Faculty of
Engineering, Architecture and Information Technology

Event host

School of Information Technology and Electrical Engineering

When
6 November 2018 9:00am to 9 November 2018 5:00pm

Where

Brisbane, CBD.

 

Registrations

Registrations for this event are now closed

Uncover the most significant and wide-spread threats facing IT today with world leading experts Dr Paul Twomey - former CEO of both ICANN and the Australian National Office for the Information Economy, Colonel Jeff Arsenault - former Head of the ethical hacking team of the US National Security Agency and Kris Merritt - former Senior Director of Hunting Operations at CrowdStrike, Inc. at the upcoming Cyber-Security workshops in Brisbane and Canberra.

 

AUSTRALIAN LEADERSHIP CYBER-SECURITY WORKSHOPS (C-SUITE)

6 November, Brisbane - course and registration information

Bringing together world leading experts, this one-day workshop will cover an overview of what’s happening out there and provide the knowledge and frameworks to help you execute your obligations. The University of Queensland and Australian Leadership Cybersecurity Workshop will cover the most significant and wide-spread threats facing IT today, with real-world examples and responses illustrating steps and precautions you can take to keep your enterprise on top of current and emerging threats. Cyber-security is NOT just a technology question. It is a cross-functional issue that must be addressed at the CEO/Board level and made a part of critical business decisions.


Presenters
This workshop will be presented by two world renowned experts. Colonel Jeff Arsenault, the former head of the “ethical hacking team” of the US National Security Agency, and Dr Paul Twomey, former CEO of both ICANN, the body responsible for coordinating the global Internet, and the Australian National Office for the Information Economy.

What Will You Experience?
A live demonstration of how a 'Skilled Hacker Penetrates an Enterprise'. Witness technical demonstrations of what an attack actually looks like and how easy it is to move around inside an organisation and steal data.

Observe how a hacker can:

  • Open Source Research (how to find out about your target using free resources)
  • Find credentials for sale on the Dark Web
  • Phishing/Spoofing to get into the network
  • Escalate through Access Privileges
  • Move laterally throughout a computer network
  • Data Identification
  • Data Exfiltration.​

THREAT HUNTING CYBER-SECURITY WORKSHOPS

7 - 9 November, Brisbane - course and registration information
 

Presented by world leading experts, this is a three-day, hands-on, immersive tactics exchange on Threat Hunting. This is an effective forum for collaborating on how to address, manage, and respond to various cyber threats and actors. This program is for technical security staffs and system administrators responsible for security of their networks. The workshop will include one day of formal, hands-on instruction on threat hunting techniques, and two days of guided and unguided hands-on technical exercises conducted in a realistic virtual environment – or cyber range. It is built using Cypherpath’s Software Defined Infrastructure (SDI)® as the range operating system.

Presenters
This workshop will be presented by two world renowned experts.Colonel Jeff Arsenault, the former head of the “ethical hacking team” of the US National Security Agency, Dr Paul Twomey, former CEO of both ICANN, the body responsible for coordinating the global Internet, and the Australian National Office for the Information Economy, and Kris Merritt, former Senior Director of Hunting Operations at CrowdStrike, Inc. 

What Will You Experience?
Our presenters’ experiences in fully-scaled hunting operations and catching advanced attackers, offer participants a unique and timely source of information on a variety of discussion topics, including:

  • What is Cyber Threat Hunting?
    • Why is it needed?
    • How does it fit into your overall security program?
  • Hunting Methodologies
    • Behavioral patterns vs. signatures
    • Where cyber threat intelligence can best help...and where it can’t.
  • Tooling and Enablement
    • Endpoint sensors / logging
    • Sensor data / log aggregation
    • Analytics with Splunk and Elastic Search
  • Four security scenarios are proposed:
    • Phishing with credential harvesting and malware attack
    • External hack with resource theft (cryptocurrency mining)
    • Pivot with domain compromise
    • Insider threat (discussion only).

For each executed scenario:

  • A presenting security expert will review the phases of the attack and attendant techniques attackers will use
  • Participants discuss potential detection methods and response actions they would use – or have successfully employed; and take part in an unguided, hands-on exercise on the cyber range with the presenting security experts executing the attack scenario, and 
  • Participants take part in a facilitated hot-wash after the exercise session to thoroughly review the attack(s), detection and response actions, and identify best practices for the presented attack(s).

Participants are required to bring a laptop with network and browser capabilities.

Enquiries

Email: cpd@eait.uq.edu.au