Not for profit cyber emergency response team AusCERT has shifted its focus from incident response to preventative action.
Celebrating 30 years of operation this year, the organisation has had to evolve alongside the changing cybersecurity landscape.
According to Mike Holm, senior manager of AusCERT, when the not for profit started in the nineties, the cybersecurity strategy was reactive in nature.
“Back then it was all about panic, ‘let's fix this problem’. All of the incident response models that we know and love today, they were all born out of that sort of reactive side of things,” said Holm.
“We moved away from that over the years because it just made sense to do so.”
Lifting the knowledge of communities is a key pillar for AusCERT, as it focuses on preventative action. One of the key ways the organisation does this is through training opportunities, like short-courses.
“One of the things that we're proud about with our short courses is the fact that we want people who are actually practitioners delivering them. So, we want people who are good trainers, but also practitioners,” said David Stockdale, director of AusCERT.
“When they deliver the course to people, people have a real sense of actually this person has done it. I can ask questions to this person and they can talk about some of the things that they've worked on and how it applies to my organisation. And I think that's something that we are very proud of.”
The short-courses span cybersecurity training for members in the IT community, training for boards and directors to understand the business risks in cybersecurity, and more technical offerings like an upcoming course on malware information sharing platform (MISP).
The annual AusCERT cybersecurity conference delivers a huge engagement opportunity for members. This year’s conference will be held on the Gold Coast from the 9th to the 12th of May, bringing together over 50 speakers and in the vicinity of 900 participants.
“The conference, primarily is to get the community in Australia and a little bit broader than Australia together,” said Stockdale.
“I remember the first one I ever went to and being absolutely stunned. I'd come from the UK, I'd been to lots of big conferences in in the UK, and I remember being stunned by the wonderful community and the effort that was put in and what a fulfilling experience it was, how many people I met, how many lasting friendships I've made through that, and how much knowledge I gained.”
Benefits of membership
While the annual conference is certainly a draw card for AusCERT membership, Stockdale emphasises the broader benefits for members.
“Quite often we find that some of our members take up the membership, really around looking at the conference and the value of the conference, but there's such a lot more that they can get from their AusCERT membership around the threat intelligence, and the courses,” he said.
“We'd encourage people to really reach out to us and find out what they can do and let us assist them in helping them be more secure.”