Ireland COSAC Connect Melbourne

Welcome to COSAC Connect!

For 27 years COSAC has provided a trusted environment in which to deliver information security value from shared experience.

COSAC Connect brings the COSAC Information Security Conference format online in August 2021. Participation and interaction will be encouraged and facilitated by the COSAC team. View our agenda to get a taste of what to expect from our panel of expert information security speakers.

Wednesday 11th August 2021

12:00 BST Welcome & Introduction Speaker(s): David Lynas

David Lynas

Chairman, COSAC (Northern Ireland)

David Lynas is currently enjoying his thirty-eighth year of experience in Information Security, during which he has been invited to provide strategic advice to governments and industry clients on every continent. A globally renowned Enterprise Security Architect, Security Strategist, and Thought-Leader, he is the co-author of SABSA (the world’s leading free-use, open-source Security Architecture Methodology), CEO of the SABSA Institute CEO of David Lynas Consulting.
X
12:30 BST AI and ML: Security and the Science (Fiction?) Speaker(s): Lesley Kipling

Lesley Kipling

Chief Security Advisor, Microsoft (UK)

Previously lead investigator for Microsoft’s detection and response team (DaRT), Lesley has spent 16+ years responding to Microsoft customers’ largest and most impactful cybersecurity incidents. As Chief Security Advisor, she now provides customers, partners and agencies around the globe with deep insights into how and why security incidents happen, how to harden defences and more importantly, how to automate response and contain attacks with the power of the cloud and machine learning.
X
 

A discussion of security through the lens of ML – the algorithms that help us find the patterns in data, detection of anomalies and underpin the self-healing of systems – and the future of Artificial Intelligence with all it’s potential for both harm and good. We’ll touch on present-day use of ML in security including big data and integrated signals, data gravity, adversarial ML and threat kill-chains; then wander into projected futures, the three laws of robotics, and the heuristically programmed algorithmic computer (HAL) and finish up with building trustworthy intelligence that integrates human values to augments human abilities.

13:30 BST Adapting to New Normals - How to Architect for Ever-moving Goalposts Speaker(s): David Lynas

David Lynas

Chairman, COSAC (Northern Ireland)

David Lynas is currently enjoying his thirty-eighth year of experience in Information Security, during which he has been invited to provide strategic advice to governments and industry clients on every continent. A globally renowned Enterprise Security Architect, Security Strategist, and Thought-Leader, he is the co-author of SABSA (the world’s leading free-use, open-source Security Architecture Methodology), CEO of the SABSA Institute CEO of David Lynas Consulting.
X
 

The goalposts have always moved. The modern Enterprise shares all the characteristics of a complex system: it is comprised of many moving parts that interact, conflict, and have systemic dependencies between them, and with the environment in which the Enterprise exists; it changes organically as a result of the behaviours of its parts, each of which has its own objectives, success factors, methods and risks.

Turning security strategy into reality within such a complex system has always been one of the Architect’s greatest dilemmas.

But now we understand that the goalposts do not just move, they can be completely redefined by a new normal. And we know there will always be another new normal.

Future success depends upon an Enterprise’s ability to understand complexity, be resilient to complex disruption, and adapt to ever-changing complex requirements. The question is “How?”. Even if we prioritise with a risk-driven approach, there are far too many high priorities and far too few resources for us to succeed before the goalposts move again.

In this session we will demonstrate SABSA Architecture techniques to prioritise a security roadmap to transform and adapt to ever-changing complexity, ensuring that security solutions are always traceable to business requirements, whatever they are, whatever they become, no matter how quickly they change.

14:30 - 14:45 BREAK

14:45 BST Imposter Syndrome & Overconfidence Speaker(s): Helvi Salminen

Helvi Salminen

Security Advisor, (Finland)

Helvi Salminen has worked in information security since June 1990, first as security analyst and since April 2000 as information security manager. Before starting information security tasks she has 12 years experience in systems development. Helvi is founder member of Finnish Information Security Association which celebrated its 10th anniversary in 2007. Helvi is qualified CISA, CISSP & SABSA & was awarded as CISO of the year in Finland 2014.
X
 

We have brilliant technical security systems which are necessary in responding to today’s security threats. But we still need also need humans in managing these systems and also managing the human related information security risks.

Humans are often referred as the weakest link in security, but competent and motivated humans can also be the strongest asset for security management. Much depends on how the context enables and empowers the individuals, but naturally also the characteristics and attitudes of individuals have a significant impact on security.

Psychology is always present when we are dealing with humans. We should for instance neither underestimate nor overestimate the impact of cognitive biases. People can express unexpected creativity which can be either beneficial for security or undermine the security arrangements. … Let’s have a closer look at two phenomena which can have disastrous impact on security.

A person with impostor syndrome is in continuous doubt of being “a fraud” – he/she feels that personal achievements are based on luck and not competence and skills, and a disastrous exposure as a fraud can happen at any time. An overconfident person seems to have everything under control and with excellent verbal skills creates the impression of high competence – in which he/she firmly believes.

These two behavioural models seem to be opposite to each other, but are they really? This session explains what impostor syndrome and overconfidence mean in human behaviour. The basics explained, we study their potential impact on security – if held by security manager, user of security services or it systems or other interested party.

We also discuss how it is possible to identify these behavioural models in organizational context and how to reduce their negative impact on security.

15:45 BST Maturity Models: Mysteries, Pitfalls & Reality Speaker(s): Glen Bruce

Glen Bruce

Director, Deloitte (Canada)

Glen Bruce is focused on Security Strategies, Architectures, PKI and Governance supporting business and governments in their approach to managing information security risk. He has over 47 years of in-depth experience in IT consulting, systems management and technical positions. He has led many information security engagements, where he has helped clients establish effective strategies, governance, architectures, policies, PKI and infrastructure implementations in support of both business and...
X
 

All organizations want to know how well they are doing in managing information security risk. Every significant beach that gets wide coverage prompts the Executives or the Board to ask – “could that happen to us?”. A common method of trying to answer that question is through assessing what the organization has in place to control the risk by determining the relative “maturity” of the risk management controls and processes using a reference standard for comparison coupled with a maturity scale to provide a measurable level. The product of measuring the maturity of the controls and processes is meant to answer a number of questions: are we doing enough to manage our risk?; are we getting what we expect from all the investments that we have made?; and even more important to some – how do we compare to our competitors or our industry?

There are wide variety of methods and supporting mechanisms to conduct maturity assessments that have varying results. This session will provide an overview of the various methods and mechanisms and describe many of the typical pitfalls and potential solutions to arrive at results that are actually understandable, meaningful and repeatable. We will have a look at the various reference standards and maturity scales from ISO, NIST, CMMC, ISF, CMMI, and several others typically used to assess maturity. Is a maturity assessment the same or comparable to assessing implementation tiers? How to you measure the effectiveness of the controls and processes and the risk associated with the various levels of maturity? The objective of the session is to strip away the mystery and magical thinking that tends to creep into maturity assessments and provide information that can be used to establish realistic expectations and beneficial results.