About

I’m very passionate about information security; As I’m intrigued by multiple aspects of the discipline, and through extended periods of time I have dived very deep and dealt very extensively in the areas of risk management, technology, compliance, cloud computing, data protection and a handful of others.

I’m trying to exercise my curiosity through professional engagements, academic studies, published research, professional memberships and volunteering. I also mentor (mostly) entry-level professionals navigating their career steps.     

Professional Experience

During the last twenty years, I’m having the privilege of working with some of the world’s largest organizations in more than 30 EMEA countries. 

I am currently serving as a Senior Security Specialist (aka Enterprise Security Executive) at Microsoft, covering Enterprise Customers, Public Sector Organizations and Educational Institutions in Greece, Cyprus and Malta.  

Previously, I have served as the Director of IT Governance, Risk and Compliance for Syntax IT Group, serving customers in Greece, Qatar and Kuwait between 2020-2021, and as the Chief Technology Officer of ADACOM S.A. (covering 30 EMEA countries through offices in Greece, Serbia, Cyprus, Israel, UK) between 2008-2020, and as the Product Manager for Information Security at Space Hellas S.A. for Greece, Cyprus from 1999 to 2008.

As of March 2019, I’m honored to serve as the President of the (ISC)2 Hellenic Chapter, supporting information security professionals through their entire career and promoting our profession.

More details about my professional profile can be found at LinkedIn .

Academics

I’ve extensively studied information security, and I’m holding the following academic titles:

• Ph.D. (summa cum laude) in Information Security (Department of Informatics, University of Piraeus, Greece, 2009), under the supervision of Professor C. Douligeris, closely cooperating with Dr. Sarandis Mitropoulos. 
  • The main topics dealt with were: cyber security, incident response methodologies, corporate management frameworks, automated trace back mechanisms, digital forensics, topological vulnerability analysis, and the design and development of IRIDA (Incident Response Intelligence Data Analytics), which correlates vulnerability with exploit information, contextualizes security controls and identify and orchestrate the automated enforcement of network-based defenses (mostly through intrusion detection systems).  
  • My Thesis Title was “Effective management support on network and communications security – identifying and responding to security incidents”, which can be found here. 
• M.Sc. with Distinction in Information Security (Information Security Group, Department of Mathematics, Royal Holloway University of London, UK, 2002),
• B.Sc. in Informatics (Department of Informatics, Athens University of Economics and Business, Greece, 2001).

Main Research Areas 

I can understand very well incident response systems, topological vulnerability analysis, vulnerability semantics and intrusion detection. Therefore, I have created the IRIDA (Incident Response Intelligence Data Analytics), a U.S. patent-pending technology, that automates the incident response procedure using topological vulnerability, exploit and intrusion detection data. This work was awarded the “Outstanding Paper Award” at the Literati Network Awards for Excellence, in 2011.

My entire list of research publications, including my co-authors and other works citing these publications, can be found here.

I can also understand the social aspects of cyber security, data privacy, human-oriented digital exploits, security issues in the realm of IoT as well as the formal security policy grammars and languages. I can also understand, in various depths, the technology surrounding all these.

I hold a number of professional certifications, such as the CISSP, CISM, CDPSE, CCSK, and multiple vendor-oriented accreditations (CCSA, CCSE, CCDA, etc.)