Jon Lehtinen

Director, Identity & Access Management, Thomson Reuters

Bio to follow shortly

Raul Lapaz

Cloud security engineer Blue Team, Roche

Raul Lapaz has more than 20 years of IT experience and works as a cloud security engineer at the Swiss pharmaceutical company Roche.

His primary role is to design, implement, and deploy a secure cloud environment for health care digital products in AWS.

He writes articles for such publications as Admin Network and Security, and in the past, he also wrote articles for Windows NT Magazine.

He holds several IT certifications, like Splunk Architect, GIAC SANS, RedHat, CEH, Microsoft and others.

Saru Tumuluri

India Ambassador, Women in Identity

Saru Tumuluri is the CEO Khosla Labs and is currently focused on scaling Veri5Digital,  a leading Global Digital Identity and Customer On-Boarding SaaS platform from India.

With over two decades of experience pertaining to entrepreneurship in India and the United States, Saru is focused on bringing new technology-driven opportunities to entrepreneurs, with an aim to solve large-scale problems in India and across the globe.

Saru is currently the country Ambassador for Women in Identity (WiD), a registered non-profit membership organisation, run by volunteers whose purpose is to champion a more diverse workforce, inclusive of all, to enter, and work, and advance in the growing industry of Digital Identity.

David Terrar

Director and Chair, Cloud Industry Forum

David is a well-known strategist, keynote speaker and influencer on cloud computing, digital transformation, social collaboration and ERP software.  He is a Director and Deputy Chair of the Cloud Industry Forum, judges the UK Cloud Awards, and is Founder & CXO of digital strategy consultancy Agile Elephant.  He is a specialist in sales, marketing and operations in the technology sector, and guest lectures on digital and social media at Henley Business School and on INSEEC’s MBA programme.  David is an advisor and non-exec director for several companies, and a regular host on the tech TV channel Disruptive. Live.

Oliver Briese

IAM Project Lead & Head of SoD, Deutsche Kreditbank AG (DKB)

Oliver has gathered extensive experience in domestic and international rollouts of IAM processes and technical solutions within the European financial industries whilst being part of the German practice of EY. Since joining the DKB he is now responsible for the implementation of a new IAM-framework, the rollout of business roles and risks from the segregation of duties in the DKB-Group.

Markus Duda

External Project Manager, Deutsche Kreditbank AG (DKB)

Markus has been working in managing roles in financial institutions for more than 20 years; responsible for Operations, IT, and Internal Audit. Since 2017, he has been co-managing the IAM stream of an IT security project of Germany’s largest direct bank. The focus of his professional activity during the last years is to advise financial institutions on the implementation of IT security regulations especially regarding GRC (Governance, Risk and Compliance) and IAM (Identity and Access Management).

Andrew Aiken

Zero Trust Lead Architect

Bio to follow shortly

Ian Evans

IAM Subject Matter Specialist, Hargreaves Lansdown

Ian has lived a double life. His professional career spans information security, project management and marketing at financial sector stalwarts Lloyds, RBS, Co-op Bank, HSBC and Abbey. But he has also taught media, presentation and negotiation skills to clients from the bluest of blue chips to union leaders. Not bad for someone who started as an offshore DJ on pirate Radio Caroline. These days he employs both sides of his experience to evangelise about all things IAM at FTSE100 investment house Hargreaves Lansdown.

Ros Smith

Executive Product Manager – Identity & Access Management, BBC

Ros Smith is Executive Product Manager for Identity and Access Management – she has worked at the BBC for 20 years starting off in the Production and Editorial side of the business, having been a Radio Producer for Science Radio, Woman’s Hour and The Big Toe Radio Show; Deputy Editor of the award winning BBC News School Report; Project Manager at BBC Media Action and most recently Acting Head of BBC Weather.

She has been part of the BBC IAM team since 2018 and her background in the business highlights the point that IAM is 90% business change and 10% technology and to be successful it is essential to take a holistic approach to solving problems.

Vilma Blomberg

IAM Solution Design Owner, KONE

Vilma is an IT/Business professional working in Cybersecurity at the KONE Corporation as IAM Solution Design Owner. She has gained three University degrees as a “hybrid” manager from International master’s in management of IT -program (IMMIT).

At her work, she is specialized in delivering value from digital Identity and Access Management (IAM) using DevOps practices and automation. Vilma is responsible for gathering business and technical requirements, planning roadmaps and designing global solutions for IAM and Cybersecurity.

She has experience from managing a large legacy IDM replacement project. Now, her main focus is leading the agile IDM system development team. Acting as a Product Owner, she is ensuring that the solution is continuously developed, customized and configured to match the enterprise environment. She is more than eager to share her learnings and thoughts on practising DevOps & IAM.

Previous Speakers

Dr Gilad L. Rosner

Founder: IoT Privacy Forum; Expert in Public Policy of IoT & Identity Management; Privacy and Technology Policy Researcher

Dr Gilad Rosner is a privacy and information policy researcher and the founder of the non-profit Internet of Things Privacy Forum, a crossroads for industry, regulators, academics, government and privacy advocates to discuss the privacy challenges of the IoT. The Forum’s mission is to produce guidance, analysis and best practices to help industry and government to reduce privacy risk and innovate responsibly in the domain of connected devices.

Gilad’s broader work focuses on the IoT, identity management, US & EU privacy and data protection regimes, and online trust. His research has been used by the UK House of Commons Science and Technology Committee report on the Responsible Use of Data and he is a featured expert on O’Reilly and the BBC. Gilad is an internationally invited speaker and has given talks at industry conferences, universities, and government agencies, including the US National Institute of Standards and Technology. Gilad has a 20-year career in IT, having worked with identity management technology, digital media, automation and telecommunications.

Gilad is a member of the UK Cabinet Office Privacy and Consumer Advisory Group, which provides independent analysis and guidance on Government digital initiatives and is a member of the IEEE Global Initiative for Ethical Considerations in Artificial Intelligence and Autonomous Systems. He is a Visiting Researcher at the Horizon Digital Economy Research Institute, an Affiliate Researcher at UC Berkeley’s Centre for Long-Term Cybersecurity and has consulted on trust issues for the UK government’s identity assurance programme,

Katryna Dow

Founder & CEO, Meeco

Katryna Dow is the founder and CEO of Meeco; a personal data & distributed ledger platform that enables people to securely exchange data via the API-of-Me with the people and organisations they trust. Katryna has been pioneering personal data rights since 2002 when she envisioned a time when personal sovereignty, identity and contextual privacy would be as important as being connected. Now within the context of GDPR and Open Banking, distributed ledger, cloud, AI and IoT have converged to make Meeco both possible and necessary.

For the past three years, Katryna has been named as one of the Top 100 Identity Influencers. She is the co-author of the blockchain identity paper ‘Immutable Me’ and co-author/co-architect of Meeco’s distributed ledger solution and technical White Paper on Zero-Knowledge Proofs for Access, Control, Delegation and Consent of Identity and Personal Data. Katryna speaks globally on digital rights, privacy and data innovation.

She is a founding member of The Council of Extended Intelligence (CXI), a joint initiative between the IEEE Standards Association and MIT Media Lab. CXI was created to proliferate the ideals of responsible participant design, data agency and metrics of economic prosperity prioritizing people and the planet over profit and productivity.

In addition, Katryna currently serves on two IEEE standards working groups; Co-Chair for the Personal Data and Privacy Committee, part of the Global Initiative for Ethical Considerations in the Design of Autonomous Systems, and Chair for the new P7006 – Standard for Personal Data Artificial Intelligence (AI) Agent.

Prior to Meeco she founded and operated a strategy consulting practice, with extensive global experience in strategy to execution roles in start-ups to major corporate change and implementation and projects. Katryna has held leadership positions and delivered projects in the United Kingdom, Europe, Asia, the United States and India. Her industry sector experience includes information technology, financial services, health services and human resources. Katryna currently splits her time between Australia and Europe, where Meeco has offices and development teams.

Vinny Sagar


Vinny Sagar has more than 12 years experience in designing and implementing IAM solutions in large complex environments and has worked in many roles from development, delivery to Solution Architect.

Colin Wallis

Executive Director, Kantara Initiative

Colin is the Executive Director of Kantara Initiative Inc, the global non-profit trade association unique in its scope and mission to improve trustworthy use of both digital identity and personal data through innovation, standardization and good practice. Kantara operates Trust Frameworks to assure digital identity & privacy-oriented service providers, manages grant funds both sides of the Atlantic and is home to two open source specifications in the top 5 trends for 2018 noted by Kuppinger Cole – UMA and the Consent Receipt.

Colin’s combined public and private sector background in online identity and privacy builds on 15 years of contribution to international standards and consortia, Colin maintains leadership positions in OECD ITAC and ISO SC27 in topics around Information Security, Privacy and Trusted Identity.

Darshana Gunawardana

Senior Technical Lead, WSO2

Darshana is a key member of WSO2 Identity Server team. He mainly focuses on the domain of identity management and computer security. He is also interested in the areas of distributed computing and embedded systems. Darshana has worked with many customers on providing solutions and technical consulting specializing in the identity and access management space. He has been a speaker at WSO2’s flagship event WSO2Con and other conferences.

Stefan Bosnjakovic

IAM and Corporate IT-Security Architect, Deutsche Kredit Bank

Since 2016, Stefan has been an IAG Architect in the “IT Readiness Project DKB” at DKB Deutsche Kredit Bank. The emphasis of his professional activity during the last fifteen plus years has been on Identity and Access Management and Governance, Risk and Compliance projects.

He has also undertaken related project activities including Segregation of Duties methodology development, Requirement Engineering, role modelling and design of standardised access and role-models, workflow and associated process modelling and BPAM business process analysis and modelling in consideration of relevant security norms.

Before DKB Deutsche Kredit Bank, Stefan was based with several banks and financial institutions working on IAM and GRC projects.

Richard Horne

Cyber Security Partner, PwC UK

Richard is a recognised leader in the field of cyber security. He brings deep industry knowledge and expertise of delivering successful cyber risk management from the Board down through the whole of a global organisation. Prior to joining PwC, Richard was the Managing Director of Cyber Security at a FTSE 100 multinational financial institution, where he was largely credited as the driving force behind significant improvements made across the institution. Richard also has hands on experience helping the UK government shape and drive its cyber security strategy and plans. He has represented the UK on security matters to the OECD, the European Commission and the International Standards Organisation, and has advised governments, law enforcement and regulators globally.

Derek Gordon

UK IAM territory leader, PwC UK

Derek joined PwC through the acquisition of Praxism, a business he helped grow into a multi-national Identity and Access Management consultancy.

He helps clients with cyber strategy and architecture for numerous identity management and access governance solutions. Derek works across many sectors with a primary focus on large Financial Services organisations.

He is passionate about cyber challenges and opportunities, in particular the integration of technology to provide enhanced services and capabilities.

Cherry O’Donnell

Product Service Owner, Identity and Access Management, Parliamentary Digital Service

Cherry has been with the Parliamentary Digital Service for coming up to 2 years after joining in June 2017. She started as an Active Directory Specialist until being awarded the Role of Product Service Owner in June 2018. Cherry manages the engineers in the team and reports into the Head of Identity and Access Management. As a team, she manages all aspects of ‘Identity’ within Parliament. Maintaining the onsite Directory and PKI infrastructure, in addition to their Azure presence.

She recently oversaw the domain upgrade to Server 2016, upgrading all domain controllers, Schema and DFL with no downtime for users.
Before her current role, she spent almost 15 years contracting throughout the UK and Europe, enjoying roles with the COOP, Mediacom (part of WPP), Getronics, IBM, Barclays Bank and Unisys. Cherry has been in the Identity / AD fields most of her career.

Govind Yadav

Senior Sales Engineer, Omada

Govind has 13+ years’ of information security pre-sales consultant experience which includes working in different geographies and having worked with some of leading IAM vendors like CA technologies, SafeNet, Entrust etc. From his stint with a Certifying Authority, he brings in relevant experience from publicly trusted identities perspective as well which is crucial to understand challenges with some of Government projects. Outside of focusing on Identity Governance and Administration in Omada, in leisure time, Govind is passionate about researching ‘how to establish fool-proof secure physical identities’.

Hans Zandbelt

IAM Architect, OpenID Foundation

Hans is a Founder and IAM Architect at ZmartZone IAM. He holds an MSc. degree in Computer Science, Tele-Informatics and Open Systems from Twente University (1993). He has over 20 years’ experience as a technical leader in research and innovation projects, including digital identity initiatives. In 2007 he joined SURFnet as the Architect and Technical Product Manager of SURFfederatie, the national infrastructure for Federated Single Sign-On for the research and higher education community in the Netherlands.

In 2011 he joined Ping Identity as an expert on Single Sign-On, Cloud Identity & Access Management and large-scale deployment of federation technology, representing the CTO Office in Europe. In 2017 he founded ZmartZone IAM to provide Identity & Access Management consultancy and to contribute to standards and open source development in the broader field of IAM. He is an active member of the OpenID Connect Certification team in the OpenID Foundation.

David Doret

IAM & Data Protection Manager, BNP Paribas

David is a cybersecurity expert with a passion for sharing good and bad experiences with the InfoSec community. He held twice the CISO position, served as Corporate Risk Committee board member for financial institutions and spent several years leading a consulting practice for all sizes of clients in diverse industries. Today, he works as IAM manager for a global bank.

Petteri Ihalainen

Senior Specialist, National Cyber Security Centre, Finland

Mr Ihalainen has extensive information security background having worked for organisations like SSH Communication Security, Ubisecure, EU Commission, Gemalto and GlobalSign. During his career, he has participated in cutting edge initiatives and digital identity programs in various roles.

He’s currently working as a senior specialist at the National Cyber Security Centre, Finland (part of Traficom) in a team that supervises and advises organisations deploying digital identity solutions. He also acts as one of the country representatives at the EU-level in eIDAS related tasks and programs.

Jon Hawes

Head of Detect & Security Innovation, Photobox

Jon runs the Detect function at Photobox Group, which encompasses Security Operations, Incident Response, Red Team Testing. He also leads the security team’s Security Innovation Hub, running projects that support data-informed decision making and process automation.

Prior to Photobox, Jon worked at a global energy company, running strategy, architecture, and operations for a big data program focused on threat detection and continuous control monitoring.

This followed on from his work as the Head of Product Strategy for Data Analytics at Panaseer, where he worked with the data science team and client CISO teams to answer the question ‘What is our next best action to reduce cybersecurity risk?’ using logs, telemetry and alerts.

Before this, Jon worked at Pharos Security, a boutique consultancy, where he co-developed a Red Team methodology to both measure firms’ security control effectiveness, as well as deliver a business case at security control and strategic security program level for improving value from security investment.

Jon has presented on topics including security metrics, data analytics strategy and Artificial Intelligence at forums that include BSides Las Vegas, SiraCon, Infosecurity London, and the e-Crime Congress.

Aisling Connolly

Cryptography and Privacy Researcher, Information Security, École Normale Supérieure

Aisling is an Irish mathematician and cryptographer based in Paris.

Aisling has written and co-authored several research papers in the areas of symmetric cryptography, public key cryptography, digital signatures, post-quantum cryptography, and privacy.

Ultimately, her goal is to continue to tie the theoretical questions of life to the practical needs of society.

Charles James

Account Director, OneLogin

Charles James is an IT professional with almost 20 years’ experience in IT software solution sales including the dark art of Microsoft licensing and software asset management. Charles comes to OneLogin from AirWatch, where he joined the Enterprise Mobility Management revolution as one of the first sales people in the UK.

A strong believer in the sales process Charles has delivered consistently year on year within the Finance, Legal and Insurance sectors working with companies including HSBC, Lloyds Bank, BLP, AXA Insurance and Admiral.

Charles is always happy to share his enthusiasm for doing business the right way.

David Terrar

David Terrar, Director and Deputy Chair, Cloud Industry Forum

David is a well-known strategist, keynote speaker and influencer on cloud computing, digital transformation, social collaboration and ERP software.  He is a Director and Deputy Chair of the Cloud Industry Forum, judges the UK Cloud Awards, and is Founder & CXO of digital strategy consultancy Agile Elephant.  He is a specialist in sales, marketing and operations in the technology sector, and guest lectures on digital and social media at Henley Business School and on INSEEC’s MBA programme.  David is an advisor and non-exec director for several companies, and a regular host on the tech TV channel Disruptive. Live.