Cybersecurity engineering is the tool used to create this futuristic better state, in a scientific and most important measurable way.

Security architects set the vision for security systems so to speak, and Security engineers figure out how to put this vision into practice, while Collaborating with other IT professionals to ensure that security solutions are integrated with other systems.

They are responsible for identifying and mitigating security threats, Monitoring systems for security breaches, and responding to incidents when they occur.

Security cannot be an add-on, it has to be integrated in every aspect of your solution, otherwise it will be just a waste of time trying to secure a solution.

NIST SP 800-160 Vol 1 Rev 1 Engineering Trustworthy Secure Systems

https://csrc.nist.gov/pubs/sp/800/160/v1/r1/final

NIST SP 800-160 Vol. 2 Rev. 1 Developing Cyber-Resilient Systems

https://csrc.nist.gov/pubs/sp/800/160/v2/r1/final

Disclaimer: The views and opinions expressed on this Podcast are solely those of the individual creator and do not necessarily reflect the official policy or position of any organisation, company, or institution that the creator may be associated with.

Cyber security strategy is the plan to achieve an objective. This objective is the desired future state for the organisation security posture and level of risk.

This strategy guides the blend of people, process and technology employed to protect organisations, computers and data from theft and/or destruction.

According to The European Union Agency for Cybersecurity (ENISA), cyber security strategy is a plan of actions designed to improve the security and resilience. Its main objectives is to reduce business risks from cyber-attacks by maintaining confidentiality, availability and integrity.

Disclaimer: The views and opinions expressed on this Podcast are solely those of the individual creator and do not necessarily reflect the official policy or position of any organisation, company, or institution that the creator may be associated with.

2024 will be the year of major transitions on so many levels, economics, social, culture and political and cyber security is not immune.

Ransomware groups are all competing on the same portion of the same market, and you can already observe what would that means. Don’t be the lowest hanging fruit in any kill chain, get your basic cyber hygiene in order and keep an eye on the fast moving threat landscape.

Disclaimer: The views and opinions expressed on this Podcast are solely those of the individual creator and do not necessarily reflect the official policy or position of any organisation, company, or institution that the creator may be associated with.

According to the FBI terrorism is defined as Violent, criminal acts committed by individuals and/or groups who are inspired by, or associated with foreign terrorist organizations or nations (state-sponsored), or motivated by ideological goals stemming from domestic influences, such as those of a political, religious, social, racial, or environmental nature.

Cyberterrorism is a premeditated, politically motivated cyberattack against information, computer systems, computer programs, and data that results in violence against noncombatant targets by subnational groups or clandestine agents. It is simply the use of computers or any digital device, networks or the internet in order to launch a terrorist attack.

Australian security and counter terrorism:

https://www.aph.gov.au/Parliamentary_Business/Committees/Joint/Completed_Inquiries/pjcis/securityleg/report/chapter5

Disclaimer: The views and opinions expressed on this Podcast are solely those of the individual creator and do not necessarily reflect the official policy or position of any organisation, company, or institution that the creator may be associated with.

Espionage is the practice of spying to obtain information about the plans and activities especially of a foreign government or a competing company.

Corporate or industrial espionage is spying and exfiltrating of key information that has economical values.

Details of a competitor’s new project, a detailed list of clients, research and development (R&D) data or any information with potential economic value. While the rational for corporate espionage is different of that of military espionage, it often involves the same techniques.

Such as monitoring, copying of files, and compromising members of the organisation.

CISA for Asset Identification:

https://www.cisa.gov/sites/default/files/publications/CRR_Resource_Guide-AM.pdf

Australian Espionage Act: https://www.education.gov.au/guidelines-counter-foreign-interference-australian-university-sector/templates-and-tools/australian-government-legislation-and-codes

Disclaimer: The views and opinions expressed on this Podcast are solely those of the individual creator and do not necessarily reflect the official policy or position of any organisation, company, or institution that the creator may be associated with.

For the season finale our guest is an executive with exceptional experience leading in cyber security, technology, risk, and digital transformation.

Leading in the financial and banking industry, a leader who is people centric, empowering and encouraging individuals for better and secure outcomes.

Kevin Mangano - Chief Digital & Risk Officer at Yellow Brick Road.

Our discussion was around leadership in cyber security, building a secure and resilient strategies for organisations, and giving exceptional practical advice for individuals to be safe and secure online.

I would like to thank all listeners and anyone who supported this journey, this podcast wouldn’t have materialised without your trust and support. A special thanks to all who I had the honour interviewing and apologies for the people we missed this season.

Disclaimer: The views and opinions expressed on this Podcast are solely those of the individual creator and do not necessarily reflect the official policy or position of any organisation, company, or institution that the creator may be associated with.

Meeting Professor Robin Doss, Director of Centre for Cyber Resilience and Trust (CREST) at Deakin University.

In addition, Dr Doss leads Deakin University's participation in the Cyber Security Cooperative Research Centre (CSCRC) and is the theme leader for the research on "Development of Next Generation Authentication Technologies".

With a long list of articles and research papers, most recent paper were regarding “Analysis of Misbehaviour Detection Intelligent Transport Systems” and “Weak-Key Analysis for Post-Quantum Key Encapsulation” to name few.

We spoke about Deakin University Cyber Conference, CREST priorities for 2024, encryption in the quantum era, and Dr Doss advice to students joining in the cyber security field.

Recent Papers:

https://dro.deakin.edu.au/articles/journal_contribution/A_Taxonomy_and_Analysis_of_Misbehaviour_Detection_in_Cooperative_Intelligent_Transport_Systems_A_Systematic_Review/24440335

https://dro.deakin.edu.au/articles/journal_contribution/Weak-Key_Analysis_for_BIKE_Post-Quantum_Key_Encapsulation_Mechanism/22566847

Website:

https://cybercentre.org.au/

Disclaimer: The views and opinions expressed on this Podcast are solely those of the individual creator and do not necessarily reflect the official policy or position of any organisation, company, or institution that the creator may be associated with.

A lengthy interview with one of Australia’s best cyber security researchers, Mr. Ahmed Kasmani a Principal Research Lead at Microsoft where he reverse engineer malwares and analysis adversaries behaviour.

Mr. Kasmani worked at CrowdStrike leading the Asia Pacific Detection and Response team. With more than 15 years now working in the Cyber Security industry. Ahmed has investigated and lead on many serious breaches in Australia and overseas.

We discussed Australian cyber security workplace, interview processes and advice for hiring managers and discussed some incidents and malwares on the way.

The Art of Malware Analysis:

https://courses.null-char.com/courses/the-art-of-malware-analysis

YouTube:

https://www.youtube.com/@ahmedskasmani/channels

Disclaimer: The views and opinions expressed on this Podcast are solely those of the individual creator and do not necessarily reflect the official policy or position of any organisation, company, or institution that the creator may be associated with.