CyberWest Summit 2024 takes place across two days at Pan Pacific Perth. Find out what, when and where in the program below.
Cultural Immersion with Sharon Wood-Kenney
Navigating the internet with a focus on simplicity and caution, much like walking barefoot in an unfamiliar environment where every step requires attention. It implies taking a stripped-down approach to online activities, being mindful of potential risks, and relying on basic safety measures rather than complex security solutions. This mindset emphasizes awareness, vigilance, and understanding the digital terrain to stay safe and secure in the online world.
Safeguarding sensitive information, such as customer data, is essential for maintaining trust and complying with privacy laws. Join our panel of experts to explore how to protect corporate data across a range of industries.
Do you know what to do if you experience a hack? Don't work it out in the moment, this panel will explore key considerations for planning for an incident.
There is more to cybersecurity than technical matters and metrics. In this workshop participants will engage in a lively process that creates opportunities to shift perceptions and open new possibilities for working together more harmoniously and effectively.
Learn the fundamentals to keep your small enterprise secure. Think like an attacker in assessing your weaknesses, understand business email compromise and spoofing, and get the Ransomware 101.
Australia has set out a roadmap to realise its vision of becoming a world leader in cyber security by 2030. How will this be achieved and what role for organisations and citizens have in realising this outcome?
This session is a deep dive into the implementation of the Australian Cyber SecurityCentre's Essential 8. Covering Maturity Levels 1 through 3. Attendees will learn what the framework means, and how to start the process in implementing it.
Securing remote operations in today’s digital landscape is crucial, especially in our large state with remote mining, agriculture and space activity, and also, as more organisations embrace remote work. This expert panel will share how they are meeting this future challenge of securing the whole organisation's operations, wherever they may be.
This panel will explore the unique challenges governments face in makingsure the wide range of data and systems in their control.
There are a range of information security framework(s) available. How can you determine the right one for your organisation? This session will consider various cybersecurity frameworks’ unique features and applicability, to enable organisations to make informed choices, saving considerable time, resources, and financial investments.
Security governance serves as the foundation upon which effective cybersecurity practices are built. It ensures that organisations have the policies, processes, and controls in place to manage cyber risks and protect sensitive data, in addition to all of the technical controls typically implemented. By exploring why NIST has incorporated 'Govern' as a separate pillar, we not only gain insights into the framework's evolution but also underscore the crucial role of governance in safeguarding our digital assets and ensuring the resilience of systems.
This session will give SMEs strategies and best practices to take a proactive approach to third-party risk management by implementing robust controls, fostering transparency, and collaborating effectively with their clients. This session is essential for any business needing to understand the role they play in creating a resilient and secure vendor ecosystem.
In this interactive workshop, you will decipher what constitutes effective cybersecurity within you business. From decoding your current cyber landscape to envisioning the ideal state, you will collaboratively draft a personalised blueprint to bolster you cyber defence. Whether you are a seasoned IT professional or a newcomer to the cyber realm, this workshop will equip you with practical strategies to fortify your business’ digital fortress. Walk away armed with a high level guide and plan of action to implement cyber practices and safeguard your business against evolving threats.
This is a scenario based Cyber Drill. The focus of this drill is on "Solving the Situation". Participants will be divided into groups and are encouraged to work with each other.
Just like safety, security needs to take into account that there are humans in the loop. Many organisations, especially in mining, are already successfully implementing a safety zero approach and we can follow the same approach for security.In this session we will explore lessons learnt from safety culture to help us make security just as successful.
Talison is a leading global producer of lithium minerals operating in WA. They will share recent efforts to uplift security across their operations.
Aligning your cybersecurity strategy with your business strategy is crucial for resilience, growth, and overall success. It transforms cybersecurity from a technical concern into a strategic advantage, safeguarding both business interests and customer trust.
While technology and training are essential, they alone cannot fully safeguard companies against cyber threats. The human factor plays a significant role in data breaches. A strong culture ensures that every member of an organisation embraces secure behaviours. It’s not just about telling people what to do; it’s about instilling a sense of responsibility and understanding of the risks.
Hackers don't just wear hoodies! It's time we moved beyond the ideas of scary super-hackers and acknowledge that the skills and knowledge needed to compromise computer systems are more common than many think. In this session attendees will see real demonstrations of common attacks giving them a more grounded idea of what 'hacking' really means, from Australia’s top-ranked competitive hacking team, Emu Exploit. As organisations put increasing resources into protecting themselves from the commonly sensationalised threat of cyber-attack, it is vital that decision-makers are given opportunities to learn from hackers what that label really means.
What are Critical Infrastructure Assets? They’re assets that are essential to the functioning of the Australian economy, society and/or national security.At this session our experts will discuss how organisations operating in critical industries such as energy, healthcare, and transport can address cybersecurity challenges in critical industries and implement effective strategies to safeguard vital infrastructure.
How can WA lead in security and resilience to protect our critical industries?
Join this exclusive virtual session with Frank Abagnale. Learn from his over 48 years of experience advising financial institutions, corporations, and government agencies worldwide on forgery, embezzlement, secure documents, cybercrime, and scams.
In this session Frank will discuss hor social engineering and scams have changed in recent years, and how you can protect yourself and your organisation from misplaced trust.
Hosted by Avanade
For too long, cyber has been made look very complicated and businesses are just ignoring it, that is not the answer, cyber insurance is not the answer. In this presentation Craig will show you how cyber safety is everyone's business, you don't need massive budgets or time and you don't need to be a techy to get the basics right. And that, can be the difference between a breach or no breach. It can be the difference between having the ability to recover or losing everything.
What happens when you need to recover? Joe and Erle from Mineral Resources will discuss their journey in identifying the risk of not being able to recover from a cyber incident and what measures they looked for to ensure confident cyber resilience.
Building cyber resilience starts at the top of an organisation. Directors' duties and legal duties on companies now necessitate appropriate cyber risk governance. Too often boards view information security as a technology risk and not an overall business risk. Rather than leaving cyber resilience to the IT and cyber-security departments, boards need to become much more tech savvy and alert to how the threats have changed, in particular, for the data they collect and manage. Simone is an experienced presenter on topics related to the intersection of cyber, legal and business risk and the role of human behaviour in building cyber resilience. She has educated over 10,000 Australians about cyber risk through Law & Cyber's online and face to face education, given expert written opinion in Supreme Court proceedings about the intersection of cyber risk and professional duties, presents at executive roundtables, and advises businesses.
.png)
Hear from industry leaders in this field, view AI demos and consider the power of Generative AI for security and beyond.
Learn how to use GenAI securely and some of the risks and define risk in this context and specifically cover
• Sensitive data leakage
• Risky content that may be created by generative AI (studies show more than 70% of leaders worry about inaccuracy of responses and almost 60% worry about harmful biased or distressing up outputs)
• Regulations on the horizon such as the EU AI act mean leader's face increasing regulatory pressure in this space
A strong cybersecurity posture is heavily reliant on an organisation's culture. Building a cybersecurity culture within a business, not only emphasises and reinforces security behaviours among staff but also helps to protect your organisation against a cyber-attack with your people being a first line of defence.
Under AUKUS British and American nuclear-powered submarines are expected to have a rotational presence at HMAS Stirling in Kwinana from as early as 2027. This will present opportunities for suitably secure organisations to supply in to this project.Hear from our defence experts on opportunities the defence industry holds and how to meet security requirements.
.png)
Generative AI started last year as a fad, a gimmick, and potentially the coolest thing that computers have ever done. It has now infiltrated every business in some way and is having monumental ramifications on how work is done (and, yes, how we secure the business) now and into the future.While the knee jerk "No AI" approach can be seductive, it's not useful in the long run. We need to be the best, most secure users of these systems and tools to best understand and advise on how to securely utilise them. We can't lead if we don't understand the field of play, so we need to learn fast.Stefan exists at the intersection of AI, Cyber, and the humanities. He is uniquely placed to speak on these things: he actually knows how these things work, he’s built them himself, and knows what they can and can't do. Don’t miss this entertaining and passionate presentation.
This presentation aims to empower SMEs with knowledge and tools to effectively manage cybersecurity risks in their role as suppliers, helping them become more resilient and competitive in the process. Through simple, non-tech language, Alladean will define supply chains, give practical examples of attacks and highlights the importance of cybersecurity in maintaining and enhancing business relationships within the supply chain. Alladean’s PhD research is focused on the cyber security of Western Australian SMEs and he is a published author in this space.
When selecting an IT provider, evaluating their security capability is crucial to ensure your organisation is protected and resilient against cyber threats.This panel will explore what you should be looking for in your provider.
The MM-ISAC is a not-for-profit industry owned Information Sharing and Analysis Centre (ISAC) for the global mining and metals industry. Join the team in this interactive session exploring current concerns in the global cyberthreat landscape.
By incorporating AI and social media into our daily routines and business strategies, we inadvertently expand our digital footprint, which, without adequate cybersecurity measures, becomes a target for cyber threats. However, by staying informed and using these tools responsibly, we can significantly mitigate theserisks. It's important to learn how we can effectively do this.
Play the FakeDate Game a simulated game experience where players will learn to discern between real and fake online profiles, identify potential romance scams, and understand the tactics employed by scammers.As the creator of the Fake Date Game, Oliver offers an interdisciplinary insight into the technical nuances of the game and how these complement human vulnerabilities that romance scammers target. He designed the Fake Date Game to empower individuals with actionable skills in identifying, protecting against, responding to, and recovering from romance scams. In this session, he'll explore the game's mechanics and the underlying psychological principles, providing a thorough understanding of how to bolster cyber resilience against romance scams.
The Hyprfire team will run through 3 case studies of insider network threats, what happened, how they failed prevention, and what could be done to avoid such an occurrence happening in your organisation.
The three case studies will look at it from three different angles: a malicious internal staff member intentionally allowing network access, an incompetent staff member allowing network access, and infiltration into an organisation's network via becoming a staff member.
Clickbaityenough for you? In this talk, we’ll discuss the limits of cybersecurityeducation and awareness, and what you should do first in order to get the bestbenefits from any investment in training your people.
WA is a leader in current quantum technology research. It's an exciting field. But do you know how quantum technology could impact your business security in the near future? Emerging technologies within quantum will be revolutionary for many fields, however there are some significant forecasted risks to specific cyber security measures in use today. Learn what to watch out for in this space and get an outline of what first steps will look like for SMEs to begin quantum-preparedness.
Data privacy is an important part of cyber security, but it's often overlooked or put into the 'compliance' box. While there are legal obligations, data privacy is all about building trust, differentiating from competitors, mitigating risks, and positioning the business for long-term success in an increasingly data-driven world (not so different from cybersecurity!) At this session you will get a brief overview of current data privacy regulations and their impact on businesses, learn practical ways to innovate and build a competitive advantage through robust data protection practices and get proactive steps to prepare for a data breach and manage crisis communications during a data privacy incident.
It is essential to educate about the potential risks of falling victim to scams or hacking attempts. Equally important is providing them with straight forward and practical methods to protect themselves.Understanding how scammers manipulate the psychology of a victim becomes particularly valuable when individuals find themselves in situations where they might be targeted. With this understanding, individuals are better prepared to respond thoughtfully and appropriately, rather than reacting impulsively in the moment.
The changing nature of cyber breaches against Australian organisations highlights how these incidents are far more than just "IT problems". They inevitably create a range of non-technical issues to deal with, from incident coordination to stakeholder management, crisis communications, reducing legal risks, minimising financial exposure, engaging with cyber criminals, and working with third parties such as customers, law enforcement, government agencies, and cyber insurers, to name a few.
This presentation will draw case studies from major Australian breaches of the last 18 months, to highlight how these challenges arise, describe how organisations should respond, and recommend preparations that can be undertaken, to be as ready as possible for the real thing.
Widely considered as the leading authority on the topic of security culture, Kai Roer is a best-selling author, an award-winning speaker, and a serial entrepreneur. Currently serving as CEO at Praxis Security Labs, an innovative security software company which he co-founded in 2023, Kai has been providing actionable advice grounded in empirical evidence to public and private organisations around the world since the 1990s. Kai is dedicated to improving the knowledge and understanding of the human factors that influence security and the organisational impact they have, and in recent years has focused on helping organizations understand what culture they currently have, what culture they would like to have, and more importantly, how to get there. In 2010, he created the Security Culture Framework (SCF), a framework and methodology to build and maintain security culture, which he later gifted to the open-source community. The SCF evolved into several spin-offs, including the Cybersecurity Culture Framework by The European Union Agency for Cybersecurity (ENISA).
