The Keynote Panel Discussion, “What Are The Likely New IS Threats That We Will Encounter In 2016?” was provided by, Abbas Kutradi, Chief Information Security Officer, KPMG, (moderator) and Berin Lautenbach, General Manager IT Security Operations, Telstra, Asaf Ahmad, Chief Information Security Officer, Fire & Rescue NSW and Peter Cooper, Group Manager IT Risk, Security & Architecture, GWA Group, (panelists). This session highlighted the IS threats in 2015 including software vulnerability, personal data harvesting and accidental leakage as panelists spoke on their own takeaways going forward into the New Year. During this Keynote Panel Discussion, Abbas asked questions to the panelists, drawing on their personal experiences and insights around IS threats that included:
1. When you discuss cyber threats, to what are you generally referring? Cybercrime? Cyber-attacks? Cyber terrorism? Cyberwar? How important are the distinctions between those categories?
2. In your experience as CISO, what would a serious cyber breach cost to an organisation ?
3. How do you prepare yourself for responding a cyber-threat, any experience you can share with us?
4. Why do assessments of cyber threats vary so significantly among various industry gurus and analysts? While some argue that those threats are serious and poised to increase, others contend that they’re exaggerated and well within our ability to manage.
5. “If you prepare yourself, you are less likely to get hacked”. How much do you agree with this statement?
Session Synopsis: 2015 has been a year of “Data Breach”, although the number of announced data breaches were far lower than 2014. In terms of type of breached, we had seen some of most advance technically crafted attack during 2015.
Some of the big names that were impacted in Australia were Queensland TAFE, Ashley Madison, Aussis Farmers Direct, Aussi Travel Cover, KMART, and David Jones to name the few.
Our technology footprint is increasing which results in larger attack surface. Number of “Security Guru” and top “Security Vendors” are making various prediction on 2016 Information Security Threat”.
Do you all believe that traditional threats will continue in 2016? If not, what new or emerging threats do you see as emerging?
Abbas Kutradi, Chief Information Security Officer, KPMG. Creative and Innovative Senior ICT Security, Risk, Governance and Compliance Professional with valuable international-scale experience across Big 4 consulting and audit firms, banking, financial, government, manufacturing, oil and gas, telecommunications and education sectors. Adept at high-level strategic planning regarding COBIT, ISO 27001:2005, PCI-DSS and ITIL, able to design, scope and evaluate innovate governance to meet business objectives over long-term.
Berin Lautenbach, General Manager IT Security Operations, Telstra. Information Security Specialist with a diverse background in information security and information risk management. Experience ranges from technical, hands on work to executive security leadership in large enterprises. Extensive technical background in security, covering Internet facing systems, open source programming, security strategy, security architecture, operational security, IT risk analysis, the evaluation of IT security products and systems and the provision of security services to organisations on a consulting basis.
Asaf Ahmad is a senior ICT security, governance and compliance, IT Risk, DR and BCP professional with valuable experience in Government, Design and Engineering Oil & Gas, and Private organisations. He has experience in developing strategic plans, programs and management of information security, compliance and business continuity. Asaf used COBIT, ISO 27001 and ITIL to develop security strategy, policy and program for effective governance and successful delivery of IT enabled business initiatives rebuilding IT capability. He also conducts cyber security risk assessment, obtaining compliance with international frameworks and standards.
Peter Cooper is the Group Manager IT Risk, Security & Architecture for GWA Group. His role is to create the IT risk and security foundation to underpin this future state, engage the business to play their key role, and create innovative risk approaches to support the GWA Group’s growing maturing media capability.