Presenters

Graham Ingram

General Manager, AusCERT

Graham Ingram is the General Manager of AusCERT. He took up the position in January 2002 after 17 years employment with the Australian government. Immediately prior to joining AusCERT, Graham worked with the Australian Department of Defence where he was responsible for managing computer security incident reporting and response for Commonwealth government agencies.

Graham has extensive experience in critical information infrastructure protection (CIP) and spent four years working in this area for the government. During this period he managed a number of major IT security and information protection issues including computer network attacks during the Y2K period and IT security threats to the 2000 Olympic games.

Since joining AusCERT, Graham has consolidated AusCERT as Australia's premier Computer Emergency Response Team (CERT) and strengthened its strategic relationships particularly in the Asia Pacific region. AusCERT hosts the annual AusCERT Information Security conference, the foremost IT security event in the Asia-Pacific region.

AusCERT is based at The University of Queensland which has one of the largest networks in Australia.

Graham has a BSc (honours).

David Watts

Commissioner for Law Enforcement Data Security

David Watts is a lawyer who has practised in both the private and public sectors specialising in information technology, information privacy, intellectual property, governance and regulatory systems. Before his current role, he was Assistant Secretary, Legal Services Branch, of the Department of Health and Ageing in Canberra where he led the development of the regulatory framework to support national e-health initiatives and the national registration and accreditation scheme for the health professions. Before that, he headed the legal branch of the Victorian Department of Human Services. David has advised a number of State and Territory governments on online and information privacy issues and was the joint architect of the Northern Territory's Information Act 2002. David was appointed Commissioner for Law Enforcement Data Security on 4 November 2008.

Presenting: Victoria's New Privacy and Security Regulatory Reforms

Victoria is to reform both public sector privacy and information security by establishing a single statutory privacy and information security regulator: the Privacy and Data Protection Commissioner. David Watts will lead the transition to bring the two existing bodies into the one new entity, and will be responsible for the oversight of the current Victorian information privacy regime, the oversight of the current law enforcement data security regime, and, in addition, the implementation of a new Victorian Protective Security Policy Framework (VPSPF). The establishment of the new integrated regime will place Victoria at the forefront of privacy and information security law in Australia, ensuring a more sophisticated, streamlined and transparent privacy and information security environment. This presentation will provide background to the reforms, a broad overview of the new regime, and will outline salient current privacy and information security issues faced by the new regime.

Scott McIntyre

Telstra

After over a decade as the Chief Security Officer for a certain ISP in The Netherlands, Scott's gone antipodean and now works as the Senior Technology Architecture Specialist in Security Operations for Telstra and is based in Melbourne.

A regular speaker at AusCERT, FIRST and many security conferences around the world, Scott attempts to combine humour and insight into his IT security presentations.

He holds several academic degrees (from BSc to PhD) but has found more value out of hands-on and real world experience. Despite being in Internet/IT security for over 20 years, Scott still refuses to wear a tie, Go Management, or give up his shell prompt.

Alex Tilley

Technical Specialist, High Tech Crime Operations, Australian Federal Police

Alex is a Senior technical analyst with the AFP's Melbourne CyberCrime Operations team.

Presenting: Operation Damara and Operation Craft

This presentation will detail 2 Australian based computer intrusion investigations conducted by the AFP's CyberCrime Operations teams.

John Arledge

GM Strategic Partnerships, Nominum HQ, Redwood City California USA

Mr. Arledge is responsible for Nominum’s consumer application business as well as business relationships with key Nominum partners including the Nominum Technology Integration Program.  Before Nominum, Mr. Arledge was the Founder and CEO of Owner's Pass, the inventor and market leader in timeshared access to live-event luxury suites. Prior to Owner's Pass Mr. Arledge served as Danger's vice president of business development responsible for the company's relationships with wireless carriers, consumer electronics manufacturers, developers and technology partners. Prior to Danger he was the director of business development at TiVo where he was in charge of the company's relationships with pay television service operators, consumer electronics manufacturers, and technology suppliers.

Before TiVo, Mr. Arledge managed product marketing at OpenTV, Inc. for the company's flagship digital settop operating system. He has also held marketing positions at Pacific Bell in the broadband networking group and Nissan North America. Mr. Arledge holds an MBA from the Stanford Graduate School of Business and a BA in Political Science from the University of California, Los Angeles.

Presenting: Advanced Malware Protection - New Security Capabilities for the Mobile workforce

Nick Savvides

Symantec Sr Principle Systems Engineering Specialist, Symantec

Nick Savvides is a Senior Principal Systems Engineer with Symantec's Information and Identity Protection group. He has over 14 years experience in Information Technology and has worked in a number of IT security related roles over that time, covering areas from operations to policy and compliance. 

Nick has an in depth knowledge of strong authentication, PKI, identity management, encryption, data loss prevention and general IT security practices. As part of his regular work Nick is responsible for providing expert advice and solution architecture to customers, as well as representing Symantec at conferences, forums, industry bodies, government relations and in the media.

He is an active member of the IT Security community being part of a number of industry bodies. He is regularly invited to speak at IT and Security related conferences in the Asia Pacific region and is frequent contributor of articles to industry journals, magazines and forums. 

Previously Nick held the role of Security and Business Operations Manager for VeriSign Australia and was responsible for ensuring the continued operational security and service delivery capabilities of the company in the Asia-Pacific region. 

Presenting: Learn how to utilise algorithm agility to better protect your online business from Hackers

Business owners require flexibility and scalability in their efforts to build trust and protect online sites and transactions from Hackers. Traditionally these transactions have been protected with Public Key Cryptography, using a variety of algorithms that have evolved to defeat most attacks.  This though is needs to further evolve as hackers are constantly developing more sophisticated methods to breach security protections and inflict damage on a business or its customers.

Brian Contos CISSP

Chief Security Officer and Worldwide VP Field Engineering, Solera Networks

Brian Contos, CISSP, Chief Security Officer and Worldwide VP Field Engineering at Solera Networks. He is a recognized security expert with nearly two decades of security engineering and management experience. He is the author of several books, including Enemy at the Water Cooler—Real-Life Stories of Insider Threats and Physical and Logical Security Convergence, which he co-authored with former NSA Deputy Director William Crowell. Brian has worked with government organizations and Forbes Global 2000 companies in over 40 countries throughout North, Central and South America, the Caribbean, Europe, Africa, the Middle East, and Asia. He is an invited speaker at leading industry events like RSA, Interop, GFIRST, SANS, and OWASP and has written for and been interviewed by industry and business press such as CBS News, Bloomberg, Forbes, NY Times, and the London Times. He also helped build several successful security companies. Brian was formerly senior director for emerging markets at McAfee, chief security strategist at Imperva, chief security officer at ArcSight, and director of engineering at Riptech. In addition, he has held security positions at Bell Laboratories, Tandem Computers, and the Defense Information Systems Agency (DISA). Brian is a Ponemon Institute Distinguished Fellow and graduate of the University of Arizona.

Information Warfare and Emerging Nations: Cyber becomes the equalizer

There was once a time, not that long ago, when even the term "information warfare" was highly contested. Does it exist - yes, no, maybe so? The reality is, according to the FBI, over 100 countries posses the ability to conduct information warfare, and according to Gartner, a major G20 nation will suffer a significant attack in the short term. Espionage and sabotage are two primary examples of how nations can mount a successful, inexpensive, and damaging attack. I will share examples of nation-state incidents, events that have occurred with the support of the "crowd" as a force multiplier, and even examples of the convergence of kinetic and non-kinetic warfare.

I will focus the content on what I've learned working with emerging and frontier markets that lack the resources to mount conventional, military attacks. While refining uranium, building nuclear powered submarines, and leveraging stealth air power may be out of the realm for many of these countries – launching a successful cyber attack that could yield billions in intellectual property or even have a dramatic impact on critical infrastructure isn't only possible – we've seen it happen.

Angus Gardner

Systems Administrator, AusCERT

A dyed-in-the-wool 'unix guy'; Angus has been working in the industry for over 10 years, including a few years in the UK.  Over his career Angus has been involved with many facets of the IT world including firewalls, development, project management, systems architecture and even some team management.  Angus currently a Systems Administrator at AusCERT where he maintains the confidentially, integrity and availability of all internal systems.

Angus is currently studying IT Security at Queensland University of Technology and has spent the last few months researching the Australian smart grid.

Presenting: Is That a SCADA In Your Smart Grid?

A look at the ‘smart grid’, both overseas and in Australia and how it can, and will, be hacked for fun and profit.

Although SCADA systems and the smart grid seem very different technologies their similarities mean that there is much the smart grid can learn from SCADA systems, and vice versa.