Pre-Conference Intensive Workshops: Monday, 26 November 2018
Workshops A
9:00 am - 12:00 pm Managing Third Party Risks through Cyber Security Solution Provider Examination and Coordination
The ‘Digital Delivery of Government Services’ published on 27 June highlights that The Committee are not convinced that departments are fully cognisant of the risks they were taking on the contractual arrangements that lead to outages and online security failures respectively. Due to difficulties in regulating private cyber security solution providers, departments are finding it challenging to achieve cyber control, consistency, and meeting legislation standards. Due to these challenges as well as the pressure of budget this workshop will cover:
- The fundamentals of aligning cyber solution providers with the pace of organisations and their evolving digital system landscapes
- Implementing consistency through consolidated approaches in cyber security system implantation as well as processes and culture
- Examination, selection and cooperation strategies with cyber security third party suppliers
- Evaluating central metrics and achieving value for money for cyber security objectives
Jacinta Thomson
Director Security Management and AssuranceDepartment of Justice and Regulation VIC
Workshops B
1:00 pm - 4:00 pm Achieving a Digital Stranger Danger Mentality by Heightening the Basic Cyber Skills and Awareness Standards across Departments
In 2017 the Australian Cyber Security Centre reported that 90% of 113 organisations surveyed (including 45 Government organisations) experienced phishing and social engineering as the most common form of attack in attempted security breaches.
Making basic cyber practices second nature and consistently improving staff awareness and skills can improve stakeholder confidence, minimises system interruptions, and potentially other ancillary benefits including breach prevention. Creating a strong security culture and behaviour locks the front door to the most common malicious breaches and is essential in achieving a secure system.
- The essential security check list for all levels of workers within departments and organisations to make basic security prevention a behaviour
- Strategies in providing detection skills and awareness training in a resourceful and effective way – virtual training programs and educational suites
- Bridging the skills gap during digital transitions and up-skilling capability in responding to cyber threats
- Establishing a successful business case to influence leaders in uplifting department skills beyond technical expertise
