Cybersecurity for Infrastructure Summit

• Investigating cybercrime trends and the major challenges facing the sector today from both home and abroad  
• Reviewing the steps required to protect infrastructure assets from sophisticated cyber-attacks?  
• What are the strengths and limitations of Australia’s current regulatory framework for cyber security?  
• Examining the international partnerships working to improve cyber defence and innovation  

Andrew Woodward, Executive Dean, Cyber security, Edith Cowan University

• The international partnerships improving cyber defence and innovation 
• A priority – Australia’s cyber engagement strategy and the collaborations vital to keeping our infrastructure safe 

Alan Marjan, Assistant Director-General Cyber Uplift Branch, Australian Cyber Security Centre

Cyber resilience helps organisations to prepare, prevent, respond, and successfully recover of their business processes and operations against cyber-attacks. In this session we will identify the key aspects on how cyber resilience makes the organisations to think differently and be more agile when handling attacks and how they can be applied across infrastructure assets in the built world. 

• Why are your staff the key first step in developing an effective cybersecurity framework? 
• How to understand your people and create an effective cyber training? 
• Implementing effective processes to detect and alert anomalous behaviour 
• Development and maintenance of security documentation 

Faizal Janif, Head of Security Practice, Oreta,, & Executive Advisory Board Member, AISA

In recent years, the world has experienced an increasing number of cyber-attacks on critical infrastructure. In this session we’ll discuss the consequences of not hardening operational technology and industrial control systems environment. Historically we have complained that we didn’t have the right technology – or we didn’t have enough properly trained people to address these challenges. Is that still true?  

• Assessing the current cyber threat landscape in Australian Infrastructure assets today and what is the outlook for the future? 
• How to measure the impact of cybersecurity breach and manage cyber risks?  
• How to Improve the incidence threat scoping and response in exercise and practice?  
• What type of technology driven strategies should be implemented to develop the cyber defence for the infrastructure assets?  

• What are the latest policies and strategies for addressing cybercrime in Australia?  

Panellists

Dovid Clarke, Head of Cyber Security & Infrastructure – Technology, Data & Digital, Sydney Airport

Chirag D. Joshi, Award-winning cybersecurity executive, Best-selling author,, and ISACA Board Director 

Nick Vine, Group Manager, Cybersecurity and Compliance, Mirvac

Patrick Berry, Operational Technology Leader, Energy Australia

Moderator

Corien Vermaak, Director of Cyber Security ANZ, CISCO

These moderated 30-minute roundtable sessions enable delegates to break up into smaller focus groups deep dive into topics of specific interest. This will be followed by a quick recap of each table discussion by each of the facilitators.  

Round Table 1: A Day in the Life of an Infrastructure Cybersecurity team leader 

Facilitated by: Qudsia Maher, Senior Manager Cybersecurity Platforms, AGL 

Round Table 2: Developing an effective ransomware response and recovery strategy  

Facilitated by:  Nick Vine, Group Manager, Cybersecurity and Compliance, Mirvac  

Round Table 3:

Armis representative

Round Table 4: 

Nozomi representative

Round Table 5: Cybersecurity & Analytics – detecting threats in real-time  

In this session, we hear from Nathan Hosking, Senior Project Manager of Critical Infrastructure Uplift for Hydro Tasmania. Over the last 3 years Nathan has led the team responsible for enhancing the physical security for the company’s critical infrastructure by implementing a suite of solutions aimed at IIOT, CCTV, Data, Patch Management and Access Control improvement. With a focus on the updated for 2022 SOCI Act, Nathan and the company have achieved tremendous grounds by applying centralised principles applicable to Physical Security and building a culture of Security Awareness. In this session he will explain what the objectives were, what have they learned along the way and what’s next in line for securing the $5Billion of critical power infrastructure for Tasmania.   

• Examining what’s involved in moving from a ‘Culture of Convenience’ to a ‘Culture of Security’ first and foremost 
• Assessing the subtle but important differences between tangible physical security and the intangible attributes of cybersecurity  

• Why enforcing existing regulations is more efficient than making new ones?  
• Exploring the implications of the SOCI Act and what it means for professionals involved with securing Australia’s critical infrastructure 

Nathan Hosking, Senior Critical Infrastructure Security Project Manager, Hydro Tasmania

These moderated 30-minute roundtable sessions enable delegates to break up into smaller focus groups deep dive into topics of specific interest. This will be followed by a quick recap of each table discussion by each of the facilitators.  

Round Table 1: A Day in the Life of an Infrastructure Cybersecurity team leader 

Facilitated by: Qudsia Maher, Senior Manager Cybersecurity Platforms, AGL 

Round Table 2: Developing an effective ransomware response and recovery strategy  

Facilitated by:  Nick Vine, Group Manager, Cybersecurity and Compliance, Mirvac  

Round Table 3: The IoT patching race; is it a risk to cybersecurity?  

Round Table 4: Developing the next industrial cyber workforce  

Round Table 5: Cybersecurity & Analytics – detecting threats in real-time  

It’s evident how crucial cybersecurity & data protection is for any organization but only technology dependence for the security is the solution? Cyber risks are embedded into everything an organisation does. In this session we will focus on driving the cybersecure organizational culture which is as important as information security to mitigate cyber risks and data protection.  

• How to build resilience against cyber risks and protect databases within the organisation?  
• Awareness on how cyber risk incidents is identified and what response protocols are in place 

• Looking at data analysis, what data to keep and what data to back up?  
• How is your organization’s network segmented?   
• How often are security updates for your organization’s IIoT/OT devices applied?  
• Review the impacts of workplace flexibility and hybrid working models on cybersecurity  

Panellists

Ian Robinson, Chief Information Officer, Water NSW

Karl Ganesan, Senior Cyber Security Project Manager, Transport for NSW

Charlotte Pascoe, Chief Executive Officer, Stockdale & Leggo Corporate 

Stuart McGinn, Operational Technology Transformation Project Manager, CSR Limited

Moderator

Nathan Hosking, Senior Critical Infrastructure Security Project Manager, Hydro Tasmania

As cyber incidents increase in both frequency and complexity, it’s clear that cyber is the new disaster. In response, organisations are transforming from a posture of cybersecurity into one of cyber resilience – balancing the cybersecurity teams’ traditionally defensive strategies with the native disciplines & skills used by the data protection & business continuity environment. This session provides insight into new ideas about the key inputs needed to design a zero-trust environment. We’ll discuss why this evolving view evokes varied reactions among stakeholders and how to manage the conversation. 

• Elements of effective security architecture for protecting assets in this era of rapid transformation and disruption  
• Considerations and practices for optimising Operational Technology (OT) asset security  

• Measuring and reporting what matters to get the right support from executive leadership 
• Avoid common pitfalls that result in ineffective security posture 

Chirag D. Joshi, Award-winning cybersecurity executive, Best-selling author,, and ISACA Board Director 

The economic impacts of ransomware attacks starting with the initial disruption and continuing with extended recovery, have proven challenging to the small business and to the large enterprise. Attacks on critical infrastructure present a clear and present danger to society and our nation as a whole.  

Reserved for Partner  

The Sustainable Digitalisation Project (SDP) was created to establish a framework for the responsible, ethical and sustainable use of data, including avoidance of the harms of cyber breaches. In this discussion, we take a broader view of digital culture and explore how a data and governance lens can be applied to our use of data and digital technology for the benefit of our stakeholders.  

• Understanding why establishing a responsible, ethical and sustainable digital culture is critical for real estate companies, and the principles to shape it 
• Exploring the interrelated data and governance issues for our stakeholders emerging with our accelerated use of data  
• Examining why cybersecurity should not be addressed in isolation, but as part of a broader responsible, ethical and sustainable approach to data use 
• Assessing cybersecurity through a data and governance lens and the potential implications for companies and their key stakeholders  

Panellists

Jon Collinge, Sustainability Director, Morrison & Co

Rogier Roelvink, Chair, Technology Portfolio Group, FMA,, Customer Strategy Director, Oracle

Ura Sarfejoo, Pacific Leader - Digital Solutions, Sustainability & PI, Johnson Controls

Moderator

Simon Carter, Head of Sustainability, ESR Australia

With thousands of new security technologies available (and more being added), where should you invest your money and confidence? This session will spotlight 4 leading OT security firms via a series of rapid-fire presentations followed by a moderated panel discussion and provide attendees with a better understanding of the current vendor landscape and what to consider before making decision around their security stack.

Cyber Tech 1: Michael Loewy, Co-founder, Tide Foundation  

Cyber Tech 2: Nozomi representative

Cyber Tech 3:  

Cyber Tech 4:  

Cybersecurity is a complex and ever-evolving field that requires constant vigilance to keep up with the latest developments. Industries are shifting from manual work to more automated features and processes. Utilising automation tools and security models can help to reduce the time and effort required to protect OT. 

• How OT security automation is helping organizations to discover, detect and develop a defence against the growing number of threats?  
• Impact of emerging technology on how we use and develop cyber security workflows  
• How machine learning and artificial intelligence can boost the network visibility for OT professionals?  
• Review the expansion of networks, IoT security and cloud computing reducing the cybercrime incidents   
• Should infrastructure assets invest more in data security automation?    

Jasan Murell, Group Executive, AustCyber

OT is essential, proliferating and the key to critical functions for all the infrastructure assets, cybercriminals are overtly aware of this dependence. In this session, we will address the need for strong OT safeguards owing to the cybersecurity threat targeting the infrastructure assets.

• What are the key drivers for OT cybersecurity and how to implement end-to-end risk management towards cyber resilience?  
• Review the shortage of OT/ICS professionals and regulatory environments for OT cybersecurity a matter of concern in Australia?  
• How OT/IoT security collaborations can help to secure OT environment of infrastructure assets?  
• What are the key challenges need to be addressed by IT/OT convergence?  

• How sets of controls such as IDS, Malware Detection, Threat Intelligence Feed and Reporting are important to detect & respond to threats within the OT environment?

Panellists

Anna Aquilina, CISO, University of Technology Sydney

Gurvinder Pal Singh, Head of Cyber Security, Bingo Industries

Jeff Campbell, Senior Manager, Horizon Power

Faizal Janif, Head of Security Practice, Oreta,, & Executive Advisory Board Member, AISA

Moderator

Robert Di Pietro, Partner - PwC Australia Cybersecurity & Digital Trust Lead, PwC