Michel van Eeten

Michel van Eeten's chair focuses on the Governance of Cybersecurity. He studies the interplay between technological design and economic incentives in Internet security. His team analyses large-scale Internet measurement and incident data to identify how the markets for Internet services deal with security risks. He is also a member of the Dutch Cyber Security Council, an advisory body of the government.

Carlos H. Gañán

Carlos’ research focuses on the cybersecurity of the Internet of Things by looking at the interplay of technology evolution, economics and society. Leveraging evidence-based research methodologies, he explores the security requirements of connected products and services for a safe and sustainable future.

Seda Gürses

Seda's work focuses on privacy enhancing and protective optimization technologies (PETs and POTs), privacy engineering, as well as questions around software infrastructures, social justice and political economy as they intersect with computer science.

Rolf van Wegberg

Rolf studies how cybercriminals do business. Originally trained as a criminologist, he now takes a social-technical approach to unravel cybercriminal business models and reconstruct value chains combining measurements of cybercrime with criminological theory and an economic lens. Research topics include: (policing) cybercrime, digital fraud and online anonymous markets.

Simon Parkin

Simon is an Assistant Professor in the TPM Cybersecurity group, specialising in human-centred security - usability and perceptions of security-related technologies, security behaviour change, security economics, and decision-making in security management. Before joining TU Delft, Simon was a Senior Research Fellow at UCL, 2012-2020. Simon completed his PhD at Newcastle University in 2007, and was a Research Associate through to 2011 and member of the Innovation Team at HP ESS until mid-2012.

Yury Zhauniarovich

Yury is an Assistant Professor in the group. Before joining, he has spent some time working in the industry, and therefore he researches how technology can help to build more secure systems. His area of interests includes network measurements, mobile security, DDoS attacks analysis, blockchain technologies, data analysis, and machine learning.

Savvas Zannettou

Savvas’ research focuses on applying machine learning and data-driven quantitative analysis to understand emerging phenomena on the Web, such as the spread of false information and hateful rhetoric. Also, he is interested in understanding algorithmic recommendations on the Web, their effect on end-users, and to what extend algorithms recommend extreme content. Finally, he is interested in analyzing content moderation systems to understand the effectiveness of moderation interventions on the Web.

Natalia I. Kadenko

Natalia Kadenko is looking into cybersecurity governance in the EU for CyberSec4Europe project. In plain words, she aims to contribute to optimizing European cooperation in the field of cybersecurity. Apart from this ambitious task, her research interests include discourse construction in the policy-making, identities, framing in conflicts, and “fake news”. In her previous capacities as analyst and editor Natalia specialized in writing about international politics for broader audiences.

Agathe Balayn

Agathe Balayn is a postdoctoral researcher both in the Department of Multi-Actor Systems TPM faculty at TU Delft, and in the Software Technology Department of the EEMCS faculty at TU Delft. Prior to that, she studied at the same university as well as at the ENSTA ParisTech Institute Polytechnique de Paris (France). Her research is focused on uncovering, understanding, and mitigating some of the harms that the deployment of machine learning (ML) systems into society can raise, using a mixed-method approach. She is particularly interested in critically studying the gap between ML research and MLpractices, looking beyond the ML fairness framework to investigate, e.g., harms stemming from the understudied but complex production of ML models, and in developing solutions for this gap and harms, going from literature surveys and policies for ML technologies to supportive tools for ML practitioners.

Corinne Cath

Corinne Cath is a postdoc and works with Dr. Seda Gürses. She is an anthropologist who studies the politics of internet infrastructure. Previously, Corinne was Vice President of Research at the Open Tech Fund, a US-based grantmaker focused on developing open-source technologies. She finished her PhD at the Oxford Internet Institute (Oll), University of Oxford, in 2021, writing an ethnography of one of the oldest internet governance organizations: The Internet Engineering Task Force (IETF). Her postdoc is part of the OCW-funded Gravitation Program Public Values in the Algorithmic Society (AlgoSoc). As part of Algosoc, she works with Dr. Gürses and Professor Linnet Taylor (University of Tilburg). Corinne works on questions of computational infrastructure (cloud computing and mobile devices) in the context of the administration of justice. Her current research focuses on how cloud computing is transforming the internet, the consequences of these transformations for public institutions and the adequacy of existing technology policy efforts that touch on cloud computing.

Xander Bouwman

Xander’s work is motivated by opportunities for collaborative security, in which defenders work together and share information in order to reduce asymmetries vis-à-vis attackers. He is interested in cyber threat intelligence sharing and public-private cooperation for critical infrastructure protection.

Mannat Kaur

Mannat’s work is based on the need to better understand the human-in-the-loop and create systems around the human operator instead of the other way round. She is interested in studying human performance in security-critical environments. The aim of her PhD project is to investigate the human factors in cybersecurity and subsequently, devise methods to cope with security misconfigurations attributed to the so-called human errors.

Arwa Alsadi

Arwa has a background in Cybersecurity. She is in first year PhD where her main research focus is in Malware and Reverse Engineering, specifically, on IoT malware. Currently, she is working on analyzing and reverse engineering the existing IoT malware in order to classify them. What keeps Arwa motivated and up to beat and analyze malicious programs is joy of doing some hiking, cooking and, of course, living with her cat!

Mathew Vermeer

The focus of Mathew's work lies mainly on outcome-based risk assessment. He studies how an organization's exposure and incident data can be used to estimate its security level, and to which extent this estimated security level is predictive of future breaches. Additionally, he's looking into how external enterprise data can be leveraged in order to develop accurate outcome-based cyber security risk metrics.

Veerle van Harten

Veerle started as a Phd in June 2021, and studies the sociological aspects of how people deal with smart devices that are popping up everywhere. From how they are (supposed) to make lives easier to how they pose a wide variety of security and privacy risks. With the goal to maximize the beneficial potential of IoT technologies on a societal level, she focuses on minimizing these risks by studying ways that people can be supported in their security and privacy choices when using smart devices.

Swaathi Vetrivel

The overarching objective of Swaathi's research is to strengthen the security of (consumer) IoT devices. To do so, she studies the various socio-technical factors that contribute to poor security and understands the interplay amongst them to design effective mitigation strategies. With the increasing pervasiveness of smart devices, she believes it’s important to minimise the associated security risks and vulnerabilities while reaping the many benefits.

Donald Bertulfo

Donald is a PhD candidate and works with Dr. Seda Gürses (daily supervisor) and Prof.dr. Michel van Eeten (promotor) on topics related to the programmable infrastructures agenda, particularly the interaction of agility and computational infrastructures and its consequences in production modes and organizational arrangements. He holds undergraduate degrees in economics and psychology, and a master's degree in applied mathematics. Prior to TU Delft, he worked as an economics researcher at the Asian Development Bank, focusing on the macroeconomic measurement of global value chains and its implications to jobs and technology, among others.

Lorenz Kustosch

Lorenz’s work focuses on building reliable and secure socio-technical systems by applying perspectives and methods from Human Factors and Human-Computer Interaction. His PhD is about privacy and security of IoT devices and how user perspectives, behavior, and device usage can affect system security. Lorenz has a background is Psychology and Human Factors Engineering and was working in the industry before joining the Cybersecurity Team as a PhD in August 2021.

Evi Oomens

Evi has a background in Sociology and started her PhD at the faculty of Technology, Policy and Management in September 2021. Her work focuses on citizen perspectives on proportionality of digital security means used by security services. Using both qualitative and quantitative methods, she aims to get a better understanding of the legitimacy of security means and the factors influencing public attitudes regarding this topic.

Sandra Rivera Perez

Sandra has a background in Computer Science and Network Security and started her PhD at the Faculty of Technology, Policy and Management in April 2022. Her work focuses on performing a cross-sectoral analysis of the security and privacy of IoT consumer devices and proposing initiatives to improve security controls.

Hugo Bijmans

Hugo has a background in Computer Science and started his PhD in May 2022. The main focus of his work is on measuring large cybercriminal deployments on the Web and what can be done to effectively stop this. He previously published about cryptojacking (when cybercriminals steal computing power for illicit cryptocurrency mining) and phishing (stealing user credentials), and he will focus on different parts of the cybercriminal ecosystem during his PhD.

Gerbrand ten Napel

Gerbrand ten Napel is specializing in security patching within large organizations. His aim is to understand the socio-technical practices at play, to be able to ultimately change the risk governance of patching. With a background in AI, Gerbrand has previously been working as a Software Developer and Architect.

Aksel Ethembabaoglu

Aksel studies targeted attackers and defenders in the cybersecurity domain. He employs a technical and socio-technical approach for his research, looking not only at the algorithms themselves, but also considering the environment software operates in and the people using it.

Aksel previously studied Artificial Intelligence at the University of Amsterdam and International Relations at King's College London. He worked as a policy analyst and software developer before joining TU Delft as a PhD. His research interests include vulnerability management, attacker behavior, threat intelligence and network measurements.

Ronak Shah

Ronak began his doctoral studies in January 2023. His research focuses on the human factors of cybersecurity in critical infrastructure, especially the PowerGrid. He is a certified Design thinker with a background in information technology and digital transformation. He examines how social and technical factors interact in the context of cyber physical systems and how human intelligence can be effectively utilized to detect and respond to cyber threats.

Cécile Volten

Cécile has a background in Engineering and Policy Analysis an started her PhD at the faculty of Technology, Policy and Management in February 2023. Her work focuses on facilitators of cybercrime with the aim to provide new governance perspectives on the cybercrime ecosystem.

Szu-Chun Huang

Szu-Chun has a background in Computer Science and began her PhD in Feb 2023. Her research focuses on scanning and benchmarking internet-wide vulnerabilities and aims to investigate the hidden factors influencing security patching behaviors.

Simone van der Boon

After a board year at the study association Curius, Simone is in her final year of the bachelor program ‘Systems Engineering, Policy Analysis and Management’ at the TPM faculty. As of December 2022, she has worked as a research assistant to support several research projects. She also works on her bachelor thesis with the guidance of Rolf van Wegberg, focusing on the governance of cybercrime in the Netherlands.


Thijmen van Gend

Thijmen initially joined the team as Teaching Assistant for the course "Introduction to Cloud as Infrastructure: The effects of the new business of computing on practice" (TPM030A at TU Delft) and now takes on the role of Project Assistant. He currently follows the MSc-programme Complex Systems Engineering and Management and has a strong interest in simulation modelling for socio-technical systems and in legal, economic and ethical dimensions of digital technologies.


  • Boy Dacier
  • Arman Noroozian
  • Wolter Pieters
  • Fabio Bisogni
  • Jordy San Jose Sanchez
  • Orcun Cetin
  • Samaneh Tajalizadehkhoob
  • Maciej Korczynski
  • Michael Ciere
  • Giovane Moura
  • Kate (Katsiaryna) Labunets
  • Sélinde van Engelenburg
  • Bernardus Jansen
  • Maaike van Kesteren
  • Ugur Akyazi
  • Elsa Turcios Rodriguez
  • Qasim Lone