Keynotes and Plenaries

 

Dr. Greg Adamson – Chief Information Security Officer at the Victorian Department of Transport and Planning, Victoria, Australia.

Biography: Dr Greg Adamson is Chief Information Security Officer at the Victorian Department of Transport and Planning, and an Associate Professor at the University of Melbourne Faculty of Medicine and Dentistry. He has worked in cyber security since 1993. His current research interest is the limitations of explainable AI. He chairs the IEEE Standards Association industry connection program Meta Issues in Cyber Security. Greg’s PhD was on the challenges of Internet based e-commerce. He has a Master of Commercial Law from the Melbourne Law School.

Operational Technology Keynote Presentation
Title: AI and cyber security: better or worse?

Abstract: For at least the past decade, cyber security has been losing ground year on year. In the near future this deterioration in the protection of IT systems will be followed by increasing threats to operational technology (OT) systems, such as energy and transportation. Cyber threats include some extraordinarily complex attacks such as zero-click, but the vast majority are based on poor cyber hygiene, poor design practices, and a lack of early lifecycle attention to cyber security. For some, AI promises to change this by applying AI to tasks poorly performed by humans. So can we expect AI to generally improve cyber defence? This presentation examines two areas of AI transformation in the cyber field: AI assisting in the development and operation of cyber defence, and AI enhancing the capacity for cyber attack. In addition it will consider a third, often overlooked, area: the effect of AI making cyberspace a less predictable and more complex environment. While the first two areas of enhanced defence and advanced attack may cancel each other out, the third area undermines an important assumption in cyber security today, the centrality of anomaly detection. Correctly functioning AI no longer operates in a predictable manner, so the concept of anomaly disappears.


 Assoc. Prof Russell Brewer – Head of the Adelaide Cybercrime Laboratory, School of Social Sciences, The University of Adelaide

Academia Keynote Presentation
Title: Using social science approaches to extend automated digital forensic tools: Results from an Australian child sexual abuse investigation

Abstract:   This paper introduces a novel digital forensic tool developed by the research team in collaboration with Australian law enforcement – capable of automatically extracting and matching biometric features (face and voice) from people contained within child sexual abuse material (CSAM). Unique to this tool is its analytical approach, which involves the use of social network analysis to reveal important patterns across seized media files. We examine these patterns using digital evidence collected during a CSAM seizure, and apply a series of network measures/models to illustrate how the biometric match data can be used to rapidly pinpoint key persons and media files associated with an investigation, without the need for an investigator to manually review and catalogue all files. We discuss the implications of this work – in terms of offering insight into the ways this offending type is organized socially, but also its practical implications for law enforcement. Future directions for this research are also discussed.


Prof Monica Whitty – Professor of Human Factors in Cyber Security, Head of Department of Software Systems and Cyber Security, Monash University, Victoria, Australia

Academia Keynote Presentation
Title: Game of Pawns: Novel methods to examine malicious insider threat

Abstract: From 2001 until recently, Mattel Inc. and MGA Entertainment Inc. have been in the courts with a battle of the dolls – Barbie vs. Bratz dolls. Hundreds of millions of dollars have been spent by both parties, accusing the other of intellectual property (IP) theft. An insider who initially worked for Mattel was charged in 2018 with stealing Barbie designs and taking these to his employment in MGA Entertainment. This example of IP theft demonstrates the potential harm for organizations, even with well-established brands. It also highlights the need for organizations to identify insider behaviour in the early stages to prevent or, at least, minimise harm. This paper will present two novel methods we have employed to investigate malicious insider threat: a. a Behaviour Sequence Analysis and b. a computer simulation. The Behaviour Sequence Analysis takes a pathway approach by statistically examining the relationship between socio-technical events that occur before, during, and after insider attacks. Our analysis revealed distinct patterns for different types of attacks. The Computer Simulation involved participants acting as insiders and examining behaviour and communication change over different stages. This paper will highlight some of the findings from these studies.

This research is supported by a grant funded by the Department of Defence Next Generation Technologies Fund (NGTF) initiative.


Dr Dave Ormond, Director Information Warfare, Defence South Australia

Thematic Keynote Presentation
Title: Cyber governance and risk management responses to contemporary geopolitical competition and security challenges

Abstract: The escalation of geopolitical competition, grey zone conflict and associated security challenges threatens many aspects of our digital society. A capability gap has emerged between the actual level of cyber security provided to many digital systems and the cyber security needed to defend against a range of threats. Together with the economic cost of cyber security, the range of environments requiring protection and the continuum of threats seeking to compromise security creates a complex governance challenge. Industry, academia and government should seek to address this governance challenge to reduce the risk of further disruption to economic, political and social frameworks that our modern societies utilise. This presentation will discuss some of the work underway to address cyber security governance and risk challenges within the US, UK and Australia, and provide a critical analysis of the ongoing issues in the governance and risk management space.