A CISO-CSO dialogue: humanising the cyber conversation.

We are thrilled to invite you to the ISACA Sydney Chapter June 2024 PD Session jointly hosted by the FAIR Institute - "A CISO-CSO dialogue: humanising the cyber conversation".

Join us on Thursday 27th June 2024 at KPMG for an evening of networking, professional development, and industry insights. This in-person event is a great opportunity to connect with fellow professionals in the field and gain valuable knowledge to enhance your skills.

The recently discovered controversial use of facial recognition technology by Bunning and Kmart has drawn attention to the cyber-physical convergence challenge. For a long time, CCTV footage recording for security and safety purposes has been an established and accepted practice across Australia. The controversy only erupted when these captured visions, in real-time, were processed using facial recognition technology, followed by a report from the consumer advocacy group CHOICE. The right to capture biometric information and the sufficiency of the protection of the harvested information requires consideration and coordination between the CSO (Chief Security Officer) and CISO (Chief Information Security Officer). In turn, the CSO must consult the CLO (Chief Legal Officer) and CPO (Chief Privacy Officer) on their privacy obligation to their store visitors. These insights will be used to instrument the cybersecurity protection settings that the cyber team will implement.

These cyber-physical convergence challenges are further accentuated by the cost pressures to piggyback OT access via the IT infrastructure. The focus of this meeting is to bring the CISOs-CSOs together to address these missing humanised conversations. In this meeting, we will learn from our expert panel how to unify leadership education across these diverse sets of executives with different remits, business priorities, and regulatory reporting obligations.

The boundaries between information and physical presence have been dissolving, instigated by the notion of de-perimeterisation under the Jericho Forum in 2003 and, more recently, under the Zero Trust Network Architecture (ZTNA). ZTNA can no longer be seen as a carriage service for OT traffic, replacing VPN. Moreover, Secure Access Service Edge (SASE) provides a comprehensive, multi-faceted security framework, complementing ZTNA. However, both ZTNA and SASE require an understanding of the organisation and data ownership boundaries, which must be defined by the CSO in consultation with the CISO and CDO. A clear understanding of these ownership boundaries is the foundation for defining the regulatory obligations under the SOCI Act Risk Management Program Rules (CIRMP). This is an equally important consideration for supply chain cyber risk management, even for entities not regulated under SOCI.

We will hear from practitioners who drove this CSIO-CSO dialogue in a large Australian financial services organisation and how they humanised these conversations to deliver collaborative success for their organisations.
Don't miss out on this chance to attend and get 1 CPE.

See you there!

Agenda

05:15 pm - 05.30 pm | Registrations

05.30 pm - 06.15 pm | Panel Presentation

• A CISO-CSO dialogue: humanising the cyber conversation

06:15 pm - 06.30 pm | Q & A

06.30 pm - 07.30 pm | Networking over food and drinks

Panellist Bios

Cyber Security & Risk Consultant

Richard is a global expert in IT operations, security, strategy and transformation, having held key senior roles in leading organisations, including Westpac, Boral, Woolworths, Macquarie and Suncorp. As a leader, he takes great joy in developing people into future leaders and helping them build their skill sets.

Senior Lecturer, UNSW

Dr Pranit is an educator and cyber risk expert. As the Chief Investigator in Contextualising Storytelling as Contemporary Assessment in Higher Education at the UNSW Business School, he is also an exemplary communicator. He is pioneering cyber education for business leaders by humanising the cyber conversation. He has been nominated for the 2024 UNSW Vice-Chanceller's Award for Innovation.

Cyber Security Risk expert, FAIR Institute

Denny is an ASIA FELLOW recognised for his leadership and community effort in raising awareness of the Open FAIR risk quantification standard. Open FAIR, as a business language, enables effective communications between business and cyber leaders. He is a member of the FAIR Institute standards committee tasked with driving innovation of the FAIR standards. Denny applied FAIR to assert reasonable security, which is a balance between the burden from control enforcement and the resultant measurable reduction in financial loss. This balance enables business and cyber leaders to align their priorities with investments in cyber security controls. He founded the Reasonable Security Institute to encourage the practice of this transformative risk management paradigm.

CISO, Vice President and Board Director, ISACA Sydney Chapter

Chirag Joshi is a multi-award winning, seasoned cyber security executive with extensive experience leading cyber security and risk management programs in multiple countries across various industries. These include financial services, government, energy, higher education, and consulting. He is the author of the two bestselling books – “7 Rules to Become Exceptional at Cyber Security” and “7 Rules to Influence Behaviour and Win at Cyber Security Awareness." Chirag is featured in the prestigious CSO30 list of top cyber security executives in Australia. He is the Founder and CISO at 7 Rules Cyber – an innovative cyber security advisory and thought leadership company.

Event Venue & Nearby Stays

KPMG, 300 Barangaroo Avenue, Sydney, Australia