Cyber Incident Response: Case Studies

Event Date / Time: 09th July 2019 – 5:30pm to 8:00pm (AEST)


Part 1: International Scenario


By understanding the threats, one can manage risk effectively.

In Cyber the threats are real, the attackers motivated.  Something needs to stands between them and your organization’s data:  you and your security teams, with the insight, perspective, and tools to take action.  Join Verizon Australia share insights from the Data Breach Investigations Report 2019.


Part 2: Victorian Case Study


There are only three things certain in life: death, taxes and cyber incidents.  Cyber incidents are inevitable for all organisations that rely on digital systems and services. This session will discuss the creation of the Victorian Government Cyber Incident Response Service to support government in reducing the scope impact and severity of cyber incidents. Since its establishment in July 2018, the service has responded to more than 250 cyber incidents involving government organisations, including several major data breaches with state-wide and national implications.  The session will feature practical case studies to highlight the modern realities and challenges of managing major cyber incidents.


CPE Hours

1.5 hours, based on the assumption you have signed the attendance sheet when attending


Registration and Admittance

  • Due to our sponsoring partner’s facilities, access requirements and for catering purposes, we request that you register for this event to ensure you are able to attend.
  • Registration to this session is open and free of charge to all current and prospective ISACA members.
  • If you registering please do attend, this is very important for the Chapter and the Sponsors.
  • A registration door prize will be drawn from the list of duly registered attendees



  • 5.30pm – Registration and session sign-in – required to receive applicable CPE credits
  • 6:00pm – START – Welcome, Introductions, Agenda
  • 6:05pm – Monthly PD Session, Questions & Answers
  • 6:50pm – The Soapbox – Chapter Updates, Announcements and Issues of interest to members
  • 7:00pm – 15min Topic presentation
  • 7:15pm – Networking opportunity – drinks and finger food to be served
  • 8.00pm – Event Ends

About the Speaker

David Cullen


David Cullen is the Principal Advisor on Cyber Incidents and Emergency Management at Victoria’s Department of Premier and Cabinet, where he leads Victoria’s response to major cyber incidents via the Victorian Government Cyber Incident Response Service, which he launched in July 2018. David has a background in law enforcement and national security intelligence and holds a Masters of Public Policy and Management.


ISACA Celebrates 50th Anniversary




Cost $10 per person

Village Cinemas Classic Package

(Ticket + Popcorn (S) + Choc Tops + Soft Drink)


[Heavily subsidized – normal cost is $28 per person]


On Sunday, 26 May 2019 at Village Cinemas Crown

Open to ISACA Members, their families and friends

Limited seats available

“Aladdin” is the exciting tale of the charming street rat Aladdin, the courageous and self-determined Princess Jasmine and the Genie who may be the key to their future.   Directed by Guy Ritchie, who brings his singular flair for fast-paced, visceral action to the fictitious port city of Agrabah, the film is written by John August and Guy Ritchie based on Disney’s “Aladdin.”

Director: Guy Ritchie

Main Cast:  Will Smith, Billy Magnussen, Naomi Scott, Marwan Kenzari, Navid Negahban, Mena Massoud, Nasim Pedrad

Classification:   CTC  About Classification

Date:  Sunday, 26 May 2019                                     

Time:  4:30 pm access for 5:00pm show

Venue:  Village Cinemas Crown, Cinema Number 1, Crown Casino, Crown Towers Melbourne, 8 Whiteman St, Southbank VIC 3006

Parking:  For parking prices, please visit

Terms and Conditions apply, and are detailed below.

Please register early to avoid disappointment.  This event is heavily subsidized (Normal ticket cost is $28 per person).





Family Event Terms and Condition

General Terms:

·         ISACA Melbourne Chapter is organising viewing of movie ‘Aladdin’ (called Event going forward) in assistance with Village Cinemas Melbourne for active ISACA members, their families and friends.

·         All tickets purchased are valid only for selected viewing of the event on 26 May 2019 at 1700 hours.

·         The ticket cannot be swapped for any other movie, time slot or venue.

·         Venue is non-smoking throughout.

·         All Village Cinemas Terms and Conditions are applied for this event which can be found at

Purchase and Deliveries

·         Payment for items purchased from this website must be made by credit card.  We accept payment by Visa, Mastercard, American Express and PayPal.

·         Prices quoted on this Website are in Australian dollars and include GST where applicable.

·         Orders for this Family Event will only be processed upon payment in full by you of the purchase price and applicable GST.

Cancelling orders and Product Returns

·         As this special event is heavily subsidised, tickets once issued will not be cancelled or refunded.  However, on your prior written notification it can be reassigned to another person

Privacy and Consents

·         ISACA Melbourne Chapter respects your privacy.  We collect, store and use your personal information in accordance with our privacy policy, which can be found at

Governing Law:

·         If any dispute arises between you and us, the laws of Australia will apply. You irrevocably and unconditionally submit to the exclusive jurisdiction of the courts of Australia, and waive any right that you may have to object to an action being brought in those courts.


·         To the extent permitted by law, neither ISACA Melbourne nor ISACA International nor any of its related bodies corporate, directors, employees or agents accept any liability in contract, tort or otherwise for any injury, damage, loss (including consequential loss), delay, additional expense or inconvenience caused directly or indirectly by the acts, omissions or default, whether negligent or otherwise, of third party providers over whom we have no direct control, force majeure or any other event which is beyond our control or which is not preventable by reasonable diligence on our part.  Under circumstances where our liability cannot be excluded and where liability may be lawfully limited, such liability is limited to the remedies required of us under applicable law (including the Australian Consumer Law).  This liability clause is subject to your rights under the Australian Consumer Law and nothing in these terms and conditions is intended to limit any rights you may have under the Competition and Consumer Act 2010 (Cth).



ISACA 50th Anniversary

This event is part of ISACA’s 50th Anniversary Celebrations.  Our local event will be one of many happenings around the world.

We’ve come a long way in 50 years. From our start as the Electronic Data Processing Auditors Association (EDPAA) with a single chapter in Los Angeles, California, USA, to more than 220 chapters in 95 countries today, ISACA has not only expanded across the globe, but also continuously innovated in its industry resources and guidance, served as a cutting-edge thought leader and provided generations of IT and information systems professionals with the credentials and professional development tools to advance their careers and the profession.

This year, we not only commemorate ISACA’s 50th anniversary milestone, but also celebrate the individuals across ISACA’s history who have made this organization what it is today and continue to advance the organisation’s vision and impact.   ISACA members can find photos, videos, podcasts, stories and more about ISACA’s past and future at the new 50th anniversary website:  Members can also submit their own stories, memories, photos or other files, as well as engage on social media using the hashtag #ISACA50 in their own posts or by participating in ISACA’s upcoming social media campaigns throughout the year. In addition, members will celebrate ISACA’s anniversary at all CACS conferences in 2019 and will be united across the world during ISACA’s first day of service during this anniversary year.

“One of the very best things about being a part of ISACA is belonging to a truly global family of like-minded professionals,” said ISACA Board Chair Rob Clyde. No matter where you go in the world, you have an ISACA network to rely on. In 1969, ISACA’s incorporators could never have dreamed that their commitment to starting a group in Los Angele would one day become a global community of 136,000 members.”


The Missing Link – a Universal Security Capability Model

Event Date / Time: 11th June 2019 – 5:30pm to 8:00pm (AEDT)


Most organisations have a consistent need for adjusting to changing market conditions and new customer demands if they want to survive in the long run. As business objectives and priorities are being adjusted as in response to the market, organisations need to adapt and fine tune their business capabilities, including their security services. Security service gaps need to be identified and immature services need to be optimised, in order to survive the constant battle for supremacy.

From a security perspective, one of the challenges for organisations often appears to be that they have immature processes in place to quickly adjust their business, including their security services. While SABSA provides a mature methodology for the delivery of security architecture, organisations often struggle to implement a framework around it that optimises the delivery process itself. Further tools and processes need to be developed to address this issue and assist organisations in maturing and adjusting their security services faster and in a more efficient way. One of these tools could be security capability model that complements the idea of a security service catalogue by providing a pre-defined security service taxonomy through the definition of meaningful security capability domains.

In this session we will be looking at a an organisation independent security capability model that defines a well-structured set of security capability domains and associated security capabilities. This model, as part of an Enterprise Security Architecture Framework, can assist larger organisations in more systematically assessing, communicating and transforming their security services landscape. The presented security capability model is based on experience gained through the implementation of similar models at various organisations across different industries. It has also been analysed against various control frameworks and their grouping of controls, which we also touch on.

At the end of this session, participants should be able to understand the value of such a reference model and how it can be utilised within an organisation.

The key takeaway from this session will hopefully be a new viewpoint of looking at the importance of security governing structures when faced with the challenge of more systematically and efficiently maturing an organisations security architecture service landscape.

CPE Hours

1.5 hours, based on the assumption you have signed the attendance sheet when attending


Registration and Admittance

  • Due to our sponsoring partner’s facilities, access requirements and for catering purposes, we request that you register for this event to ensure you are able to attend.
  • Registration to this session is open and free of charge to all current and prospective ISACA members.
  • If you registering please do attend, this is very important for the Chapter and the Sponsors.
  • A registration door prize will be drawn from the list of duly registered attendees



·         5.30pm – Registration and session sign-in – required to receive applicable CPE credits

·         6:00pm – START – Welcome, Introductions, Agenda

·         6:05pm – Monthly PD Session, Questions & Answers

·         6:50pm – The Soapbox – Chapter Updates, Announcements and Issues of interest to members

·         7:00pm – 15min Topic presentation

·         7:15pm – Networking opportunity – drinks and finger food to be served

·         8.00pm – Event Ends


About the Speaker


Andreas E. Dannert,

Enterprise Security Architect at nbn


Andreas is an Enterprise Security Architect for Australia’s national broadband network (nbn), which is a government owned enterprise. At nbn he is responsible for defining nbn’s Security Strategy and Roadmap across the organisation.

Prior to nbn, Andreas has worked for Deloitte and HSBC in the role of Enterprise Security Architect, developing Enterprise Security Architecture Frameworks and Enterprise Security Architecture solutions.

In addition to his work at nbn, Andreas is currently the Research Director on the ISACA Melbourne Chapter board and an industry advisor to various organisations, like the Victorian’s Government Box Hill Institute and the Security Architecture Working Group of the IoT Alliance Australia. He is also running monthly workshops for security architects in Melbourne that allow attendees to explore ideas and challenges they face when developing and implementing security architecture solutions.

Before working for nbn and Deloitte, Andreas has worked eleven years for Accenture, with clients in Europe, Asia and Australia, delivering and providing training in Technical Architecture to various clients across different industries.

Andreas holds a Master of Computer Science degree from the Technical University of Berlin/Germany, is a Certified Information Systems Auditor (CISA), GIAC Security Essentials certified (GSEC exp.), ITIL Foundation certified, and a SABSA certified (SCF) professional.