Dr Carlo Harpes is an expert in information and computer security, with 32 years of experience in consulting, research, education, and standardization. He is the founder (in 2007) and managing director of itrust consulting. Prior to this, he had been Managing Director and Head of Security, Audit, and Governance of Security at Telindus PSF (3 years), and before, during 8 years, he had been CISO and head of Risk management at CETREL S.C., the electronic payment operator in Luxembourg.

Carlo Harpes holds a PhD in information techniques and cryptography, as well as an electrical engineering diploma from EPF Zurich. He was PKI expert registered at ILNAS, External 27001 lead auditor, and assistant professor associated to the University of Luxembourg. Furthermore, he is one of the founding members of CLUSIL and national representative of ISO/IEC JTC1 SC27 for almost 20 years.

In recent years, Carlo Harpes has made a major contribution to the drafting of security policies for the Luxembourg government. He was a senior advisor and prepared the ISO/IEC 27001 certification of a major international service provider, a cloud service provider, a satellite operator and a telecommunications operator. He was an internal auditor for many organizations in both the private and public sectors, helping to prepare them for 27001 certification. He is the architect of OpenTRICK a risk assessment tool and has applied this tool more than a dozen times, including in preparing for 27001 certification and conducting data protection impact assessments (DPIA). He has carried out risk analyses and technical audits on various critical infrastructures, including in the energy and telecoms sectors and on public key infrastructures. Carlo Harpes was project manager for a large number of penetration tests in Luxembourg and abroad. He also manages the malware.lu CERT and monitors cybersecurity challenges.

With itrust consulting, he participated in multiple international research projects, often as Task or Work package leader: BUGYO Beyond (Celtic), DIAMONDS (ITEA2), CockpitCI (FP7), MICIE (FP7), Liveline (FP7), iGOing (FP7), SGL Cockpit, TRESpASS (FP7), IDS4ICS (AFR grant supervision), ATENA (H2020), bIoTope (H2020), QUARTZ and Eagle-1 (on quantum key distribution over satellite), CRITISEC (on intrusion detection on critical infrastructures), TOKEN (on security and blockchain applicability), LuxQCI (ESA), Lux4QCI (HorizonEurope), CyFORT (on open source cybersecurity tools for Cloud security), most of them supporting Carlo’s contribution to standards and open source tools. In NSC01, Carlo Harpes will continue his role as co-editor and contributor, in particular to foster use of norms in Luxembourg in all sectors covered by NIS2 and to contribute to clear and short standards of value for small organizations.

Ingo Senft, born in 1966, joined itrust consulting in August 2016. As Chief Administrative Officer his area of responsibility covers internal administration, Human Resources, Sales Management, Public Relations Management and Security Consultancy. As Senior Manager with significant business experience (> 25 Years) Ingo supports the Managing Director and secures the planned growth and further development of itrust consulting. Based on his previous experience in dealing with customers from various sectors he also consults itrust consulting's customers. From 2018 to 2020 he was nominated Chief Information Security Officer (CISO).

Before, as Head of Quality and Information Security Management, he was responsible for the implementation/management of an integrated Management System at the euroscript Group (today: Amplexor) ensuring compliance with various ISO standards: e.g. Quality Management (ISO 9001/EN 9100/ISO 13485/ISO 14971), Information Security Management (ISO 27xxx/ISO 22301/ISO 31000), Corporate Social Responsibility (ISO 26000) and the approval as PFS Support issued by the CSSF.

Since 1990 he was continuously involved in the Sales process for Public Institutions and the Private Industry covering various responsibilities as: Sales Manager for newspaper systems, Product and Sales Manager for data transmission systems, Head of EU Sales and Business Project Manager. Ingo holds a Master’s degree in Electrical Engineering awarded by the University of Applied Sciences in Frankfurt, where he specialized in computer science, data protection and security. He is certified as internal Auditor for Quality Management, for Information Security Management, as Project Manager (PRINCE2) and experienced (>10 years) in the planning and implementation of Business strategies.

Anna Chezganova joined itrust consulting in March 2022, first as an intern supporting the management of security documentation, and then in April 2022 started as an IT consultant.

In 2006, Anna obtained her bachelor's degree in ‘Economic Cybernetics’ from the Kyiv National Economic University, Ukraine, and in 2007 she completed her master's degree in ‘IT Management’ at the same university. Parallel to her master's degree, Anna was already practicing her knowledge of IT management and, after graduating, began her IT career as a database administrator (supporting CRM). A year later she was promoted as Project Manager and Head of IT Department in a manufacturer of cosmetics in Ukraine.

At itrust consulting, Anna uses her 14 years of experience in IT to support our customers in maintaining their IT security documentation and the IT security implementation process.

Marianne Guérin holds a BTS in International Sales issued by the Chamber of Commerce of Industry (CCIP) in Paris. At the beginning of her career she also studied 2 years of Marketing at the CCIP.

She joined itrust consulting in September 2019 as administrative and commercial assistant, active in invoicing and offer creations for our customers. During the previous 20 years, Marianne kept various positions in administration, sales and customer service departments in France, England and Luxembourg.

Today, Marianne supports the management of security documentation.

Benjamin Hodzic has successfully completed his studies in philosophy at the University of Luxembourg. In September 2021, he joined itrust consulting as a document manager in order to draft and adapt GDPR compliant documents and documents of different management systems to the specific needs of customers.

Since 2022, Benjamin supports several itrust consulting customers in the implementation and maintenance of their Information Security Management System (ISMS), where he specialized on Business Continuity Management. For the public entity SIGI, he is active as CISOaaS (Chief Information Security Officer as a Service) to maintain and improve their existing ISMS, and also as Legal Archiving Officer (CAL - Chargé d'Archivage Légale), supporting their PSDC activities.

In addition, Benjamin has been entrusted with the role of Quality Manager for itrust consulting to ensure the consistent highest quality of documentation for our customers.

Camar Houssein joined itrust Abstractions Lab s.à r.l. in August 2023 as ICT administrator and developer. Since 2003, Camar holds a Bachelor´s Degree in Public and Administrative Law awarded from Paris 1 Panthéon-Sorbonne. In 2021, he successfully completed a one-year Security Operations (SecOps) oriented cybersecurity training at Technobel (Ciney, Belgium) where he acquired wide-ranging skills in SIEM solutions (Splunk, IBM Qradar), log analysis, incident handling (NIST), mgt. of firewalls and IPS/IDS (Cisco ASA, Firepower), and vulnerability assessment (Nessus).

Camar worked as an IT technician and trainer in Belgium, providing computer hardware/software/network support, developed and provided thematic workshops (i.e. social engineering, and secure digital usage of banking assets). In 2022, he participated as external consultant in a multi-site migration project (Paris, Luxembourg, and Brussels) supporting CANDRIAM Investment Funds in Luxembourg in migrating IT infrastructure to new OS version, managing user devices, installing software and security certificates, and handling log reports.

At itrust, Camar started taking over ICT-related routine tasks (user setup and support, system admin, ICT policy mgt.). He also assists French customers in updating their information security documentation. Further on, he supports future IT audit, vulnerability assessment and ethical hacking.

Ensuifudine OMAR has been analyst developer at itrust consulting since 2012. He completed a six-month internship during his Master studies at itrust consulting, working on the ESA LASP project, in order to obtain his degree in ‘IHM’ Human Machine Interface, Informatics from the University Paul Verlaine Metz.

He works in software development, and develops several tools for itrust consulting, like TRICK Service, Software Checker, Vulnerability Management System (a tool developed for the TREsPASS and ATENA project), and on a pseudo anonymization project for Centre de gestion informatique de l'éducation (CGIE).

Since 2016 he is also an ICT administrator for backup and to maintain the infrastructure at itrust consulting. In 2020 he was promoted to ICT Manager, Head of Department Software Development and took over the role of Chief Information Officer (CIO).

Following her internship in June/July 2022, Ritika started her new position beginning of September 2022 as ‘RD Security Developer’ in the Research & Development department at itrust consulting.

Lynn Pinto joined itrust consulting in June 2024 to support dissemination activities in Research projects, assist in public relations (PR), pre-sales and later our customers in document management.

Lynn graduated from Trier University of Applied Sciences in 2022 with a Bachelor of Arts (B.A.) in Communication Design 6.

Immediately after, she started her own business and improved her working style (self-organisation, pro-activity, responsibility, quality of work, punctuality, understanding of customer needs, goal-oriented).

Guillaume Schaff is employed as global security consultant at itrust consulting since 2012. He studied in the industrial and electronic domain, where he received a ‘Brevet de Technicien Supérieur’ in Electronics and a ‘licence professionnelle’ in industrial maintenance at the ‘Université de Lorraine’. Then he reoriented himself towards the security sector and achieved a Master’s degree in Global Security Engineering and Management at the ‘Université de Technologie de Troyes’. During his internship at itrust consulting in 2012, he specialized in the implementation of security measures for economically friendly transport solutions.

Guillaume participated in the FP7 TREsPASS project studying the socio-technical risks of ICT. During this project he has authored several scientific articles about his work in TREsPASS. He also assists customers of itrust consulting related to PSDC and PCI DSS certification.

Guillaume has worked a lot in providing consultancy tasks during the implementation of Information Security Management Systems (ISMS) for different types of customers, e.g. private companies like CREOS or public entities of the Luxembourgish state such as CTIE, CGIE and ANSSI. During his work for public entities, e.g. for ANSSI, Guillaume has actively participated in the development and the writing of the National Information Security Policy (PSI-LU) and worked on a large part of the related documentation (policies by domain, procedures, standards, etc.). Guillaume has also actively advised and assisted CREOS Luxembourg in the creation and the implementation of their ISMS and to improve the security for SCADA systems and critical infrastructure.

Since 2014, Guillaume has also actively participated in the creation of the DataREG application of the CTIE, allowing Luxembourg public entities to establish their register of processing activities as requested by the GDPR (General Data Protection Regulation). Further on, Guillaume assisted several customers from itrust consulting to achieve compliance with the GDPR. At the end of 2018 he received the ‘GDPR foundation’ certification, issued by Certi-Trust.

Dr. Arash Atashpendar, CTO at itrust Abstractions Lab, is a research scientist and software engineer specialising in (post-)quantum/classical cryptography, algorithmics and mathematical software implementation, with 12 years of experience in academic research in theoretical computer science and mathematics and 20 years of experience in programming and software engineering.

Heinrich Fries has been employed as Security Researcher at itrust consulting since mid-May 2021.

Before joining itrust consulting, he completed his masters studies in Physics at the University of Freiburg, specializing in quantum computation. He also holds a bachelor's degree in Physics, obtained in 2018 from the same university.

During his master studies, Heinrich accepted a scientific research assistant job working for the Fraunhofer institute (IAF) where he carried out research in the field of quantum computing, focusing on the optimization of quantum algorithms. As a member of the Research, Development and Innovation (RDI) department, Heinrich is involved in projects related to quantum computing and cryptography.

He assists the head of the RDI department by conducting research on post-quantum or quantum-safe algorithms and cryptographic systems (i.e., secure against quantum algorithms), as well as disseminating results through scientific publications and talks at conferences. He also contributes to software implementation activities using different programming languages such as Python and C++.

Currently, Heinrich contributes to itrust consulting activities in QUARTZ and other related projects. He also carries out various ICT administration and development tasks.

Dr. Ricardo Santos joined itrust consulting in March 2022, as a member of the RDI department, to fulfill the role of a Security Researcher and Developer. After graduating with a BSc in Computer Engineering, Ricardo explored the interdisciplinary character of computer science and how it can contribute to other areas of expertise. During his academic career, he undertook an MBA for IT Businesses and later did both his master studies and doctoral studies in Numerical Methods for Engineering, focusing primarily on computer graphics and virtual reality.

Besides his academic background, Ricardo has experience in the design of computer networks and building automation solutions, having been responsible for the design of networks for hospitals, museums, schools and shopping centers. Thanks to his background in computer graphics, he also did some work on the simulation and visualization of public spaces such as roads, parks and squares.

As a researcher, he has helped to found research groups revolving around education and wellbeing and focused on including technological assets in museums and professional training environments.

At itrust, Ricardo works in the RDI (Research, Development and Innovation) department, mainly supporting the head of RDI in key projects related to software engineering and secure systems design, applying his expertise in software engineering and development in Python.

He also assists the head of the RDI department by conducting research on secure design and development practices, as well as disseminating results through scientific publications and talks at conferences. He also contributes to software implementation activities as well as carrying out various ICT administration and development tasks.