Security on the Move

You're invited to attend...

Security on the Move
Sydney, 30 August 2013
Swissotel Sydney, 68 Market Street

Security on the Move is a one day event that will put the spotlight on information security in Sydney. This day is a chance for security professionals to learn about the challenges and opportunities in their own backyards, connect with talented industry neighbours and speak face-to-face with the experts at AusCERT who sit at the coal face of emerging threats.

Presenters include:

There will also be an exhibition with sponsors displaying the latest in IT security products and services.

Ticket Price: Just $99 (including GST)
You can't afford not to be there.

We hope to see you there for this fantastic opportunity to strengthen information security in your business, register NOW to secure your place.


8:30 Registration, coffee on arrival
9:00 Event Opening
9:15 Graham Ingram, AusCERT
Trends in information security: an AusCERT perspective
10:00 Richard Bergman, PwC
The Human Factors of Incident Response
10:30 Morning Tea
11:00 Peter Cooper, Woolworths
Embracing Risk to Create Value
11:30 Carl Braden, Nominum & Tony Ross, Sophos
Malware, BYOD and Hijacked Toilets – The Problem and New Security Tools for Telco's, ISPs and Enterprise
12:00 Murray Goldschmidt, Sense of Security
Help! My Mobile Device is Spying on Me
12:30 Lunch
1:30 John Hirt, US Secret Service
Secret Service best practices and information security policy
2:00 Parth Shukla, AusCERT
Australia in the Carna Botnet: Telnet's threat to the island nation
2:45 Afternoon Tea
3:15 Panel Presentation
4:00 Closing Remarks
4:15 Networking Drinks
5:00 Event Close

Security on the Move in Sydney in August is part of AusCERT's road show series which complements the annual AusCERT Information Security Conference. Watch this space for events in Brisbane (18th October, Stamford Plaza), Perth (November) and Melbourne (March).


Event Location
Swissotel Sydney
68 Market Street
Sydney NSW 2000
Sydney, 30th August 2013
8:30 am Registration
9:00 am Event Opening
5:00 pm Event Close

Ticket Price: Just $99
(including GST)
You can't afford not to be there
Register Now


Graham Ingram

Graham Ingram

General Manager, AusCERT

Graham Ingram is the General Manager of AusCERT. He took up the position in January 2002 after 17 years employment with the Australian government. Immediately prior to joining AusCERT, Graham worked with the Australian Department of Defence where he was responsible for managing computer security incident reporting and response for Commonwealth government agencies.

Graham has extensive experience in critical information infrastructure protection (CIP) and spent four years working in this area for the government. During this period he managed a number of major IT security and information protection issues including computer network attacks during the Y2K period and IT security threats to the 2000 Olympic games.

Since joining AusCERT, Graham has consolidated AusCERT as Australia's premier Computer Emergency Response Team (CERT) and strengthened its strategic relationships particularly in the Asia Pacific region. AusCERT hosts the annual AusCERT Information Security conference, the foremost IT security event in the Asia-Pacific region.

AusCERT is based at The University of Queensland which has one of the largest networks in Australia.

Graham has a BSc (honours).

Peter Cooper

Peter Cooper

Group Information Risk Manager,Woolworths

Peter Cooper is the Group Information Risk Manager with Woolworths Ltd, a role he took up in October, 2007. His role includes security, change management, project risk and quality, PCI compliance, IT Project Governance and risk awareness.

Woolworths is a premier Australia company, which is pre-eminent in the retail market. With over 190,000 staff in more 3,000 locations around Australia, New Zealand, China & India, it faces significant challenges in managing security in a timely, consistent & cost-effective manner.

Whilst traditionally a grocery chain, it is now also a dominant force in general retail, consumer electronics, liquor, petrol and most recently in the home improvements sector. By any measure it is one of the largest companies in Australia: it takes 11% of credit card transactions each year; & is on the Attorney General's list of critical national infrastructure.

In 2008, it made its entrance into financial services by launching the Every Day Money credit card and the Every Day Rewards loyalty program, followed last year by the launch of the a frequent flyer program, as a joint venture with Qantas, and also introduced the Everyday mobile phone.

Prior to Woolworths, Peter spent 10 years as the Senior Manager, System Security at the Reserve Bank. His role there encompassed IT security, change management, project office and IT governance.

His earlier career included long stints at the Commonwealth Bank, Chase AMP Bank, and lastly Macquarie Bank.

He has worked in IT in the finance sector for over 30 years covering a range of areas including programming, systems analysis, systems programming, and IT audit.


Embracing Risk to Create Value

Companies create shareholder value by taking risks - this is the nature of business, and IT's role is to support the business.  One risk that organisations are increasingly willing to take is adopting transformational technologies or they run the risk of being left behind like dinosaurs.  As the IT department transitions from "building systems" to "procuring services", the CSO must adapt along with it.  Not only is our role different, but the skills we must use in marketing ourselves as a trusted adviser of this type are not what we've done traditionally, so we need to build our brand as being part of the solution or run the risk of becoming irrelevant.

Murray Goldschmidt

Murray Goldschmidt

Co-founder & Chief Operating Officer,Sense of Security

Murray Goldschmidt is co-founder and Chief Operating Officer at Sense of Security, a leading Australian Information Security and Risk Management firm.

He is an information security specialist with over 15 years commercial IT experience.

Murray is frequently invited to present at conferences, workgroups and seminars and asked to provide expert comment for editorials and publications. Murray has presented on security topics to many audiences at recent conferences including AusCERT, Cyber Security for Government, and the Australian Fraud Summit.

Along with a degree in Electrical Engineering, Murray is a Certified Information Systems Security Professional (CISSP) and a Payment Card Industry Qualified Security Assessor (PCI QSA) and an active member of the Australian Information Security Association (AISA).


Help! My Mobile Device is Spying on Me

Mobile devices are essentially small computers with a number of functions including telephony (voice, video and SMS), collaboration, social networking, mapping and access to corporate resources through email, file sharing and VPN's. This rich feature set, combined with the geo-location functionality (GPS), presents mobile devices as a prime target to gain control over to spy on their owner. The implications to the user of having a compromised mobile device can be very serious including, but not limited to, loss of confidentiality (personal and corporate), abuse of privacy and manipulation for political or commercial gain.

This presentation demonstrates how vulnerable we are to malicious software that can be actively running in the background of legitimate applications, and will cover detection and protection techniques.

Carl Braden

Carl Braden

Senior Executive Sales Director APAC, Nominum

Carl has been with Nominum for over eight years and in that time has grown Asia Pacific team as well as the revenues consistently and significantly to the extent that the region now has secured sizable contracts and customer numbers in all major markets including China, Japan, Korea, Singapore, Malaysia, New Zealand, India and Australia.

Carl has leveraged his professional experience and acumen from both the telecommunications and IT industries to effectively assist and enable carriers to establish upgrade and transition projects in the areas of DNS, DHCP, VOIP, Advanced Network Security Applications, Cloud Services and migrate DNS solutions in wireless mobility networks from 2G through to LTE.

Carl holds a Bachelor of Economics from Macquarie University, Sydney. He is a dedicated and passionate professional with over thirty years’ experience in international sales, business development, product development, complex IT&T project management and consultancy.

Tony Ross


Tony Ross has worked extensively in the IT industry for over 20 years. Tony's experience spans coding and software development, Telco and ISP network design and development, and IT Security. For the last 10 years Tony has worked at Sophos where he has held many roles, including Global Product Specialist where he was a key influencer shaping design and development of Sophos's Email Security Gateway Solutions. He also worked as a Global Sales Trainer assisting management and the wider sales teams with value messaging and positioning of Sophos’s competitive strengths. Having moved from the Canadian office over two years ago, today Tony is the program manager for Sophos’s MSP Partner Program based in Sydney.


Malware, BYOD and Hijacked Toilets – The Problem and New Security Tools for Telco’s, ISPs and Enterprise

Malware is an increasing problem for all networks with the criminals using bot/botnets to compromise every type of end network device as a basis for penetration of key network infrastructure, servers and data. Carl and Tony look at the current scale and trend of this problem, the impacts that BYOD programs are contributing to the problem, and discuss the recently announced joint Nominum/Sophos solution for arming network operators with defensive capabilities to stem the growth of this rapidly escalating threat vector!

Parth Shukla

Parth Shukla

Information Security Analyst, AusCERT

Parth Shukla is an Information Security Analyst in the Co-ordination Centre at the Australian Computer Emergency Response Team (AusCERT). He works in the CC Team providing analysis, monitoring threats and responding to member requests for incident handling. Parth has an extensive experience of working in the IT field over the past 8 years. He has worked for the University of Queensland for a number of years now in different positions. Parth has tutored both practical programming and other theoretical computer courses at the School of Information Technology and Electrical Engineering (ITEE) at the University of Queensland (UQ). His previous roles included working as a system administrator and a freelance website programmer. He has excelled at university studies by maintaining the "UQ Excellence Scholarship" for 4 years.

Parth has had a long standing interest in information security from the earliest days of his career. His interest in computer security includes a wide range of topics, from botnet and malware analysis to network and infrastructure security. He also runs his own small VM farm of servers at home as a hobby and for private research. His personal interests are far and wide, including physics, religion, politics, philosophy and cricket!

While at AusCERT, Parth has been analysing the data of the Carna Botnet that he obtained exclusively from the anonymous researcher. He has provided relevant snippets of the datasets to relevant CERTs around the world and relevant organisations within Australia. He has taken on the mission of spreading public awareness on the security implications of his research by perusing to present region-specific detailed analysis of the Carna Botnet at conferences around the world.


Australia in the Carna Botnet: Telnet’s threat to the island nation

This presentation will bring the latest analysis and the progress of industry collaboration on the problem of internet facing devices that have default credential logins through telnet. The Carna Botnet, which was used to perform the Internet Census 2012, highlighted a major information security concern with devices that allow default credential login from the internet by default. This presentation will present an analysis of the complete list of compromised devices that formed part of the Carna Botnet. This list is NOT publicly available. This data was acquired directly from the anonymous researcher that performed the Internet Census and to date, as confirmed by the researcher; AusCERT is still the only organisation or researcher in the world that has the complete data set. This presentation will cover the up to date analysis of this data for the World and most importantly for Australia. The analysis will look at trends, manufacturers of compromised devices; ram distribution and CPU information of the compromised devices etc.

The aim of the presentation is continue to bring public awareness of the larger issue as well as make it possible for information security professionals in Australia to be aware of the progress of Parth’s mission of reducing/removing the vulnerable devices.

The topic of Botnets and Mapping of the IPv4 Internet through illegally compromised devices should be of interest to all IT Security professionals. The insight revealed by the data is unprecedented and marks a historic moment for the Internet.

John  Hirt

John Hirt

United States Secret Service

John Hirt has been the Resident Agent in Charge of the U.S. Secret Service Sydney Resident Office since April, 2013. He currently supervises all Secret Service investigations and protective missions that occur anywhere within Australia and New Zealand.

John was hired by the Secret Service in 1996 and started his Secret Service career as a Special Agent in the Milwaukee Resident Office. Since then, John has worked in the Protective Intelligence Squad, and then the Financial Crimes Squad as a Group Leader in Chicago. During that time, John was also assigned as a shift agent to protect Governor George W. Bush while he was a Presidential candidate and later as President.

In 2007, John was promoted to an Assistant to the Special Agent in Charge of the Vice Presidential Protective Division where he supervised the Counter-Surveillance Unit and the Vice President’s Operations Section supporting the protection of Vice President Dick Cheney and Vice President elect Joe Biden.

In 2009, John was promoted to the Resident Agent in Charge and transferred back to the Milwaukee Resident Office after the Inauguration of Vice President Joe Biden. In that roll, John supervised the Milwaukee, WI and Madison, WI Secret Service offices overseeing all Secret Service investigations and protective missions that occurred throughout the State of Wisconsin. In April, 2013, John was transferred to Sydney, Australia as the Resident Agent in Charge where he will be assigned for approximately the next four years.

Richard Bergman

Richard Bergman

PwC Cyber

Richard is part of PwC's Cyber leadership team and works with companies to balance the risks of Cyber with the upside of the rapid adoption of Digital.

Richard works across the public and private sector and has deep expertise in leading complex incident response and cyber investigations throughout Australia, Asia, Europe and the US. Richard helps companies respond to security incidents, intellectual property theft, malicious targeted attacks, and fraud.

Some key projects that Richard has recently worked on include:

  • Over the past 3 years Richard has been the global lead of investigations for one of Australia’s largest companies and has managed over 100 investigations across 14 countries.
  • Richard has recently spent 6 months in Asia as the Head of Information Security for a global company where he ran a global security improvement program and designed an approach for the monitoring, detection and response to targeted malicious threats.

Richard works across the Public and Private sector including Financial Services, Aviation, Mining, Construction, Retail and Manufacturing industries.


The Human Factors of Incident Response

Public and Private sector organisation now expect that they will need to respond to a security incident or outage. There is a focus at the moment on event and incident triage and determining when is the right time to escalate an incident and mobilise a response team.

The best laid plans are often insufficient as a response will change tack quickly and is subject to human reactions. The effectiveness of the response is driven by the people that make up the response team and the mind set and determination of the attacker.

The first hour, 24 hours and 48 hours will see a lot of decisions made by people based on gut instinct and experience. Hear some firsthand stories from Richard on what plays out within the response team and wider business stakeholders and how understanding the mindset of the attacker has to inform the response.