-
CISO Canberra 2024 - AGENDA
-
08:30
Register; grab a coffee. Mix, mingle and say hello to peers old and new.
-
09:00
Welcome from Corinium and the Chairperson
-
09:10
Speed Networking – Making new connections!
In this 10-minute networking session, the goal is to connect with three new people. Let the questions on the screen spark your conversation. Enjoy the opportunity to expand your network!
-
09:20
Opening Keynote: Unpacking the 2023-2030 Australian Cyber Security Strategy
Lieutenant General Michelle McGuinness - National Cyber Security Coordinator - Department of Home Affairs
- Uncover what lies ahead - a brief guide outlining key initiatives, strategic imperatives and the challenges that CISOs must navigate.
- Deepen your understanding of the vision of the 2023-2030 Australian Cyber Security Strategy to empower you with actionable strategies to craft a path to success.
- Learn about the key challenges and success factors identified for the strategy, including the need for long-term commitment, flexibility, and alignment with global allies.
-
09:45
Partner Presentation
Fortifying your Security Operations with Enhanced VisibilityDue to the constant evolution of our internal networks and in the face of an unforgiving threat landscape, Security Operations teams are constantly looking at new ways to enhance their visibility in order to better anticipate cyber threats. This session will explore the importance of how clarity of goals, visibility of your attack surface, and cyber threat intelligence can be helpful in better focusing your cyber security defences.
-
10:10
Threat Landscape: Insights into Latest Trends, Emerging Threats, and Adversary Tactics
Pat Holmes - Senior Executive Australian Cyber Security Centre - ASD
- Understand the current state of the threat landscape, including the most prevalent types of attacks, such as ransomware, phishing, and supply chain compromises
- Gain insights into the latest cyber threat trends, including the rise of ransomware, targeted phishing, and AI-driven attacks, and learn about new vulnerabilities impacting the nationwide and global landscape.
- Stay informed about the latest threat trends and adversary tactics, organisations can better prepare themselves to defend against increasingly sophisticated attacks.
-
10:35
Partner Presentation
Critical Infrastructure: Protect to Empower Businesses to Thrive and Communities to Prosper- Identify the risks of vulnerable infrastructure and the impact on local businesses and citizens.
- Develop resiliency plans with stakeholders including industry partners and local leaders and learn about the readiness of the community to withstand potential risks.
- Discover real-world examples and gain insights into emerging technologies and innovative approaches to infrastructure resilience.
-
11:00
Morning Coffee Break
-
11:30
Shifting Mindset: Resilience-Building Strategies and Frameworks for a Large Government Department
- Adopting and integrating specific frameworks and strategies, such as risk management and crisis response plans, essential for strengthening the department’s ability to handle challenges effectively.
- Fostering a culture that prioritises resilience and ensuring strong leadership to drive these values throughout the department.
- Utilising technology that supports resilience while encouraging training that ensures employees are prepared to respond effectively to incidents.
-
11:55
Panel: Working Together to Combat Cyber Attacks for the Benefit of all Public and Private Sectors
- Discuss the current state and challenges in building strong partnerships forged across public and private sectors to defend against sophisticated threat actors.
- Understand the importance of establishing trust and the impact of cultural change required for effective public-private collaboration.
- Explore communication and collaboration structures needed for effective information sharing and joint action.
Panellists:
Garrett McDonald, CISO, Services Australia
Mitchell White, Chapter Lead Senior Cyber Security Specialist, Telstra
Professor Debi Ashenden, Director of the Institute for Cyber Security (IFCyber), UNSW Canberra
-
12:30
Cyber Preparedness Elevated: Empowering Communication and Coordination
Philip Wagner - Senior Cyber Security Advisor - Department of Prime Minister and Cabinet
- Get serious - and build the relationships before the incident. Write the process and test the process
- On educating people: storytelling
- Creating an environment of being alert and not alarmed where people are encouraged to report.
-
12:55
Lunch
-
13:55
Track A: Organisational Strategy & GRC
-
14:00
Partner presentation
Resilience-Building Strategies and Frameworks for Public Sector Organisations- Discover best practices for fostering a resilience mindset across the organisation, from leadership to frontline staff, and empowering employees as active participants in resilience initiatives.
- Examine the critical components of a comprehensive resilience framework tailored to the public sector context, including risk assessment, incident response planning, and business continuity.
- Align resilience-building efforts with broader organisational goals and national/regional strategies.
-
14:25
Embrace GRC as an Enabler for Cyber Maturity
Adam Henry - Former Cyber Training & Preparedness Manager - ex Defence Australia
- Leverage GRC as a strategic framework to drive continuous improvement in your cyber security capabilities and overall resilience.
- Explore advanced techniques for aligning GRC initiatives with your business objectives and key risk indicators to maximise the impact of your cyber investments.
- Learn practical approaches to navigating the challenges of implementing cyber into GRC strategy.
-
14:45
Partner presentation
Cyber-Proofing the Supply Chain: Practical Approaches to Assess, Mitigate, and Manage Third-Party Risks- Explore the critical challenges posed by supply chain attacks and third-party risks, including their potential financial, reputational, and operational impacts on organisations.
- Delve into the anatomy of supply chain attacks, emphasising the importance of robust risk assessment, due diligence, and continuous monitoring of third-party activities.
- Discuss tailored mitigation strategies to effectively lead organisations in mitigating evolving supply chain risks
-
15:15
Multidisciplinary Strategies to Strengthen Human-Centric Security Controls and Reduce the Risk of Human-Enabled Breaches
Adam Samuelson - Risk and Security Manager - National Museum of Australia
- Empower people through education and communication and explore innovative strategies for attracting, retaining, and nurturing cybersecurity professionals.
- Implement comprehensive security training programs tailored to different user roles and risk profiles, leveraging innovative learning techniques.
- Assess and improve human-centric security controls, reducing the risk of human-enabled breaches.
-
13:55
Track B: Technical Approaches & Case Studies
-
14:00
Partner presentation
Leveraging AI and ML for threat detection and prioritisation- Explore how AI and ML can enhance the capabilities of security teams in detecting and responding to threats.
- Navigate the implementation challenges to leverage advanced technologies and ultimately improve the organisation’s overall security posture.
- Learn use cases of how these tools can automate the analysis of vast amounts of security data, identify anomalies and prioritise the most critical threats.
-
14:25
Zero Trust in Action: A Robust Comprehensive Security Approach for Modern Distributed Networks and Cloud
Matthew Hackling - Enterprise Security Architect - CyberShield Government
Matt will share a no-nonsense overview of how you can adopt zero trust principles to protect your applications and infrastructure including:
- Key dependencies to fulfil before starting a zero trust network transformation
- Key components of a zero trust technology stack and their roles in the overall solution
- Pragmatic policy design principles you can use to avoid “boiling the ocean” and get the most risk reduction for the least effort
- Aspects of zero trust architecture of most benefit to knowledge worker and customer service provision use cases prevalent in the public sector
-
14:50
Partner presentation
Future-proofing cloud security: A New Operating Model- Delve into practical strategies and insights on how to adapt their cloud security programs to support business agility and growth.
- Streamline security operations, empower cross-functional collaboration, and drive measurable improvements in cloud security efficiency.
-
15:15
Incident Response Excellence: Refining Processes and Advancing Cyber Security Maturity
Nick Kent - Director Government Uplift, Australian Cyber Security Centre - ASD
- Explore practical strategies for bolstering incident response plans and advancing cyber security maturity.
- Emphasise the importance of post-exercise analysis to refine response processes and highlight tools like network traffic analysis for swift incident detection and response.
- Address clear communication protocols, including secure channels and encryption standards
- Discuss the criticality of effective incident declaration processes for compliance and offer insights into advancing organisational maturity models
-
15:40
Afternoon Tea Break. Get Refreshed!
-
16:10
Mastering Essential Eight as a Smaller Government Department
Aden de Leeuw - Director – Application Development and Integration - Defence Housing Australia
- Implement practical strategies and methodologies to achieve a high maturity level with the Essential 8 framework, showcasing key steps and milestones.
- Address real-world challenges and mitigate significant gaps and risks that persisted despite achieving high maturity, highlighting effective solutions and adjustments.
- Overcome resource constraints and effectively apply Essential 8 controls in a smaller government department, including innovative approaches to managing limited staff and budget.
-
16:35
Panel: Creating a Cyber-Aware Culture to Empower Employees as the First Line of Defence
- Understand the critical role that human behaviour and organisational culture play in effective cybersecurity
- Discover techniques for fostering a security-conscious mindset and encouraging proactive cyber hygiene practices
- Explore methods for measuring the impact of security awareness initiatives and continuously improving the cyber-aware culture
- Gain insights into real-world case studies and best practices to equip employees with the knowledge, skills and motivation to be active participants in safeguarding the organisation
Panellists:
Jamie King, A/g CISO, Australian Federal Police
Andrew Dimech, Director IT Operations & Cyber Security, Australian Maritime Safety Authority
Clarence Yap, CIO, Australian Health Practitioner Regulation Agency
Sarah Luscombe, CISO, University of Canberra
-
17:10
CISO Canberra 2024 Chair’s Closing
-
17:15
CISOs Cocktail Reception & Networking - Continue the conversations in a fun and entertaining way.
Not Found