他人になりすます北朝鮮の応募者を検知: CISO プレイブック

Ross McKerchar is the CISO of Sophos. Ross has a BSc in Computer Science from Edinburgh University and joined Sophos in 2007. During his years at Sophos, Ross established and built Sophos’ cybersecurity program through periods of high company growth, including multiple acquisitions and an IPO on the LSE.

At Sophos, the CISO team runs all aspect of Sophos' own security including Security Architecture, Trust and Compliance, Product Security, Red Teaming and Security Operations. Sitting in the Sophos technology group alongside Sophos Labs and our customer-facing MDR team, we are part of Sophos X-Ops joint task force.

Out of work Ross has a passion for the outdoors and, when he’s not spending time with his young family, loves to travel around the world rock climbing, trail running or surfing.

Rafe Pilling is a Director of Threat Intelligence in the Sophos Counter Threat Unit (CTU). He leads global threat intelligence production within the CTU, where he oversees all-source analysis focused on advanced cybercriminal and state-sponsored threats. This threat intelligence directly informs and supports organizations worldwide in strengthening security operations, guiding incident response, and shaping strategic cyber-risk decisions.

Sarah Kern is a security researcher, specializing in North Korean and emerging threats, in the Sophos Counter Threat Unit (CTU). With deep expertise in state-sponsored cyber adversaries, Sarah plays a critical role in identifying, analyzing, and mitigating sophisticated threats originating from North Korea and other advanced persistent threat groups.

Angela Gunn is a senior threat researcher in Sophos X-Ops. As a journalist and columnist for two decades, her outlets included USA Today, PC Magazine, Computerworld, and Yahoo Internet Life. Since morphing into a full-time technologist, she has focused on incident response, privacy, threat modeling, GRC, OSINT, and security training at companies including Microsoft, HPE, BAE AI, and SilverSky.

Jane Adams is a Principal Threat Researcher at Sophos. Before joining Sophos, she worked in security research at Secureworks, following 20+ years as a journalist and PR in the fintech and cards sectors.

Mindi McDowell is a Senior Threat Researcher in Sophos X-Ops. She holds a master's degree in professional writing from Carnegie Mellon University and began her cybersecurity career at the CERT Coordination Center, based at Carnegie Mellon University's Software Engineering Institute. She later joined Secureworks, where she was a member of the Counter Threat Unit (CTU).

Ryan Westman is a Senior Manager of Threat Research at Sophos. With over a decade of experience in cybersecurity and national security, Ryan specializes in threat intelligence and operations. He has led high-performing teams across government, Big Four consulting, and the MDR space.
Ryan has provided expert commentary to leading media outlets and spoken at major national and international conferences, including DEFCON, RMISC, Sleuthcon, ILTACon, and Evanta CISO events. He holds multiple degrees and industry certifications (GCTI, GCFA, GSLC) and is passionate about protecting organizations from foreign and domestic cyber threats.