AISA Awards 2022 Finalists

Our judging panel were impressed with the high calibre of nominees for 2022.  Congratulations to everyone who was nominated.   The finalist for the AISA awards 2022 are listed below.  Voting is now open and will close on 22 September 2022.

Cyber Security SMB Employer of the Year                               

Baidam Solutions Baidam Solutions was founded in June 2018 by Jack Reis, a proud Torres Strait Islander from Badu Island, Phillip Jenkinson, and Neil Templeman. This Brisbane-based business is a platform reseller of cybersecurity solutions. Baidam draws from world-leading cybersecurity vendors—including Amazon Web Services, Vectra, and Cisco—and resells these services to ASX 200 companies and government departments. Baidam is also an information and communications technology (ICT) consultancy which advises all levels of government on digital policy, governance, risk management, and compliance.  

Baidam Solutions has the distinction of being the first Supply Nations certified cybersecurity practice in Queensland. The business currently has 17 exceptional employees, including technicians, a systems engineer, project managers, executive assistants, and management. Most staff work in the Brisbane office, however, several employees operate in Sydney, Adelaide, and Melbourne. 60% of Baidam staff have Indigenous heritage. 
The inspiration for Baidam Solutions came from a startling juxtaposition: the booming cybersecurity industry on the one hand and the almost complete absence of Indigenous individuals in the field. Baidam Solutions' vision was to enable Aboriginal and Torres Strait Islander (ATSI) communities to contribute their skills to and financially benefit from the cybersecurity industry, where work is all too often offshored.  

To this end, the Baidam Initiative was founded. More than half of business profits are funnelled into ICT pathways for Indigenous individuals interested in a career in cybersecurity. To date, 10 Indigenous aspirants have completed cybersecurity qualifications at the prestigious US-based SANS Institute thanks to funding from the Baidam Initiative, totalling $150k. Additionally, Baidam is the first Indigenous-owned business to have set up two STEM scholarships in perpetuity at the University of Queensland (UQ) and the Australian National University (ANU). Baidam’s vision is to produce intergenerational change for ATSI youth and to boost Indigenous representation in the ICT industry.  

Seamless Intelligence

Seamless Intelligence was founded to be a high-quality SIEM/SOC focussed cybersecurity provider. Seamless Intelligence’s mature approach, custom reporting analytics, and threat hunting-based ruleset have quickly established them as one of Australia's premier experts in SOC and MDR services. It is now one of Australia’s leading providers of SOC services protecting organisations with over $64 billion in combined annual revenue.

MF Associates MF & Associates are an Australian SMB organisation that provides cyber security consulting services.  Their cross-industry and government experience ensures that their clients receive targeted, concise and effective strategies to drive their cyber security success. We believe that creating an environment where everyone can bring their full selves to work.

MF & Associates’ vision is to promote a cyber security industry that embraces every aspect of diversity and inclusion. They strive to cultivate an inclusive culture that celebrates all differences, enabling all people to feel a sense of belonging and bring their authentic selves to the workplace. For Australia to have a mature cyber security workforce and the greatest capabilities it requires the industry to retain a diverse talent pool. The narrative of who can be in leadership positions in cyber security and what a leader should look like in the industry should be reflective of the equitable, diverse, and inclusive workforce we want to promote in Australia. MF & Associates create a safe environment for all team members that may have felt less welcome in other organisations.

MF & Associates are leading the industry from the front in promoting this vision of diversity and inclusion. The company is expanding fast and, at the time of writing this nomination there are 17 employees with 65% of the employees in the company identify as women with a majority of women in senior roles. 40% of the organisation identify as a member of the LGBTQIA+ community and 40% of the organisation, including the managing director, have a disability or accessibility needs. Celebrating people’s differences helps to engage and motivate the MF & Associates team towards greater innovation, creativity, and inclusiveness. 

Cyber Security Enterprise Employer of the Year

SkillField

Skillfield is an Australian based IT services consultancy company empowering businesses to excel in the digital era. Skillfield is passionate about promoting cyber safety to their customers, employees and the community. 
With a strong company culture based on a foundation of trust, innovation, respect and customer satisfaction - the Ski!lfleld difference is that they really care about their team, customers and community and want them to be cyber safe!

Skillfield contributes to the community by distributing free publicly available cyber security resources, such as webinars, whitepapers, biogs and events. Cyber Security isn't only an enterprise level concern and Skillfield is eager to ensure this message is received by small and medium businesses and the wider community of users. 
The purpose of sharing industry knowledge and free cyber security resources is that it will help the community stay safe. 

NAB

As part of a large cyber security function, NAB has built a mature security cyber safety outreach program for colleagues, customers, the supply chain, and the community. 

This program has been built over the past ten years and is considered best in industry. The program’s activities help these groups recognise and protect themselves against current and emerging threats in the cyber security landscape.

NAB is also committed to growing and building a strong talent pipeline for the future of the cyber security industry. This includes involvement in programs such as the Grok Academy, National Computer Science School, and the Australian Women in Security Network. NAB also has a large Tech Intern program with over 500 interns currently working in Technology at NAB.

CyberCX

CyberCX is the leading provider of professional cyber security services across Australia and New Zealand. With a workforce of over 1,000 professionals, we are a trusted partner to private and public sector organisations helping our customers confidently manage cyber risk, respond to incidents and build resilience in an increasingly complex and challenging threat environment. Our purpose at CyberCX is to secure our communities. We believe actions speak louder than words and are
proud to share the initiatives from the past year (and longer) to deliver on our commitment to being the defenders and protectors.

We’re addressing the cyber security skill shortage with the CyberCX Academy - the single largest private sector commitment to cyber security training in Australia, focused on making the cyber security industry more accessible and attractive to a wider range of workers.

We’re promoting cyber security careers through local activities with universities, schools and industry organisations; work integrated learning students and cyber community events, our annual CyberCX Hackathon and the recent TV show, Hunted.

We’re creating safer small business with our Cyber123 for SMEs program, a free program designed to make cyber security manageable regardless of their size or industry. 

We’re contributing to reducing supply chain risk through working with large scale organisations to create more secure supply chain partners with the Cyber123 program.

We’re sharing our cyber intelligence insights with the community via our intelligence sector reports and our CyberCX Blog.

We’re improving diversity through a focus on inclusiveness and specialised recruitment approaches for neurodiversity and other under-represented groups, to ensure we’re creating a workforce as diverse as the communities we seek to safeguard and secure.

We’re constantly listening to our employee’s feedback to ensure we’re creating the best place to work in the industry – and we’re consistently outperforming industry benchmarks.

Accenture

Accenture is a global professional services company with leading capabilities in digital, cloud and security.

Combining unmatched experience and specialised skills from across more than 40 industries. We offer Strategy and Consulting, Technology and Operations and Accenture Song (creative) services to clients in more than 120 countries.   

We’re a leading provider of end-to-end cybersecurity services, including advanced cyber defence, applied cybersecurity solutions and managed security operations. We bring security innovation, coupled with global scale and a worldwide delivery capability through our network of Advanced Technology and Intelligent Operations centres.   

As the boundaries of business continue to expand with accelerated digitalisation and increased connectivity, it has never been more important to embed security across the business ecosystem. With a team of 16,000 security professionals, we partner with over 3,100 clients to accelerate on their digital journey and improve their Cyber Resilience every day. Accenture is named #1 in the HFS Top-10 Cybersecurity Service Providers 2022 Research.  

Besides our client work, Accenture is committed to secure the world we live in - meaning that we’re focused on supporting the local community and industry to be more cyber safe, addressing the skills gap in the market by investing in training and education, plus increasing the diversity to be at the forefront of innovation to outsmart hackers.

 Securonix

Today’s complex cloud and hybrid environments make it challenging for security teams to ingest security-related data at scale, control costs, manage security tools effectively, and act against advanced threats. Securonix is redefining threat detection and response for today’s hybrid cloud, data-driven enterprise. Securonix Next-Gen SIEM is powered by the most advanced analytics and built on a scalable, flexible cloud-native architecture. Securonix leverages behaviour analytics technology that pioneered the UEBA category to reduce noise, prioritize high fidelity alerts, and enable fast and precise response to insider and cyber threats.

Securonix shortens the time between when an organization is infiltrated and when the threat actors are discovered and neutralized. By combining UEBA, SIEM,SOAR, and XDR into a scalable cloud-native architecture, Securonix provides the industry’s first complete, end-to-end security operations fabric for threat detection and response for modern environments. Securonix can be expanded with premium apps for specific verticals and business apps, such as Healthcare and SAP analytics, and by Autonomous Threat Sweeper, which acts as a dedicated Cyber Rapid Response Team automatically and retroactively hunting for new and emerging threats in current and long-term historical data based on the latest, up-to-date threat intelligence.

https://www.securonix.com/company/about/ 

Cyber Security Professional of the Year

Daniela Fernandez

With over 15 years' experience in Information Technology, Daniela Fernandez is a cyber security and analytics leader, who values integrity, diversity of thought, continuous learning, sense of achievement and ensuring a healthy work/life integration.

 

 Through the years Daniela has become an expert in different domains including fraud detection, cyber security, risk management and analytics. Currently Daniela is the Head of Information Security at PayPal Australia where she focuses on making security a business enabler, helping PayPal to achieve their mission to democratise financial services while ensuring that PayPal Australia delivers secure products to customers and meets local regulatory requirements. Before that, Daniela was Director of Cyber Risk and Strategy. Prior to Deloitte, Daniela worked in multiple roles at CBA, across protective services, intelligence team, fraud detection and cyber security. Her last role at CBA was Executive Manager, Business Information Security Officer.

Daniela is also one of the Sydney chapter leads for the Australian Women in Security Network (AWSN), actively encouraging women to pursue a career in security. With her technical skills, personal motivation and experience Daniela is committed to break stereotypes, promote diversity in cyber security and empower talented women in technology.

Daniela has a bachelor’s degree in computer science and software engineering and a Master of Information Technology in systems security. She also holds multiple industry certifications including CISM, CRISC, CDPSE, CFE, Google Cloud Professional Architect and PRINCE2 Foundation.

 
 Jay Hira
 
relate to

If cyber security were a game, it would be chess, says Jay Hira. And the Cyber Security Strategy and Transformation Director would certainly be an expert-level player.

Jay has spent 16+ years of experience at the forefront of the cyber security industry internationally, helping financial institutions and other businesses ensure all their chess pieces are in order to protect their most prized asset – data – and be more cyber resilient.

His valuable and innovative work across organisations, including E&Y, Salesforce, Accenture and KPMG, has seen Jay develop efficient and business-aligned resilience strategies that transform businesses, foster customer trust and enhance revenue security.

Jay is known for building high-performance teams and creating an inclusive culture that empowers individuals and promotes equality and well-being. Jay is a member of AISA, ISC2, ISACA, AWSN chapters and actively works with universities and educators to support students’ transitions into cyber security work.

Through mentoring students across various Unis, Jay recognised a gap in the market concerning what was being taught at Unis and what was expected on day one in the cyber security workforce.

Putting thoughts into action, Jay co-created an innovative program, Sandbox for Education with UNSW, and his non-profit organisation, MakeCyberSimple.

Sandbox for Education has been successfully running at UNSW for four years and has helped more than 500 students to date – giving them valuable experience working alongside industry practitioners and creating real cyber security solutions.

MakeCyberSimple inspires students to build sustainable, fulfilling careers, linking them with SMBs who need cyber security help.

Out of the lecture halls and boardrooms, Jay is a thought leader, sharing his expert voice across many platforms on industry challenges and how best to solve them. He’s dedicated to championing women and youth in the industry and works actively in this space.

 Maryam Betchel

With over 17 years of vast experience in information security, Maryam Bechtel is a recognised leader in the Cyber industry, driving transformation and turning organisations into cyber savvy powerhouses of protection. She has experience across multiple continents, spanning advisory and consulting and in-house, corporate expertise.

As the Chief Information Security Officer at AGL Energy, Maryam is responsible for the Cyber protection of one of Australia’s most critical infrastructures, essential for the nation's energy supply and ensuring over 4 million customers energy and telco needs are met.

Prior to her role at AGL Energy, Maryam spent more than three years as the as the Executive Manager – IT Security Operations at NBN Co, responsible for driving operational performance across all IT security services.

Her career has consisted of two phases: more than a decade of consulting with Deutsche Telekom and Deloitte, working with C-levels and executives in large international companies to define an overarching and achievable cyber security strategy. Her consulting engagements led her to gain industry wide experience \ in multiple countries such as Germany, Netherlands, UK, USA and Australia.

In recent years, as a hands-on leader, her focus has been to build high performance, world-class Cybersecurity teams. She challenges her teams to find innovative solutions for business problems, enhance operational efficiency underpinned by a culture which values collaboration, integrity, and open communication.

Maryam's success has made her a natural female role model in the Cybersecurity community an active advocate of Australian Women in Security Network (AWSN) and supports aspiring females in the industry through formal and informal coaching and mentoring.

Her professional experience is supported by a strong academic background illustrated by a master’s degree in Information Security from Stockholm and Bachelor of Software Engineering. Moreover, she has been a director on the ISACA Board of Directors since April 2022.

 Mitra Minai Mitra is a true leader in the Cyber Security industry. With over 20 years of cyber security experience, she is well known for the positive impact she has on each organisational environment she encounters. She also possesses optimism and a can-do attitude, which she utilises to charismatically influence and encourage her team, the workforce and board members, resulting in effective delivery of outcomes. 

Mitra is a senior Technology and Security Transformation executive with over 20 years of experience working in the Health, Financial and Professional Services industries. Mitra is a recognised leader in successfully defining and implementing Centres of Excellence Technology and Cybersecurity functions across major International and Australian Banks and most recently in the Health Sector.

Her ability to create long lasting change and deliver ambitious strategies is second to none. Her passion is evident by the way she conducts herself and the way she gives back to the Cyber Security Industry. 

She is affiliated with several industry-partners and volunteers her time and expertise to accelerate not only the maturity of the Cyber Security Industry but also uplift and develop women who are aiming to further develop in the industry.

 

 Most recently Mitra has volunteered to mentor women as a part of the:

  • AWSN mentoring program
  • Vic ICT for Women mentoring program

Most recently, Mitra has commenced her role as National Cyber Partner at KPMG. Working closely with the Victorian Government and the Healthcare sector, she will achieve so much more; by finding sustainable solutions to problems that our important sectors are grappling with daily. There is no doubt in my mind that, through her sheer determination and vision, she will accelerate many organisations Cyber Security posture and make a significant impact. 

 Shamane Tan

Shamane Tan is the Chief Growth Officer at Sekuro, leading the security outreach strategy with the C-Suite and executives. Recognised by IFSEC as a Global Top 20 Cybersecurity Influencer and awarded ASEAN Top 30 Women in Security, the ‘Cyber Risk Leaders’ and best-selling 'Cyber Mayday and the Day After' author was also listed in the 40 under 40 Most Influential Asian-Australians.

 

 Winner of multiple awards including ARN Shining Star (Multinational) 2021 and AiSP Singapore’s Cybersecurity (Professional) award, the TEDx speaker and podcaster also sits on the Advisory Board for Black Hat Asia Executive Summit. Featured in World's Leaders as World's 10 Most Influential Business Leaders in Cyber Security, Shamane is also the founder of Cyber Risk Meetup, an international community and platform for cyber risk executives to exchange learnings.

 Chirag Joshi

Chirag’s stated mission has been to enable human progress through trust in technology. As a seasoned cyber security executive, he has built and led cyber security functions in many organisations across various diverse industries including financial services, energy, higher education, and government.

 

As a testament to his commitment to enabling cyber security leaders and professionals to adapt to the rapidly changing business, technology, and cyber threat landscape, he recently published his second book titled “7 Rules to Become Exceptional at Cyber Security.” His highly successful first book “7 Rules to Influence Behaviour and Win at Cyber Security Awareness” was focussed on the importance of the human factor to cyber security. The book demonstrated how learnings from disciplines such as neuroscience and behavioural psychology can be applied to improve cyber security posture of organisations and get people to embed secure behaviours in their daily lives.

 

Through Chirag’s podcast series titled “The Art of Cyber Security”, he collaborated with various industry experts from different countries to provide valuable insights into the essential aspects of cyber security leadership such as effective communication, storytelling, strategic career growth, entrepreneurship and adapting to changing demographics.

 

Chirag has also been a part of several industry working groups that allows development of meaningful bodies of knowledge in the areas of cyber security and information security.

As a Board Director for ISACA Sydney, he is focussed on improving professional development of the membership and encourage new speakers to present and be confident in sharing their expertise more broadly.

 

Chirag has been nominated as a Male Champion of Change for Australian Women in Cyber Security Awards and has actively published content and recommendations for encouraging a diverse workforce.

 

Chirag continues to exhibit thought leadership in the industry through speaking at numerous events and conferences on varied cyber security leadership topics. 

Best STEM Promoter of the Year                               

North Metropolitan TAFE (NMTAFE)

North Metropolitan TAFE (NMTAFE) is the largest TAFE college in Western Australia with approximately 30 000 students enrolled per annum. NMTAFE are committed to promoting STEM skills in Western Australia to encourage our future workforce to consider a career pathway in these industries.

NMTAFE Offers more than 350 nationally accredited qualifications across ten campuses in the north metropolitan region of Perth. A wide range of these specifically lead to exciting careers in STEM including environmental science, conservation and horticulture, laboratory operations, civil construction, engineering, mining, surveying, information technology and cyber security.

NMTAFE facilities and equipment are dynamic and evolving; our graduates are taught using with the latest technologies ensuring they are well prepared for their future career in STEM. NMTAFE were the first TAFE in WA to open a Cyber Security Training Centre which includes a hackers’ den, defence and a Security Operations Centre.

Some of NMTAFEs simulated training environments include the Green Skills Training Centre specialising in sustainability and renewable energy, science and technology, a laboratory operations facility for students specialising in chemical, medical and pathological, mining, biological and environmental fields. A unique simulated underground CUT Mine is used by students studying mining qualifications and by industry for induction training. Throughout their training, NMTAFE STEM students are given many opportunities to network within their chosen industry through NMTAFE’s strong industry partnerships. Our hands-on training approach provides graduates with the knowledge and confidence to continue onto further study at university or gain high-paid jobs in some of WA’s largest industries.

    STEMFastTrack (Teresa Janowski)

    Teresa has dedicated the last 8 years to promoting STEM and encouraging students to stay in and / or enter the STEM field. In 2013 Teresa observed how students working on STEM projects at schools were not communicating effectively and were giving up easily when faced with STEM technical challenges, especially maths.

    To solve this problem Teresa decided to create the STEM Sista program that taught life skills and engaged with successful STEM professionals demonstrating various STEM careers.  With her extensive people network, Teresa invited her colleagues and industry partners to be guests at the STEM Sista program and share with the girls what they do and how they got there. This program became very popular and soon attracted more nominations than there were spots on the program. Teresa promoted the success of STEM Sista and as a result STEM Mista and STEM Sista junior was created and has since delivered to over 1200 students.

    Merrimac State High School Founded in 1979, Merrimac State High School is a coeducational, public school for students from 12 to 18 years of age located on the Gold Coast, Queensland. Merrimac offers specialised programs to students who demonstrate high level skills and abilities in their area of interest ranging from general academic, sport, dance, music and STEAM (Science, Technology, Enterprise, the Arts and Mathematics).

    Specifically, in the technology space, Merrimac has been educating students in programming from the youngest grades for almost 20 years. This program has expanded into the STEAM Academy and is now a key pillar of the school's offering to potential students. Merrimac believes fostering education in these areas ensures that today's students can generate and test new ideas thereby contributing to tomorrow's scientific developments and innovations.

    Upon graduation, many Merrimac students have continued on with STEM careers. Of particular relevance to AISA are several students that now work as professionals in the cyber security industry. Over an 8-year period, 5 Merrimac graduates joined IBM Security's research and development lab on the Gold Coast. Additionally, several other graduates now work for cyber security start-ups in the local region as well as Australian Government departments.

    Cyber Security Tertiary Student of the Year - Sponsored by SANS

     Kai Baharthah-King

    Kai Baharthah-King completed his Certificate Ill in Information, Digital Media and Technology (Cybersecurity) in 2020 as a 15 year old. In 2021 Kai successfully completed a Certificate IV in Cybersecurity at NMTAFE. Throughout the year Kai participated in events, volunteered, studied additional materials, assisted fellow students and excelled in his studies. 

    Kai has spent over 70 hrs in the NMTAFE training SOC. Kai has developed multiple dashboards based on network data at NMTAFE, and constructed an Incident Response procedure for TSOC users. Kai was nominated by his lecturer for a Woodside Trainee Security Operations Analysist at the start of 2022.
     
    Kai was rewarded with a position as a trainee Cybersecurity Operations Centre Analyst in April, 2022.  Kai is currently working 2 days a week at Woodside whilst he completes his Advanced Diploma in Cybersecurity. 

    As part of his Advanced Diploma studies, Kai is extending his honeypot research with a PFSENSE firewall honeypot that he created. The data collected mimics the actual NMTAFE web-based firewall and provides threat intelligence that has provided insight into the threat landscape and help inform the security posture of the NMTAFE Joondalup TDM network. Next year, Kai intends to go to ECU to further his studies in Cybersecurity. 

     Paul Baring Paul Baring has worked in the Cyber Security field since 2017 and has been working towards increasing his skillset by completing a Master of Cyber Security at RMIT University. Before starting his Cyber Security journey, he completed an Engineering and IT degree which established his interest in cyber and gave him a solid technical base to expand on. Cyber Security is a broad field which he enjoys exploring, he has shown enthusiasm towards both the technical and non-technical aspects. 
     Odaya Amsellem

    A nomination for Cyber Security student of the year does not usually have someone that has just started their Cyber Security journey. Odaya Amsellem has shown to be a worthy nominee after only seven months into her study of the Certificate IV Cyber Security. Odaya changed careers from a totally different industry to try her hand at Cyber Security. Her willingness to participate, to try new things and to question has been integral to her success during this year. 

    Odaya has been very active in completing the stage 1 and currently the stage 2 of Certificate IV Cyber Security. Her project work has been noted of being at a high standard and has a confident presentation manner. With other students also showing such high standard, what separates Odaya is the support and encouragement she has provided to fellow students along the journey in their Cyber Security course. She has created and led a study group, encouraged other students to participate in meetings with industry and even physically drove other students to AISA monthly meetings. She has also volunteered for a number of Cyber Security events coming up in the latter half of the year. 

    The journey for Odaya has been from a military background in Israel, to being a Dental Nurse and now being a part of the WA Cyber family. Odaya is a very bright spark in the stage 1, and now, stage 2 of Certificate IV Cyber Security at North Metropolitan TAFE (Joondalup Campus) that continues to shine.  

    Cyber Security Outreach Program of the Year

    Enhancing Cyber Security Across Australia’s University Sector Project

    Enhancing Cyber Security Across Australia’s University Sector Project – lead by RMIT University’s Centre for Cyber Security Research and Innovation.

    In May 2021 there were approximately 1.3 million people studying in Australian Universities (ABS, 2021), in addition there were 130,000 people employed in the University sector (ABS, 2021). Universities Australia show that Universities in Australia in 2018 contributed $41billion to the Australia economy. Commencing in September 2020, and led by Professor Matthew Warren, this project aimed to enhance the cyber security capability and resilience of the Australian university sector in the context of evolving cyber security threats and integrated with the broader response to foreign interference to the sector.

    The project formed part of the national Australian 2020 Cyber Security Strategy, was funded ($1.6 million) by the then Department of Education Skills and Employment and was also supported by the University Foreign Interference Taskforce. The RMIT Project team delivered this on behalf of all Australian Universities, to uplift the sector cyber security capability especially as the University Sector is now considered part of Australia’s critical infrastructure.

    Key to this project’s success was the outreach and engagement program which delivered a series of 6 Trusted Cyber Security Forums from November 2020 to June 2022. These trusted forums were developed to allow the University Sector and government to have trusted discussions around cyber security and foreign interference, bringing together strategic leaders across government and c-suite executives in the university sector to share knowledge in the face of a changing cyber threat environment and establishing a community of practice across the entire Australian University sector. Another key output of this project in August 2022 was the delivery of a suite of resources made available to the entire university sector, in the form of best practice handbooks, blueprints, online tools and training programs.

    This project was led by Professor Matt Warren, Director of the RMIT CCSRI and delivered by a dedicated project team consisting of a Project Manager (Gabby Cincotta), a project officer, twelve research staff and three education designers.

    LGITSA (Local Government Information Technology South Australia Incorporated)

    LGITSA (Local Government Information Technology South Australia Incorporated) is a Not-for-Profit member-based organisation which embodies leadership and advocacy on behalf of information technology (IT) and information management (IM) professionals working within the Local Government sector in South Australia. LGITSA also supports the development of IT and IM professionals to better enable them to meet the needs of their organisations and communities now and into the future.
    The LGITSA Committee is comprised of a diverse group of IT and IM professionals from across South Australia, whose camaraderie and desire to make a difference creates a positive and powerful force for change. LGITSA Committee members generously volunteer their time and manage additional LGITSA activities and initiatives alongside their already demanding IT and IM leadership roles within councils.

    LGITSA revenue is sourced primarily from our valued sponsors and a nominal membership fee for councils, with the income used to heavily subsidise the cost of LGITSA conferences and events to make them accessible to members across metropolitan and regional councils.

    LGITSA has a key goal to provide IT and IM professionals with a united voice across the sector. Cyber security is a priority for LGITSA members, and a strategic initiative was identified in the LGITSA Strategy 2020-2022, to engage with relevant authorities and stakeholders to share resources and materials and establish practices to increase cyber maturity and resilience across the sector.

    The LGITSA cyber security strategy was subsequently developed by the LGITSA Committee with input from members and sector-wide consultation. The strategy gives an overview of Local Government business drivers, strategic priorities, and cyber security initiatives for the purposes of identifying potential collaboration partners, funding, and resourcing opportunities.

    Tangible Uplift program

    Summary of the Program. What does it aim to achieve? How long has it been running? How many women have been through it?
    The Tangible Uplift program aims at training and assisting 50 women across Australia to pass the CISM written exam in 2022 and increase their cybersecurity skills/knowledge, uplift their credibility index and marketability, and assist with job readiness. The program runs for 4 months including online training and exam preparation. A lot of research went into understand the gender gap in cyber security leadership. CISM was found to be most suitable and credible certification for management roles in cyber security in order to demonstrate a coherent understanding of cyber security management practices. Interestingly, 2021 statistics from Certified Information Security Manager (CISM) Salary in Australia | PayScale is an indicator of this gap and the possible relationship between percentage of women in leadership positions, which seems to be directly proportional to the percentage of female CISM certification holders in Australia.

    What it is trying to achieve?
    Tangible Uplift Program is the pioneering of a global movement based on principles of delivering “tangible uplift” to the profiles and resumes’ of aspiring female leaders in cyber security. The program aims at modelling a sustainable approach to volunteering only a total of 4 months in a lifetime of the program director, with a goal that the program will be carrier forward by at least 1 of the 50 participants. Since the model is being pioneering in 2022, this model can be adopted by thought leaders from other countries to kick off a similar ripple effect and self-sustaining program. The statistics from the applicant surveys demonstrate the following: Huge demand for support. The uptake was very high and the positions were filled within a couple of days from launch despite of the huge 4 month commitment, late evening schedule and requirement to register for the ISACA CISM exam upfront. 2 of 4 Applications are reflective of the concentration of IT and Infosec professionals in the eastern states, and Sydney and Melbourne in particular. Interest from women from all experience ranges to aspire for leadership positions, however majority are more experienced women. It was expected that applications would come from women with less experience and therefore correspondingly less confident, and more need for support. The fact that the majority of applications came from women with significant experience may be a reflection of broader demographic and cultural issues. Lack of awareness of government funding/tax offset for career development.

     nbn Opportunistic scammers continue to use the nbn network as a reason to contact vulnerable Australians, impersonate nbn, and con Australians of their personal and financial information.   
    Every dollar – or piece of personal information – lost to scammers is one too many.
    That’s the way we feel here at nbn, and it’s why we’re committed to empowering the community with knowledge, education and information to help protect us all from the scourge of scams.

    Keen to reduce the number of scam-related issues and do more to protect consumers, nbn developed a scam awareness and education campaign for our stakeholders, customers, and the wider community.  The objectives of the campaign were two-fold: drive awareness about the increasing frequency and risk of scammers impersonating nbn, and educate Australians on how to identify scammers, so they could take action to protect themselves.

    Aligned with National ‘Scams Awareness Week’, but “always-on” throughout the year, the campaign leverages information and data sourced via Scamwatch and ID Care to create and deliver an integrated approach including an ongoing series of national community information sessions, consumer and community media, along with a social and digital campaign featuring video and blog content. We have also produced additional materials and assets, such as a scams education guide, to enable our stakeholder engagement teams to continue the conversation with their local communities and businesses. We work with our suppliers and RSPs to further amplify this messaging.

     

    Cyber Security Rising Star of the Year - Sponsored by SANS

    Mukund Boni

    Mukund Boni is a Security Engineer Analyst at Accenture, who stands out for his emerging leadership and growing contributions to the cyber security community within and beyond the organisation. He is a passionate advocate for diversity within cyber security, and is actively building an inclusive company culture and expanding Accenture’s corporate citizenship. Since starting his career at Accenture in mid-2021 as a graduate analyst, he has gone above and beyond to rapidly expand his technical scope, taking ownership across a breadth of Security operations including the development of new threat modelling and ransomware resilience services. Beyond his primary role as an incident-responder, Mukund is currently producing an API integration to drastically shorten report generation time to aid Accenture’s Cyber Threat Intelligence.

    

    Mukund is a proud advocate for diversity in Security as a lead for Accenture’s ANZ Cross Cultural Diversity team, helping to shape Accenture’s policy on inclusion through collecting workplace diversity data. Mukund has also actively expanded Accenture’s corporate citizenship and community outreach through leading a new partnership with a non-for-profit organisation. Through his contributions, he has helped over 65 individuals learn valuable skills and build an interest in cyber security. He is currently assisting Generation Australia in developing a program to support applicants to entry-level cyber security roles. Mukund is looking forward to being a first-time speaker at the upcoming AISA CyberCon Melbourne 2022, presenting the key take-aways from his 1.5 years in Security practice as well as a presentation analysing the security shortcomings of Web 2.0, and how these translate into learnings for the Metaverse. Mukund has consistently demonstrated enthusiasm to take on new challenges, and is a proactive self-starter who has taken every opportunity to grow and contribute widely to the Security community. 

    Melanie Hanson

    Melanie Hanson is IBM Security's worldwide QRadar Network Detection and Response User Experience Focal, based at their Australia Development Laboratory on the Gold Coast. Melanie is the latest in a series of graduates from Merrimac State High School's STEM Program that have gone on to study a Bachelor of Computer Science at Griffith University, before ultimately entering the professional cyber security field. 

    Melanie began her career in cyber security in December 2019, working for IBM as a paid intern whilst still completing her studies. As a fresh set of eyes on the near-20-year-old QRadar software portfolio, Melanie showed a keen interest in investigating ways of improving the user experience so that cyber security analysts could find the information they need faster. 

     

    As a full-time software engineer at IBM, Melanie now spearheads the global collaboration on user experience design and implementation for the company's entire QRadar Network Detection and Response portfolio. This collaboration spans internal research and development teams, as well as client workshops, demos and other interactions. Melanie primarily works on the user interface development of the QRadar Network Threat Analytics application which runs machine learning across network traffic information on QRadar in order to provide users visibility into outlier behaviour on the network.  

    Michelle Rutendo Gatsi

    Since making the decision to transition from her legal background in early 2021, into a career in cyber security, Michelle has taken great strides to step out of her comfort zone and make her mark in this industry. With an academic background in Criminology and Social Science and Cyber Security Risk Management, combined with her work experience in the legal industry and her passion for writing, she brings a unique perspective to cyber security, particularly in the areas of Governance, Risk and Compliance where she is currently working at EY. She often says that it wouldn’t surprise her if she ends up finding herself working in the cyber forensics space later in her career as well.

     

    Michelle describes herself as a naturally protective and empathetic person, especially after studying two humanities courses at university, partially inspired by a break-and-enter event that she experienced in her family home when she was young. She loves that working in cyber security makes her a conduit in helping people protect what is most precious to them. Michelle loves the idea of not only helping to “fight bad people” but also using the knowledge gained from her studies in Criminology and Social Science, to help understand the behaviours of criminals, and leverage this knowledge to help mitigate risk. Michelle is passionate and excited about her career in cyber security as she gets to contribute to making our community a safer place.

     Kumar Soorya

    Kumar Soorya is a cyber security operations consultant at Fortian and is currently one of the co-hosts for Everything Cyber. Over the past year, Soorya has carried out multiple security-focused workshops with the University of Melbourne Information Security Club in an effort to help students build their interest in security and to showcase the limitless possibilities available within the field. Over the year Soorya has helped inspire 100+ students to explore cybersecurity.

    Beyond his work, Soorya aims to tirelessly work towards his goals and share his learning experiences with the community. He co-hosts a security and tech-based podcast called Everything Cyber. With a forward-looking perspective on the subjects, the podcast aspires to be a learning experience for both the presenters and the show's listeners. This has produced a vibrant community that communicates its creative ideas through social media platforms. Further, he also shares his technical learning experiences via his blog where he breaks down complex technical topics using analogies to help his readers grasp the concept faster. He also developed and oversaw the initial Fortian winter internship program which provided an opportunity for a talented security student to gain an insight into security operations in the real world.

     

    Soorya participates actively in the Melbourne security scene and is a familiar figure at many security-related events in the city. In addition, Soorya is open to mentoring and frequently offers advice and support to peers and students who are considering careers in security.

    Cyber Security Researcher of the Year

    Privacy by Design Awards Research Team The Privacy by Design Awards Research Team consisted of specialists from CyberCX in its Privacy Advisory, 
    Data Forensics and Incident Response and Security Testing and Assurance Practice areas.  This team of subject matters experts came together for the sole purpose of trying to understand which consumer brands, operating
    in the Australian market, were leading in the privacy by design space.  The aim of this team and the research was to create awareness amongst these brands of what good ‘privacy by design’ looks like in customer facing ‘digital shop-fronts’ and to publicly acknowledge through research and awards those that were leading the pack in personal data protection. 
     Professor Zahir Tari

    Professor Zahir Tari is the Research Director of the RMIT University Centre for Cyber Security Research and Innovation (CCSRI) and a highly distinguished computer scientist who has made a unique and significant contribution to his field through a succession of innovative solutions to some of the major challenges related to security, performance, and security in large-scale systems. He leads major Research and Development (R&D) activities in the cyber security areas across RMIT’s Colleges of Science, Technology, Engineering, and Mathematics, Business & Law, and Design and Social Context Colleges. Working closely with various experienced and young researchers to tackle the ever-complex cyber-security challenges from technical, human and organisational perspectives, the fundamental research of Professor Tari also has been successfully commercialised, e.g., MetaCDN.

    Specifically, Prof Tari is considered as a leader in integrating contextual preferences from the perspective of humans and systems within cybersecurity concepts and methods. Over the past two decades, he developed ground-breaking solutions that addressed the core challenges of anomaly detection and survivability of large-scale systems and their impact on the end-users.
    Professor Tari focuses on the design of innovative solutions related to large-scale systems; such Cloud/IoT/Edge and critical systems (e.g. SCADA, Smart Grid). He is particularly interested in investigating both analytical/mathematical and computational models that can address the complex issues related to the robustness of such large-scale systems from security, performance, and reliability perspectives. 

    Associate Prof. Zubair Baig During his 20-years of experience as a cybersecurity researcher and innovator, A/Prof. Baig has been instrumental to the design and development of cyber security and digital forensics solutions backed with industry-leading research across several domains, namely, secure network architectures for the Industrial IoT, Ransomware detection for evolving digital platforms, digital forensic readiness for the Industrial IoT, authentication technologies for integrated platforms, privacy preserving techniques for smart and critical facilities and machine learning-based intelligent security control design. His research work has culminated into prototypes (some for) commercialisation; machine learning (one dependence estimators and abductive networks) for intrusion detection, One Dependence Estimators for financial fraud monitoring, integrated IT/OT security architectures for critical infrastructures and digital forensic readiness platforms for machine learning-based inferencing systems; he has 2 US patents for his inventions on authentication technologies for IPv6 networks, over 110 peer reviewed research publications, 4 white papers, 2 though leadership papers and over 12 book chapters. He was ranked amongst the Top 2% of Scientists in the World, Stanford Academic Ranking List, 2021.

    His engagement with the community is evident through his numerous media interviews (ABC24, SBS World News, Channel 9, 6PR, The West Australian). He has also delivered over 25 keynotes on cyber security research and development, cyber security higher education and cyber security community awareness work. He is currently supervising 3 PhD students as principal supervisor and has successfully graduated 3 doctoral students in the past. A/Prof. Baig is presently leading a large research and development project where he is collaborating with Tata Consultancy Services (TCS) and the Cybersecurity Cooperative Research Centre, to design next generation authentication solutions for securing remote access to critical infrastructure assets. The project deliverables will provide significant national benefit based upon secure remote facility access solutions and uninterrupted access to critical industries including mining, manufacturing, and defence. 
    The Bitdefender Research and DRACO team How a partnership between Bitdefender’s research and DRACO Teams and Law Enforcement saved REvil victims more than half a billion dollars in ransom demands. This is the story of a highly responsive security technologists who led the creation of a universal decryptor combined with forensic and investigation support that successfully addressed one of the globe’s major ransomware threats and is continuing to protect enterprises and organisations around the world. Short for Ransomware Evil, REvil is a private RaaS operation that first emerged in 2019. 

    Deeply tied with the now-defunct GandCrab RaaS group, REvil leverages affiliates to infect companies and extort money. Since 2019, REvil has made a name and became the most common ransomware variant in the second quarter of 2021. REvil has managed to compromise thousands of businesses around the world and was known to extort much larger payments from victims than the average market price. Companies that did not pay and attempted to restore from backups were blackmailed with the publication of their stolen confidential information.

    In collaboration with a trusted law enforcement partner, Bitdefender released a free universal decryptor for REvil attacks that occurred before July 13, 2021. Since mid-September this year, the Sodinokibi / REvil decryptor has helped more than 1,400 companies in 83 countries recover their files and save over $550 million in unpaid ransom. The average ransom demands about $393,000, much higher than GandCrab’s average ransom of between $800 and $2400.

    The Bitdefender DRACO Team provided cybersecurity consulting and guidance especially in areas of cryptography, forensics, and investigations that helped the law enforcement consortium in this operation minimise the impact of successful ransomware attacks, and eventually led to arrests. This collaboration with law enforcement is a prime example of the public and private sector working together to significantly disrupt cybercriminal activities. 

    Cyber Security Educator of the Year

    North Metropolitan TAFE (NMTAFE) North Metropolitan TAFE (NMTAFE) is the largest TAFE college in Western Australia, a leader in skilling Western Australians to meet growing global demand for cyber security professionals. NMTAFEs cyber security courses focus on the practical and theoretical dimensions of IT security across a range of areas including; network security, vulnerability assessment, information security, digital forensics, wireless device security and managing a Security Operations Centre. NMTAFE offers a range of courses for those interested in pursuing a career in cyber security from a short course skill set, which is an introduction to cyber security covering various OS platforms, understanding attack trends, best practice responses, analytical tools and Python scripting language through to an Advanced Diploma, delivered over two semesters, graduates from this course are job-ready to join the front line against cyber threats.

    Located in the heart of the Joondalup Innovation Hub, NMTAFE students and lecturers regularly collaborate with ECU, AustCyber, City of Joondalup and WA Police Force on a range of projects and initiatives, ensuring NMTAFE students graduate at the forefront of the industry’s latest technologies and advances. Our lecturers keep up-to date with industry relevant qualifications and professional development including being vendor certified with a range of local and international providers.

    Our dedicated Cyber Security Training Centre (CSTC), launched by Premier Mark McGowan in 2019 is a vital component of NMTAFE’s training delivery. The CSTC includes a hacker's den, defence hub and control centre giving students a genuine, real-life experience of what it is like to work in the industry. Here, students implement the latest software and develop an understanding of the tools and procedures required to mitigate cyber security threats. 
    OPSWAT Academy
    All 16 critical infrastructure sectors are increasingly at high risk of cyberattacks, yet tens of thousands of mission-critical jobs remain vacant. The OPSWAT Academy was developed to address the CIP cybersecurity skills shortage through courses that promote the best practices and practical approaches successfully implemented in the most secure critical infrastructure environments.

    By prioritizing technical skill development over a more traditional curriculum, the OPSWAT Academy is at the forefront of preparing the next generation of CIP cybersecurity professionals for jobs that are ready and waiting, today – whether a daily practitioner, student or IT professionals interested in building their skill set. 
     UNSW The UNSW Sandbox Program (https://unsw.to/sandbox) challenges the status quo that industry-based learning is merely the “cherry on top” in higher education curriculum. Instead of offering industry experience through limited standalone modules or selective internships, the Sandbox Program transforms existing university courses into real-world Sandboxes that simulate an industry problem-solving environment. A “Sandbox course” involves industry practitioners from early in the course design stage. Academic experts work in tandem with industry practitioners to identify and incorporate the most relevant content and problems in the course. Both parties support students from learning the content to applying it to address real industry problems. Throughout this process, students acquire contemporary knowledge, develop work-ready skills and create professional networks – all while completing courses as part of their degree.

    The Sandbox Program significantly elevates cyber security education practices in Higher Education. It provides a flexible, scalable, and inclusive pathway for students from diverse background to gain exposure about cyber security imperatives and understand cyber security careers. Since its inception in late 2019, over 1,110 students at UNSW from various disciplines have benefited from ‘Sandbox-enabled’ cyber security education. These students worked directly with over 30 cyber security experts from leading organisations, such as Ernst & Young, the Australian Red Cross, IAG, KPMG, and Salesforce, to address contemporary cyber security challenges ranging from phishing resilience to cloud security. Mutual benefits are clearly demonstrated. Students gain non-discriminating opportunities to learn about the latest industry practices and demonstrate their capabilities to potential employers. Partners gain access to fresh talent – every Sandbox concluded with some students being offered ongoing employment. The Sandbox’s unique tripartite model also facilitates knowledge exchange and research partnerships between industry and academia, contributing to the national uplift of cyber resilience.

      Register Now