30 Years 30 Stories

AusCERT 30 Years 30 Stories – Gary Gaskell

With three decades of experience in cyber security, Gary Gaskell has been putting his skills to good use by helping those with limited cyber security knowledge grow their capabilities. Based in Brisbane, Gary is a long-time AusCERT supporter and delivers some of AusCERT’s training programs.

With a long history in cyber security, how does the industry compare from when you started?

Starting 30 years ago, it was exciting. We were on the edge of something new, doing business over the Internet. We began communicating simply across borders and much faster than fax machines and letters. For the past 20 years, I’ve been working for myself, which specifically means working for others. I help individuals lift their security levels, developing strategies and understanding their risk environment.

What kind of training do you provide? And why do you think this training is important?

For those who have been in the industry from the start, it’s time to give back. There’s a big skill shortage in this country, where everyone should benefit from experiences like mine. I can assist clients in tackling novel situations, direct them to good information and help improve security for their organisations.

Training is a challenge due to a diversity of knowledge required to secure our complex systems today. In the beginning, we had computers we called mainframes and they were easily controlled. Now there are thousands of different technologies. Our main goal is to help individuals understand the fundamental principles.

What does the future hold for AusCERT? And how do you see the organisation continuing to play a vital role in the cyber security community?

AusCERT creates huge awareness and provides opportunities for individuals to lift their knowledge and skills. For example, leading and starting the AusCERT conference. With AusCERT’s leadership, they created this conference, providing a platform for practitioners to share case studies. We began to share what worked and what didn’t work, learning about the future. I go to other conferences in Australia as well, but when I return to work, the things I add to my checklist are from the high-quality speakers that attend AusCERT. I wouldn’t miss it.

What sets AusCERT apart from other organisations in the cyber security space?

AusCERT is unique in our community. They’re eager to share their information, whilst commercial suppliers typically share a limited selection of their data. Many government competitors are conscious of classification, regulating who and what they share. Whilst AusCERT provides a holistic approach for its members, enabling agility. It’s that can-do attitude, joined by many great technicians that makes AusCERT stand out.

How should organisations facilitate skill improvement? And why is this important?

AusCERT’s training programs aim to address the skill shortages in our community. Often incidents occur due to individuals being unaware of free security features. I believe problems occur due to a lack of awareness.  AusCERT is here to rectify this. The Cyber Security 101 course helps organisations understand the basic features available to keep companies secure. The classes are very popular and appreciated by all those who attend.

Why would you encourage others to become AusCERT members?

AusCERT has a depth of experience in responding to crises due to its long history. Their mature approach to understanding incidents and providing management is unlike any other organisation. AusCERT’s incident management is preparing you for the unexpected. It’s not just an individual playbook for ransomware on a Windows product. That’s a key value that AusCERT provides.