“perth is 32 milliseconds from anywhere” · essential need for a cross-organisational approach...
TRANSCRIPT
![Page 1: “Perth is 32 Milliseconds from Anywhere” · essential need for a cross-organisational approach towards risk quantification. “The problem does not belong to IT. Everybody carries](https://reader034.vdocuments.mx/reader034/viewer/2022050417/5f8d6c49e433151f236879af/html5/thumbnails/1.jpg)
“Perth is 32 Milliseconds from Anywhere”
Article from the AICC(WA) 2017 special Cybersecurity FutureNOW Series event featuring Mr Hans
Haverhals, Head of Cyber Security Australasia, BT Global Services, Mr Gary Hale, Managing Director,
SC8 Limited and Professor Craig Valli, Director of ECU Security Research Institute, Edith Cowan
University speaking on "Wannacry – what you need to know to protect your customers and your
business in the futureNOW.
From L to R - Professor John Finlay-Jones, Deputy Vice-Chancellor (Research), Edith Cowan University, Mr Larry Lopez,
Vice-president, AICC(WA) and Partner, Australian Venture Consultants, Professor Craig Valli, Director of ECU Security
Institute, Edith Cowan University, Mr Gary Hale, Managing Director, SC8 Limited, Mr Carl Purwien, Executive Manager,
Commonwealth Bank, Mr Hans Haverhals, Head of Cyber Security Australasia, BT Global Services and Mr John Cluer,
Chief Executive, Australia-Israel Chamber of Commerce (WA)
Host Sponsor: CBA Principal Sponsor: ECU
![Page 2: “Perth is 32 Milliseconds from Anywhere” · essential need for a cross-organisational approach towards risk quantification. “The problem does not belong to IT. Everybody carries](https://reader034.vdocuments.mx/reader034/viewer/2022050417/5f8d6c49e433151f236879af/html5/thumbnails/2.jpg)
In the words of one attendee “by the end of the presentation I had mixed emotions. I couldn’t
decide to wannalaugh or wannacry”. So was the reaction to an eye-opening presentation about how
rapidly the cybersecurity issue is impacting business locally, and around the world.
Mr Gary Hale, a graduate of three AICC(WA) Israel delegations, reflected on his recent trip to Israel
by discussing the sense of urgency which pervades business development in Israel. Culturally
reflective of a society that needs security and has to execute decisions quickly, Mr Hale particularly
took note of the productivity and experimentation associated with Israel’s cyber industry, and the
strategy that drove business development. Whist sometimes competing, and other times partnering
and sourcing from Israeli companies, he drew a distinction between Australian business which was
predominantly focused on sales and service, and Israeli business which looked across a broader
business lifecycle which commenced with the identification of a problem and developed through to
the point of commercial exit and beyond.
Mr Gary Hale, Managing Director, SC8 Limited
SC8 is a relatively recent Perth based company that recognises local capability and relationships. In
the global market, Mr Hale asserted that the Perth cyber industry holds its own with highly regarded
people and product development. In the context of noting that the tyranny of distance associated
with traditional economic markets for Western Australia do not apply to ICT he mentioned that
“Perth is 32 milliseconds from anywhere”.
Sharing an example of SC8 activity Mr Hale described the evolution of Operational Technology (OT),
being hardware and software that detects or causes a change through the direct monitoring and/or
control of physical devices, processes and events. Through interacting with digital leaders in large
industry SC8 is an example of new cyber industry development that Mr Hale noted “pushes
boundaries on how to be productive whilst mitigating cyber risk”. The broad aims of the cyber
industry are focussed on protecting business value, enhancing operational resilience, and driving
digital agility.
![Page 3: “Perth is 32 Milliseconds from Anywhere” · essential need for a cross-organisational approach towards risk quantification. “The problem does not belong to IT. Everybody carries](https://reader034.vdocuments.mx/reader034/viewer/2022050417/5f8d6c49e433151f236879af/html5/thumbnails/3.jpg)
Mr Hans Haverhals, Head of Cyber Security Australasia, BT Global Services
Hans Haverhals, Head of Cyber Security Practice of BT Australasia further reinforced the rising
consciousness of cybersecurity, and described the changing nature of cyber threats and the cyber
security journey that we are all on. Recent cyber attacks involving ransomware, denial of service,
and data theft, have been prolific in the media. “We risk battle fatigue before the battle has begun”,
Mr Haverhals remarked, “but the journey traverses stages”. He described denial, worry, false
confidence, hard lessons and leadership as the responsive evolution and particularly focussed on the
essential need for a cross-organisational approach towards risk quantification.
“The problem does not belong to IT. Everybody carries responsibility. Similarly, it must be
recognised that good cyber security is not about technology alone, but also about people and
process. Businesses tend to spend on technology (sunk investment into cyber software), but
also need to heavily invest in people and process to ensure that cyber is embedded into
organisational culture.”
Mr Haverhals provided an insight into both board and executive leadership trends relating to cyber
awareness. Often a false sense of security can be instantly shattered by a specific event or trigger.
His advice was to embed cyber into all elements of management decision making and not isolate the
topic as a periodic agenda item.
For those organisations that are true leaders in how they manage cyber security risks, Mr Havehals
explained:
“It can feel lonely at the top, but I encourage true leaders to collaborate with their peers -
those within their own market as well as across different industries. Security leadership can
be found across all industries and each have learned hard lessons along the way - we stand
to learn a lot from each other. Build and invest in these trusted relationships early, as it's
hard to build trust in the middle of a crisis.”
In conclusion, Mr Haverhals stated "Ultimately it needs to be recognised that cyber is a journey, not
a destination.”
![Page 4: “Perth is 32 Milliseconds from Anywhere” · essential need for a cross-organisational approach towards risk quantification. “The problem does not belong to IT. Everybody carries](https://reader034.vdocuments.mx/reader034/viewer/2022050417/5f8d6c49e433151f236879af/html5/thumbnails/4.jpg)
Professor Craig Valli, Director of ECU Security Institute, Edith Cowan University, Mr Gary Hale, Managing Director, SC8
Limited and Mr Hans Haverhals, Head of Cyber Security Australasia, BT Global Services
With forthrightness and no inhibition, Professor Craig Valli provided a wake up call by describing the
rate at which cyber attacks are increasing, and the severe consequences of networks being
breached. The reliance that is now placed on back end IT systems to deliver industry, government,
utilities and infrastructure, and all elements of daily living means cyber security is inescapable.
“Cyber is an advanced persistent threat that is not going anywhere.”
Professor Valli criticised businesses and agencies that fall behind basic software upgrades and
maintaining currency on software security. He also referred to often lax public attitudes towards
public security noting that intelligence and defence agencies charged with the oversight of security
of infrastructure need to be supported and respected. Criminal activity is not tolerated when
physical, however often cyber crime is not viewed with the same due regard. We risk the inability to
cope with an escalation of cyber attacks without a stronger level of public awareness. Professor Valli
cautioned that the “Internet of Things” is an “Internet of Threats” when the basic protocols of
protection are disregarded.
Mr Carl Purwien, Executive Manager, Commonwealth Bank
![Page 5: “Perth is 32 Milliseconds from Anywhere” · essential need for a cross-organisational approach towards risk quantification. “The problem does not belong to IT. Everybody carries](https://reader034.vdocuments.mx/reader034/viewer/2022050417/5f8d6c49e433151f236879af/html5/thumbnails/5.jpg)
Professor Craig Valli, Director of ECU Security Institute, Edith Cowan University
The ECU undertake leading penetration and vulnerability assessment, involving a diverse range of
students, industry and government stakeholders. Sharing examples of testing the reinstallation of
backup data, and specific organisations that have had password and encryption weaknesses
identified, have been aided by the ECU to strengthen their network protection.
Mr Gary Hale, Managing Director, SC8 Limited and Mr Hans Haverhals, Head of Cyber Security Australasia, BT Global
Services and Mr John Cluer, Chief Executive, Australia-Israel Chamber of Commerce (WA)
Through dialogue and questions the panel of presenters addressed issues including the impact of
cyber on Small and Medium Enterprise, where the threat remains the same but the resource base to
address the problem is not as expansive. As a basic protection, the knowledge of what data and
information exists, where it is, and control over its confidentiality can be managed with diligent
control of devices and standard security protocols. Other discussion relating to password strength
and control, and the legacy systems underpinning utility infrastructure were addressed by the
presenters.
![Page 6: “Perth is 32 Milliseconds from Anywhere” · essential need for a cross-organisational approach towards risk quantification. “The problem does not belong to IT. Everybody carries](https://reader034.vdocuments.mx/reader034/viewer/2022050417/5f8d6c49e433151f236879af/html5/thumbnails/6.jpg)
Professor John Finlay-Jones, Deputy Vice-Chancellor (Research), Edith Cowan University
A vote of thanks was proposed by Professor John Finlay-Jones, Deputy Vice Chancellor (Research) of
ECU. The ECU are one of two Australian Centres of Excellence in Cybersecurity and proud of the
Universities longstanding commitment to delivering specialist education, skills and research
capability in this sector.
A link to the BT paper “Five stages you have to navigate to protect your organisation from attack” is
available from the BT Website.
![Page 7: “Perth is 32 Milliseconds from Anywhere” · essential need for a cross-organisational approach towards risk quantification. “The problem does not belong to IT. Everybody carries](https://reader034.vdocuments.mx/reader034/viewer/2022050417/5f8d6c49e433151f236879af/html5/thumbnails/7.jpg)
From Top L clockwise - Mr Hans Haverhals, Head of Cyber Security Australasia, BT Global Services, Mr Scott Henderson,
Vice President (Corporate Services), Edith Cowan University, Professor Margaret Jones, Director, Office of Research and
Innovation, Edith Cowan University, Adrian Huber, Special Counsel, Wrays, Professor Peter Davies, Pro Vice Chancellor
(Research), The University of Western Australia and Andy Buchanan-Hughes, Regional Manager, Priority Management
WA