Session 1.6f Update: Cyber Security Test & Evaluation: An Update
Tracks
ㅤ
| Tuesday, November 14, 2023 |
| 1:30 PM - 2:30 PM |
| Fitzroy Theatre |
ㅤ
So, you want to manage the threats and risks in your technology, project, application or mission system? There are methods to this, however the complexity of systems, nature of point-in-time testing, limitations paper-based assessments or inappropriate tooling are not setting mission systems or projects up for success. While the United States has an effective program and method for verifying project cyber security requirements, its nature and method are not entirely appropriate for Australian projects.
The purpose of this talk will be to present an overview of the systems, processes and architecture to assess and assure mission systems and networks. Attendees will be introduced to alternative tools and methodologies, as well as suitable architectures for assurance throughout a program of works for a mission system or project. This includes:
- limitations of compliance driven or “blue team” focused approaches to cyber security.
- how cyber security evaluation varies from requirements evaluation.
- meaningful approaches and strategies to threat modelling.
- how & where to employ tools and techniques for cyber test and evaluation, including an overview of each, its requirements and limitations.
Speaker/s
Mr Edward Farrell
Director | Principal Consultant
Mercury ISS
Edward Farrell is a security consultant with 13 years experience in cyber security and 18 years in technology. As the director of one of Australia's leading independent cyber security practices, Mercury, he has conducted or overseen the delivery of over 1000 security assessment activities and incident responses in the past 8 years. His professional highlights include lecturing at the Australian Defence Force Academy, being rated in the top 200 bug bounty hunters in 2015 and running an awesome team of security professionals.
