AUSTRALIAN CYBER CONFERENCE 2019 Agenda

MONDAY, 7 OCTOBER

Early registration and welcome drinks 17.00 – 19.00 hrs Collect conference pass and join social networking

TUESDAY, 8 OCTOBER Official conference opens 8.30 – 9.00 hrs Acknowledgement to country and opening remarks by AISA and ASD

Critical thinking – The last line of defence 9.00 – 10.00 hrs Dr Karl Kruszelnicki, Julius Sumner Miller Fellow at Sydney University, author and KEYNOTE media personality

International Panel 10.10 – 10.50 hrs NZ - CERT Rob Pope, UK NCSC - Dr Ian Levy, ACSC - Karl Hanmore GOVERNMENT

Applying lessons learned from cybersecurity incidents in oil and gas to other critical INCIDENT 10.10 – 10.50 hrs infrastructures MANAGEMENT Craig Morris, Associate Partner, IBM Security

How to ensure those developing your software are keeping you safe 10.10 – 10.50 hrs AWARENESS Tennessee Leeuwenburg, Head of Cyber Security Engineering, Bureau of Meteorology

After all this time and money, why are we not safer? BUSINESS & 10.10 – 10.50 hrs Prof David Watts, Professor of Information Law and Policy at LEGAL Insights on proactive defence mechanism for loT 10.10 – 10.50 hrs Mengmeng Ge, Lecturer in Cyber and Networking Security, School of IT, Deakin RESEARCH University Overwatch offensive espionage tool 10.10 – 10.50 hrs TECHNICAL Wayne Ronaldson, Penetration Tester

Trust, but verify – how to ensure your IT provider is doing your cyber security right! 10.10 – 10.50 hrs BUSINESS Brenton Johnson, founder of Uptake Digital

Why is automation important and how do you incorporate automation into your enterprise cyber strategy GOVERNANCE & 10.10 – 10.50 hrs Ganesha Rajanaidu, Security and Risk Services, Wipro RISK

Can we develop or achieve consensus in international law to address the challenges 10.10 – 10.50 hrs of cybersecurity? LEGAL Scott Ainslie, Regional Director and New Zealand, FSISAC

From Chief Information Security Officer to hacker 10.10 – 10.50 hrs MANAGEMENT Magda Lilia Chelly, nominated as global leader of the year and CISO on demand

Cyber-crime scene evidence management LAW 10.10 – 10.50 hrs Graeme Edwards, 26 years in law enforcement, 15 of those as a detective ENFORCEMENT investigating cybercrime

Program subject to change: last updated 4 October 2019. AUSTRALIAN CYBER CONFERENCE 2019

Innovation Sandbox - hear the latest home-grown cybersecurity start-ups compete for the innovation sandbox crown! Featuring 5 cyber security startup finalists (TBC) Facilitator: Judy Anderson, CEO at Startup VIC 10.10 – 10.50 hrs Judging panel: Michelle Price, CEO of Auscyber. Kylie McDevitt, Director Emerging STARTUP Technology and Engineering, ACSC. John Karabin, National Director, Cybersecurity at Global NTT, Alex Woerndle, Deputy Chair, AISA and Hugh Williams, Partner at Rampersand. What I have learnt in 18 months as the Assistant CISO for the state of Victoria 10.10 – 10.50 hrs THINK TANK Shane Moffitt, Assistant CISO, State of Victoria

Evolving the hunt – reducing attacker dwell time 10.10 – 10.50 hrs THINK TANK Wayne Tufek, Director of CyberRisk

What is Cyber Terrorism: Discussion of Definition and Taxonomy 10.10 – 10.50 hrs CYBER WARFARE Jordan Plotnek and Jill Slay, La Trobe University Applying the telecommunications and other legislation amendment (assistance and access) act(TOLA) 10.10 – 10.50 hrs LEGAL Phil Magness and Michael Do Rozario, Corrs Chambers Westgarth

10:50 – 11.20 hrs Morning Tea

Surmounting the barriers: Disrupting the spread of illegal content in the online 11.20 – 12.00 hrs world AWARENESS Julie Inman Grant, eSafety Commissioner, Australian Government

Premediation: the art of proactive remediation INCIDENT 11.20 – 12.00 hrs Matthew McWhirt, Senior Manager, Mandiant Security Transformation Services MANAGEMENT

The web is out to get you and there’s nothing you can do about it 11.20 – 12.00 hrs AWARENESS Corch, founder, Shogun Cybersecurity

Creating a path of most resistance: supporting a resilient Australian business 11.20 – 12.00 hrs community BUSINESS Martha McKeen, Senior Manager, Cyber Outreach at Commonwealth Bank

DevSecOps - Placing people at the core of security strategies 11.20 – 12.00 hrs BUSINESS Tanvi Bali, Security Specialist at Accenture Australia,

Inside magecart: the card-skimming cybercriminal groups behind front-page 11.20 – 12.00 hrs breaches TECHNICAL Aaron Mog, Strategic CISO at RiskIQ

Security on a shoestring – how to deploy effective security expeditiously 11.20 – 12.00 hrs BUSINESS Ashwin Pal, CISO APAC, Unisys Our new cyber frontier - protecting Australia's national identity and the evidence of GOVERNANCE & 11.20 – 12.00 hrs who we are RISK Anne Lyons, ASPI Fellow and former CIO and Assistant Director-General Security Management and Assurance Directorate, Director Security Management 11.20 – 12.00 hrs and Assurance LEGAL Jacinta Thomson, Director Security Management & Assurance

Program subject to change: last updated 4 October 2019. AUSTRALIAN CYBER CONFERENCE 2019

Process vs nuclear meltdown: workspaces that prevent accidents and enable new 11.20 – 12.00 hrs employees MANAGEMENT Aaron Call, Chief Information Security Officer, US State of Minnesota Caught between the devil and the deep blue sea: Navigating security 11.20 – 12.00 hrs communications ACSC Izzi Lithgow, CERT NZ CISO Panel: How start-ups should work with corporates - keep their attention and deliver results they want 11.20 – 12.00 hrs Facilitator: Susie Jones, CEO and co-founder, Cynch Security STARTUP Panel: Craig Templeton, CISO and GM Platforms, REA Group. Kristin Lyons, CISO, Australia Post and Berin Lautenbach, CISO Asia Pacific, Telstra. Regulating AI: ethics or politics? 11.20 – 12.00 hrs THINK TANK Iyad Rahwan, Associate Professor, MIT

How I did (almost) everything wrong and still work in security: addressing the cyber 11.20 – 12.00 hrs skills shortage with non-linear career paths THINK TANK Sarah Young, Cloud Security and Compliance Specialist Microsoft Unsupervised Anomaly-based Intrusion Detection for SCADA Systems 11.20 – 12.00 hrs Abdullah Alsaedi, Abdulmohsen Almalawi and Zahir Tari, RMIT & King Abdulaziz CYBER WARFARE University Applying Australian Privacy law and GDPR 11.20 – 12.00 hrs LEGAL Arvind Dixit, Corrs Chambers Westgarth

Lessons from a breach INCIDENT 12.10 – 12.50 hrs Andrea Di Fabio, CISO and Associate CIO at East Tennessee State University MANAGEMENT

Cyber security awareness – you’re doing it wrong! 12.10 – 12.50 hrs AWARENESS Chirag Joshi, Senior Manager, Cyber Risk Governance at Origin Energy Leading cyber security as crash mitigation to deliver a solutions focused model 12.10 – 12.50 hrs Kathleen Robinson, Chief Executive at Department of Corporate and Information BUSINESS Services

Cyber-Insurance - the existential battle for its future: the latest on the Mondelez v 12.10 – 12.50 hrs LEGAL Zurich Insurance court case Dr John Selby, Macquarie University in the Faculty of Business and Economics

How resilient is the Mac OSX to cyber-attacks? TECHNICAL 12.10 – 12.50 hrs Arni Hardarson, Technical Director, PS+C Security Security architecture – building the CISO-SecOps bridge 12.10 – 12.50 hrs BUSINESS Nigel Hedges, Information Security Manager at CPA Australia

How exactly can CIO’s mitigate cyber risk? MANAGEMENT & 12.10 – 12.50 hrs Theo Nassiokas, CISO at Barclays International RISK Cyber in the boardroom 12.10 – 12.50 hrs Michael do Rozario & Phil Catania, Partners (Litigation & Cyber, IT & IP), Corrs LEGAL Chambers Westgarth Overcoming barriers to indigenous diversity and inclusion in ICT security in 12.10 – 12.50 hrs Australia MANAGEMENT Phillip Jenkinson, CEO and Co-founder at Baidam Solutions

Program subject to change: last updated 4 October 2019. AUSTRALIAN CYBER CONFERENCE 2019

Asymmetric Cyber Defence – Do you want hackers? Because this is how you stop 12.10 – 12.50 hrs hackers ACSC David Lewis, ACSC The missing pieces holding back the Australian cyber start-up community - what is needed and how we can fix it. Featuring speakers from CyRise, AustCyber, ResponSight and Right Click Capital 12.10 – 12.50 hrs STARTUP Facilitator: Kirstin McIntosh, Head of Partnerships, CyRise Panel: Jeff Paine, Founder & CEO, ResponSight. Prerana Mehta, Chief of Ecosystem Development, AustCyber and Ulric J. Ferner, Principal, Right Click Capital Privacy of personal data: not just a security story! 12.10 – 12.50 hrs THINK TANK Nicole Stephensen, Principal Consultant at Ground Up Consulting How the heck did they land that awesome job? 12.10 – 12.50 hrs Gavin Norris, Executive Coach, Trusted Advisor, Businessman & Educator at The 3e Factor Pty Ltd

12.10 – 12.50 hrs Cyber warfare session CYBER WARFARE

Standards and regulation in ethics and AI technologies 12.10 – 12.50 hrs LEGAL Greg Adamson, University of

12.10 – 12.50 hrs UK NCSC GOVERNMENT

12.50 -13.40 hrs Lunch and book signing

13.40 – 14.20 hrs Australia’s 2020 Cyber Security Strategy GOVERNMENT Kendra Morony Home Affairs The moral machine experiment 13.40 – 14.20 hrs ETHICS (AI) Iyad Rahwan, Associate Professor at MIT A frog riding a bicycle: people and culture as the source of resilience and adaptability in information security 13.40 – 14.20 hrs AWARENESS Dr David Schmidtchen, Executive Director, People and Organisational Development at Synergy Group Australia Humans in crisis – the undervalued consideration of human behaviour during INCIDENT 13.40 – 14.20 hrs security incidents MANAGEMENT David Simpson, Managing Director & Founder at CQR

Securing the leadership pipeline 13.40 – 14.20 hrs AWARENESS Alex Nixon, Senior Associate, Cyber Risk at Kroll

Rediscovering DNS attacks 13.40 – 14.20 hrs Edward Farrell, Director & Principal Consultant at Mercury Information Security TECHNICAL Services

Internet luring, abduction, recovery, and reunification: a survivor’s perspective 13.40 – 14.20 hrs SAFETY Alicia Kozakiewicz, The Alicia Project

APRA CPS 234 readiness program GOVERNANCE & 13.40 – 14.20 hrs Denny Wan, Principal Consultant at Security Express RISK

Program subject to change: last updated 4 October 2019. AUSTRALIAN CYBER CONFERENCE 2019

Seven powerful yet little known tips to build a winning cyber resilience strategy 13.40 – 14.20 hrs MANAGEMENT Andrew Bycroft, CEO, International Cyber Resilience Institute Securing a Proof of Concept (PoC) for your startup - get the CISO and startup view Facilitator: Jennifer Stockwell 13.40 – 14.20 hrs STARTUP Panel: Samantha MacLeod, CISO, AGL. Vaughan Shanks, CEO & Founder, Cydarm Technologies Cyber security influence in the boardroom – moving from being a service provider 13.40 – 14.20 hrs to trusted adviser THINK TANK Jonathon Morse, Senior Partner, Korn Ferry

13.40 – 14.20 hrs Cyber warfare session CYBER WARFARE

How Blockchain is changing the legal landscape of everyday business 13.40 – 14.20 hrs LEGAL Laura Spencer, Sladen Legal

The boy who cried wolf – was it already too late? 13.40 – 14.20 hrs ACSC Keir P, NCSC - UK

Cyberteacher starting up in cyber security – Teacher PD Session 13.40 – 15.05 hrs EDUCATION LifeJourney

Lessons from the field: Vulnerabilities in credentials & how to fix them 14.25 – 15.05 hrs TECHNICAL Paula Januszkiewic, CEO, Security Expert

A regional perspective on cyber leadership 14.25 – 15.05 hrs LEADERSHIP Claire Pales, Author & Director, 27 Lanterns Pty Ltd How to automate patching security vulnerabilities – so you can focus on the big stuff (NetDevOps) 14.25 – 15.05 hrs DEVOPS Mike Webber, Chief Information Officer & Chief Information Security Officer at BlackBerry

Privacy as a competitive differentiator 14.25 – 15.05 hrs PRIVACY R. Jason Cronk, Author, Privacy and Trust Consultant and Nicole Stephensen, Privacy Expert Ground Up Consulting How to lose a container in 10 minutes 14.25 – 15.05 hrs TECHNICAL Sarah Young, Cloud Security and Compliance Specialist Microsoft Fighting against child abuse through large-scale source-oriented image clustering 14.25 – 15.05 hrs Xufeng Lin, Research Fellow of the School of Information Technology, Deakin RESEARCH University

Information security adaptation of the CARTA method GOVERNANCE & 14.25 – 15.05 hrs Phoram Mehta, Head of Information Security PayPal Asia-Pacific RISK

Detecting infected internet-of-things (IoT) devices to prevent distributed denial of service (DDoS) attacks 14.25 – 15.05 hrs RESEARCH Dr Sarah Erfani, lecturer in the School of Computing and Information Systems at The University of Melbourne

Introduction to 5G Core Security 14.25 – 15.05 hrs ACSC Kylie McDevitt, ACSC

Program subject to change: last updated 4 October 2019. AUSTRALIAN CYBER CONFERENCE 2019

Data governance – an essential foundation to good cyber security practice GOVERNANCE & 14.25 – 15.05 hrs Kate Carruthers, Chief Data & Insights Officer for UNSW Sydney RISK Developing cyber security skills in Australian classrooms 14.25 – 15.05 hrs Associate Professor James Curran, Academic Director of the Australian Computing THINK TANK Academy

Big data and security – revolution, evolution or distraction 14.25 – 15.05 hrs BUSINESS Clive Reeves, Deputy CISO, Asia Pacific at Telstra

Revisiting Syria: Cyber Operations as a Means of Hybrid Warfare 14.25 – 15.05 hrs Meredith Primrose Jones and Sascha Dov Bachmann, La Trobe University and CYBER WARFARE University of Cloud Services: how to play with your commercial and legal folks 14.25 – 15.05 hrs LEGAL Paul Gray, Sladen Legal Sino-European aspects of cyber security (our warning as a cyber watchdog and the global challenges we face) 15.10 – 15.50 hrs Daniel Bagge, Cyber Attaché to the USA and Canada, former Director of Cyber GOVERNMENT Security Policies, National Cyber and Information Security Agency of the Czech Republic

Establishing supply chain risk management - the HBF case study GOVERNANCE & 15.10 – 15.50 hrs Andrew Bullen, Cyber Governance & Assurance, HBF Health Limited RISK

Social loafing: why good people breach security & what to do about it 15.10 – 15.50 hrs Professor Debi Ashenden, Professor of Cyber Security and Human Behaviour, Deakin AWARENESS University

A layered approach for securing operational technology – organisation, skills, trust 15.10 – 15.50 hrs and technology to secure OT networks CRITICAL INFRA. Paresh Kerai, Technical Manager Cybersecurity at Sapien Cyber

Technology disrupting the child sex trafficking industry 15.10 – 15.50 hrs AWARENESS Annette Peploe, Cyber Security Student plus Corporate and School Chaplain

Software security in the presence of faults 15.10 – 15.50 hrs Peter Gutmann, Researcher in the Department of Computer Science at the University TECHNICAL of Auckland

Developing a practical cyber security strategy for your organisation 15.10 – 15.50 hrs MANAGEMENT Ian McKenzie, CISO for the Australian Parliament Respond before incident, intelligence-driven proactive threat hunting case-study INCIDENT 15.10 – 15.50 hrs from Taiwan MANAGEMENT Sung-ting Tsai, CEO of TeamT5 Finding new indicators of compromise through AI analysis of user-generated content 15.10 – 15.50 hrs TECHNICAL Holly Wright - Software Engineer, IBM Security and Dale Bowie - QRadar Flows Product Owner, IBM Security

Two nations, one mission, zero Excuses: Cyber-secure vital control systems 15.10 – 15.50 hrs ACSC Ken Radke / Thomas Schmidt (BSI Germany)

Unified management system for asset management and cybersecurity GOVERNANCE & 15.10 – 15.50 hrs Gijo Varghese - Governance, Risk and Information Security Leader RISK

Program subject to change: last updated 4 October 2019. AUSTRALIAN CYBER CONFERENCE 2019

Help us teach cyber security skills in Australian schools 15.10 – 15.50 hrs THINK TANK Bruce Fuda, Computing Education Specialist at the Australian Computing Academy

Mandatory data breach response notifications - lessons from the trenches 15.10 – 15.50 hrs Alex Hutchens, Partner at McCullough Robertson and Will McCullough, Senior AWARENESS Associate at McCullough Robertson

BotNets in the Internet of Things: The Next Wave 15.10 – 15.50 hrs CYBER WARFARE Ashley Woodiss-Field and Mike Johnstone, ECU How to view ethics when the 'Law•Information•Security' gloves are off 15.10 – 15.50 hrs Fabian Horton, Law Institute of Victoria LEGAL

Safeguarding Australia’s Critical Infrastructure 15.10 – 15.50 hrs Alex Lewis, Home Affairs ACSC

15:50 – 16.10 hrs Afternoon Tea How hackers attack and how to fight back – with live hacking demonstrations of the current threats to you, your family, and your organization by the social engineering 16.10 – 17.40 hrs KEYNOTE legend and the world’s most famous hacker Kevin Mitnick (The world's most famous hacker) 17.45 – 19.00 hrs Social Event Drinks and Networking

19.15 – 23.00 hrs Social Event “Bloc Party” (Gold registration package only)

WEDNESDAY, 9 OCTOBER

Official conference opens 8.30 – 9.00 hrs Welcome to country and opening remarks from Ambassador Tobias Feakin Securing a world of physically capable computers 9.00 – 9.55 hrs KEYNOTE Bruce Schneier, Internationally renowned security technologist and author Trends in IT Security 10.00 – 10.40 hrs Cam Wayland, Director at Channel Dynamics Pty Ltd BUSINESS

The care and feeding of your privacy experts 10.00 – 10.40 hrs PRIVACY Kasey Chappelle, Data Protection Officer for GoCardless

We need to talk about red teaming 10.00 – 10.40 hrs BUSINESS Troy Defty, Principal Security Consultant at Pure Hacking

An introduction to drone security 10.00 – 10.40 hrs TECHNICAL Mike Monnik, Managing Consultant at DroneSec

How to humanise the way we talk about cyber for greater influence and impact 10.00 – 10.40 hrs BUSINESS Olivia Grandjean-Thomsen, Communication and Engagement Manager at AustCyber

Why doesn’t my boss get it? CULTURE & 10.00 – 10.40 hrs Gary Gaskell, Specialist at Infosec Services BEHAVIOUR

Program subject to change: last updated 4 October 2019. AUSTRALIAN CYBER CONFERENCE 2019

Remediation is the name of the game: How purple teaming together with risk 10.00 – 10.40 hrs quantification is the way to win Robert Martin, Partner at PwC Australia and Nicola Nicol, Partner at PwC Australia

IoT Security 10.00 – 10.40 hrs ACSC Kylie McDevitt, ACSC / James Robinson, Home Affairs

Leaders and managers: a practising lawyer’s advice on what you actually need to do 10.00 – 10.40 hrs so you can sleep at night THINK TANK Robert Kerr, Partner, Addisons

Cautionary tales and community defence 10.00 – 10.40 hrs AWARENESS Gyle dela Cruz, Technical Instructor

Government Cloud Computing Security Guidelines 10.00 – 10.40 hrs CYBER WARFARE Mansoor Al-Gharibi, Matthew Warren and William Yeoh, Deakin University

10.40 – 11.00 hrs Morning Tea

Open Mic 11.00 – 11.40 hrs INTERACTIVE Brian Krebs - Investigative Reporter and Damien Manuel (moderator)

Panel: Diversity in thinking and innovation 11.00 – 11.40 hrs PANEL with MC James O’Loghlin

Barriers to entry and beyond Karina Bader, Research Analyst for the Materials (Resources) & Energy sectors at 11.00 – 11.40 hrs RESEARCH Specialist Fund Manager Acorn Capital

Preparing for systems of record in the cloud 11.00 – 11.40 hrs Wayne Bozza, Head of Security NIB Group and Matthew Finch, Head of Emerging CRITICAL INFRA. Tech, NIB Group Black or white hat: Navigating legal issues in information security 11.00 – 11.40 hrs LEGAL Melissa Wingard, Regional Divisional Counsel & Contracts Manager – APAC

Cyber duty of care for legal practitioners and the businesses they advise 11.00 – 11.40 hrs LEGAL EJ Wise, Principal at Wiselaw

Breaking into the industry, a student’s perspective 11.00 – 11.40 hrs STUDENT Jacinda Erkelens, CSM Cyber Security, Telstra

VR rocks the SOC: a next-gen view of security operations 11.00 – 11.40 hrs Chris Hockings - CTO for IBM Security Australia and New Zealand and Jared Hayward - THINK TANK Software Engineer for IBM Security specialising

The end of random - quantifying risk to end uncertainty 11.00 – 11.40 hrs THINK TANK Bryan Sartin, Executive Director, Global Security Services, Verizon

Program subject to change: last updated 4 October 2019. AUSTRALIAN CYBER CONFERENCE 2019

Supporting small business in cyberspace - The ACSC small business cyber security 11.00 – 11.40 hrs guide and companion materials ACSC Craig Gillies, ACSC

Fact and fiction in technology-driven military decision-making : Evidence from the 11.00 – 11.40 hrs US and Israel CYBER WARFARE Shiri Krebs, Deakin University

Open Mic 11.50 – 12.30 hrs INTERACTIVE Bruce Schneier and Damien Manuel (moderator) Responding to the supply chain cyber risk dilemma Ben Di Marco - Cyber Specialist ANZ, Willis Towers Watson, Georgina Crundell - Cyber Security, EY, Timothee Grange - APAC Managing Director, GM Consultant and John 11.50 – 12.30 hrs PANEL Karabin - National Director Cyber Security, Dimension Data. With MC, James O’Loghlin

What if we are doing cybersecurity all wrong? 11.50 – 12.30 hrs AWARENESS Richard Bird, Chief Customer Information Officer, Ping Identity How do you talk to your board about cybersecurity? An old problem in a new world 11.50 – 12.30 hrs Jinan Budge, Principal Analyst Serving Security at Forrester BUSINESS

It's Hammertime: SQL Injection for beginners Brigitte Lewis, Penetration Tester / Ethical Hacker at Deloitte / 11.50 – 12.30 hrs TECHNICAL W0m3nWhoHackM3lb0urn3

Bots down under: exploring Australia’s preparedness to defend against credential TECHNICAL & 11.50 – 12.30 hrs abuse attacks RESEARCH Nick Rieniets, CTO at Kasada The ACSC small business survey – what small businesses are telling us 11.50 – 12.30 hrs ACSC Craig Gillies/Laura Bennetts Kneebone (Prime Minister and Cabinet)

Prevention and response to common cloud security misconfigurations 11.50 – 12.30 hrs SECURITY Ben Potter, Security Lead at AWS

You’ve been breached, now what? 11.50 – 12.30 hrs THINK TANK Ben Verschaeren, Global Solutions Engineer Sophos

The problem with super predators 11.50 – 12.30 hrs THINK TANK Campbell Murray, Global Head, Cybersecurity Delivery at BlackBerry

Information warfare by proxy: Malware in PLC firmware 11.50 – 12.30 hrs CYBER WARFARE Lachlan Walling, Mike Johnstone and Peter Hannay, ECU

12.30 -13.20 hrs Lunch and Book signing

Panel - IoT and OT security - now and beyond – A perspective from utilities and mining industries 13.20 – 14.00 hrs Abbas Kudrati – Chief Cyber Security Officer Microsoft, Professor Jill Slay - La Trobe CRITICAL INFRA. University, Matt Tett - Managing Director of Enex TestLab and chair of IoT Alliance Australia (IoTAA), Tim Daly - Chief Security Officer AEMO and Babu Srinivas - Global Head, Cyber Competency & Digital Trust at BHP

Program subject to change: last updated 4 October 2019. AUSTRALIAN CYBER CONFERENCE 2019

Estonian perspective on cyber security 13.20 – 14.00 hrs Tonu Tammer, Executive Director at National CERT of Estonia (CERT-EE)

Identifying source devices of images and videos by analysing device fingerprints left in the content 13.20 – 14.00 hrs RESEARCH Prof Chang – Tsun Li, Professor of Cyber Security & Research Director at Deakin University

Risky business: Improving security through risk based decision making 13.20 – 14.00 hrs BUSINESS Shannon Campbell, Security Specialist

Accelerating cybersecurity strategy through behaviour and culture CULTURE & 13.20 – 14.00 hrs Ambika Aggarwal, Cyber Security Consultant at PwC Australia and Nadia Baunin, BEHAVIOUR Organisational Psychologist at PwC Australia

Raise, train, sustain – ASD’s strategy to create a cyber warrior workforce 13.20 – 14.00 hrs ACSC Amanda Butcher, ACSC

How Australia’s new encryption law will impact the technology industry in Australia 13.20 – 14.00 hrs GOVERNANCE, Ted Ringrose, Partner at Ringrose Siganto RISK & PRIVACY

Cybersecurity for software in network-connected devices: high assurance practices 13.20 – 14.00 hrs for mitigating IoT risks THINK TANK Joe Jarzombek, Director for Government, Aerospace & Defence Programs in Synopsys

Cyber Secure Geelong: Determining SME Cyber-Security Preparedness 13.20 – 14.00 hrs CYBER WARFARE Graeme Pye, Scott Salzman, Matthew Warren, Damien Manual, Deakin University

An international cyber duty of care for cyber weapons 14.05 – 14.35 hrs CYBER WARFARE Jonathan Lim and Ej Wise, EJ Wise Lawyers

Strengthening Indonesia Digital Economy 14.35 – 15.05 hrs Caroline Chan, Eugene Sebastian and Matthew Warren, RMIT, Monash and Deakin CYBER WARFARE University

Top 10 ways to make hackers excited: All about the shortcuts not worth taking 14.05 – 15.05 hrs KEYNOTE Paula Januszkiewicz, CEO, security expert

15:05 – 15.30 hrs Afternoon Tea

Overcoming the barriers to innovation 15.30 – 16.30 hrs KEYNOTE James O’Loghlin Broadcaster, author and innovation expert Living in a resilient world 16.30 – 17.30 hrs KEYNOTE Tammy Moskites, Managing Director, Accenture Security

17.30 – 17.35 hrs Conference Close

Program subject to change: last updated 4 October 2019. AUSTRALIAN CYBER CONFERENCE 2019

Training and Workshops

MONDAY, 7 OCTOBER SANS Training - (Pre-Conference): Hands-on security essentials – network protocols, access controls 9.00 – 12Noon and password management 9.00 – 12Noon SANS Training - (Pre-Conference): Threat hunting and investigating WMI and PowerShell Attacks SANS Training - (Pre-Conference): Hands-on security essentials – network protocols, access controls 13.00 – 16.00 hrs and password management 13.00 – 16.00 hrs SANS Training - (Pre-Conference): Threat hunting and investigating WMI and PowerShell Attacks

TUESDAY, 8 OCTOBER SANS Training - Hands-on Sscurity essentials – network protocols, access controls and password 10.10 – 13.10 hrs management

Microsoft Workshop - Office 365 Security: Top Priorities for 30 Days, 90 Days and Beyond 10.10 – 12.50 hrs

CyRise Training - How to test your cyber startup idea without building a thing - an interactive 10.10 – 12.50 hrs introduction to lean startup theory

10:10 – 12.50 hrs CompTIA Workshop - CompTIA Executive Certificate in IT Security

10.10 – 12.50 hrs PS+C Security Workshop - Application security - build pipeline workshop

13.40 – 16.40 hrs SANS Training – Threat hunting and investigating WMI and PowerShell Attacks

13.40 – 15.50 hrs AWS Workshop - AWS hands on incident response

13.40 – 14.25 hrs PwC Workshop - Game of Threats

CyRise Training - How to test your cyber startup idea without building a thing - an interactive 13.40 – 15.50 hrs introduction to learn startup theory

14.25 – 15.10 hrs PwC Workshop – Game of Threats

WEDNESDAY, 9 OCTOBER

10.10 – 12.30 hrs Bsi Training – Challenges found in information security audits

10.00 – 12.30 hrs Cloud CTF: Identifying and resolving attacks in azure

13.20 – 14.05 hrs PwC Workshop – Game of Threats

14.05 – 14.50 hrs PwC Workshop – Game of Threats

Unless otherwise specified (1) the Australian Signals Directorate (ASD) and the Australian Information Security Association (AISA) do not recommend or endorse information presented during the 2019 Australian Cyber Conference; and (2) any opinions expressed during the conference are the presenter’s own and do not reflect the opinion of AISA, ASD or the Australian Government.

Program subject to change: last updated 4 October 2019.