 |
Johann van der Merwe
Director & Security Architect at Telic Consulting
Johann has over 18 years of dedicated security experience spanning R&D, leading consulting teams, playing the role of a group CISO, leading security businesses and security architecture teams.
He can engage on security at a business executive (board) level and also perform detailed security technical designs on complex systems.
Johann was intimately involved with the drafting of ISO27001 and ISO27002 representing South Africa at ISO SC27 WG1 over a 4 year period.
In 2017 he lectured a module at the Rhodes MSc in Information Security. He has spoken at ITWeb Security Summit and a few other conferences over the years.
His PhD focused on trust establishment and key management for securing distributed systems. The same mechanisms underpin block-chain and many other security controls in the enterprise.
Specialities: Leading a security practice, leading security strategy development, leading security transformations, security function/organisation/capability establishment, security programme/project management, security project rescue/turnaround, enterprise security architecture, solution architecture and design, security engineering, complex technology implementations, deep technical security assessments & security analytics / threat detection.
Industries: Financial Services, Telecommunications, Mining, Energy, Retail, Aviation, Public Services, Revenue, R&D, Defense, Manufacturing, Physical Security Services, Technology Services, Media & Entertainment. |

Johann van der Merwe was born in Bloemfontein, South Africa (1981).
Education:
PhD degree in Electronic Engineering: University of KwaZulu-Natal, Durban, South Africa (2010).
MSc degree in Electronic Engineering: University of KwaZulu-Natal, Durban, South Africa (2005).
BSc degree in Electronic Engineering: University of Natal, Durban, South Africa (2003).
Matric Certificate (High School): Grey College, Bloemfontein, South Africa (1999).
Career Overview:
Director & Security Architect - Telic Consulting, Telic Consulting (2015, April - current).
Senior Manager - Security Practice Lead, Accenture (2013, September - 2015, March).
Group Head of Information Security (Chief Information Security Officer), De Beers Group of Companies (2011, January - 2013, August).
Senior Manager and Information Security Competency Leader, Advisory, PricewaterhouseCoopers (2008, December - 2010, December).
Manager and Information Security Consultant, Security & Privacy Services, Enterprise Risk Services, Deloitte & Touche (2006, July - 2008, November).
Information Security Researcher and PhD Candidate, Meraka Institute , CSIR (2006, January - June).
Information Security Researcher, Programmer and Engineer, ARMSCOR & UKZN (2004-2005).
Johann van der Merwe obtained his MSc and PhD degrees in Electronic Engineering within the communications research group at the University of KwaZulu-Natal. Johann performed information security and communication technology research and development under contract with ARMSCOR, the Armaments Corporation of South Africa. The research and development focused on the security of mobile ad hoc networks (MANETs) and distributed communication systems. Within the information and communication technology security field Johann considered the following areas:
- Peer-to-peer key management (public key management).
- Group key management.
- Group communications.
- Key management in vehicular ad hoc networks.
- Threshold cryptography (in MANETs and fully distributed systems in general).
- Secret sharing schemes (distributed systems).
- Secret update schemes (distributed systems).
- Secret share redistribution schemes (distributed systems).
- Multi party digital signatures (threshold multi-signature schemes).
- Security proofs within the standard model, random oracle model and generic model.
- Self-certified public key schemes.
- Mobile IPv6 security.
- Crypto-based identifiers.
- Fully self-organized security systems.
- Efficient data dissemination in mobile wireless networks.
- Elliptic curve cryptography.
- Secure routing protocols for mobile networks.
- Key Management in Peer-to-Peer Networks.
During his research Johann has captured some academic security references into a database. These are in general good publications mostly in the security fields listed above. The bibtex file containing most of the references can be downloaded here.
- NOTE: IEEE, ACM, Springer and/or the authors hold copyright on these publications. Permission to make digital or hard copies of all or part of these papers for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee.
Journals
- Johann van der Merwe, Dawoud S. Dawoud, and Stephen McDonald, "A Fully Distributed Proactively Secure Threshold-Multisignature Scheme," IEEE Trans. Parallel and Distributed Systems, vol. 18, no. 4, 2007, pp. 562-575.pdf
- Johann van der Merwe, Dawoud S. Dawoud, and Stephen McDonald, "A Fully Distributed Proactively Secure Threshold-Multisignature Scheme," IEEE Distributed Systems Online, vol. 8, no. 3, 2007, dsonline.computer.org/portal/pages/dsonline/2007/03/trans.html.
- Johann van der Merwe, Dawoud S. Dawoud, and Stephen McDonald, A Survey on Peer-to-Peer Key Management for Mobile Ad Hoc Networks, ACM Computing Surveys (CSUR), vol. 39, no. 1, 2007.pdf
- Johann van der Merwe, Dawoud S. Dawoud, and Stephen McDonald, A Public Key Management Scheme and Threshold-Multisignature Scheme for Mobile Ad Hoc Networks, Transactions of the SAIEE, March, 2006.
- Book Chapters
- Johann van der Merwe and Dawoud S. Dawoud, Key Management for Dynamic Peer Groups in Mobile Ad Hoc Networks, in book Mobile Peer-to-Peer Computing for Next Generation Distributed Environments: Advancing Conceptual and Algorithmic Applications, Dr Seet (ed), IGI Global, 2009.
- Conferences
- Johann van der Merwe, Dawoud S. Dawoud, and Roger Peplow, Vulnerability Windows in Vehicular Communications, in proc. Wireless Communication Society, Vehicular Technology, Information Theory and Aerospace & Electronics Systems Technology (Wireless VITAE'09), Aalborg, Denmark, May 17-20, 2009.
- Dawoud S. Dawoud, Roger Peplow and Johann van der Merwe, Ensuring Privacy in Vehicular Communication, in proc. Wireless Communication Society, Vehicular Technology, Information Theory and Aerospace & Electronics Systems Technology (Wireless VITAE'09), Aalborg, Denmark, May 17-20, 2009.
- Johann van der Merwe, Dawoud S. Dawoud, and Stephen McDonald, Key Distribution in Mobile Ad Hoc Networks based on Message Relaying, in proc. Fourth European Workshop on Security and Privacy in Ad hoc and Sensor Networks (ESAS'07), Cambridge, UK, July 2-3, 2007.pdf
- Johann van der Merwe, Dawoud S. Dawoud, and Stephen McDonald, Fully Self-Organized Peer-to-Peer Key Management for Mobile Ad Hoc Networks, in proc. ACM Workshop on Wireless Security (WiSe'05), Cologne, Germany, September 2, 2005.pdf
- Johann van der Merwe, Dawoud S. Dawoud, and Stephen McDonald, Self-Organized Peer-to-Peer Key Management for Mobile Ad Hoc Networks, in proc. Southern African Telecommunication Networks and Applications Conference (SATNAC'05), 2005.
- Johann van der Merwe, Dawoud S. Dawoud, and Stephen McDonald, A Survey on Peer-to-Peer Key Management for Military Type Mobile Ad Hoc Networks, in proc. Military Information and Communications Syposium of South Africa (MICSSA'05), 2005.
- Johann van der Merwe, Dawoud S. Dawoud, and Stephen McDonald, Group Key Management for Military Type Mobile Ad Hoc Networks, in proc. Military Information and Communications Syposium of South Africa (MICSSA'05), 2005.
- Johann van der Merwe, Dawoud S. Dawoud, and Stephen McDonald, Public Key Management for Military Type Mobile Ad Hoc Networks, in proc. Military Information and Communications Syposium of South Africa (MICSSA'05), 2005.
- Johann van der Merwe, Dawoud S. Dawoud, and Stephen McDonald, Trustworthy Key Management for Mobile Ad Hoc Networks, in proc. Southern African Telecommunication Networks and Applications Conference (SATNAC'04), September, 6-8 2004. pdf
Key Management in Mobile Ad Hoc Networks, Master of Science in Elecronic Engineering, UKZN, final version here.
The examiners for Johann's MSc Eng were were as follows:
Prof. Dr. Srdjan Capkun, ETH Zurich, Switzerland.
Prof. Dr. Hongjun Xu, UKZN, South Africa.
Security Mechanisms for Distributed Communication Systems, Doctor of Philosophy in Electronic Engineering, UKZN, final version here.
The examiners for Johann's PhD were as follows:
Prof. Dr. Srdjan Capkun, ETH Zurich, Switzerland.
Prof. Dr. Mukesh Singhal, The University of Kentucky, Lexington, Kentucky, USA. Currently Chancellor's Professor, School of Engineering, University of California, Merced.
Prof. Dr. Fambirai Takawira, Head of School, Electrical and Information Engineering, Wits University, South Africa. Former Dean of Engineering, University of KwaZulu-Natal, South Africa.
Visitor number: 
