Fredrik Ljunggren

Fredrik has been working within the information security field since 1995. Approach and methodology is gained from the academic background, evolved through experience from a variety of consultancy projects over the years.

A large part of his current projects revolve around risk management in critical IT operations through governance, risk management and control. The starting point for this is often the relevant parts of international standards such as ISO 31000 and ISO/IEC 27000. The basis for all work, however, is always the individual business’ requirements. Security should be a profitable investment.

Fredrik is frequently contracted for preparing reports of various security and privacy related issues. Clients are often public authorities, which also implies that Fredrik has extensive experience in e-government and the legal regime surrounding official documents and public records, supervisory activities of public authorities, personal data protection, et cetera.

Other areas of expertise include system security architectures and secure development, intrusion detection and prevention, computer forensics, DNSSEC, applied cryptography and identity management.

Fredrik is also an active debater and speaker in the areas of electronic identification and vital IT infrastructure. He is also active in standardisation within these fields, and regularly holds courses and seminars. Fredrik participates as a security expert in the the Swedish Agency for Digital Governments audit team, which reviews and monitors the security among all issuers of Swedish e-id. Within this area, he has authored the Swedish Trust Framework for electronic identification and has also been instrumental in the drafting of the European Implementing Regulation (EU) 2015/1502 on the establishment of the eIDAS assurance levels. In the spring of 2021, he also authored the main parts of the technical specification for the EU’s Covid certificate, published through Regulation (EU) 2021/1073 Annex I. Fredrik is also a technical expert in ICANN Registry Services Technical Evaluation Panel (RSTEP), evaluating the security and robustness of the global domain name system.

More information about previous work experience can be found on LinkedIn.

Jakob Schlyter

Jakob has been active as a consultant in the field of IT security since 1996. With his long experience and deep knowledge of complex IT architectures, and the risks and opportunities these entail, he possesses a great ability to set requirements, design, analyse and review such architectures with a special focus on information security and personal data protection.

In order to increase the client’s own ability to manage its information security risks, the assignments often take the form of knowledge transfer in a mentoring role, with the goal of not only obtaining the right level of security but also opportunities to streamline their operations and constantly strive towards and achieve improvements.

The starting point is a deep technical knowledge, especially in areas that concern critical IT infrastructures, which is combined with an understanding of both business requirements as well as external requirements, e.g. regulatory and contractual requirements and the expectations of different stakeholders.

Jakob’s work over the years has resulted in extensive experience of international collaboration and standardisation in a number of IT security-related areas, e.g., identity management, cryptography and distributed systems, in combination with projects related to network and security architectures as well as public and private cloud services.

One example of Jakob’s areas of expertise is DNSSEC, which he has been actively working with since 1999 and is considered one of the world’s foremost experts. The work with DNSSEC has resulted in a number of Internet standards (RFCs) in the field, and Jakob has long played a central role in the implementation of DNSSEC around the world. He also participates as a technical expert in ICANN’s Registry Services Technical Evaluation Panel (RSTEP).

Jakob is also well established in organisations such as IETF (Internet Engineering Task Force) and RIPE (Réseaux IP Européens), and is active in a number of major Open-Source projects that have points of contact with his areas of expertise.

More information about previous work experience can be found on LinkedIn.