27/10/23, Paris (France) – After an in-depth preparation and planning process, the Good Faith Cybersecurity Researchers Coalition is thrilled to share a momentous milestone with our community. It is with immense pride and honour that we formally announce the distinguished individuals who will be leading our organisation as the Board of Directors.
This esteemed group of professionals brings a wealth of experience and passion for advancing cybersecurity research in the spirit of good faith collaboration. Together, they will guide our coalition towards new heights, fostering innovation and excellence.
Stay tuned as we embark on this exciting journey, working hand-in-hand with our dedicated board to shape the future of cybersecurity research and promote ethical practices within the community.
Board
Members of the GFCRC Board
William Bartholomew
Director of Security Strategy, Microsoft
William Bartholomew (he/him) is a Principal Security Strategist in the Customer Security & Trust team at Microsoft. His public policy advocacy benefits from over a decade of experience in designing, implementing, and operating software supply chains used by tens of thousands of developers. Prior to focusing on public policy, he held engineering and product management roles within Microsoft and GitHub that focused on delivering reliable and secure engineering systems for developers internally as well as for our customers. He brings his relentless focus on reducing friction to standards development, open source, and public- and private-sector working groups globally. When not working, he can be found tinkering with hardware and software, making espresso, and spending time with his family in the United States’ Pacific Northwest.
María del Pino González-Junco
Partner Manager for the Charter of Trust, Siemens
Maria is Partner Manager for the Charter of Trust at Siemens. She is passionate about linking technology and business, skilled in building cross-functional teams and turn them into top performers to bring about improvements in strategy, processes, and profitability, and committed to delivering an exceptional customer experience.
Mehmet Ince
Managing Partner, PRODAFT
Mehmet is Senior Vulnerability Researcher and Managing Partner of PRODAFT, a Netherlands-based cyber-threat intelligence firm. Mehmet has been at the forefront of the information security community for many years, with an extensive knowledge base reaching 15 years. Up to date, Mehmet has done extensive research on finding vulnerabilities in popular products and published more than 300 0-days based on his findings.
Thomas Penteker
Head of CERT, Siemens AG
Since 2022, Thomas Penteker has been the Head of CERT at Siemens AG, directing critical cybersecurity strategies for the company. His journey in cybersecurity commenced in 2015 when he assumed the role of IT Security Engineer at Siemens CERT, progressing subsequently to become the Team Lead for Incident Response from 2017 to 2022. Before delving into corporate cybersecurity, Thomas spent six years freelancing as a Project Manager and Developer from 2009 to 2015, showcasing his adaptability and diverse skill set. In the earlier stages of his career, from 2007 to 2009, he held the role of Head of IT at Herbert Bauer GmbH. Each step in Thomas’ professional trajectory has contributed to a rich tapestry of skills and experiences that define his career in the dynamic field of cybersecurity.
Tarah Wheeler
CEO & Founder, Red Queen Dynamics
Tarah M. Wheeler is a strategic technical security leader and executive dedicated to cybersecurity with integrity and openness. Innovating in cloud security, data privacy, and top-level direction for security companies. She has holistic experience in and passion for risk management, compliance as a service, and drilling down into technical contributions to product and operational security. Her background includes engineering and systems administration, developed into clear communications, customer oriented relationship building, and strategic leadership of enterprise-level organizations. Tarah was most recognized for remaining technically competent while breaking into executive leadership and strategic direction for security organizations and companies.
Stéphane Duguin
CEO, Cyber Peace Institute
Stéphane Duguin is the CEO of the CyberPeace Institute. Humanitarian, entrepreneur, investigator, he spent two decades tracking how criminals groups and terrorists organisation weaponise disruptive technologies, such as Al, against vulnerable communities. At Europol, Stephane led major international counter cybercrime, terrorism and hybrid threats operations, and investigated threat actors deploying cyberattacks, illegal content and disinformation techniques. Stephane leads the CyberPeace Institute to provide free cybersecurity for the most vulnerable and hold threat actors to account for the harms they cause.
Stéphane Duguin sits on the Board of the Datasphere Initiative and is a member of the Advisory Board of the Open Quantum Institute, the Global Forum on Cybercrime Expertise (GFCE), the Tech4Trust initiative, the Fighting Terrorist Content Online (FRISCO) and the Global Cyber Alliance (GCA).
Stéphane has published a book, over 50 articles, book chapters, conference papers, and commentary essays exploring themes like AI, cybercrime, disinformation, and OSINT techniques. Holding numerous keynotes, he shed light on criminal innovation in the age of technology.
Stéphane served in EUROPOL as senior manager in the European Cybercrime Centre (EC3), the European Internet Referral Unit (EU IRU), and the Europol Innovation Lab.
Sándor Féhér
CEO, White Hat Security / CyAN Representative
Sándor is the founder and CEO of White Hat IT Security. With a degree in software development and mathematics he has spent over 15 years in the national security sector, where he had had the opportunity to see the highest-level governmental offense and defence and gain hands-on experiences and a diverse view few could. He founded White Hat in 2018 with venture capital and turned immediately abroad.
White Hat IT Security is a cloud-focused managed security services provider (MSSP), which – as a member of the Microsoft Intelligent Security Association – specializes in the Microsoft security portfolio. In September 2023 the company provides 24/7 defence to its customers in over 35 countries, together with a wide range of complimentary cyber security services including high-level vulnerability assessments and penetration testing, consulting, trainings or rapid incident response, if need be.
Sándor is an Offensive Security Certified Professional (OSCP), Offensive Security Certified Expert (OSCE), Offensive Security Wireless Professional (OSWP) and Certified Information Security Manager (CISM), while also a certified ISO27001 Lead auditor. He is a member of the Paris-based Cybersecurity Advisors Network (CyAN), board member of the also Paris-based Good Faith Cybersecurity Researcher Coalition, founding member of the Hungarian Cyber Security Cluster and strategic partner and guest lecturer of the prestigious Óbuda University.
Observer Members
Paris Peace Forum
Paris Peace Forum
Learn more about the GFCRC and our structure by visiting our page on Governance.
