You are here

Session Synopsis

2017 Spring Members Meeting - Session Synopsis  

PRESENTATIONS (in order of appearance) 


Presenter: Bruce Davie, Vice President and CTO, Asia Pacific Japan, Network & Security Business Unit, VMware
Session: Security is an Architectural Issue: Building Inherently Secure Infrastructure
Synopsis: Many of the security challenges faced by IT leaders today can be traced to the fact that security was not a part of the original architecture of the Internet. The effects of several decades of attempts to improve cybersecurity include a high degree of complexity, lack of agility, and a patchwork of point solutions. There has been an architectural gap between the things we can secure (e.g. a network perimeter) and the things that matter (e.g. critical corporate data). However, we now have the ability to take a more principled and systematic approach to security by leveraging the technologies of virtualization and cloud computing. We will discuss a comprehensive architectural approach to security in which controls are applied directly to the assets we wish to secure, and where security and agility no longer need to be in conflict.
Presenter: Julie Canepa, CIO, Cisco Australia New Zealand
Session: Cisco’s Internal IT Digital Journey
Synopsis: Digital transformation is at the very heart of the Fourth Industrial Revolution, which is changing our understanding of doing business, of learning & development in a fundamental way – and with unrivaled speed. However, many organisations and individuals hesitate to acknowledge the depth and impact of current developments on their operating model and people.  Julie Canepa, CIO Cisco ANZ will share insights on how Cisco itself is being disrupted, and how her team is taking on the challenge.  She will describe the journey Cisco IT has embarked on, to enable the secure digital business, and learnings along the way.  Gain insights on what Cisco is doing to drive growth and innovation through technology and culture, and what you can address and consider while going through your digital journey.
Presenter: Adam Salzer, Chair of the Australian Transformation and Turnaround Association
Session: Megatrends + Transformation Best Practices = the Catalyst Role of IT Leadership
Synopsis:The Challenge: The Megatrends driving Transformation - Industry-wide and in each function; Fundamental drivers: digital disruption, business model changes and evolving customer expectations; How are other public and private institutions reacting to these pressures; Why is transformation so hard?  Why are Universities struggling? 
The Solutions
The roles of the Board, the Vice Chancellor and the CIO/CTO in managing transformation; Risk management vs risk aversion; Acceptance of failure; Transformation activation and coordination. 
The difference between Operational Leadership and Transformational Leadership.
Best Practices for Transforming Organizations focusing on 3 stages:  Planning; Implementation; Sustainabilty/Agile. 
Talking Transformation Leadership from a Craft to a Profession: Evidence-based management; Benefits tracking; Stakeholder management; Complex program management.
Presenter: Elaine Smart, Partner KPMG
Session: Technology Transformation - Outsourcing - what not to do! 
SynopsisPresentation will cover a case study summarising how a large investment bank outsourced Network and voice globally to a Managed Service Provider…..  The truth about what can go wrong and how to prevent the pitfalls.
Presenter: Andrew Phillips, ANZ Public Sector Country Manager, AWS 
Session: Organisational Change & Failure
Synopsis: Any Transformation requires a degree of organisational change, yet resistance to this can be culturally embedded. When transforming monoliths to micro-services, let’s consider why a healthy view on Failure is critical to success.
Presenter: Rob Livingstone, Founder & Director, Livingstone Advisory
Session: Overcoming the Challenge of Change
SynopsisNew, digitally enabled ways of working and living require a fundamental shift in the approach to enterprise transformation and change management. Additionally, evidence is that current enterprise ‘change management’ approaches are typically too slow and not well suited to the rapidly evolving, complex and interrelated customer and business demands, not to mention risks. In this presentation, Rob will outline a proven, robust and scalable approach to building a sustainable adaptive capability to drive both continuous efficiency and innovation across the whole organisation. This capability delivers a sustainable, adaptive enterprise value chain of integrated strategy, architecture, project delivery and service operations capabilities.  The approach involves the use of a freely available agile and adaptive meta‐framework that sits across the entire organisation. In particular, the critical role that the CIO plays in guiding their organisation on this journey will be explored, and in doing so, will have a profoundly positive impact on both the influence of the CIO as well as reshaping IT ‐ business and customer interactions
Presenter: Dr Andrew Trnacek 
Session: Higher Ed Services Update
Synopsis:  Andrew will provide an update on the My eQuals project, negotiations with Oracle and scoping of a project to better understand the Human Capital Management landscape in the higher education sector.


Presenter: James Culverhouse, General Manager - AusCERT
Session: The emerging AusCERT ISAC
Synopsis: This session will explore today’s threat landscape and how we got there. The team will show popular planning techniques used by attackers including the difference between 'low and slow' and 'spray and pray,' sources of intel (OS INT) that are used to build attacks as well as data correlation for execution. In the live demonstration of a hack the Mimecast team will show how easy it is to use email as an entry point and how readily available tools are used to compromise an end-user for financial gain.
Presenter: Nicholas Coates-Lam, Assistant Director/Senior Adviser Strategic Partnerships, CERT Australia
Session: CERT Australia - Protecting our National Interests Online
Synopsis: As the national computer emergency response team, CERT Australia is responsible for providing advice and support to Australian industry, particularly the owners and operators of critical infrastructure and other systems of national interest. This session will provide a short overview on the role of CERT Australia and the services which it provides to Australian businesses. The session will also provide an overview of the cyber security environment from CERT Australia’s perspective.
Presenter: Tim Lane, Chair, CAUDIT Cyber-security Community of Practice & IT Security Projects Manager, Griffith University
Session: Cyber-security in Higher Education – Where To From Here?
Synopsis: Cyber-security is now a pressing issue and a major challenge for institutions around the world.  In 2016 and 2017, cyber-security was ranked as number three on CAUDIT’s Top Ten issues, and for 2017 the need for secure collaboration was raised to number five on the list.  In the USA cyber-security was ranked number one on the EDUCAUSE Top Ten issues for both years. Responses to dealing with cyber-security are many and varied so how do we approach this? This presentation will look at the question from three themes.  Firstly, a brief update will highlight the current cyber threat landscape covering key areas of cyber activity and how they relate to the HE sector, secondly, the role of emerging cyber-security maturity models for determining and understanding risk posture and compliance will be presented. Thirdly, the recommendations contained in a report provided on the Top Ten will be discussed in context to future direction and strategies. 
Presenter: Dr Paul Alexander, Chair, University of Queensland Health Care 
Session: Health Information Evolution - Governance and Security Challenges
Synopsis: The renewal of health information systems continues to be one of the major initiatives and challenges occurring in all major hospital and health organisations. Recent experience includes PA Hospital in South Brisbane which has expended millions of dollars utilising best of breed however has still been subject to significant disruptions affecting service delivery.  Federal and State Governments have invested heavily in health platforms and portals and have high expectations for organisational success. Hospital and Health Service Boards are responsible for the  overall performance of these organisations  and must ensure appropriate governance processes are in place to monitor all major programs including information systems.  Current information health initiatives are complex expensive and require integrated solutions. Internal systems need to change and external links established to allow information sharing at the same time as maintaining the integrity and security of the entire network. This presents a number of challenges for a Board, where traditional focus and skill sets involve strategic development, health quality and safety, business and finance governance. Boards now need to have a more detailed understanding of the challenges associated with these IT initiatives in order to appropriately monitor the risk and undertake their fiduciary responsibilities.
Presenters:  Louise Schuster, Director Cyber Security AARNet and Steve MaddocksDirector Network Operations AARNet
Session:  AARNet Cyber Security Plans with a DDoS Deep Dive!
Synopsis:  We will share our Security Plans, focusing on the activities where we are adding value for our customers. It is an exciting time for security at AARNet. We will discuss our partnerships locally with members to run incident response exercises and provide awareness of security incidents and trends, nationally with AUSCert & CERT Australia to detect incipient attacks and breaches, and internationally through the Global NREN Security group to provide resiliency of research networks across the globe.
Presenter: Michael Draheim, CIO, Metro South Hospital and Health Service (thanks to Gartner)
Session:  Digital Transformation – Insight into the Change to Australia’s First Large-Scale Digital Hospital 
Synopsis:  Brisbane’s Princess Alexandra Hospital (PAH) has become Australia's first large-scale public digital hospital, heralding a revolutionary change in healthcare delivery in Queensland while placing PAH at the forefront of healthcare innovation and technology in Australia. Michael will discuss: Salient lessons learnt in their large-scale digital roll-out; Increasing stakeholder and clinical engagement throughout the design and implementation process; Insight into how staff and patients are adjusting to the new system and Post transformation - Benefits and use of data to support patient care.
Presenter: Garrett O’Hara, Senior Technical Consultant, Mimecast
Session:  The Anatomy of An Attack
Synopsis:  This session will explore today’s threat landscape and how we got there. The team will show popular planning techniques used by attackers including the difference between 'low and slow' and 'spray and pray,' sources of intel (OS INT) that are used to build attacks as well as data correlation for execution. In the live demonstration of a hack the Mimecast team will show how easy it is to use email as an entry point and how readily available tools are used to compromise an end-user for financial gain.
Presenter: Fergus BrooksNational Practice Leader, Cyber Risk, Aon Risk Solutions
Session: Cyber, The Fast-Moving Target
Synopsis: Risk landscape; Potential organisational liabilities; Legislation and the potential impact to organisations; How to prepare and deal with these risks using Australian examples of good and pathetic.
Presenter: Craig Dore, Senior Security Architect, RSA Security
Session: Cybersecurity. Is this what “Working” looks like?
Synopsis: It is common knowledge that social engineering attacks are the #1 threat to any organisation. Yet, proper Identity Management is one of the most complex endeavours any organisation can undertake. The need for management of user access is clear, as users are the primary conduit for sensitive data. And failing to manage these users opens the organisation to all manner of risks, including potential compromise. The common phrase, “Identity is the new perimeter” could be re-phrased simply as: “Humans are the perimeter”. Security Technologies and particularly Security Vendors themselves, often forget this. Identity isn’t a product, it is actually a process. One that should be woven deeply into the social fabric of the organisation, not just on a technical level but a social one. Identities are people, too! RSA will illustrate this and provide some insight into the real problem: the users themselves.
Presenter:  Tim Wellsmore, Director of Threat Intelligence and Consulting, Mandiant International, a FireEye Company
Session:  Advanced Threat Actors targeting the Australian Education Sector. The Who, What and Why
Synopsis:  Universities and Research institutions are hubs of innovation and technological advances which are designed to progress our societies in future generations. Advanced Cyber threat actor groups and sponsoring nation states recognise the intrinsic value of these organisations and actively target them with espionage and financially motivated intent. In this presentation we aim to expand on the motivating factors behind these threats, and provide regional case studies of relevant examples and targeted information, as well as preparation strategies for the audience to assist them in their role in the modern cyber threat environment.