/Restore systems, Linux and Windows Server Administration. Strong IT and Security background with a 1st Class Honours MSc in Forensic Computing and Cyber Crime Investigation from University College Dublin. Current holder of Certified Forensic Computer Examiner certification from IACIS.

To be Announced

Bio: To be Announced

Éireann Leverett
Éireann LeverettFounder & CEO of Concinnity Risks

Éireann Leverett once found 10,000 vulnerable industrial systems on the internet.

He then worked with Computer Emergency Response Teams around the world for cyber risk reduction.

He likes teaching the basics, and learning the obscure.

He continues to be fascinated by computer science, cryptography, networks, information theory, economics, and magic history.
He likes to study zero knowledge proofs, firmware and malware reverse engineering, and complicated network effects such as Braess’ and Jevon’s Paradoxes. He has worked in quality assurance on software that runs the electric grid, penetration testing, and academia. He likes long binwalks by the hexdumps with his friends.

Éireann Leverett is a regular speaker at computer security conferences such as FIRST, BlackHat, Defcon, Brucon,, RSA, and CCC; and also a regular speaker at insurance and risk conferences such as Society of Information Risk Analysts, Onshore Energy Conference, International Association of Engineering Insurers, International Risk Governance Council, and the Reinsurance Association of America. He has been featured by the BBC, The Washington Post, The Chicago Tribune, The Register, The Christian Science Monitor, Popular Mechanics, and Wired magazine.

He also serves in an advisory role to ENISA: on the industrial control systems and smart grid security experts group.

He was part of a multidisciplinary team that built the first cyber risk models for insurance with Cambridge University Centre for Risk Studies and RMS.

To be Announced

Sharon Conheady
Sharon ConheadyDirector First Defence Information Security Limited

Sharon Conheady is the director of First Defence Information Security where she specialises in social engineering, security awareness and penetration testing. She has a background in professional services and has delivered security testing and training in the UK and abroad.

Sharon is a regular speaker at security events around the world and has presented at conferences including Black Hat, DEF CON, Deepsec, Recon, CONFidence and InfoSec and has appeared as a subject matter expert on security podcasts including pauldotcom and She is also a member of the Regional Review Board for Blackhat Europe.

Sharon has an MSc in Information Security from the University of Westminster and a BA(Mod) in Computer Science, Linguistics and French from Trinity College Dublin. She is the author of Social Engineering in IT Security: Tools, Tactics, and Techniques published by McGraw-Hill (

Performing a legal and ethical social engineering test

Organisations are increasingly running social engineering tests to assess their staff’s level of security awareness and to identify vulnerabilities in their security posture. This can be a hugely worthwhile exercise but must be done in a legal and ethical manner.

Sharon has been performing social engineering tests for almost 20 years and has lots of war stories and insights to share. In this talk, she will discuss some of the ethical considerations that have come up for her throughout the years.

The aim of this talk is not to tell security practitioners what they should or should not do in social engineering tests, but rather to get organisations thinking about the impact of actions taken during such tests.

Joseph Stephens & James Caffrey
Joseph Stephens & James CaffreyNational Cyber Security Centre

Sharon Conheady is the director of First Defence Information Security where she specialises in social engineering, security awareness and penetration testing. She has a background in professional services and has delivered security testing and training in the UK and abroad.

Sharon is a regular speaker at security events around the world and has presented at conferences including Black Hat, DEF CON, Deepsec, Recon, CONFidence and InfoSec and has appeared as a subject matter expert on security podcasts including pauldotcom and She is also a member of the Regional Review Board for Blackhat Europe.

Sharon has an MSc in Information Security from the University of Westminster and a BA(Mod) in Computer Science, Linguistics and French from Trinity College Dublin. She is the author of Social Engineering in IT Security: Tools, Tactics, and Techniques published by McGraw-Hill (

Overview of the Threat Landscape & Capacity building

Cyber Security Challenge

In parallel to the conference, IRISSCERT also hosts Ireland’s premier IRISSCON Cyber Security Challenge. The challenge allows Ireland’s top cyber security experts to compete against each other in a controlled environment to see who will be the first to exploit weaknesses in a number of systems and declare victory. The purpose of the competition is to demonstrate how attackers could gain access to your systems and allow you to learn from the event on how to prevent such attacks from impacting your network.

Registration for IRISSCON Cyber Security Challenge 2022 is now open!

Register Now

Sponsored by

Our Conference Sponsors

Thanks to the generosity of our sponsors IRISS is able to host this event. The following organisations kindly lent their support to our conference as Diamond and Gold Sponsors.

Our Diamond Sponsors

Our Gold Sponsors

Our Silver Sponsors

Our Lunch & Coffee Sponsors

We are Grateful to Our Supporters

Past IRISSCON Events

Our Diamond Sponsors

Go to Top