Roger Halbheer

Job title:
Chief security advisor, Microsoft

Areas of expertise:
Policy, architecture, law enforcement, cybersecurity, processes

Roger Halbheer joined Microsoft as Chief Security Advisor of Microsoft Switzerland in 2001 and was promoted to the role of Chief Security Advisor for Microsoft Europe, the Middle East and Africa (EMEA) in February 2007. Roger leads a team of national Chief Security Advisors across EMEA who work with organizations in the commercial and public sectors - including national governments, law enforcement and intelligence agencies - on information technology issues and strategies. He is a trusted advisor to C-level executives, governments and law enforcement agencies and has established relationships with security communities and government agencies across the region. Roger is a regular speaker at industry events and has worked with national and international print and broadcast media both to represent Microsoft and to provide expert comment on broader security issues. A Swiss national, Roger holds a Master of Computer Science degree from the Federal Institute of Technology in Zurich and is a Certified Information System Security Professional (CISSP). Before joining Microsoft, he was responsible for e-Business Risk Management at PricewaterhouseCoopers in Switzerland. He lives in Zurich and is married with two sons.

Tag Cloud



Council of Europe – Octopus Conference (Cooperation against Cybercrime) Day 2

And the second day starts. I just met with Jeremy Kirk from IDG and it is great to see that the press is actually interested in such a conference as well.

The day today started with a long session on different initiatives against cybercrime. A lot of good information:

  • Interpol offers quite some good services to the police stations across the globe: A 24-7 center to bridge between the different police forces (sometimes just to overcome language barriers), a central database to share information on crimes, etc. Additionally they train police forces on cybercrime and investigation all across the globe.
  • London Action Plan: The largest network of civil authorities but it is open to participation by the industry. Even though it is called “London Action Plan” it is a global public-private partnership, formed in 2004 and covers data protection agencies, consumer protection agencies, the private sector, etc. They want to strengthen the network, increase the knowledge and share best practices and emerging threats. Basically it is about how the different parties can use their tools and knowledge in a cooperative way to conduct investigations.
  • GPEN (Global Prosecutor E-Crime Network): It is owned by the Association of International Prosecutors. Basically this is a big sharing initiative for prosecutors on cybercrime. One of the key areas is about sharing training packs for capacity building. Additionally, they run a website with a forum where they share approaches to cases (no sensitive information) – a fairly interesting approach. Finally, they have material they share about how to present cases in front of court (like how a botnet works, what a trojan horse does…) like videos, presentations etc.
  • InHope: InHope is a network of hotlines against illegal content like child sexual abuse images (actually the core of their work), extreme violence, racism, etc. They want to work on standardization (or best practices) on how such reports are handled to make law enforcement more effective. They are covering 31 countries today and are looking into growing into more developing countries.
  • Global Network Initiative: An initiative to support to freedom of expression and privacy. The challenge they want to address is the conflict global companies face, were local legislation conflicts with human rights on the Internet. So, the GNI developed a set of principles to advance human rights on the Internet.
  • Anti-Phishing Working Group: This is fairly obvious what they do. A few years back, they actually organized an event in Europe (I think it was in Berlin) on how to collaborate on phishing cases. One of the projects they are running at the moment is about sharing data with law enforcement. It is basically about automated processing of e-crime data and write “the story” for the prosecutor and judge. So, it is about harmonizing databases and file format. A good idea, I am just wondering whether the law enforcement agencies will pick it up and really share the data as they do not share the data today – because they are often not allowed to share… Where they definitely will be successful is, when it comes to data on phasing cases.
  • Messaging Anti-Abuse Working Group (MAAWG): This working group actually roots back in the time when e-mail came up significantly and when e-mail started to get abused. So, the working group mainly consists of ISPs as well as some security vendors and companies, which rightfully use e-mail for marketing purposes. So, basically it is about collaborating to fight spam (which often is one of the root of cybercrime attacks) and they have a lot of good guidelines like the use of port 25 etc.

What I liked with this network sharing workshop is that I never heard from any of the networks “we are the ones” but much more: We want to collaborate and not duplicate efforts – a great position we need. If you want to get an overview of the different networks that exist, the Council of Europe has a good overview: Anti-cybercrime networks, organisations and initiatives

The afternoon was about effective measures against sexual exploitation and abuse of children on the internet. I was fairly new to this theme. So, there are a few key findings for me:

  • Just access for children to law enforcement is a huge problem. But there are initiatives to address this – for children who are most exposed, like children without parents.
  • This is a very big social problem. It is not necessarily a legal challenge (which it is as well, but there are guidelines for it) but – again – how can a victim really execute their rights?
  • There is a lot of interesting (and shocking) information available on the website of EPCAT International:

So far it was – as always – a very interesting and valuable conference. I am not sure whether I can write about  it tomorrow as I will be in a panel on the Cloud in the morning and then on the road


Posted 24/03/2010 by Roger Halbheer

Tagged under: not tagged.

RE: Council of Europe – Octopus Conference (Cooperation against Cybercrime) Day 2
Posted 26/03/2010 by Alex Clayton
Thanks for this, Roger. It is really useful summary of the different initiatives and agencies involved in the fight against Cybercrime.

Comment on this blog

You must be registered and logged in to leave a comment about this blog.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×