Skip to content
Fortify Your Digital WorldStay Ahead with Tech Waves

Exploring Cybersecurity's Future - Exclusive Insights from AISA's Canberra Conference 2024

As the Solutions Engineering Manager for APJ at OPSWAT, maintaining awareness of evolving trends and advancements in cybersecurity is both a professional duty and a personal interest. At the AISA Canberra 2024 gathering, several cybersecurity industry figures gathered to share insights on the...

 and  Administrator
3 min read
Exploring Cybersecurity's Tomorrow - Perspectives from AISA Canberra 2024 Event
Exploring Cybersecurity's Tomorrow - Perspectives from AISA Canberra 2024 Event

Exploring Cybersecurity's Future - Exclusive Insights from AISA's Canberra Conference 2024

The AISA Canberra 2024 event, held recently, brought together a diverse group of industry experts to discuss the latest developments and challenges in cybersecurity. Among the speakers was Yiyi Miao, OPSWAT's Chief Product Officer, who delivered a key session on a holistic perimeter defense strategy for IT and OT networks.

OPSWAT, a global cybersecurity leader, is taking steps to align its presentation information with the Australian Signals Directorate's (ASD) Information Security Manual (ISM). The OPSWAT Australian team is working towards this goal, aiming to prevent the exploitation of known attack vectors while adhering to ASD recommendations.

One of the key aspects of this alignment is the implementation of various security measures as outlined in the ISM. For instance, ISM-1600 (Revision 1) states that media should be sanitized before first use, a practice that OPSWAT is incorporating into its operations. Similarly, ISM-1288 (Revision 2) requires files imported or exported via gateways or Cross Domain Solutions to undergo antivirus scanning using multiple different scanning engines, a measure that OPSWAT is implementing.

Moreover, ISM-0649 (Revision 8) requires files imported or exported via gateways or Cross Domain Solutions to be filtered for allowed file types, a requirement that OPSWAT is addressing. ISM-0659 (Revision 6) requires the same files to undergo content filtering checks, another measure that OPSWAT is implementing.

The plans also aim to address the control of data flow in unidirectional gateways. ISM-0643 (Revision 7) suggests using evaluated diodes for this purpose, a suggestion that OPSWAT is considering. ISM-0645 (Revision 7) and ISM-1158 (Revision 6) mandate high assurance evaluations for evaluated diodes used in controlling the data flow of unidirectional gateways between SECRET or TOP SECRET networks and public network infrastructure.

OPSWAT is also focusing on securing data transfer. ISM-0635 (Revision 7) suggests implementing isolated upward and downward network paths in Cross Domain Solutions, a measure that OPSWAT is considering. ISM-1521 (Revision 3) mandates protocol breaks at each network layer in Cross Domain Solutions, another measure that OPSWAT is implementing.

In addition, OPSWAT is addressing the issue of data checking during manual export. ISM-0669 (Revision 6) requires keyword checks within all textual data during manual export, a requirement that OPSWAT is implementing. ISM-1187 (Revision 3) mandates data checking for unsuitable protective markings during manual export, another measure that OPSWAT is implementing.

The event saw significant interest in AI-related topics, with large audiences for sessions with AI in the title. However, the speaker's name who delivered a keynote session on designing a holistic security perimeter for IT and OT networks is not publicly available.

Attendees at Canberra included people from government or defence organisations, students, vendors, resellers, service integrators, enterprise professionals, and risk and compliance professionals. Eoin O'Carroll, Solutions Engineering Manager for APJ at OPSWAT, was also in attendance.

ISM-1730 (Revision 0) requires a software bill of materials to be produced and made available to consumers of software for software development guidelines. This is a measure that OPSWAT, as a software provider, is committed to adhering to.

OPSWAT is also addressing email content filtering, as mandated by ISM-1234 (Revision 5), which requires email content filtering to filter potentially harmful content in email bodies and attachments. ISM-0270 (Revision 6) mandates protective markings to be applied to emails and reflect the highest sensitivity or classification of the subject, body, and attachments, a measure that OPSWAT is implementing.

ISM-0651 (Revision 5) mandates blocking files identified by content filtering checks as malicious, or those that cannot be inspected. ISM-0272 (Revision 4) states that protective marking tools should not automatically insert protective markings into emails, a measure that OPSWAT is implementing. ISM-0626 (Revision 6) recommends implementing Cross Domain Solutions between Secret or Top-Secret networks and any other networks belonging to different security domains, a measure that OPSWAT is considering.

Yiyi Miao's key principles for a holistic perimeter defense strategy include minimizing attack surface, addressing weak links, securing data transfer, adopting proactive defense, and tailoring threat prevention to specific organizational needs and threat landscapes. These principles align well with the measures outlined in the ISM, as OPSWAT continues to work towards a more secure cyber environment.

Read also:

Related

Latest