Raf (Raphael) Cox is a senior security consultant at Microsoft Services with almost 20 years of experience in the computer industry. After he got his Master in computer-science at the Catholic University of Leuven (Belgium) in 1990, he worked several years as IT Security Officer at a bank, where he was responsible for the security design of the workstation and server infrastructure. In this function, he was part of the team that completed a full roll-out of Windows NT (v3.5) workstations and servers in the bank’s branch environment, which was the first large scale deployment of Windows NT in a financial institution in Europe. In 1997, he joined Microsoft as a consultant, keeping a main focus on security and infrastructure design as well as on application-security. In this function, he worked with many large enterprises and organizations and completed Active Directory and security-architecture designs for NATO, Electrabel, European Commission and others. Since 2006, he works almost fully dedicated within the engineering department of NATO’s Computer Security Incident Response Center (NCIRC), where he is responsible for creating security guidance (for Microsoft operating systems and enterprise applications) which is used throughout NATO and many member nations.