Conference Day Two: Wednesday, 22 September 2010

8.30 Registration And Refreshments

9.00 Opening Remarks From The Chair

9.05 Law Enforcement Data Sharing And Data Security: Reconciling Competing Public Interests

  • Examining current data sharing arrangements on a jurisdictional and national basis, with an emphasis on law enforcement
  • Outlining the regulatory environment applicable to information sharing
  • Commenting on the policy drivers for both information sharing and information security
  • Suggesting regulatory approaches designed to reconcile sharing with security

David Watts
Commissioner for Law Enforcement Data Security
VIC

9.40 Understanding Evolving Data Protection Regulation

Complying with the increasing number and complexity of regulations is a top concern of today’s enterprises. In this session, Bill will discuss:

  • Ensuring systems align, review and evaluate goals to increase employee line of sight, performance and retention
  • The central role of team leaders in increasing employee engagement, accountability and performance
  • Taking a look at employee longevity from the beginning

Bill Justice
Head of IT Security
DEPARTMENT OF JUSTICE VIC

10.20 Morning Tea And Networking

10.50 Information Security & Organisational Risks

Sanjay will discuss the different aspects of information security challenges and the risks organisations are facing today. He will take a high level view on the different ways to overcome these challenges using a more strategic and practical approach based on the business appetite. The key topic includes:

  • Identifying key risk areas and challenges
  • Establishing IT security policies, standards and procedures
  • Performing security audits on systems and networks
  • Keeping abreast of known vulnerabilities and DLP (Data Leakage Prevention)
  • Combining IT and business synergies to give the best result

Sanjay Verma
IT Compliance Manager – Asia & Pacific
CADBURY

11.30 Opportunities For Protecting Critical Information As Technology Develops

Mark Hummerston
Assistant Privacy Commissioner
OFFICE OF THE PRIVACY COMMISSIONER

12.10 Lunch And Networking

1.10 Auditing And Running IT Security Systems

Data protection has become much more specialised. This is the direct result of an expanded awareness of the variety of risks, increased levels of user expectations and the growing range of technology options available to address specific problems. As a result, the way we approach risk and risk-related services also needs to evolve.

  • Moving data securely, in encrypted channels, to ensure it is difficult to intercept
  • Maintaining a Information Security Management System and structure
  • Integration of Risk Management, Audit, and Information Security
  • Providing the proof required to demonstrate effective controls through effective and thorough auditing practices

Mikhail Luposhanski
Manager Risk, Information Security and Control Management Group
BUSINESS LINK NSW

1.50 Risks In Information Service Access Via Mobile Device

Today, many workers are carrying laptops, smart phones and other mobile computing devices containing at least some business data, such as contact lists, account passwords, confidential emails and file attachments. While these devices are increasingly well-connected, they are largely unsecured and can pose a significant risk to business networks and data.

  • Conducting policies for reducing mobile risk
  • Establishing an information security policy that deals with both employee-purchased and company owned mobile devices

Peter Major
Senior Manager Security (ITSA)
INTACT ACT

2.30 Afternoon Tea And Networking

3.00 Fostering A Strong Security Culture

Data security needs may change. Government regulations and compliance standards may shift and change the life cycle of preserved data and the level of security to which it must be held. This session will cover:

  • Developing a change management policy to ensure swift adaptation to changes in regulation and compliance
  • Ensuring a system can validate that new policies are being implemented and the system remains in compliance

Stephen Frede
IT Security & Assurance Manager
SYDNEY WATER

3.40 INCLUSIVE WORKSHOP: “As Open As Possible, As Locked Down As Necessary”- Security Usage In A Social Networking World

  • Selling a new strategy
    • Gathering Your Arguments
    • Overcoming reluctance and resistance
    • Covering your bases
  • Creating an Effective AUP
  • The Technical Side
    • Technical Restrictions
    • Find the Right Tools for the Job
    • Integration with the existing environment

Michael Hoffmann
National ICT Program and Security Manager
AUSTRALIAN HEALTH PRACTITIONER REGULATION AGENCY (AHPRA)

5.00 Closing Remarks From The Chair

5.10 End Of Conference

5.15 Start Of Workshop B (separately Bookable)

Ensuring Website Resilience To Attack

[ Register Now ]