Ireland Melbourne

Welcome to COSAC's first event in Asia-Pacific, hosting the inaugural SABSA APAC Congress. 

Our agenda has been selected by previous COSAC participants to ensure sessions are unique, timely, cater for the participative COSAC ethos and deliver value for experienced security practitioners. 

Thursday 7th December 2017

09:30 - 10:00 Delegate Registration & Coffee

11:40 Morning Coffee
16:10 Afternoon Coffee

Workshop W1

10:00 Incident Handling Tabletop Workshop Speaker(s): Ahmed ElAshmawy,

Ahmed ElAshmawy

Senior Information Security Consultant, Axenic (New Zealand)

Ahmed is a Senior Consultant at Axenic Ltd. He has significant experience as a trainer, as well as being a hands-on practitioner. He is a CERT-Certified Computer Security Incident Handler (CSIH) and a SEI-Authorised Instructor. He has been previously a member of the technical team of Q-CERT, Qatar’s national Computer Emergency Response Team. 
X
Chris Blunt

Chris Blunt

Director, Consulting Partner, Axenic (New Zealand)

Chris is a Consulting Partner at Axenic Ltd, a specialist independent information security and privacy consultancy he co-founded in 2009. He has over 22 years of experience in the ICT industry, specialising in security and privacy for the last 11 years. He is an exponent of business-driven security and is passionate about delivering pragmatic advice that enables his clients to achieve their business goals and objectives. He is also a committee member for BSides Wellington.
X
 

The incident handling tabletop workshop is a paper-based exercise that allows participants to detect and respond to real-life incidents, and provides them with hands-on incident handling experience.
Participants will be provided with a brief introduction that sets the context for the incident including the technical environment, a generic incident handling process and an incident report template. In additions, they will be provided with a set of artefacts that include real-world indicators of compromise that they must analyse to identify and respond to a set of incidents.

Participants must analyse the information provided to filter the “noise” from meaningful/useful information following the process provided. They will be expected to perform incident handling activities including detection, triage, analysis, containment, eradication and recovery, while communicating and escalating issues to management and relevant stakeholders (represented by the workshop facilitators).

The workshop has been developed to ensure that participants will go through all incident handling steps and will not get stuck in the incident detection phase. The timeline of the workshop is designed to provide participants with hints to ensure they detect the incidents before the allocated time expires. The workshop is supported by two facilitators to ensure timely response to participants’ inquiries.

Workshop W2

10:00 Wonderful, Terrible, Inevitable: Big Data, Analytics & IoT Speaker(s): John O'Leary

John O'Leary

President, O'Leary Management Education (USA)

John O'Leary, CISSP, is President of O’Leary Management Education. His background spans four decades as an active practitioner in information systems, IT Security and contingency planning. He has designed, implemented and managed security and recovery for networks ranging from single site to multinational. John has trained tens of thousands of practitioners, and conducted on-site programs at major corporations and government facilities worldwide. John was the recipient of the 2004 COSAC award.
X
 

Big Data and the Internet of Things are revolutionizing virtually every industry. We’re told of pinpoint accurate medical records and diagnostics, all-encompassing analytics, mastery of industrial processes, effortless control of our static and moving environments and complete connectivity and communication with anything and everything we might ever imagine being useful. Wonderful!

But COSAC delegates have an internal red flag that goes up upon hearing “It’s gonna be great!” Then those euphoria-deflating security questions start multiplying and running through our somewhat addled brains. Where is all this Big Data coming from? Where will it reside? Who controls it? Who grants access? On what basis? How do we know it’s accurate, relevant? Is it complete enough for life and death medical decisions? What about analytics system administration; data monitoring and correction procedures; incompatible security architectures? Oh yeah, and privacy?

What kind of security is built into all these Internet-connected devices? How easy is it to control access? Is the data they trade and store encrypted? Who’s liable if they fail or give erroneous signals?

Big Data and IoT are neither fads nor merely trends, they constitute a revolution. There’s no going back. Join us as we look from a security perspective at both the bright and dark sides.

13:30 - 14:30 Lunch

Forum F1

14:30 SABSA Open Forum Speaker(s): David Lynas

David Lynas

Chairman, COSAC (Northern Ireland)

David Lynas is currently enjoying his thirty-fifth year of experience in Information Security, during which he has been invited to provide strategic advice to governments and industry clients on every continent. A globally renowned Enterprise Security Architect, Security Strategist, and Thought-Leader, he is the co-author of SABSA (the world’s leading free-use, open-source Security Architecture Methodology), CEO of the SABSA Institute CEO of David Lynas Consulting.
X
 

This Open Forum provides the first ever opportunity for the SABSA community in APAC to ‘rugby tackle’ the powers that be, pin them down, and get the answers and information they need.  Members of the Board of Trustees of The SABSA Institute, work programme participants, and the SABSA community in general will join together to report, discuss and plan:

-What progress has been made by TSI’s Board of Trustees?

-What activities, developments and programmes are in progress?

-What needs to be done next to serve the needs of the SABSA community?

As an Open Forum, plenty of opportunity will be provided to raise your own specific questions and obtain answers.

Forum F2

14:30 1st APAC Roundtable Security Forum Speaker(s): John O'Leary

John O'Leary

President, O'Leary Management Education (USA)

John O'Leary, CISSP, is President of O’Leary Management Education. His background spans four decades as an active practitioner in information systems, IT Security and contingency planning. He has designed, implemented and managed security and recovery for networks ranging from single site to multinational. John has trained tens of thousands of practitioners, and conducted on-site programs at major corporations and government facilities worldwide. John was the recipient of the 2004 COSAC award.
X
 

For 17 years the International Roundtable Forum (run under NDA) has been for many participants the very embodiment of the COSAC ethos. Now for the first time John O’Leary brings his world-leading facilitation skills to run a half-day version at COSAC APAC.

The approach is straight-forward: we fill a room with international information security veterans and present them with scenarios that have happened recently or probably will happen soon. The assembled delegates use the wisdom accrued in each of their 15+ years of solid IT security experience to examine the given scenarios from business, technical, political and any other viewpoints that might reflect on that situation or similar situations they have faced or analyzed. This puts immediate emphasis on one of COSAC’s most characteristic and valuable features. Interactivity.

COSAC speakers (or moderators) realize that someone, maybe several people in the room, know more about the subject in dispute than the exalted session leader. Here is where COSAC consistently shows itself as the single best Information Security conference anywhere. COSAC session leaders draw out the room’s expertise and thus enrich the learning environment for everyone. In past forums, this moderator has learned much more from the delegates than any of them have from him.

In describing some recent event, the moderator poses a question or two about what the involved people did, whether it was appropriate, what other directions could have been taken, what alternative consequences might still be in play. Not surprisingly, there is often disagreement, occasional discord, but so far no duels. Appropriate solutions tend to be industry-based or public/private sector-based or organizational culture-based. The spirited discussions emanating from these very real differences augment learning for all.

We also predict the future for Information Security. 50 billion IoT devices by 2020! And no universally accepted security standards for them. How do we get our arms around that? Will legal systems ever catch up with technology? Where should we spend our security dollars?

Come help solve the problems of the world with a half-day immersion into the COSAC way.

Dinner & Networking

18:15 Drinks Reception
19:00 Dinner