Cyber Week is AustCyber’s national flagship event. Running from 14 to 18 November events and activities took place across Australia showcasing the full breadth of Australia’s cyber security sector. Australia’s fourth Cyber Security Sector Competitiveness Plan (SCP), AustCyber’s flagship publication, was launched as part of the week.
The WA Cyber Hub was busy delivering events throughout the week aimed at students, industry and supporting diversity in STEM.
Diversity & Inclusion
Cyber Week was a brilliant platform for getting the cyber message to such a board range of stakeholders. We're looking forward to making 2023 event bigger.
The Hub is excited to host a Cyber Security Space at the WA Mining Conference 12 to 13 October 2022. We are proud to be joined by local cyber experts Red Piranha, Wardn, ES2 and Sapien Cyber as well as our partner, the City of Joondalup.
From autonomous vehicles & IOT through to core IT systems - technology is in all levels of the mining industry. A cyber-attack on a mining SME could endanger the entire company and impact their supply chain as well as have impacts on Australia's critical infrastructure systems. We will be attending the conference to highlight to the mining sector that effective cybersecurity is essential to ensure operations run smoothly.
You can find us at the expo at Booth E136. On Day 1 will also be holding a panel discussion I've been hacked, what's next? at 10am on the Expo Stage. We will run attendees through a cyber breach scenario in a mining company to explore the impacts both on the company and their supply chain and consider ways to mitigate those risks. Then see Director Cecily Rawlinson present "Cybersecurity: Managing Digital Risk in the Resources Sector" at 3.40pm on the main stage.
The cyber community can receive a 30% discount on tickets by using code EX30PROMO
Tickets are available from waminingexpo.com.au
AustCyber, the Australian Cyber Security Growth Network, in partnership with Austrade, led a delegation of cyber security companies to the 2022 RSA Conference in San Francisco.
Regarded as the world’s leading forum for cyber security professionals, AustCyber delegates tapped into the full potential of the international export market, building relationships with investors and industry leaders to expand Australia’s cyber security presence. Firms including threat hunting and networking monitoring tool Hyprfire, email and document classification and protection experts Janusnet, and DevSecOps visibility platform SecureStack, formed part of the AustCyber contingent participating in the Australia House event in partnership with Austrade.
Each participant engaged in comprehensive, cutting-edge educational sessions presented by leading industry experts covering critical security issues and emerging concepts facing organisations worldwide. Over fifteen hours of education sessions touched on topics including hackers and threats, risk management & governance, identity, and securing the remote workforce.
“The new concept of cyber security has implications beyond Australia, with a large proportion of our value chains dependent on the digital security of other countries,” said AustCyber CEO Michael Bromley. “This reinforces the importance of the RSA Conference Australia House event in facilitating the expansion of our export market through increased access to partners, allies and international enterprise customers.”
“By participating in workshops, networking events and reverse pitches, our leading cyber security companies will receive strategic advice from entrepreneurs who have successfully penetrated the US market whilst showcasing the ongoing business potential between the US and Australia.”
The RSA Conference was a significant opportunity for Australian companies looking to expand into the US and UK markets and capture a higher share of the US$147 billion global industry. Building relationships and securing investment will allow local cyber security companies to establish themselves in the Association of Southeast Asian Nations (ASEAN), reinforcing Australia’s reputation as a trusted partner and centre of research excellence.
Hyprfire CEO Tim Jones said at the 2022 RSA Conference, "The Australia House program was a great experience and an amazing preparation for the RSA conference. We learnt a lot of useful information from the EIR, the expert panel and the VCs! Having AustCyber help us connect to new export markets and connect us to the cyber ecosystem at RSA is a huge boost for Hyprfire."
Director at the West Australian AustCyber Innovation Hub, Cecily Rawlinson said “It is excellent to be here, representing the National Node Network, co-funded by our state and territory governments. Our role at AustCyber is to support our cyber communities, both locally in Perth and across Australia as they export and access international markets so I am delighted to be here supporting some amazing WA home-grown cybers such as Hyprfire and BankVault.”
WA AustCyber Innovation Hub is a proud sponsor of the 2022 Curtin Ignition Program.
The intensive, one-week training program running from Sunday 4 September to Friday 9 September, is designed for aspiring entrepreneurs, academics and corporate innovators to both trial and prepare business ideas for the commercial market.
The Hub is sponsoring one fully funded place this year for a cyber business idea. See how last year's participants benefitted from the program below, and get your application in.
Scholarship applications opened 26 May and close 15 July.
Criteria for scholarships along with how to apply can be found at https://study.curtin.edu.au/professional-development/executive-education/ignition/
Cecily Rawlinson, Director WA AustCyber Innovation Hub
First published in the WA Defence Review 2021 - 2022 Edition
We face shortages that affect our daily lives, in everything from cars to computer chips. The current global situation has highlighted challenges to our ability to rely on ourselves in times of crisis – this can be viewed as one of the negative consequences of entrenched globalisation. It’s no wonder that over the last 18 months the term ‘supply chains’ has entered our daily vernacular.
In 2020, the Australian Government issued a defence strategy update acknowledging national vulnerabilities stemming from a reliance on global supply chains. It called for greater security, including in sovereign industrial capability supporting Defence. The importance of being able to sufficiently meet our own needs has arguably never been more critical.
There is no doubt cyber security sovereignty will shape our future security and resilience. Cyber security was a notable inclusion in the announcement of the AUKUS partnership, highlighting its importance domestically and with Australia’s allies, who have placed faith in its capabilities. This represents an opportunity for Defence, industry and related supply chains in Western Australia. Businesses of all sizes must be ready to demonstrate their cyber-resilience to key customers.
It is the role of the WA AustCyber Innovation Hub (WAACIH) to raise awareness of local and national cyber commercial capabilities and promote job creation in the sector. There is an immediate opportunity for contractors and third-party providers to WA, and Australian defence contracts, to benefit from the Hub’s expertise and connections. Research has found SMEs are the most vulnerable to cyber security attacks and cybercrime. About one quarter of cyber incidents reported to the Australian Cyber Security Centre in the last 12 months were associated with Australia’s critical infrastructure or essential services. WA’s risk is heightened by the increasing use of, and connectivity to, systems like Operational Technology. This vulnerability leads to an increase in attacks on OT assets that impact critical infrastructure.
Supply chains – particularly software and services – continue to be targeted by malicious actors to gain access to vendors’ customers. A significant cyber risk threat arises from the inability to control security measures adopted by supply chain partners. A global study found two-thirds of IT decision-makers say their organisations have experienced a software supply chain attack. Virus insertion can arise at any stage in the supply chain. Supply chain management, at the hardware or software or communications level, must be a priority.
SMEs are the most vulnerable sector of Australian businesses to cyber attack. Supply chains are of strategic value to, and therefore targeted by, malicious actors. Current policy settings and legislation do not adequately address cyber risk in supply chains. Urgent action is needed to help SMEs and all businesses involved in the defence industry supply chain to protect themselves.
This is where WAACIH comes in. As the only neutral and impartial West Australian adviser on, and connector of, experts in the cyber risk and security landscape, AustCyber believes a strong domestic or sovereign cyber security industry can and should play a vital role in protecting the economy and industries. This will enable growth through informed uptake of trusted digital technologies. Having a national capability as a prominent and strategic part of the cyber security sector overall is fundamental to Australia's interests.
There is no reason to consider Australian software suppliers fundamentally more exposed or riskier than overseas suppliers. From an ongoing supply chain and sovereignty perspective, local suppliers may be less risky - particularly in critical infrastructure and defence industry supply chains. The NSW government’s example of committing to a target of 30% of its total ICT spend on SMEs is a public policy example to be commended. It disrupts ‘business as usual’ and gives local Australian SMEs a chance to develop their customer and knowledge base, and human capital. It fosters local innovation in ICT and cyber security.
Australian-owned businesses are also clear of external influences that might fetter the ADF’s access to supply during times of need. Through use of sovereign cyber security solutions, and by upskilling SMEs, Australia can limit cyber risks in strategic industries. WAACIH offers expert advice on how best to mitigate, minimise and defend against these risks in an evolving landscape.
Cyber security sovereignty will shape our future security and resilience. The question is, will your business and supply chain be ready, and will you able to demonstrate cyber resilience to key customers?
The WA AustCyber Innovation Hub proudly launched a new initiative earlier this month. The new Students of Cyber (SoC) Industry Connect group held its first event at The George, Perth.
With attendance figures far exceeding expectations, the inaugural SoC connect event brought together a healthy mix of students currently undertaking a course in cyber security through universities or TAFEs and industry professionals in WA’s cyber security sector.
Attendees of various ages and backgrounds got to hear from the CTO of upcoming WA start-up, Stefan Prandl, as he presented a very engaging and at times humorous talk about his pathway into cyber security and the role he currently plays at Hyprfire. We were also honoured to be in the presence of various team members from Cyber CX, ES2, and another fast growing start-up, Retrospect Labs.
“The talk given by Stefan Prandl was both technically mind blowing but also grounded in making sure students felt they had a community and industry to be part of in Perth”, is just some of the overwhelmingly positive feedback received so far from students at the event.
SoC Industry Connect Events run on the first Tuesday of each month, with the next scheduled meetup on the 4th of May and hosted by Cyber CX in their Perth headquarters. Tickets will be available via Eventbrite later on in April. You can also follow SoC here on LinkedIn – https://www.linkdedin/showcase/studentsofcyber
CyberCheck.Me has released 3 minute videos to assist SMEs better secure their business from cyber security risks. The videos were produced by ECU Cyber Security students. The students are now setting about creating 15 minute videos to extend the help.
Professor Craig Valli of ECU says “this is a project that has winners all around, the students get invaluable education and training on delivering presentations not afforded in the regular curriculum. The double down is the SME community gets a resource and the triple threat is that the students are employed to do this, creating employment. It is this sort of grass roots initiative that involves industry, academia and government collaborating to create real impact”
They can be viewed online at the CyberCheck.Me website https://www.cybercheck.me/essentials.html
The Hon Kim Beazley, Governor or Western Australia was invited to tour the new Cyber Security Operations (CSO) Centre at Edith Cowan University (ECU) Joondalup Campus. Professor Craig Valli, Director, ECU Security Research Institute, Associate Professor Paul Haskell-Dowland, Associate Dean (Computing and Security) and Professor Andrew Woodward, Executive Dean, School of Science guided the Governor through the Southern Hemisphere’s largest CSO Centre within a university. This state of the art CSO opened on 4th February 2020.
Cyber ChallengesIn a rapidly evolving environment of establishing new short-term goal setting, companies and government agencies are required to establish and agree to new objectives and key result tools. A scattered and offsite workforce now has the same vulnerabilities of an unsecured third-party supply chain that is not subject to the same standards and compliance measures of a company that houses employees in one location. We have not even begun to test the robustness of governance, risk and compliance issues when a work-from-home employee or supplier is compromised.
The rapid adoption of work-from-home technologies over the past few months has exponentially increased the use of online communication platforms such as Zoom, Google Hangouts, Skype and Microsoft Teams. Like any internet-enabled service, the scope of exploitation becomes substantially wider and porous for cyber criminals and malign state actors. Cyber criminals have always worked from home, and now companies and employees alike have rapidly moved into the cyber criminal’s domain of comfort and preference.
One example of a practical collaboration with the security of critical infrastructure is between the WA AustCyber Innovation Hub, Edith Cowan University Security Research Institute and two major critical infrastructure providers. This ‘Honeypot Research’ has allocated ECU research students to work with the power companies to build prototypes of certain control systems in their operating technology environment that mimic actual systems. Researchers can then study the threat signatures, attack methods and sophistication in order to gather cyber threat intelligence. This learning will translate directly to the way critical infrastructure providers such as energy , water and defence companies think about their cyber defence and vulnerabilities.
Implications for Defence IndustryDefence industry contractors need to understand the inherent weakness in monitoring and defending systems when they rely on a diversified workforce who are now managing some of those operations from home. Architectural weaknesses inherent in this include unsecured data transmissions, sub-optimal security policy and process enforcement, unsecured personal devices and tools: and a lack of normal workplace controls. In the event of an attack, it is also now much harder to assemble decision-makers in one location to work together to come up with an agreed solution. The distributed workforce model also gives the attacker a time advantage.
The WA AustCyber Innovation Hub has strong linkages with private sector cyber companies, industry associations and government agencies across the state to ensure the message of cyber awareness is spread and amplified. The Australian Cyber Security Centre offers COVID-19 Threat Updates is also a reliable source of information throughout the pandemic for SMEs.
AustCyber recognises that Defence provides many opportunities for sovereign cyber security companies. This year, AustCyber is involved with the MilCis 2020 conference and expo to be held in Canberra in November in support of Team Defence Australia for missions and cyber-focussed delegations to strategic global markets. Support will also continue for the Centre for Defence Industry Capability in their Global Supply Chain Program.
The WA AustCyber Hub has also partnered with ECU since 2018 to relaunch the Cyber Check Me program to assist small businesses and not-for-profits with their basic cybersecurity safeguards. Foundation partners include the Cities of Joondalup and Wanneroo and North Metropolitan TAFE. Advice is provided in line with the Essential 8 Cyber Mitigation Strategies which provides easily understood cyber hygiene practices.
A small cyber army of predominantly second year computer science students with a major in cybersecurity and Advanced Diploma students from North Metropolitan TAFE deliver the program through pop-ups at industry events (pre-COVID) with a migration now to online consultations with businesses.
Practising Cyber HygieneFurther, here are some simple steps that defence industry SMEs could take to protect their business from cybercrime: