It wasn't how I imagined my Saturday morning. Usually when I think of Saturdays I'm hoping for a 30 minute sleep in and enough time to read a few pages of the morning newspaper. Instead I found myself at CrikeyCon a community-led conference on information security held in SE Queensland.
What was I doing at CrikeyCon? Attempting the impossible, trying to get information out of information security professionals armed only with my clipboard and without an ISO 27001 certification. I was a little intimidated. I had heard the conference was very popular with an elite type of people known as "penetration testers". These are your "white hats" or ethical computer hackers, who can figure out your password, and the pin on your credit card, just by looking at you. I left my wallet and internet-enabled mobile device in the car, just in case.
I found myself at CrikeyCon as part of my Executive MBA with The University of Queensland. At the moment I'm like two people - robotic vision evangelist by day, cyber security enthusiast at night and on weekends.
UQ Business School has a partnership with the top ranking Wharton School at the University of Pennsylvania, called the Wharton Global Consulting Practicum (GCP). The GCP brings together selected UQ Business School and Wharton MBA students in international consulting teams to complete a “real life” market entry or expansion project for a company. In our case we are developing a growth strategy for a US cybersecurity firm looking to take advantage of the rapid adoption of public cloud in the Asia Pacific region.
Which brings me to CrikeyCon. I was hoping to survey a range of information security people about what was going on with the cloud, why were companies moving there and was it a good idea?
In our research so far it is clear that regulations in Australia play an important role in dictating the security measures taken by companies moving workloads to the cloud. The recent introduction of mandatory data breach notification laws in Australia will only accelerate this trend. Yet, strangely it is the most regulated industries that seem the keenest to adopt public cloud, suggesting that security shouldn't necessarily be seen as a weakness of cloud deployment.
The sun and coffee at the conference were both hot but CrikeyCon attendees were generous with their time and my clipboard and pen were put to good use - thanks to Sabina Janstrom for making it happen!
It was a good start, but to really get a handle on cloud adoption and cloud security in the Asia Pacific my team needs the help of all the wonderful IT professionals out there who intersect with cloud to participate in a short survey. It only takes about 10 minutes to complete and in return you can request a summary of the findings (after 12th March). We are keen to hear from people in India, Singapore, Japan, China and Australia
In case you missed it - a link to the survey is HERE.
CrikeyCon was a great way to spend a Saturday morning, indeed a whole Saturday, as well as Saturday night and the night before. You could even buy CrikeyCon lock picks! I would have purchased a set but missed the tutorial on how to use them, and I figured it wasn't a good idea to have such things lying around when you never know when a penetration tester might be nearby...
No comments:
Post a Comment