Australian Cyber Conference Program

25–27 March 2024, National Convention Centre Canberra

Download Program
Day 1
Day 2
Day 3
25 March 2024
*Please Note - You must be pre-registered to attend any of the workshops below. Details on how will be released late February.
09:00 - 12:30 (Monday 25 March)
Murray Room

CompTIA - Critical cybersecurity skills for today's attack surface: A hands-on overview of the CompTIA Security+ 701 certification

James Stanger
9:00
 - 
12:30
Torrens Room

BSi Group - Building resilient supply chains – A security perspective

Dushyant Sanathara
10:00
 - 
12:30
Derwent Room

SANS - Advanced incident response, threat hunting, and digital forensics

Josh Lemon
9:00
 - 
12:30
Fitzroy Room

Offensive Security - SOC200 Workshop: Detecting cyber attacks

Dr Malcolm Shore
9:00
 - 
12:30
Swan Room

Lumify Group - Cyber for executives and boards

Louis Cremen & Jeremy Daly
9:00
 - 
12:30
Menzies Theatrette

ALC - Secure Software Development

Arni Hardarson
9:00
 - 
12:30
12:30 - 13:30
Break
13:30 - 17:00 (Monday 25 March)
Murray Room

CompTIA & Lumify Group - Security+ - Investigating the skills and best practices needed to navigate dynamic attack surfaces

Louis Cremen & James Stanger
13:30
 - 
17:00
Torrens Room

BSi Group - ISO 42001 Artificial Intelligence Management System – Fostering responsible AI

Dushyant Sanathara
13:30
 - 
16:00
Derwent Room

SANS - Advanced incident response, threat hunting, and digital forensics

Josh Lemon
13:30
 - 
17:00
Fitzroy Room

Offensive Security - IR200 Workshop: Incident response

Dr Malcolm Shore & Carsten Boeving
13:30
 - 
17:00
Swan Room

Tesserent - Delivering SOC in the cloud

Patrick Butler
13:30
 - 
17:00
Menzies Theatrette

ALC - Secure Software Development

Arni Hardarson
13:30
 - 
17:00
17:00 - 19:00
Welcome Reception
26 March 2024
08:00
Exhibition Open and Light Breakfast
08:40 - 09:00
Acknowledgement of Country
08:40 - 09:00
Conference Opening Address by Lieutenant General Michelle McGuinness, CSC
Royal Theatre
09:00 - 09:35
Real cyber security partnerships and resilience with Abigail Bradshaw
Royal Theatre
09:35 - 10:35
Keynote with Dr Rumman Chowdhury
Royal Theatre
10:35 - 11:05
Morning tea break
11:05 - 11:45 (Tuesday 26 March)
Royal Theatre

Psychology of the human firewall: People can be the weakest link in an organisation's cyber security, but can also be their strongest asset

Conor Kenny, Angelo Friggieri, Rachael Hardy, Chris Keune & Dominic Andrews
11:05
 - 
11:45
Sutherland Theatrette

Processing threat reports at scale using AI and ML: Expectations and reality

Yury Sergeev
11:05
 - 
11:45
Nicholls Theatrette

SIEMs SOARs and roundabouts: ASD's program to uplift government detection and response capabilities

Jessica Clarence & Lee Mansfield
11:05
 - 
11:45
Menzies Theatrette

Making the quantum leap - what quantum technologies are really relevant and are we ready for them?

Rajiv Shah
11:05
 - 
11:45
Bradman Theatrette

Cyber degree apprenticeships: Providing real-world training to the next generation of cyber professionals

Nicole McLean
11:05
 - 
11:45
Torrens Room

TBC

TBC
11:05
 - 
11:45
Murray Room

Lessons learned from a public experiment: Securing and attacking LLM-Based apps

Dr Pedram Hayati
11:05
 - 
11:45
Fitzroy Room

Conditional access to copilot - securing M365 in 40 minutes or less

Sam Brazier-Hollins
11:05
 - 
11:45
Swan Room

Carrot or the stick: An in-depth discussion on the dual approach of incentives and enforcement that has shaped the management of safety and security within the airline industry's critical infrastructure

James Toye
11:05
 - 
11:45
Derwent Room

Next generation consumer authentication experiences

Craig Pearson & Narayana Madineni
11:05
 - 
11:45
Think Tank 1

Which and how of cyber security frameworks-identify and implement the perfect fit

Gaurav Vikash
11:05
 - 
11:45
Think Tank 2

Essential 8 - Why it's so hard and how to change your approach to make it easier

Tim Archer
11:05
 - 
11:45
Think Tank 3

What about the people? Let's act NOW

Wendy Davis
11:05
 - 
11:45
11:50 - 12:30 (Tuesday 26 March)
Royal Theatre

Australia's global opportunity and responsibility: shaping a more secure region and a safer digital world

Brendan Dowling
11:50
 - 
12:30
Sutherland Theatrette

Putin, Hamas, Hezbollah: How current kynetic conflicts play out in cyber space

Jana Dekanovska
11:50
 - 
12:30
Nicholls Theatrette

6 things your SOC must be doing to better defend against complex Cyber Attacks

James Oram
11:50
 - 
12:30
Menzies Theatrette

The future is much closer than we think: How zero trust relies on quantum readiness. A non-technical guide to what zero trust means and the risk quantum poses to government

Julie Gleeson
11:50
 - 
12:30
Bradman Theatrette

The fifth domain: Is Australia ready for the democratised war?

Meg Tapia & Remy Coll
11:50
 - 
12:30
Torrens Room

2024' the year of supply chain failures or fixes, you decide...

James Calder & Peter Johnson
11:50
 - 
12:30
Murray Room

Commercialising Large Language Models (LLMs) in the era of generative AI: Balancing opportunities, risks, and regulatory complexities

Dr Timothy McIntosh
11:50
 - 
12:30
Fitzroy Room

How North Korea cost us $41 million - A first hand story

Michael McKinnon
11:50
 - 
12:30
Swan Room

Fabian Horton Navigating the crossroads: Bridging the divide between cyber security, business, and legal perspectives in the aftermath of cyber attacks

Dr Fabian Horton
11:50
 - 
12:30
Derwent Room

Bad passwords happen to good people - A case for passwordless

Lloyd Evans
11:50
 - 
12:30
Think Tank 1

Level 100 druids beware: Online gaming and the new frontier of malign influence and interference

Steven Coomber
11:50
 - 
12:30
Think Tank 2

A risk based approach to managing Supply Chain Cyber Exposure informed by current threats and real incidents

Blare Sutton
11:50
 - 
12:30
Think Tank 3

The value of brave project management

Melissa Wong
11:50
 - 
12:30
12:35 - 13:15 (Tuesday 26 March)
Royal Theatre

Technology can be inherently political. Is a balance between innovation and policies achievable?

Roger Dingledine, Stephanie Crowe, Alastair MacGibbon, Annie Haggar & Tony Vizza
12:35
 - 
13:15
Sutherland Theatrette

Hacktivism - the misunderstood threat

Davyn Baumann
12:35
 - 
13:15
Nicholls Theatrette

Unveiling zero days: An in-depth exploration of post-initial access detections

Ash Smith
12:35
 - 
13:15
Menzies Theatrette

Harnessing the potential of untapped talent: Breaking down barriers for women and neurodivergent pioneers in cyber security

Raza Nowrozy & Matija Squire
12:35
 - 
13:15
Bradman Theatrette

Keyboard warriors: Proposing an Australian volunteer cyber corps

Lachlan McGrath
12:35
 - 
13:15
Torrens Room

Where did we all go wrong?

Chris Keune
12:35
 - 
13:15
Murray Room

Robust URL classification with unsupervised domain adaptation

Fariza Rashid
12:35
 - 
13:15
Fitzroy Room

Snagging an SPF record - The world is full of dangling IPs

Sebastian Salla
12:35
 - 
13:15
Swan Room

Technology debt and its impact on your cyber risk or as its sometimes called 'What's hiding in your proverbial IT closet should be giving you nightmares!!!'

Dallas McGuire Hindle
12:35
 - 
13:15
Derwent Room

Solving the problem of managing those workforce identities who are NOT in HR

Sophie Wade
12:35
 - 
13:15
Think Tank 1

Security and the social internet of things

Travis Quinn
12:35
 - 
13:15
Think Tank 2

VPNs and post-quantum security

Anantha Kandiah
12:35
 - 
13:15
Think Tank 3

Strengthening corporate security: The critical role of vendor validation

Asrar Ismail
12:35
 - 
13:15
13:15 - 14:00
Lunch break
14:00 - 14:40 (Tuesday 26 March)
Royal Theatre

Governance & resilience - getting ahead of the curve

Wouter Veugelen, Sophie Bradshaw & Ben Hamilton
14:00
 - 
14:40
Sutherland Theatrette

Navigating the cyber frontier: Mastering cyber threat intelligence management in business

Nick Baragar & Alexander Gould
14:00
 - 
14:40
Nicholls Theatrette

Security made CVEasy: Countering common vulnerabilities and exploits attacking Australian organisations

Rohit Murali
14:00
 - 
14:40
Menzies Theatrette

Threat-informed Defence Engineering (TiDE): Developing security capability profiles as a strategic objective

Sriram Raghavan
14:00
 - 
14:40
Bradman Theatrette

Old dog, new tricks - a talk that compares and contrasts Cold War spycraft artefacts and tradecraft, with modern cyber attacks - everything old is new again!

Mike Pritchard
14:00
 - 
14:40
Torrens Room

U.S. Government CIO's perspectives: cyber trend effects to watch in 2024

David Chow
14:00
 - 
14:40
Murray Room

Navigating the cyber storm: Human and AI collaboration in security operations

Vannessa Van Beek & Melina Ryan
14:00
 - 
14:40
Fitzroy Room

Cyber security in space-securing the stars, and our future

Gaurav Vikash
14:00
 - 
14:40
Swan Room

Framework fatigue

Adam Taylor & Jennifer Lee
14:00
 - 
14:40
Derwent Room

Digital ID - Australia's journey continues, but where are we actually going?

Rajiv Shah
14:00
 - 
14:40
Think Tank 1

Tracking advanced persistent threats through advanced SIGINT techniques

Ryan Sherstobitoff
14:00
 - 
14:40
Think Tank 2

DNS: Dangers 'N' Solutions

Dale Bowie
14:00
 - 
14:40
Think Tank 3

Do I really need to supplement email security in Microsoft 365?

Bradley Anstis
14:00
 - 
14:40
14:45 - 15:25 (Tuesday 26 March)
Royal Theatre

From Bytes to Rights: The Intersection of Law and Cybersecurity

Ben Doyle, EJ Wise & Annie Haggar
14:45
 - 
15:25
Sutherland Theatrette

From STIX to MISP and back again: how hard could it be?

Chris Horsley
14:45
 - 
15:25
Nicholls Theatrette

Hunter or the hunted

Steve Molloy & Jamal Boutkabout
14:45
 - 
15:25
Menzies Theatrette

How we lost our way (and how we can get back on course): Navigating today’s toughest cybersecurity challenges

James Stanger
14:45
 - 
15:25
Bradman Theatrette

Evolving the ISM: A shift towards comprehensive security

Mickey Perre
14:45
 - 
15:25
Torrens Room

Levelling-Up SME and NFP cyber security

Brett Randall & Chirag Joshi
14:45
 - 
15:25
Murray Room

A CISOs perspective on the rise and risks of AI/ML

Andrew Robinson
14:45
 - 
15:25
Fitzroy Room

SaaS and PaaS threat landscape - State of the nation

Andrew Latham
14:45
 - 
15:25
Swan Room

IT-OT convergence issue in Critical Infrastructure (CI) and SOCI act compliance for cyber and information security hazards

Mahbubur Rahman
14:45
 - 
15:25
Derwent Room

The ABC of CIAM - Customer Identity and Access Management

Jodie Bowman & Sophie Wade
14:45
 - 
15:25
Think Tank 1

Navigating the convergence of GDPR and Australian privacy principles - A comparative analysis

Asrar Ismail
14:45
 - 
15:25
Think Tank 2

Insider threat - A primer for planning & response

Nick Mazitelli
14:45
 - 
15:25
Think Tank 3

Asymmetric warfare in the cyber domain

Katherine Weissel
14:45
 - 
15:25
15:25 - 15:55
Afternoon tea break
15:55-16:40
Fireside chat with Hon Michael Kirby
Royal Theatre
16:40 - 17:40
Keynote with Frances Haugen
Royal Theatre
17:40 - 18:45
Networking drinks in exhibition space
19:00 - 22:30
Conference dinner
27 March 2024
08:00
Exhibition Open and Light Breakfast
08:40 - 09:00
Welcome and Conference Opening
Royal Theatre
09:10 - 10:10
The smart mission:navigating the future of now with Dr. Ed Hoffman
Royal Theatre
10:20-11:00 (Wednesday 27 March)
Royal Theatre

Cyber Partnerships and Resilience

Dan Tripovich
10:20
 - 
11:00
Sutherland Theatrette

Account takeovers, fraudsters, booters, scrapers and how to find them

Adam Cassar & Daniel D'Alessandro
10:20
 - 
11:00
Nicholls Theatrette

TBC

TBC
10:20
 - 
11:00
Menzies Theatrette

Security awareness 2.0: The paradigm shift from training and simulations to engagement and culture

Jacqueline Jayne
10:20
 - 
11:00
Bradman Theatrette

The state of cyber in the Pacific: Perspectives from Vanuatu and Fiji

Meg Tapia & Cameron Watts
10:20
 - 
11:00
Torrens Room

Cyber security - but make it Worksafe

Simon Carabetta
10:20
 - 
11:00
Murray Room

Skills, not jobs: building cyber workforce resilience is a journey, not a destination

David Schmidtchen
10:20
 - 
11:00
Fitzroy Room

Crisis communication or communication crisis : Choose your own misadventure

Eric Pinkerton
10:20
 - 
11:00
Swan Room

Giving back: How to contribute to the Mitre ATT&CK Framework and why

Thomas Simpson
10:20
 - 
11:00
Derwent Room

Zero trust architectures for the Australian space sector

Michael Puckridge
10:20
 - 
11:00
Think Tank 1

The government has identified the Medibank hacker –does law enforcement make any difference in protecting Australians, and if it doesn’t, what will?

Simone Herbert-Lowe
10:20
 - 
11:00
Think Tank 2

TBC

TBC
10:20
 - 
11:00
Think Tank 3

Triple-Threat or TripleOpportunity? Navigating the cyber security implications of intelligent digital twins

Dirk Hodgson
10:20
 - 
11:00
11:00 - 11:30
Morning tea break
11:30-12:10 (Wednesday 27 March)
Royal Theatre

Proactive vs. reactive incident response strategies

Oliver Guidetti & Vasanth Kumar
11:30
 - 
12:10
Sutherland Theatrette

Steps to building a holistic perimeter defence strategy for IT and OT networks

Yiyi Miao
11:30
 - 
12:10
Nicholls Theatrette

When the playbook will not help you: Managing a security incident with no visibility or control

David Willett
11:30
 - 
12:10
Menzies Theatrette

Why DMARC has reached its MFA moment and must now be considered necessary but not sufficient, and what to do about that

Neil Hammet
11:30
 - 
12:10
Bradman Theatrette

Government and Public Policy 2.0 – Designing for unprecedented disruption

Marina Yastreboff & Dr. Ian Oppermann
11:30
 - 
12:10
Torrens Room

Security in crisis? CISO burnout and how we need to change

Robert Mitchell
11:30
 - 
12:10
Murray Room

Exploiting wanderlust - Social engineering attacks through Booking.com

Sekar Langit & Annie-Mei Forster
11:30
 - 
12:10
Fitzroy Room

A series of difficult conversations - Strategies for cyber crisis communications

Dexter Gillman & David Ulcigrai
11:30
 - 
12:10
Swan Room

TBC

TBC
11:30
 - 
12:10
Derwent Room

Control plane security architecture: threats and mitigations

Travis Quinn
11:30
 - 
12:10
Think Tank 1

Success with privileged access management - its more than the tools

Ash Coward
11:30
 - 
12:10
Think Tank 2

Inside Out: Understanding insider threats through digital forensics investigation

Luke Bradley
11:30
 - 
12:10
Think Tank 3

Who watches the web watchers: how security vendors can kill your business without consequence

Corch
11:30
 - 
12:10
12:15 - 12:55 (Wednesday 27 March)
Royal Theatre

Implementing the cyber security strategy together

Hamish Hansford
12:15
 - 
12:55
Sutherland Theatrette

AI-powered network security monitoring

Dale Bowie
12:15
 - 
12:55
Nicholls Theatrette

Practical guide to Implementing XDR and what it could do for your company

Bradley Anstis
12:15
 - 
12:55
Menzies Theatrette

Global cyber attack trends: Wisdom we gain from the data

Stephanie Aceves
12:15
 - 
12:55
Bradman Theatrette

TBC

TBC
12:15
 - 
12:55
Torrens Room

Ahead of the curve: Crafting futureready cyber defences on a budget

Remy Coll & Chirag Joshi
12:15
 - 
12:55
Murray Room

The changing threat landscape of hacktivism

Ashwin Ram
12:15
 - 
12:55
Fitzroy Room

Preventing bad from becoming worse: Crisis communication

Monika Mathur
12:15
 - 
12:55
Swan Room

How to realise the benefits of zero trust adoption

Thomas Seibold
12:15
 - 
12:55
Derwent Room

Is your Entra ID tenant protected? ROPC and how to protect against it

Dave Stott & Michael Bruce
12:15
 - 
12:55
Think Tank 1

Global insight into changing ransomware techniques

Raj Samani
12:15
 - 
12:55
Think Tank 2

Breaking free from security standards: A practical way to build and assess your controls

Jennifer Vu
12:15
 - 
12:55
Think Tank 3

Going passwordless: Faster, easier, and more secure customer logins with passkeys

Toby Allen
12:15
 - 
12:55
12:55 - 13:55
Lunch break
13:55 - 14:35 (Wednesday 27 March)
Royal Theatre

TBC

TBC
13:55
 - 
14:35
Sutherland Theatrette

Jinxed! How attackers are creating bad luck for MFA

Liam Dermody
13:55
 - 
14:35
Nicholls Theatrette

Threat hunting with Malcolm

Dr Malcolm Shore & Carsten Boeving
13:55
 - 
14:35
Menzies Theatrette

Essentials for a cyber resilient organisation

Kaustubh Vazalwar
13:55
 - 
14:35
Bradman Theatrette

TBC

TBC
13:55
 - 
14:35
Torrens Room

Reflections of being a CISO for 20 years in an organisation

Ben Doyle
13:55
 - 
14:35
Murray Room

Building & engaging your human firewall - proactive prevention, enhanced decision making, opportunity centricity

Dave Cohen
13:55
 - 
14:35
Fitzroy Room

Non human hostage taking: Insuring ransomware

Adam Taylor
13:55
 - 
14:35
Swan Room

Reading the GRC tea leaves - Common themes from recent major updates to ISO 27001, NIST CSF, and PCI DSS

Elliot Dellys
13:55
 - 
14:35
Derwent Room

Threat modelling your way to secure OT Networks

Paresh Kerai
13:55
 - 
14:35
Think Tank 1

Emotional intelligence in effective risk communication

Monika Mathur
13:55
 - 
14:35
Think Tank 2

Zero trust deconstructed and practical applications to government

Hansang Bae
13:55
 - 
14:35
Think Tank 3

How can Infosec drive the strongest insurance outcome and vice versa?

Thomas Tracey
13:55
 - 
14:35
14:40 - 15:20
Royal Theatre

TBC

TBC
14:40
 - 
15:20
Sutherland Theatrette

How do you hear the alerts that don't go off?

Matthew Strahan
14:40
 - 
15:20
Nicholls Theatrette

I have three viruses and no analysts... Why can't I have no viruses and three analysts: Simplified malware analysis for Incident Response teams

Lewis Ingram
14:40
 - 
15:20
Menzies Theatrette

The cyber odyssey: A tale of cyber renaissance, of learning and leadership

Roxanne Pashaei
14:40
 - 
15:20
Bradman Theatrette

Ransomware: A framework for disclosure

Sabeen Malik
14:40
 - 
15:20
Torrens Room

Responding to the key drivers of board cyber risk concerns

Nitesh Patel & Benjamin Di Marco
14:40
 - 
15:20
Murray Room

Cyber awareness in education

Kyle Waters
14:40
 - 
15:20
Fitzroy Room

Tracking ransomware actors: Unveiling the pursuit of cyber criminals

Ryan Sherstobitoff
14:40
 - 
15:20
Swan Room

Shining a light into a possible future of chaos: Why and how industry needs government to continue leading the way on PKI standards

Julie Gleeson & Michael Puckridge
14:40
 - 
15:20
Derwent Room

How to apply security patterns within Security-By-Design

Ken Fitzpatrick & Deepayan Chanda
14:40
 - 
15:20
Think Tank 1

Unlocking the mystery of zeroknowledge proofs to ensure the security of eGovernment

Sameer Ali
14:40
 - 
15:20
Think Tank 2

TBC

TBC
14:40
 - 
15:20
Think Tank 3

TBC

TBC
14:40
 - 
15:20
15:20 - 15:50
Afternoon tea break
15:50 - 17:00
Keynote with Roger Dingledine
Royal Theatre
NOTE* This program is a working program and is subject to change. You must pre-register for workshops to be able to attend. Workshop pre-registration is only available to member and non member fully financial registrants.

Acknowledgement of Country

We acknowledge the traditional owners and custodians of country throughout Australia and acknowledge their continuing connection to land, waters and community. We pay our respects to the people, the cultures and the elders past, present and emerging.

Acknowledgement of Country