Top Talks at COSAC – Sydney, December 2018

By Michael, on Filed in Blog / COSAC / Information Security / News / Opinion / Uncategorized

Last week Michael Price, Ahmed ElAshmawy and Chris Blunt from Axenic were fortunate enough to make the trip across the Tasman to Sydney for the 2nd annual COSAC APAC Security Conference.  All 3 had the chance to speak to the attendees and without any bias, Michael shares his take on the Top Talk and some other notable mentions.

Top Talk

Top talk goes to Andy Clark’s Engineering Resilience through Attribute-based Dependency Modelling. This talk discussed dependency modeling, using an example of the Fukushima Daiichi nuclear disaster and other engineering resilience examples. This concept isn’t new but could really improve how we do risk assessments and be applied in a similar was to STRIDE threat modeling. It looks to be most useful for analysing how each component could compromise the overall security of a solution, in a repeatable and consistent manner.

Notable Talks

Other notable talks include Paul Blowers presentation about his research and planning for a New Zealand national cybersecurity incident response exercise, and Michael Hirschfeld discussing the term ‘Securiton’ as a means to measure the security of something (think Category 5 Hurricane, 5-star safety, or “this costs $10,000 and gives you 37 securitons and this costs $8,000 and gives you 45 securitons).

Finally, Ahmed and my presentation on debunking GDPR myths seemed to go pretty well. We started some good conversations with the audience and some came up to me afterwards to ask more questions, which was mostly to confirm if they were in scope (spoiler; they were).  Chris’ presentations went well too with plenty of interactions from the audience, which is hard to do being the last presenter of the day! I managed to get a few photos of him on stage – image below.

COSAC 2018
Chris from Axenic presenting “Are We Just Snake Oil Salespeople?” at COSAC 2018.

I also did a second presentation during the COSAC Rump Session (lightning talk session),  a lighted hearted presentation where I helped translate some keywords from Australian to Kiwi.

Overall it was a very worthwhile few days across in Sydney – feel free to drop me a line if you have any questions on #COSAC2018 or Trans-Tasman communication tips!

 

Michael Price

Senior Consultant

Axenic