-
AppSec & DevSecOps Sydney
-
08:30
Register; grab a coffee. Mix, mingle and say hello to peers old and new.
-
09:00
Welcome from Corinium and the Chairperson
Shubha Ramakrishnan - Senior DevSecOps Engineer - TPG Telecom
-
09:10
Speed Networking – Making new connections!
In this 10-minute networking session, the goal is to connect with three new people. Let the questions on the screen spark your conversation. Enjoy the opportunity to expand your network!
-
09:20
Charting Success in DevSecOps & AppSec: Be an Influencer of Organisational Change
Alistair Clarkson - Associate Director of DevSecOps - Service NSW
- Emphasise the importance of tech leaders influencing organisational change through trusted partnerships in DevSecOps.
- Positioning security partners to embed robust security practices throughout the development lifecycle.
- Explore strategies for driving organisational change by enhancing visibility of collaborative DevSecOps efforts.
- Transform the approach to build a resilient cyber security culture and create a cohesive, security-focused environment.
-
09:45
Secure-SDLC: Integrating Threat Modelling and Security from Design to Deployment
Akif Kayapinar - Director Information Security Engineering - Mastercard
- Explore the practical implementation of a Secure-SDLC, drawing from real-world experience at Mastercard.
- Discover how to leverage threat modelling to identify vulnerabilities early, establish quality gates for robust security assurance, and seamlessly integrate SAST and DAST tools into the development pipeline.
- Gain actionable insights on embedding security at every stage of the software lifecycle, from inception to deployment, ensuring resilient and secure applications.
-
10:10
The Anatomy of Cloud Native Attacks
Zhihao Tan - Director, Solution Architects – APJ - Aqua Security
This presentation delves into the intricate landscape of cloud-native threats, highlighting the evolving tactics employed by threat actors. We will explore the anatomy of these actors, examining their motivations, methodologies, and the tools they leverage to exploit vulnerabilities in cloud environments, specifically cloud native workloads. Utilising honeypots, we will curate actionable threat intelligence, shedding light on the behaviours of attackers in real-world scenarios. By analysing these patterns, we aim to identify key lessons learned and propose effective mitigation strategies as part of your DevSecOps capabilities. Attendees will gain a comprehensive understanding of the cloud native threat ecosystem, empowering them to enhance their security posture and safeguard their cloud native applications against emerging threats from code to runtime with practical DevSecOps strategies. -
10:35
NETWORKING BREAK
-
11:05
Panel: Securing the Full Lifecycle from DevSecOps to AppSec
- How can we secure the entire software development and supply chain lifecycle through integrated DevSecOps, AppSec practices, and robust container security measures?
- What strategies can mitigate risks and threats at every stage of the SDLC through continuous evaluation and improvement driven by DevSecOps practices?
- How can operational efficiency be enhanced and compliance streamlined with effective automation strategies in governance?
- In what ways can we address vulnerabilities in software supply chains and containerised environments with comprehensive, layered security approaches?
Moderator:
Shubha Ramakrishnan, Senior DevSecOps Engineer, TPG Telecom
Panellists:
Chethana Krishnakumar, Software Technology Lead, Centre for Population Genomics
Hitesh Jamb, DevSecOps and Test Practice Lead, APA Group
Kasvi Luthra, Senior Security Engineer, SafetyCulture
Michael Pogrebisky, Solutions Engineer Professional Lead, APJ Checkmarx
-
11:40
How DevSecOps Platforms Help Secure the Software Supply Chain
Andrew Haschka - CTO Asia Pacific & Japan - GitLab
As organisations accelerate digital transformation initiatives, they face mounting pressure to harmonise rapid software delivery with robust security measures. This session explores how the convergence of DevSecOps, Artificial Intelligence, and Value Stream Management (VSM) creates a comprehensive framework for secure, efficient software development. We'll examine practical strategies for integrating AI-powered security controls into development pipelines, leveraging VSM metrics to optimise security processes, and building resilient software supply chains.
Join us to unlock a seamless delivery pipeline, fortified security, and enhanced business value amidst the ever-evolving threat landscape. -
12:05
Hacking Limits: A Conversation of Women Leading in Cyber
- What inspired you to pursue a career in DevSecOps/Cyber Security, and how has your journey been so far?
- What advice do you have for organisations looking to improve diversity in security and engineering teams?
- How do you see AI and automation shaping the future of secure software development?
- If you could change one thing about the industry, what would it be?
Interviewer
Shubha Ramakrishnan, Senior DevSecOps Engineer, TPG Telecom
Interviewee
Maryam Shoraka, Cyber Security Operations Manager, NSW Department of Communities and Justice
-
12:30
EveryOps: Securing the Future of Software Delivery
Yashaswi Mudumbai - Senior Director of Solution Engineering - APAC - JFrog
Embrace the EveryOps approach to software development by harmonising DevOps, DevSecOps, and AI/MLOps into a cohesive strategy. In this session, Yash Mudumbai, Sr. Director of Solution Engineering, APAC at JFrog will share insights on ensuring resilience in your software supply chain while facing emerging security challenges. Engage in discussions that showcase real-world successes and actionable strategies for integrating security at every stage of the software delivery lifecycle—all enhanced with AI-driven tools and methodologies. Discover how EveryOps can secure your future and level up your software development lifecycle from good to great.
-
12:55
Lunch
-
13:55
Demystifying AppSec for Senior Enterprise Leaders: What YOU Can Do to Improve Application Security Posture
Nina Juliadotter - Application Security Lead Specialist - Westpac
- Understanding the role enterprise leaders play in enabling a cost-effective enterprise AppSec program
- Explaining how you can utilise service management practices to achieve sustainable application security posture management
- Gaining valuable insights into more effective approaches to AppSec tooling and testing
-
14:20
Developer Empowerment Panel: Secure Coding as a Core Competency
Join industry leaders as they delve into the essential skills required for secure coding and the training methodologies that can effectively impart these skills.
- Addressing the limitations of traditional security testing tools such as SAST and DAST.
- Highlighting the importance of proactive coding practices as the last line of defence.
- Discussing the effective secure coding training for developers to recognise and mitigate security risks from the ground up.
Moderator:
Anusha Srinivasan Practice lead - Quality Engineering Leading Australian Retail Company
Panellists:
Alistair Clarkson, Associate Director of DevSecOps, Service NSW
Maryam Shoraka, Cyber Security Operations Manager, NSW Department of Communities and Justice
Felipe Nakandakari, Senior Security Engineer, SafetyCulture
Yashaswini Prabhudev, Security Engineering Manager, AGL
Suganthi Krishnavathi, Staff Solutions Engineer, Snyk
-
14:55
DevSecOps - Empower Developers with Sonatype Nexus Lifecycle
Cameron Townshend - Principal Architect - Sonatype
At Sonatype we have a long history of partnership with the world of open source software development. From our beginning as core contributors to Apache Maven, to supporting the world’s largest repository of open source components (Central), to distributing the world's most popular repository manager (Nexus), we exist for one simple reason; to help accelerate software innovation.
Sonatype will discuss how to empower developers by shifting left and giving them information about Security and Licensing into their Integrated Developer Environment. We will look at the Software Development Lifecycle and integrate security checks at different stages. By shifting left and empowering developers, DevSecOps will be easier, faster, safer, and cheaper!
-
15:20
NETWORKING BREAK
-
15:50
Building a New Platform Engineering Capability through DevSecOps
Pranit Dharmadhikar - Network Software Engineer - Telstra
- Integrate DevSecOps principles into platform engineering to enhance security across all stages of the development lifecycle.
- Discuss the importance of aligning workflows, enhancing automation, and fortifying security measures to create a cohesive platform for software delivery.
- Exploring how Security as Code (SaC) empowers proactive cyber security measures within the development pipeline
- Highlight the need to strike a balance between experimentation and pragmatism to ensure alignment with organisational goals and augment DevSecOps strategies.
-
16:15
Developer’s Hands-On Guide: Mastering DevSecOps Pipeline and Accelerating Continuous Delivery
Sriram Ramani - Engineering Manager Systems - Chapter Lead - Commonwealth Bank of Australia
- Shed light on the practical implementation of security within the DevSecOps pipeline from a software engineering perspective.
- Integrate security practices right from the start to expedite continuous delivery while identifying and addressing potential vulnerabilities early in the coding process.
- Explore the tools and technologies that can be leveraged to automate and enhance security during development and continuous integration.
- Discover effective training and upskilling strategies to keep pace with evolving threats.
-
16:40
Chair Closing Remarks & Close of AppSec & DevSecOps Sydney
Not Found
-
Main Conference Day One
-
07:15
VIP Breakfast – Invite only
-
08:20
Register; grab a coffee. Mix, mingle and say hello to peers old and new.
-
09:00
Welcome from Corinium and the Chairperson
Kevin Fleming - Chief Technology Officer - ExperstDirect
-
09:15
Keynote: Leveraging cybersecurity as a business growth enabler
Wouter Veugelen - Former CISO - Santos
-
09:40
Top Cloud Threats in 2023
Matt Preswick - APAC Solutions Engineer - Wiz
Cloud adoption is expanding rapidly, and with that expansion comes new complexities. The speed of growth and change in the cloud creates an ever-changing threat landscape. Wiz Research is at the forefront of the cloud's threat landscape and is behind the discovery of vulnerabilities like ChaosDB, ExtraReplica, AttachMe and OMIGOD. In this session, we will cover the major cloud threats recently seen by the Wiz Research team which includes supply chain risks, data exposure, API security threats, and attack patterns used by groups such as LAP$U$. This session summarizes key insights across customers, Wiz and third-party threat research, and numerous other sources
-
10:05
Ministerial Virtual Keynote: Australian Government & Industries partnering up to tackle the talent gap through skills and training
The Hon. Brendan O’Connor - Minister for Skills and Training - Australian Government
-
09:50
How Deep Learning is Unlocking a $362B Value Creation Opportunity in Financial Services
Sergio Rego - AI Customer Engineer - SambaNova Systems
In the highly competitive age of digital transformation financial service organizations are facing accelerated urgency to improve their customer and employee experience while simultaneously reducing operating costs, and managing risk and compliance.
To meet these competing demands on their business, these organizations are racing to deploy deep learning to achieve a new competitive edge by optimizing their back office operations with intelligent document processing, personalizing their customer experience with cutting edge NLP models, and reducing fraud and risk using state-of-the-art deep learning.
AI is here and delivering new capabilities to help businesses solve large and complicated challenges. Join Bob Gaines to learn what that means for your business and how deep learning is helping organizations:
• Achieve higher compliance, faster and with lower costs • Dramatically improve Customer Experience • Reduce time to value from years to weeks
Sergio Rego is a customer engineer at SambaNova Systems where he helps clients deploy purpose-built, deep learning solutions in weeks rather than years. Sergio started his career in financial services, where he worked in strategy; active and index management; and product design and management. Sergio also served as a senior data scientist and team manager for a system integrator where he helped federal government agencies deploy ML and AI solutions.
-
10:15
NETWORKING BREAK
-
10:50
Keynote: Proactive cybersecurity – stepping up your efforts
Keith Howard - CISO - CommBank
As the severity of scams and frauds increase and cybercrime becomes more sophisticate than ever, staying ahead of the game is critical. During this session, you’ll hear how cybersecurity is “front of mind” for one of Australia’s largest banks by investing in the right skills, creating robust defence and control systems, and employing effective detection and response plans.
-
11:15
Minimising User Exposure to Threats
Tim Bentley - Regional Director APAC - Abnormal Security
Three-quarters of Australian CISOs see human error as their organisation’s biggest cyber vulnerability. What if there was a way to stop rolling the human dice every day?
Learn how organisations can leverage advanced behavioural science and automation for informed and near instantaneous decision-making on what is good and what is bad email. As well as removing the increasing burden that is placed on employees as a last line of defence.
In this session we will discuss:- Account takeover techniques and measures that can be taken to help protect against them
- New insights and controls over protecting against supply chain attacks
- The accuracy of advanced behavioural data science in identifying anomalous behaviour
-
11:40
Inspirational Keynote: Don’t blame the victim
Bradley Busch - CISO - AUB Group
-
12:05
Ransomware, Risk & Recovery - Is Your Hybrid Active Directory Secure from Cyberattacks?
Jacquie Young - VP APAC - Semperis
With the threat of cyber warfare becoming ever more serious, every organisation needs a “this is not a drill” cyber-first recovery plan. If cyberattackers targeted your organisation, the most likely business-crippling scenario would be a direct attack on Active Directory (AD)—the system that authenticates users and grants access to business-critical applications and services. AD has become a prime target for cybercriminals—implicated in 90% of the incidents Mandiant researchers investigate—because it has systemic vulnerabilities and because it gives attackers the means to unleash devastating malware.
The NotPetya attack that crippled Maersk in 2017 was a harbinger of the chaos to come. In this session, we’ll examine the action plan every organisation needs to execute to protect against a business-disrupting cyber incident.
- How long does an incident response take usually and what normally brings down the AD?
- How common is it that the Active Directory is used in a data breach ransomware scenario?
- What does ADFR require to be able to recover AD?
-
12:30
Panel discussion: Harnessing cyber awareness to your company’s advantage
CISOs committed to creating risk awareness and building a cybersecurity driven culture are facing several challenges, from getting senior management buy-in, to implementing organisational change and engaging employees. During this session, you’ll explore:
- What are the biggest challenges when getting buy-in from top management?
- Successful ways of incorporating cybersecurity into the organisation’s risk management strategy
- How to encourage everybody to take ownership of cyber?
- Why leaders must be committed to continually improve their teams’ skills and knowledge in IT and cybersecurity – and how do to this?
Moderator:
Kevin Fleming, Chief Technology Officer, ExperstDirectPanellists:
Frances Bouzo, CISO, Ampol
Anna Aquilina, CISO, UTS
Jo Stewart-Rattray, Chief Security Officer, Silverchain
Grant Lockwood, CISO, Virtus Health
Varun Acharya, CISO, Healthscope
-
13:05
Lunch
-
Track A - PREVENTION, DETECTION & RESPONSE
-
14:15
Creating a robust security strategy
John Morcos - Cyber Security Program Manager -
- How to go about defining your Cyber Security Strategy?
- What metrics should you use to measure progress and success of the strategy?
- What frameworks should you consider when building the Cyber Security Strategy?
- What are example capabilities to consider?
- What does your roadmap look like?
- What budget will you be asking for per year based on the roadmap?
- How do you plan on operating these capabilities?
-
14:40
Why PAM is Essential for the Essential Eight
Scott Hesford - Director of Solutions Engineering, APJ - BeyondTrust
As more organisations look to align to the Essential Eight many are finding significant challenges around the aspects of removing Admin Privileges, Application Control and User Application Hardening. Yet as many organisations are finding, leveraging a modern Privilege Access Management solution can provide significant coverage across the requirements of the Essential Eight and more.
Join Scott Hesford, Director of Solutions Engineering, APJ, BeyondTrust, as he dives into some of the more challenging aspects of the Essential Eight and, bringing first-hand experience, shows you how you can solve many of the challenges you might be facing in adopting the Essential Eight.
By attending this session, you will learn:- How modern PAM helps organisations cover multiple aspects of the Essential Eight
- Where you can leverage the Essential Eight for your zero-trust journey
- Key questions to ask in consideration to Application Control and User Application Hardening
-
15:05
Cyber’s best friend: Have you brought them into the tent?
Jennifer Firbank - Strategy and Influence Principal - Telstra
There’s a cyber superpower out there, but have you discovered them yet? If you’ve discovered them, have you brought them into the tent? When it all goes pear shaped, they’ll be the second call you make (after your boss!) When all is going well, you’ll want to speak to them regularly to drive strong security outcomes. Let me introduce them to you and share the why and how. You’ll want one too!
-
15:30
End-to-End Customer Journeys Optimized for Security and Convenience
Ashley Diffey - Head of APAC & Japan - Ping Identity
Businesses have embraced digital to engage with their customers. As quickly as brands have delivered digital experiences, bad actors have been just as fast in figuring out how to use credential stuffing, account takeover, and other types of attacks to their advantage. Keeping pace in this rapidly evolving threat landscape requires businesses to look for innovative ways to build experiences that optimize both security and convenience. But, ensuring one doesn’t overshadow the other often requires multiple integrations and custom development that adds internal friction and slows down innovation. A customer identity strategy that expands beyond access management, but includes fraud detection and identity verification capabilities that can seamlessly be orchestrated together can eliminate integration challenges and drive innovation. Join this session to learn Ping Identity’s drag-and-drop approach to customer identity that streamlines bringing together all the tools a business needs to rapidly build, test and optimize end-to-end customer journeys.
-
15:55
How to adopt a security by design approach
Ashwani Ram - GM, Cybersecurity, IT Infrastructure and Operations - Chartered Accountants Australia and New Zealand
-
Track B - CLOUD SECURITY
-
14:15
What do you need to know about the Cloud before totally going for it?
Freddie Ghahremani - Data Strategy & Cloud Senior Development Manager - TAL Australia
- How the lack of understanding and false sense of security impacts your cloud journey
- How save your data really is when you move to the cloud?
- What factors you must consider to ensure you are getting a reliable, secure product
- Strategies to trust and rely on your providers with a full, clear picture of what you are getting as part of your contract
-
14:40
Adversarial Hygiene: Security that doesn’t Stink!
Anthony Rees - Senior Sales Engineer - Lacework
Securing the cloud is a never-ending task that becomes more challenging each year as clouds accrue new features and functionality. The same can be said for the ever increasing responsibilities and mandates expected of CISOs, including driving the probability of intrusions, data exfiltration, ransomware, etc., to effectively zero. With new technologies and tools come great opportunities for businesses; however, if they are not used appropriately and securely, they can do more damage than good. In this session we will address the elephant in the room: how can CISO’s do more with less, while ensuring the integrity of their resilience based security architecture, and prepare for enterprise obstacles and opportunities ahead.
-
15:05
SOC Automation – dos and don’ts
Nimesh Mohan - Group Threat and Vulnerability Lead - Coca-Cola Europacific Partners Australia
In a world where the pressure to deliver new and innovative ICT capability is only ever growing, and the threat actors are also increasingly sophisticated and pervasive, how can companies ensure they meet these challenges whilst still ensuring cyber resilience? During this interactive discussion, hear challenges and benefits of SOC Automation, explore experiences and lessons learned, and discuss different ways of improving and driving efficiency of your SOC.
-
15:30
Organisational Considerations for Impending GPDR like Regulations to Cyber, Data Governance and Data Privacy Teams
John Cunningham - Vice President and General Manager APAC - Securiti
With the growth of the digital services industry and AI technologies, data has arguably become one of the most valuable economic resources of the modernized economy. However, it is also becoming increasingly the most regulated and riskiest to handle.
The emergence of the GDPR in Europe, which is based on a set of comprehensive principles and obligations for data controllers, extra-territorial application, and strict enforcement mechanisms has been followed by countries and jurisdictions around the world passing similarly prescriptive data privacy and protection laws all with their own unique requirements.Today more than 200+ countries have passed data privacy and protection laws which keep getting more complex and demanding - countries like New Zealand, Indonesia, and India are now also morphing these regulations into Data Protection and Privacy requirements including for Sensitive Data. Australia is also embarking on its own uplifts to Privacy Laws.
The scope of responsibilities for data controllers under these global data privacy and protection laws are also growing - with many modern
Thus, organizations in APAC are encountering experiences in which they are seeing Data Sovereignty Laws as well as banking regulations around PII and MetaData that require audit and compliance at cloud scale.
We will explore the organizational impacts we are seeing across the region in meeting these challenges.- The key impacts and considerations for organizations who are impacted by the merger of PI and SI into multiple regulations
- Technology is being developed and adopted to help organizations to manage these regulations at scale and where possible autonomously
- An overlap of roles and responsibilities across Policy, Classification, and Protection is occurring and the adoption of cloud and multicloud is accelerating this
-
15:55
Sharpening your Cloud standards and compliance practices
Nancy Wong - IT Audit Manager - Lion
-
16:20
VIP Think Tank
-
16:20-17:20
Cocktail in the Cloud - API Security and Visibility in the Cloud
In a world where the information age is at its zenith, with hundreds of thousands of applications being launched every day, the use and demand for application programming Interfaces (APIs) has increased significantly. Powered by open web technologies, APIs have transformed interdependence and partnerships between various commercial enterprises and sectors, allowing them to extend their offerings through in-app connections. With increased API usage, however, comes with it complications -- a major one being security.
In this session, cyber security experts from Orca Security, Daniel Keidar and Scott van Kalken, will share how the company’s first patented agentless cloud security technology helps security teams identify and address API misconfigurations and security risks across a multi-cloud environment.
Gil Geron, Co-Founder, Orca SecurityDaniel Keidar, Associate Vice President, Orca Security
Scott van Kalken, Senior Systems Engineer, Orca Security
-
16:20
NETWORKING BREAK
-
16:50
Be the Thermostat not a Thermometer
Chirag Joshi - Best Selling Author - 7 rules to Influence Behaviour and win at Cyber Security Awareness, 7 Rules to Become Exceptional at Cyber Security
It's said that smooth seas never make skilled sailors. If you're a cyber security leader, the good news then is that you definitely don't have "smooth seas" to reckon with. The challenging times presented by increasing connectivity, speed of business transformation, evolution of cyber threats and ever rising expectations can and do overwhelm even the best amongst us.
This unique session will focus on providing cyber leaders with tangible, real-world tips to build the right mindset, emotional intelligence and differentiating skills that will allow them to deliver massive value to their organisations and optimise their own well-being. -
17:15
Keynote of Success: Like being challenged? Strategies to report risks to the board
Doug Hammond - CISO - Uniting
-
17:40
Fireside chat: Can CEOs and CISOs work better together & collaborate?
- How can CISOs speak the CEOs’ language?
- What does the board expect from CISOs when evaluating and reporting inherent and evolving risks?
- How can the board support CISOs in conducting a cybersecurity mission & strengthening their posture?
- Working together in mastering the company’s digital governance & risk management practices
- Exploring challenges and opportunities to adopt a secure-by-design approach in the business
Panellists:
Greg Sawyer, CEO, CAUDIT
Walter Kmet, CEO, Macquarie University Hospital
Vasyl Nair, CEO, Mine Super
Faizal Janif, Executive Advisory Board Member, AISA
-
18:05-19:00
Day One Close and CISOs Cocktail Reception & Networking - Continue the conversations in a fun and entertaining way
-
18:30
VIP Executive Dinner
Not Found
-
Main Conference Day Two
-
08:50
Welcome from Corinium and the Chairperson
Jo Stewart-Rattray - Chief Security Officer - Silverchain
-
09:00
Earning the 'O' in your CISO role
Gail Coury - CISO - F5
To be successful, today’s CISO needs to bring more than their security acumen to the table. The role has expanded exponentially to address executive and board concerns, endless business challenges and customer and product confidence. While positive outcomes are the goal, it is critical for CISOs to work with full transparency to protect the business and themselves. In this session Gail will share best practices from her experience negotiating the evolving role of the CISO in an expanding threat landscape.
-
09:25
Keynote: Battling the threat evolution – trends, advice and key considerations for Australian businesses
Stephanie Crowe - First Assistant Director General, Cyber Security Resilience - Australian Cyber Security Centre, Australian Signals Directorate
- How has the threat landscape evolved in Australia?
- How malicious cyber activities are impacting organisations across the country?
- What strategies can organisations adopt to create robust cyber security measures to prevent incidents and exploitations?
- Government, industry, academia and citizens working in collaboration to safeguard our country and communities
-
09:50
Keynote: Implementing successful ransomware protection strategies
Daniela Fernandez - Head of Information Security - PayPal Australia
-
10:15
NETWORKING BREAK
-
11:00
Keynote: Cyber strategy – Creating a secure innovation pathway
Faizal Janif - Executive Advisory Board Member - AISA
-
11:25
Cybercrime as a Service (CaaS): How Criminals are Bypassing MFA, SMS Toll Fraud, and More
Kevin Gosschalk - Founder and CEO - Arkose Labs
Join us to hear how to deter attackers, apply similar new techniques that the world’s biggest companies, like Adobe, Snap, PayPal, are using, and adapt your strategies to deliver measurable cost savings.
During the session, we’ll discuss:
- How criminals are conducting account takeovers and credential stuffing attacks that bypass MFA SMS toll fraud, and more to monetise CISOs’ own security defenses against themselves
- How attackers overcame MFA and how we worked with a top gaming merchant to prevent it
- A tour of the modern areas where adversaries share techniques and learn, the latest networks in play, and other threats, like SMS Toll Fraud and much more.
-
11:50
Keynote: Building a sound and effective cybersecurity program
Nivedita Newar - Head of Cyber Strategy & Governance - UNSW
-
12:15
Mental Health Roundtable
Sam Hewett - Account Director - Wiz
-
12:45
Lunch
-
TRACK A - INTERACTIVE CASE STUDIES
-
13:55
Adopting good cyber-hygiene across your supply chain
Mazino Onibere - Head of Cyber Security, Risk and Compliance - Regis Aged Care
-
14:20
Harnessing asset data to transform your cyber security program
Paul Thomas - Senior Solutions Architect, ANZ - Axonius
Cyber Security Programs are challenged by the sprawl of devices, device types, and the quantity of solutions continues to skyrocket and environments only grow more siloed and complex.
But there’s good news: Asset data can now be harnessed to transform your cyber security program. Today’s “asset intelligence” moves from a spreadsheet approach to an API-driven, rich and always up-to-date view into all assets via integrations of existing solutions, data correlation at scale, and querying capabilities to find and respond to gaps. Join this session to learn how asset intelligence improves security hygiene, allocate resources, accelerate incident responses and remediates gaps. -
14:45
Strengthening your Zero Trust Security Model
Michael Poezyn - Chief Security Officer - Derivco
This session is designed for cybersecurity leaders who are currently implementing Zero Trust architecture models. Join us to hear common challenges and explore ways to overcome them. Key discussion points:
- The evolution of Zero Trust
- What are the key challenges you are trying to overcome
- How to develop a roadmap and implementing specific initiatives to your projects
- Discover effective ways to build a zero-trust security framework
- Identify key components of a zero-trust model to protect the current environment
-
15:10
Applying real-life lessons and advancing your security maturity journey
Richard Williams - CIO - MoneyMe
During this session, we’ll explore various methods utilised in building a stronger, more secure company to prepare and protect against cybercrime. Richard will share his experiences of what has worked and hasn’t worked over the years and how getting certified really helped the organisation maturity journey.
-
TRACK B - EXECUTING STRATEGY
-
13:55
Cyber Awareness ‘Gamification’ for Executives
How will you overcome a cyber-attack on your organisation?
In our rapidly-evolving digital world, cyber skills are critical to ensure reasonable, appropriate and informed business decisions can be made at an executive level.
In less than an hour, you can learn how
We will lead participants through an interactive cyber-attack, which includes ‘live’ news reports and calls for quick responses and decision making. Our user friendly physical boardgame is the centrepiece of the Gamification experience, designed to help participants better understand the cyber security application. The game facilitates open discussion in a fast-paced, fun and memorable environment, an innovative way to introduce cyber security into an organisation’s security awareness training and to complement routine computer-based education.
In a collaborative project, the Cyber Security Cooperative Research Centre (CSCRC), CSIRO’s Data61, Government of Western Australia through the Office of Digital Government, with the support of Edith Cowan University, have created an interactive board game to raise awareness and encourage critical thinking about how to prepare and respond to a ransomware attack.
Facilitators:
Helge Janicke, Research Director, Cyber Security Cooperative Research Centre
Carl Celedin, Project Manager, Cyber Security Cooperative Research Centre
-
14:45
Data Security Predictions: Staying Cyber Resilient in 2023
Nathan Smith - Regional Director Security - Splunk
Join Splunk's Regional Director for Security, as he takes us through cyber predictions wins and losses of 2022 and looks forward into 2023 for Splunk's Data Security predictions. During this presentation you will hear more about ransomware, cyber-crime-as-a-service, Supply chain and Hiring cyber talent. All of this plus a little bit of fun with Open AI
-
15:10
Mastering the skills of effective communication with the board
Marco Figueroa - Senior Manager, Cyber Security Risk & Compliance - Australian Institute of Company Directors
-
15:35
NETWORKING BREAK
-
16:05
Overview of Cyber City - the Cyber Security Learning Experience
Duncan Burck - MD - MCB Business Partners (Cyber City Collaborator)
NSW has added cyber education to school curriculum, and secondary students will learn in ‘smart city sandbox’. The 10-week course was development between NSW Department of Education, Cyber Security NSW, and industry firms including MCB Business Partners and Core Electronics. During this session, you’ll get inspired on how the project came about, and what the profession can expect for 1000s of kids every year doing this course in NSW schools.
-
16:30
Wrap-up Panel: What’s Next?
Jo Stewart-Rattray - CSO - Silverchain
Join our interactive wrap-up discussion to share your key take-aways from CISO Sydney 2023 and hear how your peers will be address their key learnings moving forward.
-
16:55
Closing remarks from the Chair
-
17:00
Close of CISO Sydney 2023
Not Found
-
08:00
REGISTRATION & LIGHT BREAKFAST
-
09:50
How Deep Learning is Unlocking a $362B Value Creation Opportunity in Financial Services
Sergio Rego - AI Customer Engineer - SambaNova Systems
In the highly competitive age of digital transformation financial service organizations are facing accelerated urgency to improve their customer and employee experience while simultaneously reducing operating costs, and managing risk and compliance.
To meet these competing demands on their business, these organizations are racing to deploy deep learning to achieve a new competitive edge by optimizing their back office operations with intelligent document processing, personalizing their customer experience with cutting edge NLP models, and reducing fraud and risk using state-of-the-art deep learning.
AI is here and delivering new capabilities to help businesses solve large and complicated challenges. Join Bob Gaines to learn what that means for your business and how deep learning is helping organizations:
• Achieve higher compliance, faster and with lower costs • Dramatically improve Customer Experience • Reduce time to value from years to weeks
Sergio Rego is a customer engineer at SambaNova Systems where he helps clients deploy purpose-built, deep learning solutions in weeks rather than years. Sergio started his career in financial services, where he worked in strategy; active and index management; and product design and management. Sergio also served as a senior data scientist and team manager for a system integrator where he helped federal government agencies deploy ML and AI solutions.
-
08:00
REGISTRATION & LIGHT BREAKFAST
-
09:50
How Deep Learning is Unlocking a $362B Value Creation Opportunity in Financial Services
Sergio Rego - AI Customer Engineer - SambaNova Systems
In the highly competitive age of digital transformation financial service organizations are facing accelerated urgency to improve their customer and employee experience while simultaneously reducing operating costs, and managing risk and compliance.
To meet these competing demands on their business, these organizations are racing to deploy deep learning to achieve a new competitive edge by optimizing their back office operations with intelligent document processing, personalizing their customer experience with cutting edge NLP models, and reducing fraud and risk using state-of-the-art deep learning.
AI is here and delivering new capabilities to help businesses solve large and complicated challenges. Join Bob Gaines to learn what that means for your business and how deep learning is helping organizations:
• Achieve higher compliance, faster and with lower costs • Dramatically improve Customer Experience • Reduce time to value from years to weeks
Sergio Rego is a customer engineer at SambaNova Systems where he helps clients deploy purpose-built, deep learning solutions in weeks rather than years. Sergio started his career in financial services, where he worked in strategy; active and index management; and product design and management. Sergio also served as a senior data scientist and team manager for a system integrator where he helped federal government agencies deploy ML and AI solutions.
Not Found