AUSCERT 30 Years 30 Stories – Mark Jackson Viewing the AUSCERT membership as a two-way value exchange, Mark Jackson hopes to put in just as much as he receives working alongside AUSCERT. As the Security Services Lead at MYOB, providing tax, accounting, and other business services to multiple individuals and companies across Australia, Mark’s AUSCERT story spans years. How did you first become involved with AUSCERT, and what motivated you to become a member? I’ve worked in many different organisations and at one in particular, I was prompted to investigate AUSCERT and sign up. Many years later, I’ve crossed multiple organisations and am still a member. What are some of the key benefits and experiences of an AUSCERT membership? The key services that I’ve used across my career are AUSCERT’s threat and vulnerability intelligence, along with takedown services. These services have been invaluable to the workplaces I’ve been a part of providing guidance through various incidents, good advice, and leading us to the right people to workshop a solution. How has AUSCERT evolved over the years, and what changes have you seen in the cybersecurity landscape that have affected the organisation’s work? Back in the day, cybersecurity was only attached to infrastructure. Just about every company needs to mature to deal with today’s challenges. The services AUSCERT offers and how they approach security have changed to match modern threats. What advice would you give to someone considering becoming an AUSCERT member? Be sure to lean on the network and stay in contact. Like anything, you get out what you put in. Looking ahead, what do you think the future holds for AUSCERT, and how do you see the organisation continue to play a role in the cybersecurity community? Given the depth and breadth of AUSCERT’s connections within the community, the organisation’s pool of information will be highly valuable. It’s the community that gives AUSCERT a much broader picture of things that might impact individual companies that they might not see otherwise. What do you believe sets AUSCERT apart from other organisations in the cybersecurity space? AUSCERT’s connection to a wider set of industries and partnerships than cybersecurity silos is their most significant drawcard. AUSCERT collates a broader view of the threats that are out there and what’s happening in general.

 AUSCERT 30 Years 30 Stories – Dave O’Loan Long-time AUSCERT affiliate and member, Dave O’Loan shares his journey with AUSCERT. As Head of Cyber Relations at the Australian Academic Research Network (AARNet), Dave has had many touchpoints with AUSCERT throughout his career. The sharing of information and diverse collaboration is why Dave continues to support and remain a member of AUSCERT. How did you first get involved with AUSCERT and what motivated you to become a member? AUSCERT is a partner with AARNet within AHECS, the Australian Higher Education Cyber Security Service. Prior to that, I had a long history of working within the academic and research sector. AUSCERT is part of The University of Queensland, linking with AARNet as a shareholder. Therefore, we have a close relationship around securing our sector and broadly sharing information. What are some of the key benefits and experiences of an AUSCERT membership? AARNet gains a lot of benefits through the sharing of threat intelligence, technical indicators, advisories, and bulletins. We also gain a lot from the AUSCERT community, including the conference, and other communities that bring security individuals together to share information effectively. How has AUSCERT evolved over the years, and what changes have you seen in the cybersecurity landscape that have affected the organisation’s work? AUSCERT has evolved by leveraging events like the annual conference and building a strong, information-sharing community. The evolution includes stronger partnerships, distributing information, and bringing different industry verticals together. AUSCERT plays a significant role in ensuring the CERT function is carried out and making sure there’s timely advice available for members. What advice would you give to someone considering becoming an AUSCERT member? AUSCERT memberships have numerous benefits, providing access to information, people, skills, and knowledge that an organisation might not have in-house. The membership allows for asking questions, gaining guidance, and receiving information that helps protect systems, networks, and people. AUSCERT’s training contributes to the cybersecurity maturity of an organisation. What do you think the future holds for AUSCERT, and how do you see the organisation continuing to play a vital role in the cybersecurity community? Many people don’t like answering this question, but I see a bright future for AUSCERT. With the evolving cybersecurity landscape, more entities need to be involved in the broader uplift. AUSCERT’s long history of support and leveraging its capabilities will contribute significantly to achieving a more secure nation. How has your membership in AUSCERT impacted your organisation’s overall approach to cybersecurity? The membership has provided unique information sharing, a subscription model with significant value, and the ability to maintain multiple cybersecurity partners. Different partners contribute advice and guidance across various aspects like risk, threat intel, and governance. What do you believe sets AUSCERT apart from other organisations in the cybersecurity space? AUSCERT’s unique nature lies in the shared information it has available through different partners. Maintaining different cybersecurity partners is critical because no single organisation has the knowledge or capacity to understand all risks, threats and governance challenges an organisation could face.

AUSCERT 30 Years 30 Stories – Trace Borrero Trace Borrero works at the University of Southern Queensland and through the university’s connection to AUSCERT, Trace has developed into a well-trained and active part of the AUSCERT community. From graduate to professional, check out Trace’s AUSCERT story. How did you first become a member of AUSCERT? I came directly out of my degree in cyber security and landed in a role at the University of Southern Queensland. The university were already members, so I became a member. How do you use the AUSCERT service and what benefit do you receive? We use the Malware Information Sharing Platform (MISP) a lot, and we’ve learned to automate from there. When I graduated there was a lot of talk about the intel and IOCs that came from AUSCERT. We would be looking for them in our environment and acting on them if needed. Whenever we’d see widespread phishing, we’d be able to send it to AUSCERT and they would handle it. To me as a graduate, it was magic. I didn’t understand what was going on, but I knew that it was taken care of. Now that I’ve learned the ropes, it’s a plus, because there is a lot of groundwork in the backend that AUSCERT handle for you. How do you think AUSCERT has evolved over the years? I’ve been a member for five years, so I’ve seen lots of change in the direction the industry is heading. AUSCERT is trying to remain cutting edge, which is important. Recently, automation is the new buzzword. Automation is one place that AUSCERT have adapted successfully, preparing their members to automate and thinking about what type of automation that members want. What advice would you give to someone considering becoming an AUSCERT member? It’s worth it – one of the best things you could do, is simply attend the conference and see what it’s all about. It’s hard to see AUSCERT’s benefit purely from the website. Meeting AUSCERT’s members, attending events, or just the conference, is a good place to start. What do you think the future holds for AUSCERT? I assume AUSCERT will continue to try and stay cutting edge. They will also continue to look out for their members as best they can, in whatever way that means. What sets AUSCERT apart from other organisations in the cyber security industry? AUSCERT are looking out for you. Obviously, they have their own interests, but their interests are their members. You don’t see that very often, specifically when you look at other vendors. Simply having someone to bounce your ideas off, and then receiving feedback from AUSCERT and its member community is fantastic. To be able to say: “Oh, hey, I’ve seen this phishing email. Has anyone else seen it?” “Oh, yes, we’ve seen it, and these are the other IOCs or other attributes of it.” It’s truly a community of learning and collaboration.

AUSCERT 30 Years 30 Stories – Peter Degotardi AUSCERT member in the education industry, Peter Degotardi is the Manager of Cyber Security Capability at the University of Technology Sydney. Joining the University in 2015, Peter has benefited from the information his AUSCERT membership provides. Keeping his organisation up-to-date and ahead of the game, Peter’s AUSCERT story is one of community and collaboration. What are some of the key benefits you’ve experienced as an AUSCERT member? The main benefit I receive from AUSCERT is the community and the sense of camaraderie we have. This community is a sight to behold; everyone talks to each other and trusts one another. The information we receive is phenomenal, giving great value out of the membership. Often, we’re alerted to vulnerable hosts before we’re even aware it’s happened. We can’t live without [phishing] site takedown services, along with phishing emails that AUSCERT handles for us. How has AUSCERT evolved over the years? I was involved with AUSCERT before I started in the cyber security sector, and I’ve always dreamed of going to the AUSCERT conference. Initially, AUSCERT was a ‘techie’ organisation but now it’s evolved to helping businesses secure themselves. Although technology is one part of the AUSCERT offering, they now focus on the governance and risk management services. What advice would you give to someone considering becoming an AUSCERT member, and why do you believe that membership is valuable for organisations of all sizes and industries? Be ready to ingest a huge amount of information; you’re going to receive a lot. The value is in the information sharing you receive, not just from AUSCERT itself but other members – everyone helps everyone else. What do you think the future holds for AUSCERT? Everything evolves – technology, processes, people, organisations, but no matter what changes, it needs to be secured. I’m looking at AUSCERT to provide timely information to be able to do just that – provide recommendations to stay one step ahead of the baddies. What do you believe sets AUSCERT apart from other organisations in the cyber security space? AUSCERT is Australian born and bred and it has the connections to its equivalents across the world. AUSCERT gives me the information I don’t have readily accessible, which will help us to develop a better security position for the organisation.

AUSCERT 30 Years 30 Stories – Bek Cheb Hard-working Bek Cheb embodies the heart of AUSCERT’s passion and community and is responsible for keeping the business side of AUSCERT running. As Business Manager, Bek oversees AUSCERT’s events, marketing, communications, and membership. Read on to discover Bek’s fondest AUSCERT moments and where she sees the future of AUSCERT headed. Whilst working at AUSCERT, is there a memorable experience that stands out? Not surprisingly, many of my memorable moments have been at the AUSCERT conference. AUSCERT attracts plenty of big-industry names that I’ve fanned over for years.  To meet these inspirations face-to-face and feel their human compassion is amazing. Adam Spencer is our MC, and each year I still get excited to hang out with Adam for a few days. This year Rachel Tobac, an expert in the world of social engineering, was AUSCERT’s keynote. To have such expertise on stage and learn from them is just magical. What would you say to someone considering becoming an AUSCERT member? Every organisation should become an AUSCERT member and I’m not just saying that because I work for AUSCERT. I understand the pressure there is on individuals and businesses to understand cyber security. Knowing that you’ve got a community ready to assist you, let alone the value in the individual services, builds confidence. There are many obvious services that AUSCERT are known for such as security bulletins and early warning SMS, but recently phishing takedowns are requested more often; where AUSCERT acts as an extension of your team. Where do you see AUSCERT going in the future? Thinking about AUSCERT’s future is thrilling – I think we have a lot of opportunities. Because we’re not owned by the government, the best part of AUSCERT is our agility. We can grow and change to whatever our members need us to be – so the growth opportunities for AUSCERT are endless. Education is going to play a big role in our future, innovating how we can expand our courses and offerings. There’s a high demand for new skill sets and growth within our industry, so I can’t wait to see our numbers grow. What sets AUSCERT apart from other organisations in the cyber security space? Every organisation needs to consider their network of cyber security partners. There’s no one-size-fits-all when it comes to protection, and you can’t put all your eggs in one basket. It’s important to have a layered approach by ensuring you’ve got different people representing your business on different issues. AUSCERT is that important piece of the puzzle, where you won’t find a sales pitch. We’re not trying to make an extra buck in our sales targets that month – instead we’re part of the cyber security community.

AUSCERT 30 Years 30 Stories – Peter Newman Utilising AUSCERT’s services in the gambling industry, Peter Newman has a long history with AUSCERT. Initially working for University of Queensland (UQ), Peter Newman is now the Head of Threat at The Lottery Corporation. Providing insight into AUSCERT’s services and predicting its future, check out Peter’s AUSCERT connection story. What motivated your organisation to become a member? The Lottery Corporation is only a year old, recently splitting from Tabcorp. As a flow-on organisation of Tabcorp we utilise the same services. As Tabcorp were already AUSCERT members, we decided to continue the same framework with an AUSCERT membership for The Lottery Corporation. As an AUSCERT member, what are the key benefits? The Lottery Corporation use the bulletin service, which is a primary feed into our vulnerability management program. We also use AUSCERT’s seven-day feed for malware URLs. With this resource, we look at the domains our users are visiting, and if that domain is listed as a malicious URL, we investigate further. How has AUSCERT evolved over the years? When I began with AUSCERT, they were focused on incident response. Currently, AUSCERT have been developing its threat intelligence resources and feeds associated with that. Another aspect that AUSCERT has done well over the years, is maintaining relationships with other certs around the world – enabling them to become highly efficient at phishing take downs. What advice would you give to someone considering becoming an AUSCERT member? Understanding what AUSCERT can do for you is a challenge; a lot of the people that become members only use one or two services. Knowing everything AUSCERT can do for your business is the best advice I can give. What do you think the future holds for AUSCERT? AUSCERT will need to continually pivot even though its staples are solid. As a community organisation, AUSCERT must keep adjusting to the community itself and how it changes. I predict AUSCERT will continue to grow in the threat intelligence area and more in education. What sets AUSCERT apart from other organisations in the cyber security space? Being vendor-agnostic specifically sets AUSCERT apart – everybody in cyber security is trying to sell you something. Although AUSCERT is selling you something, it’s in a not-for-profit method. Due to this, AUSCERT can leverage their community to feedback on itself.

AUSCERT 30 Years 30 Stories – David Stockdale With a professional and ethical approach to delivering cyber security throughout Australia, the AUSCERT 30 Years 30 Stories would be incomplete without sitting down with current AUSCERT Director, David Stockdale. Praising AUSCERT’s trust and influential community, David’s insight into what sets our organisation apart is a heart-warming read. How did you first become involved with AUSCERT, and what motivated you to apply for your position? The Director of AUSCERT position was included in a job that I applied for at the University of Queensland. It was the area I least understood in the role, and yet it’s become the piece I adore most. How do you think AUSCERT has evolved over the years? What do you think our future holds? AUSCERT has experienced plenty of change in the last three decades – 30 years ago, AUSCERT was one of the first computer emergency response teams in the world. What AUSCERT provided then was unique, but there are now many big players in the sector. We’ve evolved to provide new and niche offerings, that other companies are not able to provide. As AUSCERT is a not-for-profit organisation, we’re not government-aligned nor commercial, we’re able to establish an element of trust. This trust is our superpower and means we can provide services others can’t. What are the key benefits of being a part of the AUSCERT community? AUSCERT transcends more than just its members, age, services and employees; it’s much bigger than that. To be part of an organisation that aims to provide good services and lift the security of our community – is a fantastic cause. What advice would you give to a prospective AUSCERT member? Do it! Looking at the low cost of our services, it’s easy to assume that they are not worth a lot. That couldn’t be further from the truth. Once you start using AUSCERT and leveraging our offerings, you’ll find there’s value-upon-value-upon-value. That said, the real value of being an AUSCERT member is not necessarily the services, but the community we create, whether it’s through our conference, or events. We connect sectors together, and it’s this quality that separates us from others. When you’re an AUSCERT member, you become part of a trusted community. What do you believe sets AUSCERT apart from other organisations in the cybersecurity space? It’s AUSCERT’s not-for-profit qualities – we aren’t aligned to any vendors so we are, in some ways, a trusted free spirit. This trust is what sets AUSCERT apart; and we do the best cybersecurity conference in Australia, without a doubt. AUSCERT, Happy 30th Birthday! You are the best organisation I’ve ever known, and I’m so proud to be part of it.  

AUSCERT 30 Years 30 Stories – Heath Marks Partnering with AUSCERT for 13 years, Heath Marks is the CEO of the Australian Access Federation (AAF), which provides the National Authentication Framework for Australian Higher Education Research. Assisting the Federal Government’s National Research Infrastructure Strategy, Heath leads development in the trust and identity sector. Through a mutual partnership with AUSCERT, Heath shares the benefits of aligning with cooperative communities like ours. What is your biggest takeaway from AUSCERT’s service? Working in the trust and identity environment, we are naturally linked to cyber security. Being aligned with AUSCERT’s deliverables and leveraging their services is highly important to us. Additionally, joining the community and further advancing the cyber security industry as a national strategy is considered invaluable to us at AAF. An initiative that the AAF and AUSCERT have partnered together from the beginning is the establishment of the Australasian Higher Education Cyber Security Service. Together with the entire AHECS group, we collectively advance cyber security initiatives within the sector. How long have you been an AUSCERT member? The AAF have been AUSCERT members from the very beginning.  We began with the certificate service and later continued that relationship throughout the years. AUSCERT provide training, support, engagement and a number of useful services that we enjoy engaging with as a team. What advice would you give to those considering to become an AUSCERT member? Why do you think the AUSCERT membership is valued in organisations? It’s critical that we’re part of initiatives like AUSCERT A key distinction of AUSCERT is that it’s a service delivered for the sector, by the sector. AUSCERT is a shared, cost-effective service. The membership costs are very low, for the value you receive. There’s a plethora of cyber security services available, the majority of which are expensive and often questionable. Being part of a passionate community, catered to sharing intelligence and knowledge on cyber security is vital and important – it’s the reason why we’re AUSCERT members. As AUSCERT turns 30, do you want to add anything else? Congratulations, AUSCERT, for making 30 years! AUSCERT is an integral part of the sector and we appreciate everything you do in supporting us, delivering what we need for our customers, our colleagues, and our daily jobs. Thank you very much.

The recent escalation of tensions between Israel and Hamas has not only led to a surge in physical violence but has also raised concerns about the potential for increased cyber-attacks. As the conflict intensifies, Australia as a close ally of Israel has been targeted by a threat actor group named ‘IRoX Team’ [1][2][3]. According to emerging reports, Australia has been identified as a specific target for potential cyber-attacks on October 25 [1]. These attacks are expected to involve Distributed Denial of Service (DDoS) techniques [2][3]. While the credibility of the reports is unknown to us, we strongly recommend that our members enhance their vigilance and situational awareness during this period of uncertainty. We also encourage our members to practice good cyber hygiene to ensure the security of their systems and promptly report any suspicious activities or information to the relevant authorities for further investigation. Reference: [1] https://cyberknow.substack.com/p/irox-team-declares-global-hacktivist [2] https://www.theguardian.com/australia-news/2023/oct/11/israel-hamas-war-cyber-attacks-cyberx [3] https://cybercx.com.au/blog/hamas-israel-conflict/

AUSCERT 30 Years 30 Stories – Duke Erdenebat One of AUSCERT’s security analysts, Duke Erdenebat, shares how AUSCERT enables him to make positive contributions to the cybersecurity industry. Duke’s day-to-day work involves writing code, scripting, automation and a multitude of services that assist AUSCERT members. Inspired by AUSCERT’s goodwill, check out Duke’s AUSCERT connection story. Within your time in your role, what are the key benefits you’ve experienced? The main benefit has undoubtedly been AUSCERT’s not-for-profit status, with a focus on its members. This focus doesn’t just end with members but extends to the whole of Australia and the globe. We attempt to reach people who are in danger and try to enrich them. What do you envision for AUSCERT within the next 5 to 10 years? The current AUSCERT service is fantastic. But recently, we’re trying to integrate Malware Information Sharing Platform (MISP) in an attempt to share more information. This is an area where individuals can share threat activity and threat actors, helping others find compromise indicators. In the future, I believe our MISP integration will be strong enough to encourage members to check threats themselves. What advice would you give to someone considering becoming an AUSCERT member? Those considering an AUSCERT membership should research what AUSCERT services could benefit them and contact our team directly. Simply look through AUSCERT’s services – there are educational programs and plenty more – and see what AUSCERT is doing differently from other security companies. What does the AUSCERT community mean to you? AUSCERT has been around for 30 years – which means the community is robust. There are plenty of people who know about AUSCERT, and who AUSCERT know personally. If there’s a new source of information or incident, there’s open communication and sharing of that information, which makes it a great community to be a part of. What do you believe sets AUSCERT apart from other organisations in the cyber security space? AUSCERT has utmost respect for its members and there’s open communication of information, through Slack channels, MISP events and emails.

  AUSCERT 30 Years 30 Stories – Mark Carey-Smith A staff member of AUSCERT for the past two and a half years, but long-time member, Mark Carey-Smith is AUSCERT’s Principal Analyst. As an organisation whose sole focus is to benefit its members and wider community, Mark is a proud AUSCERT employee, and continues to improve AUSCERT’s educational offerings and other services. What motivated you to apply for a job at AUSCERT? With thanks to the conference, I had six or seven years of experience with AUSCERT. I knew some of AUSCERT’s main employees and had developed a good relationship with them over the years. I wanted to pursue cyber security education more, so I spoke with AUSCERT about how I could contribute to the development and improvement of AUSCERT’s educational services. What are some of the key benefits you’ve experienced being a part of the AUSCERT community? Community is the main word – at events, when we’ve run into members, community always comes up. A tight-knit community is certainly how I envisaged AUSCERT both before I was a staff member and now that I am, and there’s no doubt a micro-community between AUSCERT, its staff and members. How has AUSCERT evolved over the years that you’ve been with them? With my experience with AUSCERT as both a member and now employee, I’ve been involved with AUSCERT for about eight years in total. Some of the ways that we’ve evolved have been in the maturing of existing services and the development of new services. There are many ways AUSCERT remains true to its roots and community. I think in more recent times, there’s been a focus on getting in touch with our members and understanding their needs. We focus our future development on what our members need from us. What do you think the future holds for AUSCERT? I hope that in some ways it’s more of the same. I hope that we expand our range of educational offerings in particular so they suit member needs, and we continue to grow while maintaining our focus on community. Many vendors have no interest in community and just want to take money. With AUSCERT, we’re much more concerned with creating a space that works for the community. What do you believe sets AUSCERT apart from other organisations in the cyber security industry? Compared to other vendors, AUSCERT is not-for-profit, meaning we operate in a space where the focus is on our member’s needs. Without a focus on profit margins, we don’t cut corners, dissemble or exaggerate. Unfortunately, the cyber security vendor space is one where there’s some unethical behaviour. The focus on behaving ethically and supporting our mission, which is member-focused, is a main differentiator. As a staff member, I also think one of our differentiators is the way in which we support one another, providing a positive and friendly environment. What does AUSCERT mean to you? It all comes back to community. There are different ways you can interpret that word, and there are different ways in which we facilitate and nurture community. The conference is certainly not the only community-focused offering, but it’s a beautiful example of how we collectively create a community space.

AUSCERT 30 Years 30 Stories – Hank Opdam Chief Information Security Officer of Ausgrid, Hank Opdam, has enjoyed a 20-year friendship with AUSCERT. Going to his first AUSCERT conference in the early 2000s, Hank has partnered with AUSCERT through a variety of companies, valuing AUSCERT’s open communication and collaborative services. No matter your company size, Hank recommends an AUSCERT membership. So how did you first become involved with AUSCERT and what motivated you to become a member? I was working in financial services at the time, and back then, phishing takedowns were a large gap in the industry. That’s where my relationship with AUSCERT first started. These days it’s a very different exercise and we’ve been benefiting from AUSCERT’s security bulletins mostly along with having AUSCERT as a phone-a-friend organisation to bounce ideas and receive assistance with an incident. What are the key benefits of being an AUSCERT member? Apart from the services we receive, the bouncing of ideas and bulletins, the other main benefit is the relationship you build with the AUSCERT team. They are a knowledgeable group of people who care and are backed by a community that’s grown at conferences each year. What advice would you give to someone considering becoming an AUSCERT member? If you’re an organisation considering an AUSCERT membership – it’s great value, regardless of your company’s size. For smaller organisations, there’s great insights into the threat landscape and the intelligence they can receive. For bigger organisations, it’s about the community, and giving back. What do you think the future holds for AUSCERT? Realistically, who knows what the future holds for all things cyber? But one thing that has been clear is that AUSCERT will continue to facilitate events where they’ll listen to their members and community – offering to fill the gaps not being filled by others. What do you believe sets AUSCERT apart from other organisations in the cyber security space? AUSCERT is independent, and not-for-profit. You know the information you’ll receive is sound and without influence and that’s helpful when there’s so much noise in the cyber security landscape.