Wednesday, November 19, 2025

11:30 AM - 12:30 PM

Nicholls Theatre

---

Details

This interactive tutorial challenges participants to rethink how systems at the classification of SECRET should be designed and secured. The tutorial is designed to help participants move beyond compliance toward purposeful, threat-informed security. Through a gamified scenario, participants will be given a section of the Information Security Manual (ISM) (such as physical security) alongside a fictional but realistic system context, including constraints like unsuitable physical infrastructure and a network map. To make the session interactive participants will be given physical cards and handouts to help them work through the scenario. Participants will work in teams to assess risks, interpret the intent behind ISM controls, and select from a set of alternative mitigations. Using a guided threat and risk assessment framework, they’ll explore how to meet security objectives in creative, context-aware ways, rather than blindly applying controls through the lens of compliance. The session will include facilitated discussions, peer feedback, and expert insights to reinforce key concepts. This tutorial is ideal for anyone wanting to understand the implementation of secure environments when taking into consideration the dynamic needs of the deployed military systems under real-world constraints. Beyond improving security outcomes, this approach also supports cost-efficiency across Defence projects. By focusing on what controls are meant to achieve, rather than how they’re traditionally implemented. Teams can avoid unnecessary rework, reduce over-engineering, and make smarter use of limited resources. Attendees will leave with practical strategies for applying ISM controls intelligently and effectively.

---

Speaker