AusCERT 2012: What’s changed since 2011?

I’m currently on the train down from the Blue Mountains to Sydney, en route to the AusCERT 2012 information security conference on the Gold Coast, and I’m thinking about what stories might emerge.

Here’s what I wrote last year when, just like this year, I was on the ZDNet Australia team:

The feeling I get from scanning those headlines is that there’s always a lot of scaremongering but the threats often don’t materialise. Are the threats over-stated? Does pointing out the threats trigger an effort to counter them, thus defeating them? Is it all just a bit too screechy?

And over the last year there’s been so much talk of imminent cyberwar. Is that just this year’s fashionable scary thing on a stick? I intend to ask a few questions. And I’ll plug it again: Thomas Rid says we shouldn’t believe the hype.

I haven’t yet looked in detail at the conference program but will do so over the next few hours. What do you reckon I should be investigating?

[Update 16 May 2012, 0625 AEST: Changed second paragraph to emphasise that I am covering the event for ZDNet Australia this year as well as last.]

Press conference with Det Supt Brian Hay

Here is the full audio recording of the press conference held this morning by Detective Superintendent Brian Hay, head of the Fraud and Corporate Crime Group of the Queensland Police Service in relation to the arrest of Fairfax journalist Ben Grubb.

Play

For background, here are the related ZDNet Australia stories, and I’ll post further linkage when I have the time. That’ll include a fairly full collection of media stories.

Note that the Facebook hack was not demonstrated at the AusCERT Conference but the Security BSides Australia conference. There’s a few more misconceptions in some of the media reportage, but I’ll do another post about them I figure.