Wellington Cyber Workshop: The Cyber Cacophony. Cut through the noise.

Event Information

Share this event

Date and Time

Location

Location

Rydges

75 Featherston Street

Wellington, NZ 6011

New Zealand

View Map

Event description
The Cyber Cacophony. Cut through the noise.

About this Event

Cyber-criminal activity has matured to the point whereby it has become a highly organised and highly effective business model. The level of technical and commercial innovation is extraordinary and frankly outpaces security responses. No one will dispute the number, frequency and impact of cyber-attacks is on the rise and we are often told it is not a matter of if but when. From media reports, jargon, marketing hype, alert fatigue, there is so much noise around cyber.

As a company looking to protect yourself from attack, navigating the world of cyber-crime is no easy feat.

Budgets are limited, you are likely to have a mix of security controls, there is a global shortage of cyber security professionals.

The notion of a company parameter has changed markedly. Your users are likely to work remotely, they may use their own devices, you probably store some or all of your company data in the cloud.

The exponential growth of data is undisputed. In 2017 the Economist reported that the world’s most valuable resource is no longer oil, but data. Data is king. The race to protect and monetarise it is hotly contested. It is no wonder data is at the root of what keeps you up at night.

At InPhySec we have a long-held vision for a progressive and modern operational security capability in New Zealand that equals the best in the world. New Zealand based security analysts protecting New Zealand companies.

Our vision is about to be realised with the opening of our new Security Operations Facility. Located in Wellington and staffed by some of the best security analysts in the country, we are bringing a new approach to SOC operations. Open, simple pricing, local NZ based analysts focused on your security.

Let us help take some of the noise away.

As part of our launch, please join us for an interactive cyber workshop held in Wellington and Auckland during cyber smart week.

Learn from leading experts the true size of the cyber risk your company faces from both a New Zealand and global perspective, how best to protect your company from a myriad of real-world use cases and participate in executive and technical panel discussions.

Who should attend:

The workshops are designed for:

  • Senior executives with a need to understand the changing threat landscape for cyber security;
  • CIO/CTOs and security practitioners who have an interest in best of breed technologies, their integration, and how they are protecting companies.

WORKSHOP PROGRAMME:

MORNING SESSION, 9:00AM to 1:00PM

Setting the scene; the changing threat landscape on a local and global basis.

  • Ian Fletcher, Managing Partner, InPhySec.
  • Mason Hooper, Director, Alliance Solution Architect Team, CrowdStrike.
  • Petra Lucioli, Group Claims Manager, Delta Insurance.
  • Jon Duffy, Assistant Commissioner (Policy & Operations), Office of the Privacy Commissioner.

Do you understand your company’s true value? Its more than your balance sheet.

  • Richard Barnett, Senior Associate EverEdge.

Lessons from the front line.

  • Murray Kelleher, CTO and CISO Fulton Hogan
  • Steve Honiss, Chief Information Security Officer, Parliamentary Services

InPhySec Security Operation Centre: the new era in SOC operations within New Zealand.

  • Marc Barlow, Consulting Partner, InPhySec.

Executive panel discussion. Chaired by Ian Fletcher, Managing Partner, InPhySec

  • Marc Barlow, Consulting Partner, InPhySec.
  • Mason Hooper, Director Alliance Solution Architect Team, CrowdStrike
  • Petra Lucioli, Group Claims Manager, Delta Insurance
  • Richard Barnett, Senior Associate EverEdge
  • Jon Duffy, Assistant Commissioner (Policy & Operations), Office of the Privacy Commissioner
  • Murray Kelleher, CTO and CISO Fulton Hogan
  • Steve Honiss, Chief Information Security Officer, Parliamentary Services

AFTERNOON SESSION, 1:30PM to 4:00PM

Use cases from the front line

Practical technology session incorporating CrowdStrike, Netskope, AttackIQ and Splunk covering actual incident response engagements InPhySec has responded to in the local market, including but not limited to:

  • #1 Credential harvesting through phishing
  • #2 O365 compromise
  • #3 Ransomware
  • #4 Data exfiltration
  • #5 Man in the middle invoice fraud

Technical panel discussion. Chaired by Jonathon Berry, Consulting Partner, InPhySec.

  • Marc Barlow, Consulting Partner, InPhySec.
  • Mason Hooper, Director, Alliance Solution Architect Team, CrowdStrike.
  • Scott Reeves, Senior Cloud Security Sales Engineer, Netskope Inc.
  • Brett Callaughan, Senior Sales Engineer, AttackIQ.
  • TBC Vectra.
  • TBC Splunk.

SPEAKERS AND PANELLISTS:

Ian Fletcher, Managing Partner, InPhySec

A highly experienced organisational leader and diplomat who is highly regarded for his organisational change management work, Ian has led organisations as diverse as the GCSB, the UK Patent Office, the Queensland Department of Employment, Economic Development and Innovation (like MBIE), the UN Customs Service in Kosovo, and chaired a G8 committee on innovation and intellectual property. As Director of the GCSB, Ian led the organisation through great change, including transforming its legislation and core focus to allow for national cyber defence initiatives. Ian continues to link his security work with an active advisory practice in Intellectual property and knowledge management (including trade policy aspects of IP management), and to write and speak on the impact of the internet on the nature, role and effectiveness of states. Ian sees cyber security and its associated challenges of identity and reputation as closely related to the issues of data and knowledge management facing almost all businesses and organisations.

Marc Barlow, Consulting Partner, InPhySec

Marc has over 20 years’ experience in forensic investigation, incident response, policy development and risk management. Prior to forming InPhySec, Marc spent 13 years with the New Zealand Police forensic service and 10 years within the GCSB establishing and managing the cyber forensic investigation and incident response capability.

Jonathon Berry, Consulting Partner, InPhySec

With over two decades in the military and GCSB security sector leadership, Jonathon has led major system security audits and developed remediation programs that have helped organisations measurably improve their security position. Jonathon's specialties are Governance, Risk and Compliance with an emphasis on audit (for Certification and Accreditation) to recognised standards such as the PSR, NZISM and ISO27001.

Jon Duffy, Assistant Commissioner, Policy and Operations, Office of the Privacy Commissioner

Jon joined the office in July 2018 and is responsible for policy and dispute resolution investigations teams. Immediately prior to joining, he was the Head of Trust & Safety at Trade Me and was heavily involved in the company's introduction of transparency reporting. Jon is the Chair of the Consumer NZ Board and is the Deputy Chair of Netsafe. Jon has a keen interest in technology and emerging data gathering practices.

Murray Kelleher, CTO and CISO, Fulton Hogan

Bio pending

Steve Honiss, Chief Information Security Officer, Parliamentary Services

CISO with over 25 years working in law enforcement, the intelligence community, and information technology fields. After a long career as a senior Detective in Police, Steve ran NZ Police’s national cyber crime unit and was the NZ delegate to INTERPOL’s cyber centre in Singapore. He returned to take up a role in the National Cyber Security Centre where he managed a unit of cyber analysts and incident responders, overseeing the national response to advanced cyber threats. Since commencing at Parliament he has built the cyber team up from one to now six highly performing staff and is taking the Parliamentary Service on a steep increase in security maturity.

Richard Barnett, Senior Associate, EverEdge

Richard is a senior strategist at EverEdge, a global intangible asset advisory, valuation and transaction company. In his role, he helps companies and investors unlock their competitive edge by identifying, valuing and monetising their intangible assets. Richard has a significant depth of experience in consulting on market development strategies to clients in a wide range of technical / industrial sectors, including: industrial manufacturers, technical product & service suppliers, healthcare, technology companies and financial services. In previous roles, he led marketing and channel development for an emergent software company – helping build market momentum and develop clients and channels in international markets – as well as for a leading network systems integrator during a time of dramatic market growth. Richard will be presenting at the Wellington workshop.

Mason Hooper, Director Alliance Solution Architect Team, CrowdStrike

Mason is a seasoned Cyber Security subject matter expert with over 20 years’ experience in the field . Mason is CrowdStrike’s Director of Solutions Architect for APJ, prior to CrowdStrike Mason has held Senior Security leadership roles at McAfee, RSA and Dimension Data. Mason is expert in a range of subject matter areas including endpoint security, security management, cyber crime, online banking and e-commerce fraud, IP and identity theft. Mason has been an adviser to many Australian cyber fraud policing teams and a regular contributor to industry forums, specialist panels and media relating to the cyber security landscape.

Petra Lucioli, Group Claims Manager, Delta Insurance

Petra has nearly 20 years’ experience in liability claims management. She spent a number of years as a litigation lawyer in the UK before moving into the London insurance market as a claims manager, handling professional liability risks and managing a claims team of up to 40 staff. Moving to New Zealand in 2008, she continued to develop her claims management expertise. Petra is passionate about claims service standards and helping clients improve their Risk Management.

WORKSHOP LOGISTICS:

9:00AM - 4:00PM

There is no cost to attend but there are limited spaces for each workshop so please register to secure your spot.

Attendees can join for the morning session or for the full day.

Morning tea, lunch and afternoon tea provided.

TECHNOLOGY PARTNERS:

InPhySec has selected the best of breed technology partners. Our technology stack is deliberately simple. We don’t offer a pick list of vendors in each category, rather we focus on market leaders.

CrowdStrike: Endpoint Security

The endpoint is at the front line of an attack. Whether it be malware or a remote hands-on-keyboard attack, these attacks target the endpoint typically with a purpose of stealing information or undertaking some sort of ransom attack.

Endpoints are often used outside of a corporate network and no longer defended by the network-based security. As a result, we consider endpoint protection as a critical security control and have partnered with CrowdStrike.

Recently listed on the NASDAQ, the CrowdStrike Falcon Platform is deployed across 176+ countries globally.

The quality and fidelity of the Falcon detection technology is leading the way for the latest generation of endpoint security tools.

A partner since 2016, InPhySec is CrowdStrike’s most experienced and highest tiered partner in New Zealand.

Netskope: Cloud Security

The cloud has become widely adopted, both for sanctioned / approved apps, but it is also extensively used for unsanctioned shadow IT. New services can be easily procured with a simple credit card purchase without IT involvement and potentially also without finance approval. In many cases these services offer a free variant or at least a free trial.

The ease in which a cloud service can be procured and implemented exposes organisations to a myriad of known risks. The most obvious of these risks is organisational information that may be private or confidential is shared to unknown cloud services. The result is the organisation does not know where its information is or where it may end up. The ramifications of this are wide ranging.

For these reasons we have partnered with Netskope, incorporating their cloud access security broker (CASB) technology for cloud security. We are the only Tier 1 Focus partner in NZ.

Attack IQ: Continuous Validation of Security Controls

Your organisation has bought and operationalised a layered security stack to defend against the ever-present and growing cyber threat at an annual cost likely to fall somewhere between 5-10% of your company’s annual IT budget.

Given the cost and reliance on these controls, what assurance do you have that these security controls are working as expected? An annual penetration test will provide you with a point-in-time review but what happens between these annual tests?

We have partnered with AttackIQ to enable our clients to continuously validate that their security controls are performing as expected in near real-time. AttackIQ provides immediate insights into the company’s security posture to enable tactical and strategic decision-making based on fact rather than assumptions. We are the only New Zealand MSP partner for AttackIQ.

Established in 2013 by a team of experts with years of experience working in security consulting, penetration testing, threat research, attack modelling, product development and related services, this exciting technology will change the way company’s approach control validation.

Vectra: Network detection and response

Vectra® uses artificial intelligence to automate real-time cyber attack detection and response – from network users and IoT devices to data centres and the cloud. All internal traffic is continuously monitored to detect hidden attacks in progress. Detected threats are instantly correlated with host devices that are under attack and unique context shows where attackers are and what they are doing. Threats that pose the biggest risk to an organisation are automatically scored and prioritised based on their severity and certainty, which, enables security operations teams to quickly focus their time and resources on preventing and mitigating loss.

Splunk: SOC Platform

We are implementing Splunk and specifically Splunk Enterprise Security for our security information and event monitoring (SIEM) service. The efficiencies offered by Splunk make this a highly cost-effective solution. Splunk provides a flexible and fast platform for our SOC team.

BUSINESS PARTNERS:

Delta Insurance is New Zealand’s only locally owned and operated specialist liability insurance provider.

Offering a range of products, Delta have been leaders in the area of cyber risk management, helping New Zealand business understand the risks associated with cyber threats and offering a comprehensive cyber insurance product with coverage across the full spectrum of cyber risks before, during and after an incident.

Delta have recently launched their dedicated IP insurance offering.

InPhySec is the preferred incident response for Delta Insurance providing post-loss incident response and investigation.

EverEdge is a global intangible asset advisory, valuation and transaction specialist. Intangible assets account for 87% of company value today. We help companies unlock their competitive edge by identifying, valuing and monetising their intangible assets. We help investors improve investment returns by assessing intangible asset impact and reducing intangible asset risk.

Date and Time

Location

Rydges

75 Featherston Street

Wellington, NZ 6011

New Zealand

View Map

Save This Event

Event Saved