Deloitte’s Cyber Team at the AISA Cyber Conference in Melbourne

Deloitte was recently a Diamond Sponsor of the AISA Cyber Conference held in Melbourne from 11-13 October at the Melbourne Convention and Exhibition Centre (MCEC). Over 4,000 attendees walked through the doors of the MCEC over the three days the event was held.

Here’s a recap of our talented Deloitte Cyber team members who had the opportunity to be involved in the program.

Deepa Nagarajan, Cloud Security & Risk Manager in Deloitte’s Sydney team presented a session about the top 6 cloud security challenges faced by businesses, such as: insecure interfaces and APIs, cloud compliance and governance, and a lack of cloud security architecture and strategy. The session focused on how cloud security requires a more mature framework than on-premises security.

Hany Elkady, Director in Deloitte’s Melbourne team specialising in Digital Trust, spoke about the Zero-Trust AD model for SOCI. Hany’s session covered the next-generation Zero Trust Active Directory (ZTAD) approach to directory services and how organisations can embed the concepts of Zero Trust Security without being tied to a complex and legacy security model. 

We had Deloitte Canberra Cyber Partner, Rob Parker talk about the importance of the CTIS public-private partnership. Rob spoke to the importance of the CTIS (Cyber Threat Intelligence Sharing) program in uplifting Australia’s national resilience, and the fact that the platform is already providing valuable intelligence. Rob also touched on the SOCI Act and TDIF (Trusted Digital Identity Framework), two other public private partnerships and their value in uplifting, strengthening, and ensuring the safe functioning of the Australian economy and cyber landscape.

A Director in Deloitte’s Canberra Cyber team, Dr Erin Jolley’s session touched on the technical background and the ‘how to’ of ASCS’s (Australian Cyber Security Centre) CTIS program. She spoke to the ACSC’s 5 C’s: confidence, context, content, communication, and clarity and how this directly correlates with how threat intelligence is defined as valuable. Erin noted that valuable CTI (cyber threat intelligence) must be unique, relevant, timely and actionable and the aim of CTIS is to provide the network partners with valuable CTI.

Deloitte’s Dr Georg Thomas, Senior Manager – Data Protection & Privacy was joined by Tim de Sousa, Senior Director at FTI Consulting to discuss information governance, risk, and incident management best practices. Both SMEs were agreed on the ever-expanding scope and importance of privacy, plus the increased impact a breach in privacy can cause in a time when we are all heavily dependent on data. Key points noted were the need for data asset identification and management, plus the need for all organisations to rise to the challenges inherent in retaining only required data and for the appropriate period of time.

The Women in Cyber panel led by Deloitte Partner, Adrienne Maxted, brought together four different experiences, all with a combined drive to improve opportunities for women in cyber. Daisy Wong, Security Culture and Awareness Lead at Flybuys, shared her experience of being both female and disabled, echoing the sentiment shared by keynote speaker, Dylan Alcott, around the expectation of being seen as less mentally capable because of being in a wheelchair. Tracey Edwards, Head of Technology and Cyber at Australia Post, reflected on her nearly 30 years’ experience and the progress made during that time regarding diversity at a senior level and more women being invited to the conversation. Darren Kane, Chief Security Officer at NBN Australia, stressed the importance of men as champions of diversity, noting there were roles out there for everyone regardless of technical ability and encompassing all personality types.  

Deloitte also hosted a Hacking Challenge, using Hackazon – Deloitte’s online learning platform for performing hands-on exercises related to various cyber security topics. Participants worked in a “capture the flag” (CTF) style gaming platform with real, interactive systems to attack.

The challenge was completed by nearly 100 participants, with exercises including cracking passwords, analysing switch configurations, and deciphering coded messages. The platform allowed participants to watch their progress in real time and after 20 high pressure minutes, the top 3 candidates in each stream emerged victorious and were awarded their prizes.

If you’re a student and interested in a career in cyber, you can find out more here about our Cyber Academy. We're also looking to secure the final industry partners for the Cyber Academy who will provide job placements for students in a unique earn as you learn program. Click here to express your interest. 

Lastly, joining Deloitte as a sponsor at the conference was Cybermindz.org. Cybermindz.org is Australia’s first peer-led, cybersecurity mental health support and resilience program. Deloitte is proud to be a major founding sponsor and partner of Cybermindz. You can find out more information about the program here. 

The conference provided a long overdue opportunity to meet and network with peers, discuss industry trends, the current threat landscape, and recent advancements in cyber. It was great to play an active part in the cyber community and contribute to discussions taking place about the industry's shared goals and challenges.