Stefan Frei
  • About
  • Papers
  • Talks
  • Press
  • Courses
Stefan Frei Security
Design systems to control complexity

Stefan Frei

Cyber Security Leader & Security by Design Advocate

Experienced cybersecurity leader with a track record of anticipating emerging cyber threats and translating complex security challenges into actionable strategies for both technical and non-technical audiences. Frequent speaker at industry events and published author, committed to advancing the field of cybersecurity through innovation and knowledge sharing.

Interests

Bug Bounty Supply Chain Security Data Breaches Cyber Kill Chain Vulnerability Lifecycle Blackhat Defcon Cyber Book

Recent talks

Advisory / Nov 2024

OECD Digital Security | Paris

Working Party on Digital Security (WPDS)

This roundtable will bring together two leading experts to present their views on markets for vulnerabilities and discuss it with delegates. I will present the case for establishing a nation-wide bug bounty program.

Event | Slides
Keynote / Oct 2024

BSides Security Conference | Bern

Complexity did not kill the cat

Today, we build and use complex systems that we no longer fully understand. Past assumptions are no longer valid, and complete prevention is unattainable. It is s time to challenge our assumptions about complexity and how to handle uncertainty.

Event | Slides
Executive Seminar / Jun 2023

HSG & ETHZ

Executive MBA Risk & Resillience

Overlapping risks like climate change, cyber-attacks and geopolitical instability are reshaping today’s strategic landscape. This executive seminar explores how leaders can navigate uncertainty and build resilience in the face of emerging and interconnected risks.

Event
Talk / Sep 2021

ISF Grey Chapter Meeting

Re-thinking penetration testing - lessons learned

Conventional pentesting doesn’t align well with today’s agile development processes. In this talk, we share how we redesigned our approach to scale and focus on rapid, early-stage insights (shift-left). We’ll walk through our new methodology, the challenges we encountered, and the unexpected lessons we learned along the way.

Event | Slides
Keynote / Dec 2019

ISSS Berner Tagung

Supply Chain Risks

Digitale Produkte gelangen oft ohne ausreichende Sicherheitsprüfung in kritische Infrastrukturen. Dieser Vortrag zeigt zentrale Cyber-Risiken, Angriffs­szenarien und notwendige Massnahmen zur Absicherung der digitalen Lieferkette – mit dem Ziel, bekannte Fehler zu vermeiden und die Digitalisierung sicher zu gestalten.

Event | Slides
Talk / Apr 2019

DFS Deutsche Flugsicherung | Frankfurt

Cyber Threats in Aviation - Any lessons from history?

The Internet is disrupting life and industry as profoundly as electricity or aviation once did. This talk explores the evolving cyber threats facing the aviation industry and draws lessons from other sectors to inform effective defenses in the digital age.

Event | Slides
© Stefan Frei 2025