ITx Rutherford 2019 Speakers

Keynotes and Speakers for ITx Rutherford

Check back often - more speakers are being added regularly

Tom Pieterse

Information Security Manager, Datacom Systems

Tom is an Information Security Manager at Datacom with 10 years’ experience in cybersecurity. His current customer-facing role focuses on building and maintaining structures for Security Governance, Security Advisory, Security Risk Management, Security Reporting and Security Awareness.

His passion is researching security trends in advanced-threat defense, pragmatic mobile device security, security virtualisation, cloud security, and threat intelligence. Outside of his role in cyber, he spends time on mountain bike trails, DIY building renovations and exploring new places with his family.

Demystifying Cybersecurity in the Cloud

Thursday 3:00pm - 3:30pm, ITPNZ (Escrow Room 1)

Cybersecurity professionals can, for the most part, recite and have informed discussions around the fundamentals of cybersecurity and controls - think CertNZ Top 10, NIST Top 20 Critical Controls, etc. These conversations become more complex as we shift from our controlled environment to adopted cloud environments where new and unforeseen complexities open us up to new risks. We encounter slow adoption of cloud technology, unmanageable amounts of suppliers/third parties and the Wild West cloud principle where corporate governance rules don’t seem to translate well.

One way to describe this is to reference an actual cloud formation: Cumulonimbus cloud is a (physical) cloud formation that can grow up to 10 km high. These clouds are prone to heavy rain, snow, lightning, and thunderstorms. We, as cybersecurity professionals, should make cloud decisions reflect our organisational risk profile without getting caught in piecemeal unmanageable operational decisions to weather the storm.

Tom Pieterse will describe the approach to this is to have a sound understanding of cloud concepts and design, data security, PaaS | IaaS | SaaS, cloud operations and compliance requirements. The presentation frames these concepts into easy-to-understand groups that enables any level of decision-maker to re-think how these translate into the organisational risk profile.