Sydney’s opening Cyber Risk Meetup for 2020 was held for the first-time at City Tattersalls Club, last Thursday, January 30. Over 100 Cyber Riskers gathered to dive into cybersecurity and risk, while more importantly, also raising $3,197 for the NSW Rural Fire Service.
With the mandatory burgers and drinks in hand, guests took their seats for the evening’s formalities. The keynote presentation, titled ‘The Elephant and the Mouse’, was shared by Julian Claxton. As a counter espionage and behavioural scientist, Julian shared two case studies to help the audience learn how to identify the key underlying influences, motivations and behaviour that often lead to malintent within organisations.
Julian acknowledged that insider threats can be the ‘elephant in the room’ as many organisations are aware that it can happen but struggle to navigate these conversations and situations. He went on to explain there are four key factors in the psychology of motivation: Money, Ideology, Compromise and Ego – or MICE. Underlying influences that may lead to malintent include personal dispositions, personal stressors, professional stressors and concerning behaviour. Dissecting this further, he shared the top six indicators of malintent: disgruntlement, rejects feedback, aggressive behaviour, disengagement, flouts rules and performance issues.
Julian explained the last factor on the malicious act critical path is poor response from the organisation. While organisations should be wary of making false accusations, understanding these motivators and underlying influences can help to proactively identify and mitigate malicious acts before they become a problem. Notably, he stated that sometimes it just takes an employee knowing that they are cared for to stop a malicious act from happening.
The remainder of the evening was a TED talk-style line-up with three cybersecurity and risk experts asked to interpret the theme, ‘The State of the Human Factor’.
Zeynep Soylu, Group Assurance and Audit Manager at Lion discussed ‘People – the Centre of Change’. The talk was focused on how cyberliteracy is important for everyone however talent within the industry is a key challenge; not only does the industry need diversity of gender, but also of culture and age. To overcome this barrier, Zeynep suggested a more creative recruitment process that values a wider range of skillsets, looked beyond checking boxes and focused on soft skills and transferable skills. Zeynep concluded by urging the audience to think of ways to invite more people into the industry and to share this with each other.
Andrew Wheeler, Head of Information Security and IT Compliance at BAI Communications shared ‘Three Principles in Business Engagement’. The key message was that “engagement is the key to success for a security program”. Andrew noted that every program has a wide range of audiences and it’s imperative to get each stakeholder’s support for success. Based on his experience, he gave three simple tips for successful business engagement.
Firstly, ‘Keep it positive’. This is not about only having conversations about what is going well, but the way you talk to your audience and ensuring each engagement adds value to the business. Andrew stated, “Every time someone reaches out to us is an opportunity for positive engagement”.
Secondly, ‘Keep it practical’. Not every audience has a technical background and using jargon can very quickly lose their attention. It’s important to ensure you are communicating in a way that is easy for each audience to understand so they can continue to support your program.
Lastly, ‘Keep it personal’; always make it about the people. When a program or activity is relatable, you will get higher engagement as it’s easier for your audience to understand the value your work can bring to them and are genuinely interested to learn more from you.
The last speaker of the night was Amit Chaubey, Cyber Security Risk, Governance & Compliance Manager at Ausgrid who spoke about ‘Key Management Tips for Great Leaders’. He opened by asking the audience if they agreed with the following quote: “Always Remember that leadership is a privilege. When you’re in a leadership role, your influence may affect the trajectories of people’s entire careers (and, often, their lives!)”.
Amit’s key points were taken from an A4 piece of paper which he has now been carrying around and implementing for eight years. He encouraged the audience to become great leaders by sharing information, saying ‘Thank you’, empowering through delegation, adjusting your leadership style, having fun with the team and removing obstacles. When asked whether a manger should know the technical day-to-day of his team to help them and be better respected, Amit replied, “There shouldn’t be an expectation that managers know everything”. Instead, he offered that a leader should help the team find the answers and learn together.
These sessions provided insightful thought starters for the cybersecurity and risk community who asked many questions throughout the night. The event concluded with many people staying on to continue networking.
Stay tuned for the next Meetup near you!
View the meetup via the Cyber Risk Meetup YouTube channel
By Tamara Yrorita on behalf of MySecurity Media.
