Hi! My name is Cariad Keigher (kayr-ree-ad kee-yer) and I am a Senior Security Analyst
at one of Canada's largest natural resource companies. I've been working in the information
security space for the past decade and believe that community via information sharing is the
best approach in working against current problems facing cyber security. This can be achieved
sharing and analysis centres, online communities, and even to a certain extent conferences.
Previously, I've been a consultant for a small boutique cyber security firm, a
support engineer at an anti-virus company, and a systems administrator at a local managed service
provider. I've also ran a service that parsed and stored leaked data from system breaches released
to the Internet.
Outside of my day-to-day job, I have an interest in roller skating (specifically
roller derby), vegetarian cooking, video games, queer issues, and
intersectional feminism (my pronouns are "she" and "her"). I like to write code using Python
and work on old computers--I have a long-standing project to modernise a
My primary language is English although I can engage with French speakers to a certain
extent and have been working to improve my Japanese. I hold citizenship in both Canada and
Outreach and publicity
Working in cyber security can sometimes get you a lot more attention than you desire. I've
appeared in a few publications and have spoken at a few conferences and companies.
Here is a sampling of times where I appeared in the media:
- I was interviewed by Forbes in 2013 after having spoken at
BSides Vancouver on extracting personal details such as phone numbers and BlackBerry PINs
via Twitter. I very much have an interest in privacy in addition to security and wanted to
point out the problem with public social media services.
- CSO Online took something I posted on my old Twitter account about malware and the
Sony breach from 2014 and
wrote a story about it. The gist of it is that a friend of mine had signed the malware
that attacked Sony using a certificate that was leaked and it lead to a major AV vendor to
erroneously claim that signed malware was used in the attack.
- Kotaku Australia picked up on an old blog entry where I demonstrated that a breach
affecting the PlayStation Network (PSN)
I have some of my conference talks listed here:
- BSides Vancouver 2018 (March 2018) - Performing Your Own Dentistry - Challenges,
Unknowns, and What is Overlooked in Security Log Collection - I gave a presentation on
how it is to collect security log data within my company.
- Facebook (March 2017) - I was invited to Facebook's offices in Menlo Park to give a
presentation on Canario. I am unable to make the slides available but I went over the
challenges I faced in collecting mostly-unstructured data from system breaches and turning
them into something machine-searchable.
- OWASP Vancouver (November 2015) - Effective Password Hashing - This was the first
time I gave a formal presentation on password hashing, having taken lessons learnt from
breaches that I had done research on.
- BSides Vancouver 2014 (March 2014) - Talk title is long-forgotten and the slides were
done in an experimental HTML5 format, but I gave a presentation on Canario which was then
- BSides Vancouver 2013 (March 2013) - Being an Avivore - Searching Twitter for Data
- This was the aforementioned talk that lead to an interview by Forbes. I did release code
for it but the slides are long gone and I've since yanked the repository.
- Hackers on Planet Earth (July 2010) - “Brilliants Exploits” – A Look at the
Vancouver 2010 Olympics - This was my first-ever conference talk and was early on in
my information security career. It was more of an adventure talk on how we tried to see how
the physical security aparatus was developed and all of the problems we faced trying to find
out whatever details we could.
I should note that my former legal name and previously assigned pronouns are mentioned in
much of what it is linked here. I ask that you do not use this name when referring to me as
that is no longer valid and to also stick with the aforementioned "she" and "her".
It's very rare for me to speak to the media even considering the above. The Forbes article
was the last time I bothered to give an interview to a journalist.
My primary means with interacting with the Internet is via
my Twitter account. It isn't meant for
professional purposes but from time to time I will talk about information security or share
something other than queer issues or photos.
If Twitter isn't your forté, I am available via e-mail but please be aware of the
- Don't e-mail me about stuff I've tweeted. I have my direct messages (DM) open for a
reason and if that is not adequate then don't contact me.
- E-mails sent to me are not private and shouldn't be treated as such. I will not
acknowledge your pointless legal statements at the bottom of e-mails as they are not
legally-binding. This logic will apply to direct messages as well.
- I am available for consulting work but I only take them on a case-by-case basis and I will
not work during standard business hours. As well, I have priorities outside of my dayjob that I need to
tend to first and foremost.
- It's okay to contact me regarding queer issues (more specifically: if you're transgender and
need help), but please bear in mind that I will enforce my boundaries and will let you know if
you cross them. I take these matters quite seriously and will respect your privacy.
- Do not address me by any name other than what I have specified on this page.
- If we share last names, I am unable to provide you with a vanity e-mail address.
- I do go by "Cari" with those I am friendly with, but I ask that you don't address me as that
unless I make it clear that it is okay.
- I will reply to your e-mail eventually. It's a personal address and I do know when I get
new e-mails in my inbox.
If you're okay with the above, feel free to e-mail me:
You can also reach out to me via Google Hangouts, Signal, Telegram, Discord, and IRC. I give
these details out quite sparingly although I use "katelibc" on most IRC networks including
I'm periodically at conferences and meetups, and am happy to meet with people but please
understand that I am usually pretty busy at these events and will only be able to make time for you
if I can.
Should I ever run into a situation where I lose control over a service such as Twitter, I have a
SHA256 hash below that I'll reveal:
Proof of its existence elsewhere can be found in
this tweet from May 2018.