Session 2.3f Update: Plan for What is Difficult While it is Easy: The Criticality of Effective Crisis Communications for Enabling Cyber Resilience
Tracks
| Wednesday, November 15, 2023 |
| 10:30 AM - 11:30 AM |
| Fitzroy Theatre |
ㅤ
The diffusion of data across the Defence, defence industry and service provider ecosystem exponentially increases the threat surface for compromises of sensitive Defence information. The sheer size and complexity of the Defence sector contributes to inadequate data governance, including limited awareness of data collection, access, storage and exchange. Recent data breaches suggest poor data governance to be one of the key inhibiting factors for effective crisis communications and incident response across extensive and layered stakeholder environments. It is therefore imperative that Defence and defence industry develop, maintain and exercise cogent crisis communication plans in order to comprehensively respond to data compromise. Focus is more heavily invested on prevention and detection, but the ability to respond and recover is critical to cyber resilience.
This presentation will examine what good practice for communications protocol looks like in a cyber crisis, drawing on lessons learnt from recent large scale data exfiltration incidents. It analyses what harm can manifest from a data compromise at scale, preparedness that can be undertaken in ‘peace time’, and degrees to which this harm can be contained by an appropriate crisis communications response in the ‘fog of war’.
Speaker/s
Ms Sarah De Visser
Senior Manager, Strategy & Consulting
CyberCX
Sarah de Visser is a security professional with over 20 years of experience in national security and Defence. This includes significant experience leading multi-functional teams in the areas of intelligence, cyber and protective security. Sarah has worked with Federal Government, Defence Industry and academia, providing advice on best practice to achieve security outcomes to protect sensitive Defence capability, innovative technology, and Australian entities domestically and overseas. Sarah has worked with organisations across the Public, Private and Community sectors to understand threats, effectively manage risk, and improve resilience. Sarah has specialist expertise in program and risk management and a strong background in strategy, policy and governance with a focus on cyber security and incident response.
Cassie Sneikus
Senior Consultant
CyberCX
Cassie is currently working as a Senior Consultant at CyberCX’s Canberra practice, with a background in national security policy, cyber security, and critical infrastructure. Cassie has been heavily involved in both the creation and implementation of federal cyber policy, focussing on holistic security uplift in government and industry. Cassie holds a Masters in National Security Policy from the Australian National University, where her Master's thesis, 'Combating Coercion Through Influence in the Maritime Sphere' was completed under the supervision of Sea Power Centre - Australia.
