top of page

2023 Schedule

HCKSYD23 will be held over two days: 23 and 24 November 2023. 

Venue: Mercure Sydney

Day One 23 Nov 2023

9:00

Keynote

Hack the five senses: make security part of people’s DNA
Cyber Security has had a pretty good run in the last ten years. We’ve gotten the ear of boards and executives and we’ve improved organisational controls. But in a world of competing priorities, tightening budgets, and sexy technologies like AI, will cyber security get pushed to the background? And how do we retain organisational focus on security when risks are constantly evolving and increasing but people are already overwhelmed with their ‘day jobs’?
 

Bianca Wirth - CISO 
Bianca Wirth has over 25 years’ experience in IT and security, and she has consulted to over 200 companies from a diverse range of industries and government in this time. She has worked for Microsoft and KPMG, developed her own successful consulting business and guest lectured on security at universities. Bianca is currently the Cluster CISO at NSW Department of Planning & Environment.

9:50

Eating SLSA on your chips: A guide to supply chain security
We’ve all got dependencies and they probably are third party. So let’s talk about securing those. Turns out there’s a framework for that! SLSA. We will explore it together and come up with actionable steps to implement it as well as talk about how we can parse it.

Ben Gittins 
Ben has been in the tech industry for 10 years and has held roles that range from sysadmin to security engineer. He currently works as a senior security engineer at Canva leading the Supply Chain security effort. He has a varied educational background that includes computer science, cybersecurity, political science and of course vendor certifications.

10:35 

Break

11:00

Leveraging Threat Intelligence to Unlock Additional Security Funding
Facing growing security threats with limited security budgets? Learn how Threat Intelligence, paired with impactful storytelling, can be a game-changer, identifying new attack vectors and securing more funds. I'd love the opportunity to share how to turn Threat Intelligence into a budgetary ally.


Maxime Cousseau

Maxime is a cyber security leader with strong business acumen mixed with top-tier technical expertise. He has forged his expertise from experiences across various industries including Banking, Fintech, Crypto, Telco, Online Retail, and Government. 

Underpinned with over 15 years of cyber security expertise and certified by way of a Masters of Information Technology in Networking, CISM and OSCP (amongst others), Maxime focuses on building robust information security capabilities from the ground up, designed to not only tackle cyber-specific challenges but also complement and empower business objectives.

His comprehensive approach to security, combined with his passion and expertise, has established Maxime as a trustworthy advisor to executives on cybersecurity matters and a respected figure among his peers.

Maxime is also an author, former international Judo athlete and serial entrepreneur. He is the co-founder of RedBelts, a tailored virtual CISO consulting company.

11:50

Unmasking Modern DOS Attacks: Exploring Logical Attack Techniques and Defence Strategies.
Master Modern Denial of Service Attacks. Explore logical attacks, and cutting-edge techniques bypassing firewalls. Uncover undetectable DOS threats from application logic vulnerabilities. Real-world cases expose the crippling impact on businesses. Join to defend against these devastating attacks!

​Abhijeet Singh

Abhijeet Singh is a cybersecurity expert with a passion for securing digital assets and currently working in a start-up "Cult.fit". Abhijeet specializes in vulnerability assessment and penetration testing of various applications, network and cloud security, and enjoys automating security tasks.
Abhijeet is working on various cloud security projects to detect and monitor any misconfigurations in cloud infra. He has published tools to scan a few of the cloud services like route53 and s3 buckets for vulnerabilities. He has also developed one of many "initial.sh" script wiz used for the reconnaissance purpose on targets with interactive mode.

​

12:25

Linux anti-forensics - Rediscovering the old-school

In this presentation, Linux anti-forensic TTPs are demonstrated along with threat hunting and detection ideas. I will use real life examples of threat actor activities I have dealt with first hand when investigating compromises on critical (telecommunication) infrastructure.

Robert Byrne
Robert is a principal security specialist hosted in the global competence center for security within the Ericsson CTO office. Bringing 17 years of experience in telecommunication engineering and information security, Robert holds cross functional roles, spending his time performing vulnerability assessments and incident response activities that touch Ericsson's product and services portfolio. Robert holds a double degree in Engineering and Computer science and is Offensive Security OSCP and (ISC)2 CISSP certified.

1:10

Lunch

2:10

Supply chain risk management best practices
In this talk, Tulin and Natasha delve into the essential practices for overseeing and controlling suppliers and service providers, drawing insights from recent breaches. With organisations increasingly relying on third-party collaborations in core business functions, we'll explore how regulatory expectations have surged in third and fourth-party risk management and the potential threats that supplier vendors pose to an organisation.

Natasha Basukoski | Tulin Sevgin

​

​

2:50

Spy in the real like movies: unthinkable intrusion methods by Pandas in their territory
In 2023, we investigated that Chinese APT actors were started from highly unique and sophisticated infection methods at branch offices in China! We are eager to share this talk because these will have an impact not only on Australia and Japan but also all global businesses operating within China.

Hajime Yanagishita | Suguru Ishimaru | Yusuke Niwa

Hajime Yanagishita is a security researcher at MACNICA, his major areas of research include APT campaign tracking and malware analysis. Some of his work has been presented at several security conferences such as JSAC2018, JSAC2021, JSAC2022, HITCON Pacific 2018 and CONFidence 2020.

Yusuke Niwa is a senior security researcher at ITOCHU Cyber & Intelligence (ICI), protecting the cyber security of ITOCHU and its group companies as a member of ITOCHU CSIRT(ITCCERT). He also specializes in researching and analyzing emerging threat trends such as email spam, APT attacks and cybercrime. Prior to joining ITCCERT, he worked as a security analyst for Symantec in threat monitoring for the APAC region. He has had the opportunity to present at JSAC2020, JSAC2021, JSAC2022 and GReAT Ideas Green Tea Edition (2021) conferences and is a contributor to MITRE ATT&CK v9.  CISSP, GCFA, GCFR, GREM, GCIH and GCIA.

Suguru Ishimaru: In 2023, He entered ITOCHU Cyber & Intelligence Inc. (ICI) as a senior cybersecurity researcher to analyze malware, to research Advanced Persistent Threat (APT), to review security solutions and to handle incident response for protecting ITOCHU group. Before moving to ICI, he worked as a senior researcher at Global Research and Analysis Team (GReAT) in Kaspersky for around 15 years. Based on his investigation, he posted some technical blogs in Securelist | Kaspersky’s threat research and reports  and made presentations in several security conferences such as AVTokyo, HITCON pacific, HITCON, JSAC 2018, FIRST TC Bali, Internet Week, HITCON community, Botconf, Objective by the sea and GReAT Ideas Green Tea Edition.

3:35

Break

3:50

Expert Panel - Q&A

4:25

How open standards will revolutionise international cooperation in the years to come

Industrial control systems with security gaps pose a danger. Attacks on networks not only cause economic damage, but can also have an impact on the health of employees. Who is responsible when a critical vulnerability becomes known? Every company should define a fixed contact person and make their contact details easy to find, e.g. with the international standard RFC 9116. The benefits for manufacturers, operators and security researchers are growing rapidly through combination with other compatible open specifications, such as CSAF and SPDX (ISO/IEC 5692). Recommendations for action and vulnerabilities in dependent libraries can be detected automatically. Thus, it is possible to react more quickly and with fewer resources. 
Jonas Stein
Jonas Stein works as a scientist at the Institute for Occupational Safety and Health of the DGUV. He lead the DGUV's Security Working Group and the IFA's Industrial Security Laboratory, which conducts accident investigations, tests and certifications, as well as research projects. In the DGUV's Security Working Group, the German accident insurance institutions have developed a joint strategy on industrial security. The expert committee produces free practical aids on current issues for member companies and supports the development of new technical rules on industrial safety and European regulations. https://cert.dguv.de/

5:10

Mastering Enterprise Cyber Security: Leveraging Threat Intelligence for Risk Mitigation 

The presentation shares real-world insights into uncovering weak points, security gaps, and misconfigurations using threat intelligence. It showcases successful analytical methods and emphasises metrics for reporting to operational risk committees and the board.

Dr. Blaz Ivanc

With over 16 years of experience in cyber defence, Dr. Blaz Ivanc is a visionary leader and a proven expert in the field of information security. Dr. Ivanc served as the Group CISO at NLB d.d., one of the leading banking groups in Southeast Europe. He also has extensive experience in securing European public safety data interoperability infrastructures and mission-critical systems supported by European Commission security funds, as well as in conducting cyber intelligence research and teaching at prestigious institutions. Dr. Ivanc is passionate about mentoring young professionals, sharing his insights and knowledge, and advancing the cyber defence industry.

Day Two 24 Nov 2023

9:00

Keynote

Artificial vs Biological ‘Intelligence’: Why Our Humanity Matters More Than Ever 

Join Harriet on a journey through the past, present and future of two competing forms of intelligence in the modern age - Artificial Intelligence (AI) and Biological Intelligence (humans). Hear what she has learnt about each during her two month "AI tour" across North America this year, in both capability and innovation. She will also discuss these insights through the paradigm of her own work on AI security and adversarial machine learning, and how her primary concern resides not in AI taking over the world, but for the ability of maligned humans to take over AI. Not sure which form of intelligence to side with? Join the crowd.

Harriet Farlow

Harriet Farlow works at the intersection of AI and Cyber Security, as the CEO of Mileva Security Labs and through her PhD in Machine Learning Security at the University of New South Wales, Canberra. Her career has spanned consulting, academia, a tech start-up and the Australian Government, and she also holds a Bachelor in Physics and a Master in Cyber Security. She calls Australia home but has lived in the UK and the US.

9:50

Analysing cloud marketplace software for fun and profit

A move to cloud-based platforms absolutely makes sense. The cost of managing systems, the reduced operational & security liability and security best practices are all logical conclusions…. Or are they? This talk is based on an analysis the team at Mercury did for our own entertainment (and certainly not profit) by exploring an offering hosted on AWS & Azure which did present a counterargument that cloud based platforms are infinitely more secure. In this presentation, I’ll look at isolated software offerings, their risks and appeal, approaches to backing up and conducting offline analysis, and deductions we’d made throughout our activity.

Edward Farrell

Edward Farrell is the Director of Mercury Information Security Services (just call us mercury). In addition to leading a badarse boutique for the past 8 years, Edward is an industry fellow at the Australian Defence Force Academy, Member of the ISC2 board of directors, and had a short stint in 2015 as a half decent bug bounty hunter.  

10:35 

Break

11:00

The Yin-Yang of ChatGPT and Copilot in Secure Coding
Discover the dual nature of ChatGPT & Copilot in the world of secure coding! Dive deep into how these AI marvels can act as guardians for developers, yet also warn of the dangers of over-reliance. Join us to learn the balance between innovation and caution in AI-assisted secure development.

Kalyani Pawar

Kalyani Pawar is a Security Engineer at Zipline, where she runs the Application Security program to safeguard their drone technology and infrastructure. Having graced the speakers stage at DEF CON 31 and numerous AppSec chapters across the US, Kalyani possesses a robust experience spanning over five years. Her prowess extends to adversary emulation, crafting sophisticated AI models for cyber threat detection, and deep dives into application security. She loves meeting new people and exchanging ideas, so please feel free to connect with her on LinkedIn or Twitter. When not in front of her laptop, you can find her building Lego sets or painting mandalas.

11:50

Advanced Malicious Script Analysis

This presentation is based on the incident handing experience over the years. The information shared in this session would be practical and useful for incident responders. Live demonstration with real malware samples will be used to show the analysis techniques.
Vincent Lo

Vincent is a digital forensic and incident response investigator who has undertaken hundreds of digital forensic and incident response engagements. His expertise includes a wide range of cases including APT attacks, web hacking, corporate litigation, financial fraud, employee investigations, system intrusion and data recovery. He is also the author of GIAC Gold papers, “Windows ShellBags Forensics in Depth” and "Google Chrome Notification Analysis in Depth." Vincent holds a number of the industry certifications, CISSP , GCFA Gold, GCIH Gold, GNFA, GREM and GXPN.

12:25

Detection & Response is broken, we need a new approach

The prevailing approach for cyber threat detection & response is inherently flawed. Our industry has long been fixated on the conventional paradigms, be it SIEM, XDR, MXDR, NGSIEM, UEBA, or any other variant, with a managed in-house or outsourced SOC. Across the board nobody can honestly say that this has been working out well for them yet it has been the only way.
 

Shaun Vlassis

With over 18 years of experience in Cyber Threat Detection & Response, Shaun is a cybersecurity veteran known for building and managing detection and response capabilities at Commbank and Salesforce. Previously, as the Global Head of Security Operations Architecture & Strategy at JPMorgan Chase, he played a pivotal role in shaping security strategies on a global scale.

As the Founder of Illuminate Security, Shaun is leading the charge in innovative solutions to the problem of detection & response. Audiences can expect to gain valuable insights from Shaun's extensive knowledge and real-world experience in cybersecurity.

1:10

Lunch

2:10

Critical Infrastructure in the Age of Cyber Warfare: A New Threat Landscape

Sophie Markasis

2:50

Fast Flux Forensics
Fast flux dns is the rapid cycling of IP addresses tied to a malicious domain. Fast Flux Forensics is the rapid cycling of options for collecting & processing evidence during a security Incident. We’ll demonstrate how to spend more of your time analysing evidence & less time preparing it.
 

Benjamyn Whiteman
Digital Forensics and Incident Response professional. Worked in the Security space for the last 6 years as a Security Engineer, Forensic analyst and as part of a CSIRT.

3:35

Break

3:50

API Security 101
Vikas Khanna

4:25

TikTok USDS IO Kill Chain, Tradecraft Framework, and Attribution Methodologies
Haniyyah Rahman-Shepherd | Andrew Arens

5:10

Prompt Engineering For Threat Intelligence
Thomas Roccia

bottom of page