Andrew Robinson, Co-Founder and the Head of Cyber Security, 6clicks

Andrew Robinson is a Co-Founder and the Head of Cyber Security for 6clicks. 

As an internationally recognised cyber and information security expert, Andrew has consulted to a diverse range of government and private sector clients in a variety of critical sectors around the globe for over 20 years across IT operations, management systems, incident response, investigations and remediation programs. He holds CISSP, CISM, ISO/IEC 27001 Lead Auditor and ASD IRAP qualifications as well as a Masters in Policing, Intelligence and Counter-Terrorism majoring in Cyber Security.

Connon Daly - General Manager - I.T. Team Limited

Connon is the General Manager of the I.T. Team Limited, a NZ based “born in the cloud” Managed Service Provider. Over the last 10 years Connon and his team have worked alongside many commercial and Non Profit organisations, supporting them in their migration to the cloud and their adoption of the Microsoft 365 suite of technologies. 

Susie Jones - CEO of Cynch Security

Susie Jones is CEO of Cynch Security, an Australian-owned and managed Cyber Security firm that offers software-as-a-service cyber solutions designed specifically for micro and small business owners. Prior to co-founding Cynch, Susie obtained her double Commerce/Arts degree from the University of Melbourne and began her career at Marsh and Willis before changing course to join Australia Post in their Risk & Compliance team. Her last role prior to Cynch was Head of Cyber Security Business Solutions at Auspost. Susie is an expert at translating complex cyber security and risk content into non-technical language for business leaders across all industries.

Stefanie Luhrs, Special Counsel, Clyde & Co

Stefanie is a Special Counsel at Clyde & Co specialising in cyber incident response, data protection, IT liability, D&O and professional insurance lines. She regularly works on domestic and international cyber claims involving data breaches, regulatory investigations, mandatory notification laws, recovery actions and incident response. She has acted as breach coach, privacy counsel and coverage counsel in a range of incidents including high profile data breaches, denial of service attacks, ransomware and business email compromise and fraud incidents. She also regularly advises clients in relation to their privacy compliance and cyber incident readiness and resilience.

Combating the Mess of Cyber Standards Facing NFPs - Andrew Robinson from 6clicks

Time:  11:00am - 12:30am (NZST)

NFPs face a mess of cyber security standards spanning from nothing to industry standards to lofty government standards to all the above. Hear from an industry and government endorsed assessor (as well as CISO) on how to best combat this complexity and improve your cyber security in the process

The core business of NFPs is not compliance and cyber security, although sometimes you may be forgiven for thinking so, because NFPs face a mess of unclear or variable cyber security standards enforced unpredictably by a cohort of different regulators that represent the source of their funding.

These standards range from shortlisted requirements like the ASD Essential 8, to industry standards such as ISO/IEC 27001, to government standards like the Australian Government Information Security Manual (ISM), not to mention PSPF - and may in fact encompass multiple standards like the DESE ISMS incorporating both ISO/IEC 27001 and ISM requirements.

The presenter, Andrew Robinson, has worked in government drafting cyber security standards and around the world for organisations assessing and assisting with the implementation of cyber security in compliance with the relevant standards. Andrew has worked with several NFPs to implement strong cyber security and demonstrate compliance.

In this webinar session, Andrew will explore the range of potentially applicable cyber security standards, provide an overview of their strengths and weaknesses, and explain how to go about implementing them and demonstrating compliance even if more than one applies, which is most likely the case!

This course is suitable for: Beginners, Intermediates and Advanced

Course Outcomes:

By the end of this webinar your organisation will have an understanding of the following topics:

• The range of potentially applicable cyber security standards
• The strengths and weaknesses of cyber security standards
• How to check which cyber security standard applies to you
• What to do if more than one standard applies to you  
• How to not lose sight of the basics

What is not included in the program?

Technical jargon beyond the names of relevant cyber security standards

Audience

This webinar is suitable for (type of positions/sectors it is relevant to):

• Security and compliance managers and executives
• Security and compliance program team members
• Broadly applicable with a focus on the NFP sector

Real World Cyber Crime and how to best protect your organisation - Connon Daly from The I.T. Team

Time: 1:00pm - 2:30pm (NZST)

Cyber-attacks are an everyday occurrence. If you haven’t experienced an attack on your organisations data thus far, you’ve been very lucky.

As a Managed Service I.T. provider we see security attacks daily. Phishing, Ransomware, Man in the middle attacks can happen quickly or in some instances play out over several months.

In this session we’ll showcase real world cyber-attacks. You will be surprised at the lengths some cyber criminals will go to steal your data, your money, or both.

We will then show you how to use the best of digital tools that are at your disposal to protect yourself and your organisation.

Course Outcomes:

By the end of this webinar your organiaation will have an understanding of the following topics:

• What real world Phishing, Financial, Targeted and Non targeted attacks look like.
• How you can utilise the power of Microsoft 365 to protect your data.
• Better understanding of specific M365 functions like ATP, MFA, Conditional Access, DLP etc.
• How to assess your current “security posture” including the readiness of your team.
• How to get started.

Why cybercriminals want it and the 5 steps you should take to securing your precious NFP organization data and IT - Jacqui Loustau from AWSN 

Time: 3:30pm - 4:30pm (NZST)

Your purpose is to serve the community and run your not-for-profit. Unfortunately, the cybercriminals don’t discriminate in their quest to empty bank accounts and steal data and intellectual properly. It can be overwhelming to know where to start when it comes to cybersecurity, so during this session we will discuss the first 5 things you need to think about when it comes to protecting your business and your community.

1. Understanding cybercriminals – what they want and how they get it
2. Latest threats
3. What you can do to protect your business:
   1. Scams and Phishing awareness and prevention
   2. Securing your devices
   3. Checking and protecting your data
   4. Reporting and Responding when things go wrong

This course is suitable for: Beginners/Intermediate/Advanced (please highlight)

Course Outcomes:

By the end of this webinar your organisation will have an understanding of the following topics:

• Data Protection laws for NFP
• How to determine the cyber risks prevalent to your NFP
• Initial steps to check immediately
• Latest threats to NFP’s in Australia
• How to get help

Audience

This webinar is suitable for (type of positions/sectors it is relevant to):

• NFP owners
• IT department personnel
• Legal department

The legal and regulatory landscape for NFPs impacted by a cyber incident - Stefanie Luhrs from Clyde&Co

Time: 5:00pm - 6:00pm (NZST)

This presentation will explore the existing cyber risk landscape as well as regulatory trends and developments specifically for not for profit organisations. It will also explore what legal and regulatory changes are in store for 2022 and provide practical guidance for not for profits when responding to cyber incidents.

Over the last few years, cyber risk has presented complex, compliance challenges for not for profits. As cyber attacks become increasingly more sophisticated and the existing regulatory landscape continues to evolve, it is important that not for profits understand the wide reaching legal and financial impacts that cyber incidents can have so that they can prepare for them.

This presentation will highlight the types of cyber attacks that typically target not for profits, the legal and regulatory trends impacting the sector as well as future legal and regulatory developments that not for profits ought to monitor. It will also provide some practical guidance for implementing mitigation strategies.

This course is suitable for: Beginners

Course Outcomes:

By the end of this webinar your organisation will have an understanding of the following topics:

• The current cyber risk landscape for not for profits
• Regulatory trends and developments in cyber risk
• 2022 developments including the government’s Ransomware Action Plan, reforms to the Privacy Act, directors’ duties and class action activity
• Incident response preparation and mitigation strategies that constitute the ACSC’s Essential Eight
• Meeting your ACNC obligations in the event of a ransomware incident

Audience

This webinar is suitable for (type of positions/sectors it is relevant to):

• Risk and/Insurance Managers
• IT Managers
• Senior Management
• All