-
Cloud Security Melbourne
-
08:30
Register; grab a coffee. Mix, mingle and say hello to peers old and new.
-
08:50
Welcome from Corinium and the Chairperson
-
09:00
Keynote Presentation: Protecting OT environments in an era of high connectivity
Ad Wolst - Head of Cyber Security Engineering & Platform Services - Bupa
- The importance of OT security in a cloud heavy domain: How OT system risks have evolved and how do you determine OT risk levels?
- Safeguarding IoT devices in OT systems: Current OT threats and the corresponding security challenges
- OT security adaptability and continuous security maintenance
-
09:25
The growing importance of breach and attack simulation
How can enterprises assess their cybersecurity readiness? Breach and attack simulation can help organisations to uncover gaps in the cybersecurity posture and enhance overall cybersecurity outcomes. This presentation discusses the importance of breach and attack simulation and how it can be used to close gaps rapidly.
-
09:50
Cloud migration and repatriation – the contemporary challenge faced by organisations
Gaurav Vikash - Head of Security and Risk – APAC - Axon
The paradox of cloud migration and repatriation represents a dual challenge faced by organisations in their cloud adoption journey. While cloud migration offers scalability, flexibility, and cost-efficiency, some enterprises encounter unanticipated complexities or limitations that prompt repatriation—moving applications or data back from the cloud to on-premises or alternate cloud providers. This paradox highlights the tension between the promises of the cloud and the realities of implementation. Factors such as cost overruns, security concerns, compliance issues, data governance challenges, or performance variations can trigger the need for repatriation. Striking the right balance between the benefits of cloud migration and the potential complexities requiring repatriation involves careful planning, evaluating the suitability of workloads for the cloud, and maintaining flexibility to adapt to evolving business needs and technological advancements.
-
10:15
NETWORKING BREAK
-
10:45
Take control of risks around cloud data protection
As Australian organisations serve the world and are served by global businesses, every Cloud Security leader needs to understand, appreciate, and untangle the complexity around data security, sovereignty, and privacy.
This session will address the threats, challenges and find a fit-for-purpose solutions for different enterprise needs.
-
11:10
Aligning cloud security with evolving and emerging trends
Rimple Kapil - Senior Security Architect - Telstra
This presentation explores the fundamentals of cloud security in the context of evolving trends. It delves into the shared responsibility model in provider-managed cloud environments, the importance of following provider best practices, and the dynamic and agile nature of cloud security. The discussion extends to the challenges of managing log volumes, detecting DDoS events, and the hidden costs in cloud environments. The presentation emphasizes the need for security to be integrated into CloudOps, following the principles of DevSecOps for efficient and secure delivery of applications and services.
-
11:35
Strengthening cloud protection with Cloud Detection and Response (CDR)
- Strategies for threat intelligence gathering, cloud-specific threat detection, and incident response planning in the event of a security breach in the cloud
- How is CDR different from other cloud protection strategies and how can you maximise its usefulness?
- Integrating CDR with existing capabilities: To integrate or to replace?
- The CDR solution: Consolidating visibility and enhancing security with a cloud-centric approach
-
12:00
Panel Discussion: Security Monitoring and Incident Response – a matter of when, not if
Assuming that a data breach has already happened is needed in order to help evolving solutions and services in this area.
Security monitoring on all aspects in the cloud journey will help us know both known and unknown, on the endpoints, on users, and on networks.
This session will grapple with the latest approaches, including:
- Endpoint Detection and Response (EDR)
- Network Detection and Response (NDR)
- Extended Detection and Response (XDR),
- Artificial Intelligence (AI) and Machine Learning (ML) capability
This session will also look at Cloud Security Posture management (CSPM), as the solution of monitoring cloud-based systems and infrastructures for risks and misconfigurations.
Panellists:
Richard Magalad, Chair of Cloud Branch, Australian InfoSec Association
Indika Wimalasiri, CISO, Beyond Blue
Raymond Schippers, Security Engineering Director – Detection & Response, Canva
-
12:35
Simplify your cloud challenges with Cloud Native Protection Platform (CNAPP)
In a threat heavy world full of cloud, cloud security posture is everything. Explore the opportunities CNAPP can bring to business with an all-in-one answer to the multiple cloud platforms you are managing, as well as the limitations the technology can bring to find out how CNAPP can improve security posture.
-
13:00
Lunch
-
13:50
Multi-cloud orchestration: How can you optimally manage hybrid and multi-cloud environments?
- Navigating the complexities around multi-cloud: what is seamless integration to your organisation?
- Delivering strategic multi-cloud deployment within an organisation
- Building your multi-cloud resilience
- Strengthening third-party collaboration and communication
-
14:15
Keynote Panel: Where are you on your cloud security journey and where do you want to be in a year?
- How are you planning to support the Australian Government’s 2023-2030 cyber security strategy?
- If relevant, how are you planning to comply with the significantly updated PSPF, ISM and Essential 8 requirements?
- Undertaking the cloud journey: How far should you be and what goals should you be achieving?
- Embracing an agile adoption process: How have you navigated new security risks and challenges?
- The plan for the next one year: Plot your timeline
- Third-party management: Strategies to better secure vendors relations and dealings in 2024
Panellists:
Sandeep Taileng, CISO, State Trustees VIC
Mathew Hema, Head of Data, Digital and Technology, Independent Schools Victoria
-
15:00
Lessons learned from a DoS (Denial-of-Service) incident
Dominik Pietrzykowski - Lead Cloud Migration Architect - ANZ
- Exploring the typical cloud-based DoS attacks and how to prevent them
- Real-life examples of what happens and strategies to successfully deal of those incidents
- Lessons learned – what to do and what to avoid
-
15:30
NETWORKING BREAK
-
16:00
Multi-cloud orchestration: How can you optimally manage hybrid and multi-cloud environments?
Rati Rani Mehrotra - Senior Security Expert - Telstra
- Navigating the complexities around multi-cloud: what is seamless integration to your organisation?
- Delivering strategic multi-cloud deployment within an organisation
- Building your multi-cloud resilience
- Strengthening third-party collaboration and communication
-
16:25
Panel Discussion: Navigating the numerous cloud security technologies in the market: The good, the bad and the complex
Stephen Fracalossi - Head of Cyber Security and Privacy - Online Education Services
- Benefits versus limitations: How can we uncover the true range of the product?
- Looking at current technologies and identifying future gaps
- Matching your business needs with cloud security tech: Is it simpler than it seems?
-
17:00
End of Cloud Security Melbourne 2024
Not Found