Jeroen van der Ham-de Vos

Associate Professor of Vulnerability Management

University of Twente - EEMCS/DACS


Jeroen van der Ham-de Vos (he/him) is associate professor of Cyber Security Vulnerability Management in the Design and Analysis of Communication Systems (DACS) group at the University of Twente.

Jeroen has worked at the National Cyber Security Centre-NL from 2015 until 2023 as a cybersecurity researcher. There he coordinated the NCSC Research Agenda, was the national expert on Coordinated Vulnerability Disclosure, and was part of crisis teams such as with Wannacry or Log4J. Since moving to UTwente, he now holds a guest position at NCSC-NL.

Jeroen is member of the editorial board of the ACM journal Digital Threats: Research and Practice, is an active member of the FIRST community, and was the co-editor of the Code of Ethics for Incident and Security Teams, and serves on several programme committees.

His research currently focuses on vulnerability prioritisation and management, incdent response, the many developments in coordinated vulnerability disclosure and ethics of cybersecurity and computer science.


Incident Response is a fundamental part of cybersecurity. Now that digitalisation has permeated almost every part of society, incident response and managing vulnerabilities have become a vital activities of cybersecurity.

Incident response must grow from a trade to a profession. Incident Response started in earnest with the Morris worm and the formation of CERT/CC. However, Incident response has always been a trade that has been learned mostly from lore, rather than grounded theory.

A profession requires theoretical frameworks and academic grounding.

Some questions that I'm focusing on:

  • How do we define “cybersecurity” and what is the role of “incident response” ?
  • How can we provide a grounding for cybersecurity work, such as vulnerability management and prioritisation?
  • Part of professionalisation is the development of a code of ethics, what are the fundamental aspects?
  • How do we develop Internet security while keeping the need for incident response in mind?
  • How do we better educate future incident response and cybersecurity professionals?


  • Vulnerability Management
  • Incident Response
  • Network Security
  • Ethics of Cyber Security and Computer Science in general


  • PhD in System and Network Engineering, 2010

    University of Amsterdam

  • MSc in System and Network Engineering, 2004

    University of Amsterdam

  • MSc in Cognitive Artificial Intelligence, 2002

    Utrecht University


Academic Positions

Besides my current position (since 2015) as security researcher at the National Cyber Security Centre, I have (held) the following academic positions (in reverse chronological order)

Programme Committees

  • Passive and Active Measurement Conference (PAM) 2020
  • FIRST Conference 2018, 2019, 2020
  • Workshop Traffic Measurement for Cybersecurity (WTMC) 2017, 2018, 2019
  • NextCloud2013
  • NextCloud2012

Other Activities

  • 2019 : Guest editor of FIRST special issue ACM DTRAP
  • 2018 - present: Associate Editor of ACM Journal: Digital Threats: Research and Practice (ACM DTRAP)
  • 2018 - present: Member of Ethics Committee at Electrical Engineering, Mathematics and Computer Science, UTwente
  • 2016 - present: Chair of Ethics Working-group at ICT-Research Platform Netherlands
  • 2014 - 2019: Member of Ethics Committee at Science Department, UvA
  • 2014 - 2017: Ethics Advisor at Systems and Network Engineering Master, UvA


PhD Students

Master Students