Dr Gilad L. Rosner

Founder: IoT Privacy Forum; Expert in Public Policy of IoT & Identity Management; Privacy and Technology Policy Researcher

Dr Gilad Rosner is a privacy and information policy researcher and the founder of the non-profit Internet of Things Privacy Forum, a crossroads for industry, regulators, academics, government and privacy advocates to discuss the privacy challenges of the IoT. The Forum’s mission is to produce guidance, analysis and best practices to help industry and government to reduce privacy risk and innovate responsibly in the domain of connected devices.

Gilad’s broader work focuses on the IoT, identity management, US & EU privacy and data protection regimes, and online trust. His research has been used by the UK House of Commons Science and Technology Committee report on the Responsible Use of Data and he is a featured expert on O’Reilly and the BBC. Gilad is an internationally invited speaker and has given talks at industry conferences, universities, and government agencies, including the US National Institute of Standards and Technology. Gilad has a 20-year career in IT, having worked with identity management technology, digital media, automation and telecommunications.

Gilad is a member of the UK Cabinet Office Privacy and Consumer Advisory Group, which provides independent analysis and guidance on Government digital initiatives and is a member of the IEEE Global Initiative for Ethical Considerations in Artificial Intelligence and Autonomous Systems. He is a Visiting Researcher at the Horizon Digital Economy Research Institute, an Affiliate Researcher at UC Berkeley’s Centre for Long-Term Cybersecurity and has consulted on trust issues for the UK government’s identity assurance programme,

Katryna Dow

Founder & CEO, Meeco

Katryna Dow is the founder and CEO of Meeco; a personal data & distributed ledger platform that enables people to securely exchange data via the API-of-Me with the people and organisations they trust. Katryna has been pioneering personal data rights since 2002 when she envisioned a time when personal sovereignty, identity and contextual privacy would be as important as being connected. Now within the context of GDPR and Open Banking, distributed ledger, cloud, AI and IoT have converged to make Meeco both possible and necessary.

For the past three years, Katryna has been named as one of the Top 100 Identity Influencers. She is the co-author of the blockchain identity paper ‘Immutable Me’ and co-author/co-architect of Meeco’s distributed ledger solution and technical White Paper on Zero-Knowledge Proofs for Access, Control, Delegation and Consent of Identity and Personal Data. Katryna speaks globally on digital rights, privacy and data innovation.

She is a founding member of The Council of Extended Intelligence (CXI), a joint initiative between the IEEE Standards Association and MIT Media Lab. CXI was created to proliferate the ideals of responsible participant design, data agency and metrics of economic prosperity prioritizing people and the planet over profit and productivity.

In addition, Katryna currently serves on two IEEE standards working groups; Co-Chair for the Personal Data and Privacy Committee, part of the Global Initiative for Ethical Considerations in the Design of Autonomous Systems, and Chair for the new P7006 – Standard for Personal Data Artificial Intelligence (AI) Agent.

Prior to Meeco she founded and operated a strategy consulting practice, with extensive global experience in strategy to execution roles in start-ups to major corporate change and implementation and projects. Katryna has held leadership positions and delivered projects in the United Kingdom, Europe, Asia, the United States and India. Her industry sector experience includes information technology, financial services, health services and human resources. Katryna currently splits her time between Australia and Europe, where Meeco has offices and development teams.

Vinny Sagar

Solution Architect, Ping Identity

Vinny Sagar has more than 12 years experience in designing and implementing IAM solutions in large complex environments and has worked in many roles from development, delivery to Solution Architect.

Colin Wallis

Executive Director, Kantara Initiative

Colin is the Executive Director of Kantara Initiative Inc, the global non-profit trade association unique in its scope and mission to improve trustworthy use of both digital identity and personal data through innovation, standardization and good practice. Kantara operates Trust Frameworks to assure digital identity & privacy-oriented service providers, manages grant funds both sides of the Atlantic and is home to two open source specifications in the top 5 trends for 2018 noted by Kuppinger Cole – UMA and the Consent Receipt.

Colin’s combined public and private sector background in online identity and privacy builds on 15 years of contribution to international standards and consortia, Colin maintains leadership positions in OECD ITAC and ISO SC27 in topics around Information Security, Privacy and Trusted Identity.

Darshana Gunawardana

Senior Technical Lead, WSO2

Darshana is a key member of WSO2 Identity Server team. He mainly focuses on the domain of identity management and computer security. He is also interested in the areas of distributed computing and embedded systems. Darshana has worked with many customers on providing solutions and technical consulting specializing in the identity and access management space. He has been a speaker at WSO2’s flagship event WSO2Con and other conferences.

Stefan Bosnjakovic

IAM and Corporate IT-Security Architect, Deutsche Kredit Bank

Since 2016, Stefan has been an IAG Architect in the “IT Readiness Project DKB” at DKB Deutsche Kredit Bank. The emphasis of his professional activity during the last fifteen plus years has been on Identity and Access Management and Governance, Risk and Compliance projects.

He has also undertaken related project activities including Segregation of Duties methodology development, Requirement Engineering, role modelling and design of standardised access and role-models, workflow and associated process modelling and BPAM business process analysis and modelling in consideration of relevant security norms.

Before DKB Deutsche Kredit Bank, Stefan was based with several banks and financial institutions working on IAM and GRC projects.

Richard Horne

Cyber Security Partner, PwC UK

Richard is a recognised leader in the field of cyber security. He brings deep industry knowledge and expertise of delivering successful cyber risk management from the Board down through the whole of a global organisation. Prior to joining PwC, Richard was the Managing Director of Cyber Security at a FTSE 100 multinational financial institution, where he was largely credited as the driving force behind significant improvements made across the institution. Richard also has hands on experience helping the UK government shape and drive its cyber security strategy and plans. He has represented the UK on security matters to the OECD, the European Commission and the International Standards Organisation, and has advised governments, law enforcement and regulators globally.

Derek Gordon

UK IAM territory leader, PwC UK

Derek joined PwC through the acquisition of Praxism, a business he helped grow into a multi-national Identity and Access Management consultancy.

He helps clients with cyber strategy and architecture for numerous identity management and access governance solutions. Derek works across many sectors with a primary focus on large Financial Services organisations.

He is passionate about cyber challenges and opportunities, in particular the integration of technology to provide enhanced services and capabilities.

Cherry O’Donnell

Product Service Owner, Identity and Access Management, Parliamentary Digital Service

Cherry has been with the Parliamentary Digital Service for coming up to 2 years after joining in June 2017. She started as an Active Directory Specialist until being awarded the Role of Product Service Owner in June 2018. Cherry manages the engineers in the team and reports into the Head of Identity and Access Management. As a team, she manages all aspects of ‘Identity’ within Parliament. Maintaining the onsite Directory and PKI infrastructure, in addition to their Azure presence.

She recently oversaw the domain upgrade to Server 2016, upgrading all domain controllers, Schema and DFL with no downtime for users.
Before her current role, she spent almost 15 years contracting throughout the UK and Europe, enjoying roles with the COOP, Mediacom (part of WPP), Getronics, IBM, Barclays Bank and Unisys. Cherry has been in the Identity / AD fields most of her career.

Govind Yadav

Senior Sales Engineer, Omada

Govind has 13+ years’ of information security pre-sales consultant experience which includes working in different geographies and having worked with some of leading IAM vendors like CA technologies, SafeNet, Entrust etc. From his stint with a Certifying Authority, he brings in relevant experience from publicly trusted identities perspective as well which is crucial to understand challenges with some of Government projects. Outside of focusing on Identity Governance and Administration in Omada, in leisure time, Govind is passionate about researching ‘how to establish fool-proof secure physical identities’.

Hans Zandbelt

IAM Architect, OpenID Foundation

Hans is a Founder and IAM Architect at ZmartZone IAM. He holds an MSc. degree in Computer Science, Tele-Informatics and Open Systems from Twente University (1993). He has over 20 years’ experience as a technical leader in research and innovation projects, including digital identity initiatives. In 2007 he joined SURFnet as the Architect and Technical Product Manager of SURFfederatie, the national infrastructure for Federated Single Sign-On for the research and higher education community in the Netherlands.

In 2011 he joined Ping Identity as an expert on Single Sign-On, Cloud Identity & Access Management and large-scale deployment of federation technology, representing the CTO Office in Europe. In 2017 he founded ZmartZone IAM to provide Identity & Access Management consultancy and to contribute to standards and open source development in the broader field of IAM. He is an active member of the OpenID Connect Certification team in the OpenID Foundation.

David Doret

IAM & Data Protection Manager, BNP Paribas

David is a cybersecurity expert with a passion for sharing good and bad experiences with the InfoSec community. He held twice the CISO position, served as Corporate Risk Committee board member for financial institutions and spent several years leading a consulting practice for all sizes of clients in diverse industries. Today, he works as IAM manager for a global bank.

Petteri Ihalainen

Senior Specialist, National Cyber Security Centre, Finland

Mr Ihalainen has extensive information security background having worked for organisations like SSH Communication Security, Ubisecure, EU Commission, Gemalto and GlobalSign. During his career, he has participated in cutting edge initiatives and digital identity programs in various roles.

He’s currently working as a senior specialist at the National Cyber Security Centre, Finland (part of Traficom) in a team that supervises and advises organisations deploying digital identity solutions. He also acts as one of the country representatives at the EU-level in eIDAS related tasks and programs.

Jon Hawes

Head of Detect & Security Innovation, Photobox

Jon runs the Detect function at Photobox Group, which encompasses Security Operations, Incident Response, Red Team Testing. He also leads the security team’s Security Innovation Hub, running projects that support data-informed decision making and process automation.

Prior to Photobox, Jon worked at a global energy company, running strategy, architecture, and operations for a big data program focused on threat detection and continuous control monitoring.

This followed on from his work as the Head of Product Strategy for Data Analytics at Panaseer, where he worked with the data science team and client CISO teams to answer the question ‘What is our next best action to reduce cybersecurity risk?’ using logs, telemetry and alerts.

Before this, Jon worked at Pharos Security, a boutique consultancy, where he co-developed a Red Team methodology to both measure firms’ security control effectiveness, as well as deliver a business case at security control and strategic security program level for improving value from security investment.

Jon has presented on topics including security metrics, data analytics strategy and Artificial Intelligence at forums that include BSides Las Vegas, SiraCon, Infosecurity London, and the e-Crime Congress.

Aisling Connolly

Cryptography and Privacy Researcher, Information Security, École Normale Supérieure

Aisling is an Irish mathematician and cryptographer based in Paris.

Aisling has written and co-authored several research papers in the areas of symmetric cryptography, public key cryptography, digital signatures, post-quantum cryptography, and privacy.

Ultimately, her goal is to continue to tie the theoretical questions of life to the practical needs of society.

Charles James

Account Director, OneLogin

Charles James is an IT professional with almost 20 years’ experience in IT software solution sales including the dark art of Microsoft licensing and software asset management. Charles comes to OneLogin from AirWatch, where he joined the Enterprise Mobility Management revolution as one of the first sales people in the UK.

A strong believer in the sales process Charles has delivered consistently year on year within the Finance, Legal and Insurance sectors working with companies including HSBC, Lloyds Bank, BLP, AXA Insurance and Admiral.

Charles is always happy to share his enthusiasm for doing business the right way.

Previous Speakers

Sarb Sembhi

Past President, ISACA London

Sarb Sembhi has been the Chair of the ISACA GRA Committee and a member of the ISACA Relations Board. Sarb began his career in the public sector as a Project Manager, and has more than 30 years of project management and consultancy experience.

He has gained this experience providing services to companies including the BBC, Travis Perkins, BP, Network Rail. Sarb is a regular speaker at Information Security Conferences around the world, including the CxO Dialogue, Gartner Summits, InfoSec Europe, RSA Europe, HITB, BCS, ISACA, IPSec, IFSEC, Security Directors Forum.

He is also a member of the Defence and Security Committee and the Cyber Security Working Group at the London Chamber of Commerce & Industry, Infosecurity Magazine Editorial Board, and The Institute of Engineering and Technology, The Institute of Risk Management, The Chartered Insurance Institute, and was an individual member of the Parliamentary IT Committee.

Sonal Balachandran

Senior VP leading regulatory remediation of privileged access

Sonal is an Information security professional with more than 10+ years of experience with a special focus on Identity and Access. She has worked with a number of large financial services organisations in the UK. Within DB her role is to ensure the controls deployed around Identity and Access help achieve tangible and sustainable risk reduction and meet audit and regulatory requirements.

Rob Otto

EMEA Field CTO/Solutions Architect, Ping Identity

Rob is a Senior Technical Architect for Ping Identity in the UK and also the EMEA representative to the Ping Identity CTO Office. Rob holds a BSc (Computer Science) degree from Pretoria University and has nearly 20 years experience in identity and access management.

He has worked on complex implementation projects in the UK, USA, Europe and South Africa. His current area of focus is on applying industry standards like OpenID Connect and OAuth 2.0 to enable businesses to interoperate and securely expose data and API’s.

Emma Harvey

Head of Product Management, NHS Digital

Emma has over the last 19 years developed a wide range of skills working in ‘digital’ in its various guises, spanning marketing, service design, games and software. Clients she has worked with include BBC, Channel 4, NHS, The Design Council, P&G, Gatwick Airport, and many more. She has been privileged to work in senior roles including Client Services Director at one of the north’s biggest digital agencies, and as Managing Director at one of the north’s most respected boutique digital agencies. She also set up Hózhó, specialising in digital products, service design and capability building; which led her to working with NHS Digital, where she is now Head of Product Management.

Markku Rossi

Chief Technology Officer, SSH

Markku Rossi has close to 25 years’ software engineering and architecture experience. At SSH.COM he is responsible for R&D and directs the company’s technology strategy. Markku has extensive knowledge and experience with SSH Communications Security products, having served the company from 1998 through 2005 as a Chief Engineer and a major contributor to the SSH software architecture. Prior to re-joining the company in 2015, he co-founded several companies such as Codento and ShopAdvisor and served as CTO at Navicore and as Chief Architect at Nokia. Markku has a Master of Science degree in Computer Science from Aalto University.

Nick Mothershaw

Co-Chairman, Open Identity Exchange

Nick is responsible for the strategic development of Experian’s fraud and identity solutions for both the public and private sectors. The Identity Solutions portfolio includes traditional ID verification, challenge questions and document verification. Experian now also offer a full Identity as a Service solution, including ID proofing and strong credential management, and is an identity provider within the GOV.UK/Verify scheme.

Nick has been with Experian for over 15 years. Previously Nick was a director of a company providing global solutions within the broader Criminal Justice arena. Here he architected the Scottish Intelligence Database: the only cross force intelligence sharing and matching solution in the UK. He also exported best of breed UK crime management systems to Australia and the US. Nick has also worked for IBM in the healthcare and utilities sector, and began his career as a mainframe systems analyst with a large UK brewer and pub company. He has a degree in Computer Science.

Nick has three children, and is into amateur dramatics in his spare time. In the last 12 months he has played Man Friday and a shell-shocked army medical officer in the hard hitting WW1 drama Hamp.

Chris Clarkson

Senior Solutions Engineer, BOMGAR

Chris Clarkson is a Senior Solutions Engineer with Bomgar, a leader in Privileged Access Management solutions. Chris has worked at Bomgar for 3 years after previously being with SCC, Europe’s largest System Integrator. Chris has acquired a wide-range of security experience and knowledge working with companies during the last 10 years across multiple industries and is a regular speaker at industry conferences.

Professor Steven Furnell

Professor of Information Security, University of Plymouth

Steven Furnell is a Professor of Information Security and leads the Centre for Security, Communications & Network Research at the University of Plymouth. He is also an Adjunct Professor with Edith Cowan University in Western Australia and an Honorary Professor with Nelson Mandela University in South Africa. His research interests include usability of security and privacy, security management and culture, and technologies for user authentication and intrusion detection. He has authored over 300 papers in refereed international journals and conference proceedings, as well as books including Cybercrime: Vandalizing the Information Society and Computer Insecurity: Risking the System. Prof. Furnell is the current Chair of Technical Committee 11 (security and privacy) within the International Federation for Information Processing, and a member of related working groups on security management, security education, and human aspects of security. He is also a board member of the Institute of Information Security Professionals, and chairs the academic partnership committee and southwest branch. He can be found on Twitter via @smfurnell and further details are at

Ros Smith

Senior Product Manager, Identity and Access Management, BBC

Ros Smith is new to the world of IAM. She has worked at the BBC for over 18 years. Until 6 months ago she worked in Production and Editorial, having been a Radio Producer for Science Radio, Woman’s Hour and The Big Toe Radio Show, Deputy Editor of the award winning BBC News School Report, Project Manager at BBC Media Action and most recently Acting Head of BBC Weather. She is now Senior Product Manager in Identity and Access Management and has learnt more acronyms in the last 6 months than she ever imagined possible.

Stephen Williams

Founder and Managing Director of Atlas Identity

Stephen Williams is the Founder and Managing Director of Atlas Identity, which is a British consultancy that delivers Cloud-based Identity and Access Management (IdAM) solutions. With over 15 years of experience of being an customer, vendor, and consultant, he has a great perspective of what it takes to successfully deliver tangible and positive IdAM change, including the common pitfalls to avoid. Stephen’s presentation will specifically focus on giving attendees his honest guidance with a ‘straight bat’ regardless of industry, region, or technology.

Barrie Millett

Head of Group Security, Wesleyan

Barrie is Head of Group Security for Wesleyan where he has developed and implemented a new operational and strategic approach for Resilience covering – Cyber and Physical Security, Business Continuity, Crisis Management and Data Protection as the Groups Data Protection Officer. Joining Wesleyan after 8 years with EON UK as Head of HSSE & Resilience and 5 years with GE in senior regional resilience roles. Prior to his corporate roles Barrie was a consultant providing risk management leadership to a variety of corporations across the globe. Barrie started his career as a Royal Marines Commando serving with 40 Commando RM and HQ Commando Forces. Barrie is Honorary Life Vice President of ASIS Int. UK Chapter.

Gal Helemski

Co-founder & Chief Innovation & Product Officer (CIPO), PlainID

Gal is recognized as a specialist in cyber security with specific focus on identity and access management. In the past 16 years she has defined solutions to customers, wrote the project specs, technical documentation, presentations and training. Gal holds a B.Sc in Physics & Computer Science from Bar-Ilan University. In the IDF, she served for 6 years in the prestigious computing unit Mamram.

Martin Ingram

Product Owner, Identity and Access Management, Royal Bank of Scotland

Martin Ingram is the Identity & Access Management Product Owner for RBS, in charge of transforming identity & access management for RBS to support new customer digital journeys and requirements such as PSD2.

Prior to RBS he has had a broad experience in security both from a vendor and a client organisation perspective having consulted or worked for organisations in Europe, America and Australia. As such he has been involved in IAM, Crypto systems, Content Security and malware amongst many other security domains.

Martin has a background in engineering and has been on the board of several start-up technology companies.

Manoj Kumar

Lead for Identity and Access Management, KPMG UK

Manoj heads the Identity & Access Management Services at KPMG. He has spent over ten years delivering IAM Strategy, Service Transformation Initiatives, Technical Implementation Projects and Governance and Operating Models for clients across a broad range of sectors including Banking, Investment Management, Utilities, Telcos and Retail. At KPMG, Manoj not only provides leadership to IAM service development efforts EMEA wide, but also heads the delivery of some of KPMG’s most complex IAM engagements. He is a recognised specialist in the Identity & Access Management space and is actively involved in thought leadership initiatives including speaking events that help the industry and his clients leverage IAM not just as a Security Imperative but also as a business enabler.

Gabe Chomic

President, Information Systems Security Association – UK Chapter (ISSA-UK)

Gabe Chomic is a technologist at heart who has been tinkering with things from an early age. He currently leads the information security and architecture efforts at a large national charity and also serves as President of the ISSA-UK Chapter. In various past lives, he has performed in-depth security engineering in heavy industry & SCADA environments, analysed international business and security processes in fourteen countries, and dabbled in government IT. His current passions involve the economic drivers behind insecurity, the cascading effects of small business failure, and the changing perception of information security in the public eye.

Karthik Selvaraj

Consultant Platform Architect, British Gas

Karthik Selvaraj is a seasoned technologist has spent last 15 years in creating new business values through technology adoption.

In his current role, leads a technical team responsible for delivering next generation platforms at British Gas related to Identity and API Management, Security Integration and mobility solutions.

Karthik is passionate about building world class, secure and scalable solutions in Cloud.

Tom Eggleston

Managing Director, ProofID

A seasoned identity management veteran, Tom has been involved in all aspects of delivering identity management solutions for over ten years. As Chief Technology Officer at Salford Software Ltd, a specialist provider of identity management solutions to universities, Tom gained a deep understanding of what makes the Higher Education sector tick. Now, as Managing Director of ProofID, Tom is focused on helping ProofID’s customers unlock the benefits of next-generation identity management.

Don Thibeau

Chairman and President, The Open Identity Exchange (OIX)

Don is President and Chairman of the Open Identity Exchange (OIX) a non-profit organization of leaders from competing sectors, including enterprise, data services, telecommunications, consulting services, SaaS, banking, retail and government. OIX has become a global center of excellence for the identity trust layer of online transactions serving as a test bed for business, legal and governance policies in the emerging identity ecosystem.

Don is also the Executive Director of the OpenID Foundation, where he directs a standards development process for Internet identity. The foundation’s membership is comprised of leaders from key industry organizations that collaborate on the development, adoption and deployment of open identity standards. He blogs at

Cyril Gollain

Chief Executive Officer, Brainwave

Cyril is the Chief Executive Officer and Co-founder of Brainwave. Under Cyril’s leadership, Brainwave has grown from a collection of unique and innovative ideas into a market recognized leader in the identity analytics & intelligence software market.

Cyril drives the overall vision and strategy for Brainwave, which is re-enforced by his passion for building performing teams, creating an innovative work environment, and focusing continuously on the customer’s pains and needs.

Before Brainwave, Cyril held management and consulting positions at Oracle, BT Global Services and Cap Gemini. Cyril is a popular speaker at IT Security events and contributor to IAM groups and blogs. He holds degrees from Chimie Paris Tech and Imperial College of London.