Katherine Ziesing | Canberra
There were three clear themes that emerged from proceedings this year: the overarching strategic research framework into cyber is unclear, insider threats are huge, and finding/growing cyber warriors is a big challenge.
A range of military, government, academic and industry speakers shared their experience and insights over the two-day event. USAF Colonel Rizwan Ali NATO’s branch head of Cyber Defence explained how cyber had predominantly civilian pursuit but the military had developed a useable framework in the bureaucratically challenged group.
"You can have every shiny box on the market but if you don’t have the right people and processes you’re wasting time and money."
Closer to home, Air Vice Marshal Andrew Dowse (head of ICT operations and J6 in CIO Group) and Chief of Army’s new cyber advisor/Commander of 6th combat support brigade Brigadier Marcus Thompson spoke on how the IT and Army organisations are dealing with the issue. AVM Dowse said that there had roughly been 50,000 incidents per year on the Defence network, a steady figure over the last two years but expects that this will increase as threat landscape changes rapidly and constantly.
“Cyber threats are able to reach Australia in a way that other domains cannot,” BRIG Thompson said as he acknowledged that Army is still quite new in cyber space and is working with its sister services and other government agencies alongside industry to build a new generation of cyber warriors that may or may not be uniform.
Wallace Sann of Forescout Technologies was eloquent on the need to combine good technology with the right people and processes.
“You can have every shiny box on the market but if you don’t have the right people and processes you’re wasting time and money,” he said.
Other industry presentations from Raytheon, BAE Systems and Thales looked at the difficult task of mapping the cyber landscape as the same threat can be given multiple names across the globe. They also discussed coping with insider threats in a post-Snowden world and how the nature of an interconnected business means better productivity but also more security risks.
The overwhelming theme from academics, DST Group, and industry groups was the need for more focused research and development in the cyber area.
“How do we know where to spend the money and lead long term research when we don’t know the questions?” UNSW’s director for the Australian Centre for Cyber Security Professor Jill Slay asked.
For those who aren’t sure where to start eating the elephant that is cyber security and what your organisation could or should be doing, Peter Sandilands, vice chair of the Australian Information Security Association, provided an excellent explanation of compliance versus risk management and some helpful tools to work out what is important. His slides, along with the other publicly releasable presentations, can be found here.