Publicly Attributing Cyber Operations by the Private Sector
21 September, 4pm – 5.15pm CET
– Juan Andres Guerrero-Saade, Sentinel One
– Selena Larson, Proofpoint
– Saher Naumaan, BAE Systems  

– Florian Egloff, ETH Zurich Center for Security Studies 
– Lilly Muller, King’s College London  

The private sector is by far the largest contributor to public knowledge on cyber operations. Public reporting has also undergone significant change in the last decade. This panel discusses this development. It will briefly address the main critiques on private sector reporting, such as marketing interests or skewed visibility, and then move the debate forward to address a series of additional issues that have received less attention. The panel offers a space for a conversation regarding the (sometimes elaborate) considerations by the private sector when going public and for reflection on how such considerations have changed over time.


Juan Andrés Guerrero-Saade is Principal Threat Researcher at SentinelOne and an Adjunct Professor of Strategic Studies at Johns Hopkins School of Advanced International Studies (SAIS). He was Chronicle Security’s Research Tsar, founding researcher of the Uppercase team, and a stealth startup co-founder. Prior to joining Chronicle, Juan Andrés was Principal Security Researcher at Kaspersky’s GReAT team focusing on targeted attacks and worked as Senior Cybersecurity and National Security Advisor to the Government of Ecuador. His joint work on Moonlight Maze is now featured in the International Spy Museum’s permanent exhibit in Washington, DC. @juanandres_gs

Selena Larson is a senior threat intelligence analyst at Proofpoint on the Threat Research team. She collaborates with fellow researchers to identify and investigate advanced threats and develop actionable threat intelligence. Selena is also a non-resident fellow at the Harvard Kennedy School Belfer Center Cyber Project. Previously, Selena was a cyber threat analyst for the industrial cybersecurity firm Dragos, and a cybersecurity and privacy journalist. @selenalarson

Saher Naumaan is a Threat Intelligence Analyst at BAE Systems Applied Intelligence. She currently researches state-sponsored cyber espionage with a focus on threat groups and activity in the Middle East. Saher specialises in analysis covering the intersection of geopolitics and cyber operations, and regularly speaks at public and private conferences around the world, including SAS, Virus Bulletin, FIRST, and BSides. She is also the creator and organiser of RESET (2018 and 2019), the first cybersecurity conference in Europe with an all female line-up. Prior to working at Applied Intelligence, Saher graduated from King’s College London with a Master’s in Intelligence and Security, where she received the Barrie Paskins Award for Best MA dissertation in War Studies. @saffronsec


Florian J. Egloff (DPhil Oxford) is a Senior Researcher in Cybersecurity at the Center for Security Studies (CSS) at ETH Zurich. His research focuses on the politics of cyber security, particularly with regard to intelligence policy and the role of non-​ and semi-​state actors in cyber security. Florian is a Research Associate at the Centre for Technology and Global Affairs at the Department of Politics and International Relations and teaches a course on attribution at the Centre for Doctoral Training in Cyber Security (both at the University of Oxford). His professional background includes working for the Swiss Federal Department of Foreign Affairs and in banking. @Egflo

Lilly Pijnenburg Muller is a PhD candidate at the War Studies Department and King’s College London and a member of the Cyber Security Research Group. Her research interests are cybersecurity, global security practices, international institutions, public–private relationships and risk/threat construction. Lilly has previously worked as a Research Fellow at the Norwegian Institute of International Affairs (NUPI) and as a James Martin Fellow the Global Cyber Security Capacity Building Centre (GCSCC) at the University of Oxford. @mullerlilly