During this monthly professional development session Brad Ellis will address a commonly asked question – “Is our website secure ?”

While on the surface, this may seem like a simple question, where the answer is expected to be yes or no; more often than not, the answer is “It depends !”.

In order to inform the response to “Is our website secure enough ?”; Brad recommends an architectural approach as this assists in making sure that your business’s needs are identified and implemented; that risks are identified and managed to acceptable levels.

This approach is recommended as every organisation’s website is different, as they support a diverse range of business needs and functions; have multiple internal stakeholders, suppliers, 3rd party code and analytics engines and have thousands of configuration items.

It is important to keep in mind that websites offer the public significant insight into a wide range of your organisation’s security capabilities and processes; and security analysis techniques like passive analysis can discover good and bad practices.


CPE Hours

1.5 hours, based on the assumption you have signed the attendance sheet when attending


Registration and Admittance

•           Due to our sponsoring partner’s facilities, access requirements and for catering purposes, we request that you register for this event to ensure you are able to attend.

•           Registration to this session is open and free of charge to all current and prospective ISACA members.

•           A registration door prize will be drawn from the list of duly registered attendees.



·         5.30pm – Registration and session sign-in – required to receive applicable CPE credits

·         6:00pm – START – Welcome, Introductions, Agenda

·         6:05pm – Monthly PD Session, Questions & Answers

·         6:50pm – The Soapbox – Chapter Updates, Announcements and Issues of interest to members

·         7:00pm – 15min Topic presentation

·         7:15pm – Networking opportunity – drinks and finger food to be served

·         8.00pm – Event Ends



EY Melbourne Office – 8 Exhibition St Melbourne VIC 3000


About the Speaker


Brad Ellis is the Principal Consultant of Ellis Network Associates covering all aspects of cyber security. During previous presentations at ISACA’s Melbourne Chapter, Brad earnt a reputation as “The Web Security Guy”. Brad’s clients have remarked on his “No-nonsense approach to security policy enforcement & best practice”. This no nonsense approach is important with high value websites, as a wide range of your organisation’s security capabilities are on public display.


Brad has more than two decades of professional experience, with nearly twenty of those years focused exclusively on security in a diverse range of organisations from sectors covering Service Providers, Tertiary Education, State Government, Finance and the Utilities sector. His has many professional certifications, with the most recent addition being the SABSA Chartered Foundation Certificate (SCF).