In a conversation with Peter Hind, Principal Research Analyst at ADAPT, Anna Aquilina, CISO at the University of Technology Sydney, dives into the complexities of steering cyber security in the academic world.  

She combines strategic leadership with a profound grasp of the unique challenges faced in an educational setting. 

Anna joins 120 leading CISOs & CSOs at Security Edge, discussing the Implications of AI & Ensuring Top-Down Cyber Leadership. 

 

Strategic leadership and cyber security 

Anna stresses the need to weave cyber security strategies into UTS’s broader risk management and operational frameworks.  

Her role extends beyond overseeing the cyber security program, embedding its principles within the university’s culture and operations, which is crucial for rallying senior executives and various departments towards enhanced cyber security. 

 

Engagement and education hurdles 

Despite a supportive backdrop at UTS, Anna notes the challenge of allocating time from senior staff’s busy schedules for extensive cyber security training.  

Tailored education programs are essential for alleviating fears and cultivating a culture of cyber security acceptance across the university’s vibrant and diverse community. 

 

Implementing cyber security and influencing behaviour 

Anna discusses the rollout of measures like multi-factor authentication, which has seen positive reception, reflecting a societal shift towards better security practices.  

She addresses the task of modifying daily behaviours across UTS’s vast network of faculties and partnerships, aiming to integrate cyber security smoothly into daily routines. 

 

Data governance in an open research environment 

The open nature of academic research renders traditional cyber security boundaries less effective.  

Anna speaks about the challenges of managing data security while preserving the essential openness for academic collaboration and freedom, balancing data protection with collaborative transparency. 

 

Cultural shift and success metrics 

While hard metrics for tracking cyber security awareness and behavioural change are difficult to pinpoint, Anna observes a positive shift in UTS’s culture.  

More discussions about cyber security and proactive engagement with the security team suggest growing awareness and commitment to data protection. 

 

Dealing with sophisticated threats 

Recognising the advanced nature of cyber threats, Anna advocates for a strategy that balances prevention, early detection, and robust response planning.  

She highlights the need for leadership support to enable CISOs like her to guide institutions through the complex cyber security landscape and ensure a secure setting for academic activities. 

Anna joins 120 leading CISOs & CSOs at Security Edge, discussing the Implications of AI & Ensuring Top-Down Cyber Leadership. 

 

Key Takeaways: 

  • Organisational alignment: Integrate cyber security strategies with institutional goals, aligning with broader risk management frameworks.  
  • Customised education: Develop tailored cyber security training to meet diverse organisational needs and enhance awareness.
  • Seamless cyber security: Embed security practices into daily operations for widespread adoption and minimal business interruption.
  • Data protection balance: Manage security while enabling collaboration and open information sharing, respecting privacy and compliance.
  • Threat preparedness: To navigate the evolving cyber security landscape, embrace proactive measures in prevention, detection, and response.
  • Leadership engagement: Secure executive support for cyber security initiatives, fostering a security awareness and resilience culture. 
Contributors
Peter Hind Principal Research Analyst at ADAPT
One of the ICT industry’s foremost analysts and commentators, Peter Hind has spent over 25 years advising and talking on topics across... More

One of the ICT industry’s foremost analysts and commentators, Peter Hind has spent over 25 years advising and talking on topics across the technology industry. His primary areas of interest are the potential of technology to transform the way organisations operate, the change management obstacles executives encounter in realising this potential, as well as the tactics and techniques leaders have deployed to overcome these difficulties.​

With roles across IDC, Unisys, NCR, Sigma Data, and others, Peter now takes on multiple roles within ADAPT including the moderation of private events and roundtables, interviewing business executives about the strategies they are pursuing and assisting with the structuring of delegate surveys.​

Less
Anna Aquilina CISO at University of Technology Sydney
Anna has been working for over 25 years in a variety of roles, primarily with government and in national security/cyber security related... More

Anna has been working for over 25 years in a variety of roles, primarily with government and in national security/cyber security related areas. Her introduction to cybersecurity was in 2011 when she was in the Cyber Command in the Serious Organised Crime Agency (UK) as the UK started to take the cyber threat much more seriously. Those years were spent helping understand the cyber threat landscape more fully, engaging in disruption planning and activities and building up capability and capacity across the agencies.

She has spent a considerable amount of time in intelligence agencies, law enforcement and other various bits of government in the UK and Australia, and is really enjoying the Higher Education sector which she joined February 2021 when she joined UTS as CISO.

Less
Leadership Culture Data