About

Personal Details:

Name: Chrissy Morgan         Location: UK   Twitter:@5w0rdfish

Ex Close Protection Officer now turned Researcher, Chrissy Morgan (@5w0rdfish) has experience covering the Physical and Information Security sector. She has marked achievements for her contribution within the community such as the (ISC)² Up and Coming Security Professional award, won CTF’s and earned bug bounties. She is the IoT & OT Lead for Managed Cyber Defence at PwC and delivers practical workshops in her own time to encourage others to get involved in hands-on hacking.

Chrissy heads up the IT Security Operations for a Close Protection (Bodyguard) company by day and is a Security Researcher by night.

Whilst she was the Information Security Officer and leading the IT Security Operations for a Close Protection firm , Chrissy also took part in bug bounty programs and has found bugs in platforms such as Microsoft and Whois.com. She has carried out research in the areas of Steganography, RFID, Physical Cyber Systems Security and is actively involved within the information security community across a wealth of subjects.

Chrissy accomplished the following successes so far:

• Winner of Cyber Security Challenge UK (University Challenge)
• CTF Finalist for the Pragyan CTF
• A BlackHat Challenge Coin winner for OSINT from Social Engineer.org
• Black Hat Scholarship
• Steelcon Award, WISP Sponsorship
• BSides London Rookie Track Speaker Winner for 2018.
• Winner of(ISC)² up and coming security professional of 2019.

Featured News Articles & Interviews:

• Trip Wire – Women in Information Security Series
• Akami Security and Threat Intelligence blog
• Writer for Detectify Research blog

Security Research and vulnerability discovery:

•  Multiple XSS discovery’s in commercial platforms
• Discovered vulnerabilities in Microsoft Office 365, and two other top level domains
• Discovered Vulnerability in Whois.com domain registrar
• HackerOne #702 contestant in Las Vegas – Salesforce

Projects & Community:

• Author of WebSecDev Web Application Teaching Platform
• Founder of The Co-Lab – Hardware Security Research Workshops – London
• Church of Hackers – Security Researcher wellbeing & fund
• Contributor to RFID Research Group – Proxmark Github Repo

Scholarships and Awards:

• SC Magazine Top 50 Woman of Cyber Security
• ISC2 Up and Coming information Security Professional Winner
• BSides London Conference Speaker – Rookie Track Winner Tickets
• Women in Security and Privacy Award
• Steelcon Award Winner
• Scholarship granted for Black Hat Europe covering Attendance and OSINT training.
• Kent County Councils winner of “Best idea, for an app to assist the community”

CTF Competitions:

• Placed Top 5, Pragyan International CTF 2016
• Black Hat Challenge Coin Winner 2015
• Winner of the Cyber Security Challenge UK 2015: Universally Challenged Cyber Security & Cryptography CTF. Team Edinburgh Napier.

Placements:

• Cyber Security Research Placement: Steganography & Visual Polyglot File Analysis
• Selected out of 150 applicants for a modern apprenticeship at Pfizer Pharmaceuticals

Forthcoming:

Public speaking:

• The good, the bad and the ugly of responsible disclosure.
  March 23rd 2019 https://enusec.org/LTDH19/
• Institute Of Danish Engineers (IDA) – RFID Attack Exploitation
• The Many Hats Club London – Tech Enabled Crime
• BSides London Rookie Track – Breaking the Bodyguards
• Bsides Las Vegas – Proving Ground Track  August 2019
• Keynote at Oxford University June 3-4 : Practically Teaching the next generation. Secure Software Engineering in DevOps and Agile Development (http://secse.org/) as part of the Cyber Security 2019 conference https://www.c-mric.com/cs2019
• THMC Podcast – 15th May – “Mother Morgan” Security Research Guest Slot

Research Projects:

• Practical Cyber Security Mitigation Teaching Platform
• RFID Research and Defensive Countermeasures
• Visual analysis for Malware and File Type Detection
• Steganography Tool Detection
• Cyber Physical Security Systems Hardware