All Activity

5 reasons you should no longer ignore a Cyber Security Strategy Register at https://opc.com.au/free-cyber-security-webinar Aimed at business leaders within Australian SMB’s, this non-technical webinar provides practical information and advice on how to protect your business against a cyber attack. In Australia, a cyber attack happens every 10 minutes*, with 87% of small and medium businesses believing they are safe with antivirus software alone, no Australian business can afford to miss our one hour cyber security webinar. What you will learn Latest cyber security practices Emerging cyber threats and the new cyber criminal The impact of the pandemic on cyber security and the effect on Australian businesses Understand your risk of exposure to a cyber attack How to recover from an attack Why every Australian business must invest in managed cyber security Why you need to attend this webinar COVID-19 has accelerated remote working and most businesses have had to adapt to this working model even if it was unfamiliar. Remote working brings an increased risk of identity theft and corporate attack. Cybercriminals can mine for employees' identities through: Phishing scams Password credential theft Other advanced tactics Cybercriminals can enter the network under the guise of a legitimate login and then wreak havoc. There has been substantial growth in ransomware, fake apps and targeted phishing scams with over 2000 security incidents in Australia in 2020. During the 12months from July 2019 the Australian Cyber Security Centre (ACSC) responded to 2,266 cyber security incidents Cybercrime is one of the most pervasive threats facing Australia and the most significant threat in terms of overall volume and impact to individuals and businesses The Australian Competition and Consumer Commission’s (ACCC) Targeting Scams 2019 report, identified Australians lost over $634 million to scams

Upcoming webinar - IoT Security Guides Speaker: Frank Zeichner (CEO, Internet of Things Alliance Australia) The Internet of Things Alliance Australia (IoTAA) has published “plain language” guides to security, safety and privacy for Internet of Things (IoT) users and technology providers. The guides are the first of their type produced in Australia, according to the IoTAA, which is the peak Australian IoT industry body - although the Australian Cyber Security Centre also offers tips aimed at helping the community buy and use IoT devices securely. The IoTAA guides are designed to increase awareness of IoT risks and “actionable outcomes”. They feature tips for designing, sourcing and managing IoT technology. About Frank Zeichner Frank is a thought leader in the adoption of Internet of Things (IoT) in Australia and is foundation CEO of the IoT Alliance Australia (IoTAA), the peak Australian Internet of Things industry body, whose mission is to drive Australia's competitiveness and societal benefit through collaboration across the research, industry, government and community. Frank Zeichner is also Partner Manager for the Race2030 CRC. The Reliable Affordable Clean Energy for 2030 Cooperative Research Centre (RACE for 2030 CRC) an Industry Board member of the NSW Smart Sensing Network. Thursday 20 May 2021, 12:00pm to 1:00pm AEST Engineers Australia members: FREE Non-Engineers Australia members: $30

Register for this event HERE International best practice on cyber technical and profession standards has been central to the development of cyber security as a profession. Currently it is seen as a Computing discipline and thus governed from a Professional Standards perspective by the Australian Computer Society, this has allowed Australia to establish a baseline of knowledge and skills criteria which represent the minimum expectations of cyber security technicians and professionals. Professional Standards in Cyber Security involve assertions that a standard is vendor neutral and independent, they establish the minimum professional standard of competence and built around a complete requirement for full professional formation. This is also dependent on the maintenance of competence through continuing professional development and supported by a disciplinary code with a process for public complaint and sanctions. Without Professional Standards we cannot ensure good governance, duty of care, validation and verification of results. Historically, Australia has drawn on many international workplace cyber security standards including: The United States Department of Defense Information Assurance Workforce Improvement Program National Institute of Standards and Technology, US Department of Commerce National Initiative for Cyber Security Education, Workforce Framework US Department of Labor sponsored industry Cybersecurity Competency Model This webinar looks at how NIST/ NICE standards have been drawn on in Australian professional standards and curriculum models to aid with recruitment, skilling and other workplace cyber security issues. Jill Slay Jill is the University of South Australia SmartSat Professorial Chair in Cybersecurity and leads the SmartSat Cybersecurity and Resilience Theme. She has an international research reputation in cyber security. Jill was in 2017-2019 Director of Cyber Resilience Initiatives for the Australian Computer Society (ACS) and led Federal Government work on the development of Professional Standards in Cyber Security. She has published widely and supervised >20 PhDs cyber security. She is a Member of the Order of Australia (AM), and a Fellow of ISC2 for her service in information security.

Start Time: 6:00PM AEDT. Today's advanced threats from cyber criminals and state-backed organizations have undermined large utilities and critical infrastructures around the world. https://www.engineersaustralia.org.au/event/2021/02/cyber-security-and-critical-infrastructure-35626

ACSC Challenges, Lessons Learned and Cyber Security Advice for Australian Businesses by Karl Hanmore What are the major lessons that ACSC has learned over its journey to building the Australian Government's public facing cyber centre of excellence? What challenges are you anticipating to occur in the next 5 years? What areas should Australian businesses be investing into cyber security to protect themselves (technology, people, MSSPs)? About the speaker Mr Karl Hanmore was appointed to the role of First Assistant Director-General Cyber Security Services (CSS) at the Australian Cyber Security Centre (ACSC) at the Australian Signals Directorate in January 2019. His role is responsible for leading the CSS Division of the ACSC providing advice, assistance and guidance to Australian Government, Australian industry and the general public. In this role he has responsibility for a wide range of capabilities ranging from incident response and threat intelligence through to international relationships and public messaging. Key takeaways Raise awareness of current cyber threats Promote information sharing on cyber threats (security and transparency) Ensuring ASD support for Engineer's Australia Cyber Engineering Community of Practice and alignment of delivery of cyber security outcomes Promotion of ASD as an employer of choice for cyber security roles

The Internet of Things Alliance Australia is proud to invite you to the launch of Australia's first IoT Security Awareness Guides. Admission is free. https://www.eventbrite.com.au/e/internet-of-things-security-awareness-guides-launch-tickets-141506225931

Cyber-physical System Assurance via Systems Engineering Based Regulation Presented by Mark van Zomeren Description: Using three hypothetical cases, which bear similarities to recent real-world cases, issues relating to the downside of cyber-physical systems are examined. Systems engineering principles and potential regulatory mechanisms are then considered, to determine if their application may have the potential to reduce or eliminate these issues. While these hypothetical cases do resemble real world events from over the past decade, there will be no in-depth analysis of any of them. Rather, aspects of each of these events that have been publicised are cherry-picked and considered from the perspective of systems engineering principles and potential regulatory mechanisms so that useful insights may be gained. The first hypothetical case is about industrial control systems being overrun by malicious code. Having gained access into the system in the unlikeliest of ways, this code has the ability to not only drive the industrial process into ruin, but can do so while displaying false information on the real-time operation of the industrial systems back to the operators. The second hypothetical case involves modification to a model of a stable and trusted high precision transport system produced by a highly trusted manufacturer. These modifications result in the need for code to be used to stabilise a now inherently unstable system. The third hypothetical case relates to the ability of original equipment manufacturers to reach through cyberspace to enable or disable features, without the consent of the system owner or end user, of electromechanical systems they have produced and delivered. Without delving into the motives of the actors involved in these three hypothetical cases, this webinar will consider design decisions that may be applied in each case to mitigate many of the adverse outcomes that would otherwise be likely to arise during the operation of these systems. Consideration is then given to how these design decisions could be more generally applied elsewhere as system design principles, then integrated into organisational policy, and finally as part of a regulatory regime. Key takeaways: For cyber-physical system development, consider: - Integration of multiple and diverse methods of measurement for critical system performance - Designing for pervasive through-life operational test & evaluation, trending to constant monitoring - Multiple, and graduated, degraded states of operation across various levels of operation - For all cyber-interfaces between the system and other systems, endeavour to agree on, and communicate in, the same language for cyber risk and cyber test & evaluation About the speaker: Mark has over 15 years of experience working on sustainable energy systems, critical infrastructure, and airfield infrastructure and is a trained systems engineer with a focus on test & evaluation and design of experiments. Through extensive public sector policy development experience, Mark has had the opportunity to integrate classic and contemporary systems engineering principles into infrastructure development and sustainment activities. Mark is conducting research into technical assurance models and frameworks for through-life resilience of cyber-capable physical systems.