Australian Cyber Security Showcase

• Building a skilled workforce capable of addressing complex cyber threats
• Fostering collaboration to ensure effective information sharing and joint initiatives
• Co-operation with allied nations to enhance the ability to counter evolving cyber threats

Achieving complete visibility of the entire digital attack surface is on top of a priority list for many organisations with on-prem and private cloud environment. This session will cover key research findings from Zero Day Initiative and discuss a risk based approach implemented around the globe to broaden the visibility into blind spots from a complex infrastructure and legacy systems – enabling you to break down silos, effectively optimise security operations, and quantify associated risks across the organisation. We will also unpack a recent law enforcement collaboration to take down a major Phishing-as-a-Service (PhaaS) provider, through the power of Trend Micro’s threat intelligence and AI initiatives.

• Clearly defining criteria to classify data into various levels
• Implementing robust protocols to safeguard sensitive data
• Auditing and monitoring data access and usage
• Educating the workforce on the importance of data protection

Tanya Milczarek, Director of Cyber Engagement, Department of Agriculture Fisheries and Forestry
Ashley Williamson, ITSA, Department of Infrastructure, Transport, Regional Development, Communications and the Art
Rocky Heckman, CTO Technology and Strategy Group, eSafety Commissioner

• AI-driven attacks and automation amplify scale and sophistication of phishing campaigns.
• Join us to get a sneak preview of what defines phishing resistant technology.
• Combine Biometric Authentication with FIDO2 Security keys for the most secure & simple authentication available.
• Aligns to the ASD directive for “Phishing resistant MFA”

• Agile and flexible policy development to adapt to changes
• Ensuring all teams have a comprehensive understanding of
  changing regulations to implement effective cybersecurity
  measures

• If you are reachable you are breachable – why move from VPNs and firewalls to Zero Trust
• The Zero Trust Exchange deep-dive – protect users, workloads and IoT/OT
• AI advancements – use data to understand your risks and improve user experience

• Understanding assets and assessing their criticality
  How to analyse potential impact scenarios to develop a resilient strategy
• The key steps to developing robust response and recovery plans
• Testing and evaluation – identifying vulnerabilities and assessing the organisation’s ability to maintain essential functions

Joe Smith, Assistant Secretary, Cyber Security Response Coordination Unit, Department of Home Affairs

Geopolitical risks are raising the spectre of cyber attacks, with sensitive government documents and content a high-value target. As more agencies advance Zero Trust ambitions, securing the expanding volume of information in transit, at rest, or in use cannot be ignored.

This keynote session will explore the information security capabilities agencies must consider to ensure confidentiality, accessibility, and availability of documents and content across their lifecycle.

With those foundations in place, the useability and quality of information, and the often mission-critical decisions it informs, can only be enhanced. The session will reveal how document and content security controls can help agencies achieve:

• Confidential and protected access and usage
• Document and content integrity and trust
• Information availability and scalability
• Improved speed of decision-making and collaboration

• Criticality of services and investment
• Evolving in a complex cyber security landscape
• Challenges and opportunities

• How to leverage threat intelligence and people risk scores to focus your security team and drive behavioural change.
• How to utilise unique insights into your Very Attacked People (VAPs) and the threats targeting your organisation.
• Driving your Security Awareness program with current real-world phishing simulations.
• Prioritise your responses through correlated data and supporting forensics.

• Differentiate between Cognitive and Generative AI and why a human-like approach to AI is essential for bolstering data breach readiness
• Addressing Bias and Ethical AI Practices to ensure fair and reliable outcomes during incident identification and response
• AI’s Role in Safeguarding Sensitive Information: providing preemptive defenses and agile responses when breaches occur

Roundtable 1: Navigating Cyber Resilience Journey in Government
Mike Milner, VP of Cloud Technology, Trend Micro & Martyn Beal, Federal Government Strategic Lead, Trend Micro

Roundtable 2: From Defense to Enablement: Cybersecurity the Business Enabler
Andrew Stevens, Director – National Public Sector, Fortinet

Roundtable 3: Darkgate, Improved? The Evolving Threat of Malware Loaders and How to Outsmart Your Adversaries with Threat Intelligence Beyond IOCs
John Fokker, Global Head of Threat Intelligence, Trellix

Roundtable 4: How is Industry Responding to Government Leadership and Guidance on Cyber Security?
Kurt Hansen, CEO, Tesserent
Tony Sheehan, Strategic Advisor and Former Non-Executive Director, Tesserent, former ASIO Deputy Director General / former Deputy Secretary, DFAT

Roundtable 5: National Cyber Resilience and the role and impact of AI
Christopher Hockings, APAC CTO, IBM Security
Richa Arora, Cybersecurity and Digital Identity Lead, Partner, Public Sector, IBM Consulting

Roundtable 6: Securing mission-critical information across the content lifecycle
John Mackenney, Director, Digital Strategist APAC, Adobe

Roundtable 7: Cyber Crisis Management: Gain Actionable Insights for Developing and Executing an Effective IR Strategy
Wayne Phillips, Field CTO APJ, SentinelOne
Jamie Norton, Partner | CISO | Board Member, McGrath Nichol

Roundtable 8: Centralised Visibility for Streamlined Security: Understanding Vulnerability Prioritisation and Remediation
Goran Lepan, Pre Sales and Customer Success Manager, InfoTrust & Dean Plant, Senior Sales Engineer, Armis

• Why these partnerships can enhance the collective understanding of cyber threats and lead to more effective preventative measures
• How joint cybersecurity development projects and awareness campaigns can aid in addressing specific challenges
• Skill and resource sharing – how partnerships can help relieve the burden of staff and resource shortages

As governments worldwide grapple with the complexities of the cyber threat landscape, the indisputable cybersecurity challenge remains clear: “What you can’t see, can and will hurt you.” Moreover, in an era where cyber adversaries continually evolve their tactics, effective defense strategies hinge on device visibility. Cyber threats lurk in the depths of the digital world, constantly evolving and poised to strike unsuspecting victims. They often exploit unseen connected devices, which, experience has shown, can represent up to 50% of all devices on a network. Forescout’s research underscores the critical importance of comprehensive device visibility in mitigating cyber risks, empowering governments to proactively identify and neutralize threats lurking within their networks.

Casting light into the network’s darkest recesses is a vital strategy for any government agency intent on thwarting cybercriminal. The goal of this session is to shine a light on assets, their vulnerabilities, and the potential risks they may pose to your environments and networks. We will explore the significance of effective threat detection and response solutions and how they shield your organization from the invisible dangers lurking in the digital shadows.

• The difficulty in protecting interconnected vital services
• The challenges of upgrading systems whilst continuing operations of essential services
• Supply chain threats and weaknesses in third party suppliers

Sophie Pearce, Assistant Secretary, Department of Home Affairs
Danielle Pentony, Chief Information Security Officer, Australian Digital Health Agency