Agenda
Wednesday, 11 October 2023
“Disruption, Cyber Leadership and the Trust Trinity”
Please note that 1:1 meetings will be running throughout the day.
Registration & Check-In
Secure your seat in the keynote room.
Welcome to the 7th Security Edge: Disruption, Cyber Leadership and the Trust Trinity
Jim Berry - CEO & Founder at ADAPTWhile modern business requires agility, scale and flexibility to achieve ambitious performance, product and growth outcomes – achieving them is a very different matter – and nearly impossible without resilience and trust. The demands mount on our Cyber leaders to protect customer data, keep people safe, support business growth and report compliance with increasing regulations.
Our theme, debated by over 25 experts and 120 local security leaders, will help empower CISOs and Heads of IT enable the trusted organisation – improving crisis preparation, risk culture and operational resilience.
Security Edge will bring another powerful day’s agenda, codifying research and lessons learned to give our local security leaders memorable and practical ways to improve security posture.
ADAPT Research: The Collective Intelligence - Insights from CIO, CFO, CDO & Security Executive Surveys
Matt Boon - Senior Research Director at ADAPTADAPT’s research and advisory team reveal the latest local fact-based insights, based upon over 1,000 detailed surveys of our region’s executive leaders. Showing the core findings distilled from your aggregated pre-event surveys and those of your executive CFO, Digital and CIO peers on their drivers, aims and opinions on security strategy.
Also comparing the investment priorities, resource allocation and unique challenges of the Australian CISO for you to benchmark and validate your thinking.
Get an Edge: Making the Most of Your Day
Rachel Rock - Director of Executive Programs Engagement & Delegate AcquisitionDisruption and Building the Capacity to be Cyber Resilient
Byron Connolly - Head of Programs & Value Engagement at ADAPT Robert Potter - CEO at Internet 2.0 & Australia’s representative at the White House’s International Counter Ransomware InitiativeThere are 37 members of the US-led Counter Ransomware Initiative to support effective detection, disruption and prosecution of cyber criminals who use ransomware for financial and other gain. Australia leads the CRI working group into ‘Disruption’, and Robert Potter leads the group.
Selected due to their “unique visibility, capability, and insights” and having provided services to all US agencies, Australian cybersecurity firm Internet 2.0 was also one of only 10 companies hand-picked for last November’s US government summit to tackle the growing threat of ransomware globally.
Since then, Robert has been busy on the ground in Kyiv, working with the Ministry of Digital Transformation to train Ukrainian forces and build their capacity and resilience in cyber warfare.
He attends Security Edge in-person to share lessons learned from the front line:
- Critical infrastructure networks are more resilient than we thought
- New geopolitical targeting by ransomware gangs
- We can all disrupt the hackers, since we outnumber the attackers
Robert is an experienced cyber security professional who led SME for North Korean Cyber Security for the United States Department of State (CTR Program), held roles as Head of Cyber Operations at BAE Systems, GM of WithYouWithMe Cyber, advisor to the Australian Shadow Cabinet for Cyber Security and CEO of Internet 2.0.
Making Zero Trust Happen with U.S. Department of Defense and Project Fort Zero
Herb Kelsey - Industry CTO – Government, Project Fort Zero Team Lead at Dell TechnologiesA rapid digital ecosystem brought forth a host of complex security concerns, particularly with data scattered across multi-cloud environments. While a robust security architecture is vital for business continuity, the focus must expand to prioritise resiliency.
Organisations are embracing Zero Trust to modernise and stay resilient. Yet determining where to start, prioritising capabilities, progressing towards maturity, and integrating it across multiple vendors products is complicated.
The recently announced Dell Technologies Project Fort Zero, built on a globally recognised reference architecture from the US Department of Defense, is designed to expedite frictionless Zero Trust adoption.
Discover how Project Fort Zero can empower Australian CISOs with seamless adoption, and deliver an end-to-end, validated solution while offering the highest level of protection.
Morning Break
Refreshments, Snacks & Connections
Panel: How Will We Become the World’s Most Cyber Secure Country by 2030?
Peter Hind - Principal Research Analyst at ADAPT Jason Murrell - Renowned Cyber Security Advocate and Consultant Anafrid Bennet - Head of Tech, Security and Property at Greater Western Water, also 'Next CIO' category winner in CIO50 & 4th in CSO#30Australia’s goal is to become “the world’s most cyber-secure country by 2030”. This means strategies and capabilities to harden our nation, so Australia becomes an unwelcome operating environment for cyber criminals. What are they? How do we help reach this goal. starting with our organisational front line?
Debating:
- The latest Legislation landscape and impact planning
- Effective Cyber Security Metrics, Maturity Measurement and Reporting.
- Cyber Crisis Preparation and visibility across the organisation
- Operational Resilience: How to be fit-for-purpose to Recover from the inevitable Ransomware and Incident Response?
- Storytelling – how to build a narrative of change and lead with a common language?
- DevSecOps: embedding a security mindset while enabling developer and product efficiency
Security @ Telstra: Global Threats and Local Response
Andy Bourke - Cyber Product & Technology Owner at Telstra Chris Mohan - Threat Research and Intelligence Principal at TelstraAt this point in the event agenda, you might be familiar with topics such as intelligence, resilience, zero trust, and other related concepts.
Hear from Telstra Threat Research and Intelligence Principal, Chris Mohan, and Cyber Product & Technology Owner, Andy Bourke as they share their insights on the global threat intelligence landscape, Telstra’s approach to deal with these threats and some practical guidance on how to scale these principles for your organisation.
Strengthening Financial & Operational Resilience with Effective Risk Management
Peter Hind - Principal Research Analyst at ADAPT Tamara Scicluna - Executive Director and Co founder at Rhizome Advisory GroupThese are challenging times for many businesses. They need to rapidly transform to maintain their relevance in today’s digital world. Yet, any change always comes with risk and these risks have been exacerbated in the current business climate by significant cybersecurity attacks, persistent inflation, slow growth, and market volatility. To succeed organisations, need a strong risk culture that embeds the behavioural norms and practices that support an organisation’s financial and operational resilience.
To strengthen operational resilience further the Australian Prudential Regulation Authority (APRA) is proposing a new Prudential Standard CPS 230 which sets out minimum standards for managing operational risk, including updated requirements for business continuity and service provider management.
In this conversation, Tamara Scicluna will share her thoughts on how organisations can leverage prudential obligations to enhance their risk culture and strengthen their resilience against an evolving risk landscape.
ADAPT Executive Insight Roundtables - share with confidence under the Chatham House Rule
Attend your preselected roundtable to participate in a peer discussion moderated by ADAPT analysts with subject matter experts.
Cracking the Code: How to Build Robust Cyber Compliance in a Resource-Strapped Climate
James Lewis - Solutions Engineer at DiligentIn an era of increasing cyber threats, demands on IT teams are reaching new heights while CISOs are also left juggling tightening corporate budgets and a shortage of job-ready IT professionals. But with a shortage of 2.16 million cybersecurity professionals in the APAC region alone, how can IT teams realistically stay on top of growing obligations while protecting their organisation from a material breach?
To combat these growing constraints, organisations are turning to automation and analytics to enhance their IT compliance programs and build more robust cyber resilience.
In this roundtable, we explore how automation and analytics can help bridge the gaps in your IT compliance program, while augmenting your team’s capabilities.
Leading the Security Conversation in ‘24
Naran McClung - Head of Azure at Macquarie Cloud Services Jonathan Staff - Head of Sales at Macquarie Cloud ServicesStrategies and practical takeaways for navigating budgets, proving value and building a compelling narrative to influence both board and exec stakeholders.
Many organisations claim to be serious about security – until it comes to approving budgets. As CIOs & CISOs face increased scrutiny of projects and new commercial models, building a strong business case for security has been a reoccurring theme for many of our customers – and in the last 12 months we’ve been privy to successful strategies and tactics.
Join us as we share what we’ve learnt and facilitate a discussion that includes:
- Defining who owns the risk in your business
- Re-framing ROI when traditional metrics and commercial models no longer apply
- Best practice for operational and executive reporting
- The art of “story telling” and unleashing your inner sales person
Making Zero Trust Happen with U.S. Department of Defense and Project Fort Zero
Herb Kelsey - Industry CTO – Government, Project Fort Zero Team Lead at Dell TechnologiesFurther to the keynote session – join your peers to debate the recently announced Project Fort Zero, built on a globally recognised reference architecture from the US Department of Defense, and designed to expedite frictionless Zero Trust adoption. Is this possible? What are the challenges and lessons learned by other CISOs and your peers?
A rapid digital ecosystem brought forth a host of complex security concerns, particularly with data scattered across multi-cloud environments. While a robust security architecture is vital for business continuity, the focus must expand to prioritise resiliency. Zero Trust is touted to help you modernise and stay resilient – yet determining where to start, prioritising capabilities, progressing towards maturity, and integrating it across multiple vendors products is complicated.
What is best practice to empower Australian CISOs with seamless adoption, and deliver an end-to-end, validated solution while offering the highest level of protection.
IT’s Next Frontier: Managing ‘Security Everywhere’ with Zero Trust and SASE
Fernando Serto - Field CTO, APJC at CloudflareJoin Cloudflare’s Field CTO, Fernando Serto, ADAPT’s Matt Boon and industry peers in an engaging roundtable discussion. This event will provide a deep dive into the hurdles and triumphs associated with implementing Secure Access Service Edge (SASE) and Zero Trust models.
Our conversation will be centered around how Cloudflare’s ‘Security Everywhere’ philosophy is simplifying these challenges and creating a more secure digital environment for businesses.
Key discussion points:
- Unpacking Zero Trust: Grasp the essence of Zero Trust architecture and learn how to leave no threat unnoticed.
- SASE Simplified: Delve into the benefits, challenges, and practicalities of SASE implementation in today’s economic context.
- Syncing IT and Business Goals: Learn how to align your IT strategies with your business objectives effectively.
- Remote Work Security: Explore strategies for ensuring the security and flexibility of SASE solutions in a remote work environment.
Partake in this interactive session to redefine your approach to IT security using Cloudflare’s robust and adaptable platform.
Peer Networking Seated Lunch
Lunch Roundtable | Cybersecurity is Everyone's Responsibility: How to Communicate this Message Effectively Across the Organisation
Joe Gillett - Director at KnowBe4Depending on the report you read, 82% to 95% of cyber incidents are directly related to human error. The evolution of Security Awareness Training is now moving towards Engagement and Security Culture, also referred to as human risk management and human layer protection. Historically the IT Department has been responsible for cybersecurity.
The attack vector has increased exponentially over the last ten years with technological developments, increased internet speed, accessibility, the growth of mobile devices and, more recently, the move to remote working have meant that cybersecurity is literally on the move as we take our devices everywhere. As a result, the responsibility when it comes to cybersecurity has spread from IT to literally everyone in an organisation.
This comes with challenges and frustrations with employee engagement and security awareness training programs. Are people not completing the training? Not reporting phishing emails? Still not understanding that cybersecurity is everyone’s responsibility.
During this round table discussion, come and share your challenges, learn from others and understand the levers that can be pulled or the steps that can be taken to combat them.
ADAPT Executive Insight Roundtables - share with confidence under the Chatham House Rule
Attend your preselected roundtable to participate in a peer discussion moderated by ADAPT analysts with subject matter experts.
The Final Missing Piece of any Organisation’s Cyber Security Strategy. How Confident are you in Your Ability to Rapidly Recover from a Cyber Incident?
Vigyan Jain - Data Management and Data Security Solutions Architect, APJ at RubrikHow Confident Are You in Your Ability to Rapidly Recover From a Cyber Incident? Join Rubrik for a discussion on why recovery is critically important and often not discussed.
Topics under discussion will include:
- What measures do you put in place to minimise the impact of any cyber incident?
- Does your organisation truly have an assume breach mindset?
- In our roles what are we really mitigating against?
- What potential could be realised when all organisations operated with cyber confidence?
- When was the last time you tested your cyber recovery capability?
Navigating Data Governance & Security Challenges in the Cloud Era
Eugene Choi - Principal Architect, Security, Field CTO Office at SnowflakeIn this roundtable discussion, we’ll delve into the pressing issues of Data Governance and safeguarding sensitive data (PII) within the Data Cloud. Join your peers to explore practical strategies for integrating modern security controls to bolster data protection while maintaining seamless operations.
Key topics include:
- How organisations can design scalable Data Governance in cloud-based environments by using modern techniques to help meet compliance regulations.
- What are the most effective methods for safeguarding sensitive data, particularly personally identifiable information (PII), within the Data Cloud?
- How do Data Mesh and Clean Rooms redefine secure data sharing, and what considerations should organizations take into account when adopting these strategies?
How & Where can Outsourcing Compliment the Internal Cybersecurity Team
Guy Brown - Security Strategist at FastlyAs organisations extend their digital transformations, the scope and workload of most cybersecurity teams seems to be relentlessly expanding. Moreover, the succession of prominent cyber incidents that have been experienced by a number of major organisations in Australia in the past year has made many local business leaders & Boards increasingly jittery about cybersecurity matters.
With so much to do & ADAPT’s research continuing to reveal that attracting & retaining talent is a major business problem for local CISOs how and where can organisations complement their security teams by outsourcing components of their workloads to specialist security service providers?
Recent research undertaken by Fastly has revealed that the astute use of outsourcing can help boost the productivity of cybersecurity teams. How can we ensure that the managed services security provider (MSSP) can help achieve the objectives of the organisation’s security team? Where should the responsibilities be assigned?
Controlling Your Cryptographic Assets to Build a More Secure and Trusted Enterprise
Daniel Sutherland - RVP, ANZ from DigiCert Lindsay Hansen - Director of Sales Engineering, APJ Region at DigicertQuantum computers are coming soon and this massive increase in processing power will introduce big changes in the way organisations manage digital trust.
Forward-thinking enterprises are already centralising visibility and control over their cryptographic assets to address forthcoming changes in security standards so they can meet the needs of this new era of computing. They are working ahead to ensure that their corporate assets and brands will be protected.
Join this roundtable to discuss how to better control your cryptographic assets to build a more secure and trusted enterprise.
Key discussion points will include:
- What your organisation is doing to prepare cryptography processes for the quantum computing era.
- Best practices around controlling and securing cryptographic assets.
- Navigating major security upgrades that will be required as quantum computers come online.
- The tools that will be required for a smooth transition.
Afternoon Break
Cyber Leadership
Prof. Lesley Seebeck - Chair of National Institute of Strategic Resilience. CEO Cyber 21, Award winning CIO of BoM, and former CEO of the Cyber Institute‘Cyber’ conjures up disaster, fear and, too often, blame. That’s hardly the best basis for building a relationship, but doing so is essential for successful CISOs and CIOs. Professor Seebeck explores dealing with the ‘dark side’ of digital and data when dealing with boards, clients and stakeholders, and how key decisions can be framed to help organisations be more cyber resilient
Lesley Seebeck is an independent consultant and an honorary professor at the Australian National University. Chair of National Institute of Strategic Resilience. CEO Cyber 21. GAICD 2021; Federal Government CIO of the Year 2017; WICked Woman of the Year 2018, AWSN Award Finalist 2020. Leader, team builder and systems thinker in a range of domains including strategy, policy, technology and organisations.
The Trust Trinity: Structure in a Post-Globalised World?
The Hon Victor Dominello - Director UNSW/UTS Trustworthy Digital Society Hub, Tech Council of Australia Board Member and Former Minister for Customer Service and Digital Govt and Founder of ServiceGenThe lack of digital trust in cyberspace accelerated the end of globalisation. Add the impacts of the pandemic, supply chain chaos, nationalism, and inflation. We’ve transformed to a world of tightly formed blocs of shared values and interests, with several challenges ahead. On top of that, with advances in AI: how will we soon know if something is real or not?
Unfortunately, trust architecture was not part of the internet’s design. We cannot repeat this mistake as we design and build for Australia’s next era. Trust will now attract a valuable premium.
As one of Australia’s digital visionaries, Victor will explore how Trust can underpin our post-globalisation era – and how our Cyber leaders should consider and lead Trust in their organisation.
Debating the Trust Trinity:
- The Who? (digital identity and individual data control)
- The What? (digital credentials and qualification)
- The Why? (performance, service delivery, privacy, ethics, transparency, security)
In democracies, we must focus on empowering the individual and our businesses with the trust trinity. There is no other way forward. A trustless world is a world of ever diminishing tribes.
How Can You and Your Teams Deliver Across Multiple Departments with Misaligned Priorities?
Dom Price - Work Futurist at AtlassianForget the future of work. We need systems to operate in a modern workforce with distributed teams, functional expertise, and to serve customers with increasingly higher expectations. And yet again, we need to more with less.
We conclude Security Edge with a left field session. Not about Security, as such – rather all about teamwork, and how to work across so many departments, with misaligned priorities? ADAPT research shows that the #1 barrier to success for all technology leaders is misaligned priorities across the departments they serve.
Dom will share tips on building thriving security teams, and then engaging across the organisation in a network of teams. Improve your stakeholder management, diplomacy and communications and team leadership with the latest proven techniques. It’s time to thrive.
Dom is one of Australia’s most experienced, useful and highest impact speakers. He is regularly rated by ADAPT Edge attendees as a highlight of their day. Direct, honest, and practical advice – based on Atlassian’s learned experience, and everything Dom picks up on his worldwide trail.
Closing Comments
Security Edge Peer Networking Drinks
An opportunity to stay, mingle and meet other attendees over drinks and food and discuss the day.