Stilgherrian (@stilgherrian)

Wentworth Falls NSW AU

The below is an off-site archive of all tweets posted by @stilgherrian ever

July 25th, 2012

@RealNickHodge Indeed. Experimenting or second machine is one thind, but the machine you have to use first thing on deadline? Risky.

via Janetter for Mac in reply to RealNickHodge

Amused that people install a brand new OS, sight unseen, on their key operational computer(s).

via Janetter for Mac

Pottering at the desk in the hotel room. Feeling warm and mellow and satisfied with the world, or at leasy special parts thereof.

via Janetter for Mac

Wait. You plan your lives around broadcast TV schedules? HAHAHAHAHAHAHAHAHA!

via Plume for Android

OH: “I don’t need a clitoris.”

via Plume for Android

@mpesce The barista is Australian in the same way that that the Thai lady is actually a lady?

via Plume for Android in reply to mpesce

73.5% alcohol… is that a lot?

via Plume for Android

We must now discuss the duck, my friend.

via Plume for Android

Boney Fucking M, right? Need I explain any further? I should hope not.

via Plume for Android

I have received the SEKRIT instructions, so I must now make my way to the rendezvous point.

via Janetter for Mac

@derekbradley @JohnBirmingham I bow to your superior knowledge of whisk(e)y, Sir!

via Janetter for Mac in reply to derekbradley

@JohnBirmingham I see we’ll have the opportunity to share a whiskey or three at Coolum next month. Should be fun, fellow Leading Thinker!

via Janetter for Mac

Didn’t brick my phone.

via Janetter for Mac

Probably not bricking my phone.

via Janetter for Mac

@Drivelry Oh yeah. Java exploits. Nasty. Also, I think @mikko’s storytelling in that episode is wonderful. zdnet.com/cybercrime-its…

via Janetter for Mac in reply to Drivelry

@expectproblems @nanopunk And 19,000 tons of molasses. You just can’t go wrong with that stuff. We had it for the cows. Mostly.

via Janetter for Mac in reply to expectproblems

By the way, the thing is Bohemian. So Czech. Mostly. But even if it were Belgian, it would still not be compulsory.

via Janetter for Mac

RT @stephendann: Not even as a warning to others? [Fair point. “Here there be vaguely shit noodles served by arseholes.”]

via Janetter for Mac in reply to stephendann

Wagamama does not deserve to be marked on maps, ever.

via Janetter for Mac

@nanopunk @expectproblems Even if I knew what you were talking about I’d deny all knowledge

via Janetter for Mac in reply to PitcherJenna

@expectproblems @nanopunk I think we all need a 14,000 ton bulk carrier. We could make a fortune. Carrying, erm, bulks.

via Janetter for Mac in reply to expectproblems

How many inches? What?

via Janetter for Mac

@ACCAN_AU Is that the Justin Bieber principle of approval? Fifty million blowflies can’t be wrong? ;)

via Janetter for Mac in reply to ACCAN_AU

Given that I have conflicting commitments this week, and the program is less interesting personally now, I’ll skip this arvo.

via Janetter for Mac

Anyway, isn’t it Czech?

via Plume for Android

Belgium is not compulsory.

via Plume for Android

Since campus security is not exactly my thing, I will probably bail from this and have lunch.

via Janetter for Mac

Mind you, LUNCH was meant to start at 1300, not another presentation. Timing discipline fail.

via Janetter for Mac

Yay! Next: Morgan Andrews, Manager, Campus Security, Uni of Sydney: “Case study: security in a multi-stakeholder environment”

via Janetter for Mac

“I’m probably running out of time,” he says, before introducing a whole new sub-topic.

via Janetter for Mac

@Davidramli This current bit has perked me up a bit, I grant you. Maybe it’s just that dead zone before lunch. And way too long.

via Janetter for Mac in reply to Davidramli

This presentation isn’t so much an analysis of global risk but a list of all the things that scare him.

via Janetter for Mac

RT @dobes: I’d like 12 inches of NBN please. [Once you’ve had the first 12, you’ll inevitably crave more.]

via Janetter for Mac in reply to dobes

Apparently, and stop me if you’ve heard this before, people may even work remotely or not at a fixed desk.

via Janetter for Mac

Davidramli Interesting to hear ANZ’s head of group security mention “regulatory activism” by government and bank robberies in the same talk on risks.

via Twitter for BlackBerry® (retweeted on 12:33 PM, Jul 25th, 2012 via Janetter for Mac)

Actually, @glengyron, I’m also familiar with the FN SCAR-H assault rifle. A bit noisy indoors but, you know, does the job.

via Janetter for Mac in reply to glengyron

RT @glengyron: I think @stilgherrian either needs sugar or a glock. [Both. Actually I don’t know the Glock. Browning Hi-Power please.]

via Janetter for Mac in reply to glengyron

“People rob banks because they have money in them. That’s a message so simple even banks understand it.”

via Janetter for Mac

“Crime is transnational. It’s enabled by the cyber world in particular.” [Goodness me!]

via Janetter for Mac

It’s just before lunch, sure, but I’m not hearing anything more than “we’re global and complex now, and so is risk”.

via Janetter for Mac

Current world: globalisation of risk; magnification of risk; age of scarcity?; int’l regulatory activism; societal change.

via Janetter for Mac

Ah. Dirk Gently’s Holistic Detective Agency. Fundamental interconnectedness of all things. This is where we are, apparently.

via Janetter for Mac

This man has been talking all this time and yet I haven’t felt the urge to report any of it. Other journos are checking email.

via Janetter for Mac

Next speaker: Damian McMeakin, Head of Group Security, ANZ Bank: “Managing threats inside and out of an organisation”

via Janetter for Mac

The ASIAL bloke is spending FAR too long pimping their national registration scheme.

via Janetter for Mac

RT @peterhau: problem is that ppl confuse DDoS attacks with, well, everything coming in. net down? spam filter failed? DDoS. cracks me up.

via Janetter for Mac in reply to peterhau

Thank you and goodnight, Minister.

via Janetter for Mac

“Of course some people in this room may have different views.” [Yes, Minister, they may.]

via Janetter for Mac

Says government is addressing complexity of regulation of private security industry, considering uniform national licensing.

via Janetter for Mac

Plugs government’s more-flexible Protective Security Policy Framework, encourages businesses to adopt it.

via Janetter for Mac

Now running thru publications produced by Attorney-General’s Department about organisational resilience etc.

via Janetter for Mac

Roxon now running through recent government-industry initiatives. Document verification, critical infrastructure info sharing.

via Janetter for Mac

Mentions that identity crime is not new, but is increasingly an enabler of other kinds of crime.

via Janetter for Mac

Promotes DSD’s Top 35 mitigation strategies (as do I), suggests organisations consider them. dsd.gov.au/infosec/top35m…

via Janetter for Mac

Recent attack trends: CERT-AU seeing more Aust companies facing DDoS extortion attacks, and execs targeted thru support staff.

via Janetter for Mac

Stresses government-industry partnership, boosts importance of Aust Crime Commission legislation, boosts CERT-AU.

via Janetter for Mac

Security moving from need-to-know to need-to-share. National security threats are moving online.

via Janetter for Mac

Roxon: Security industry important part of national security, expecially since 9/11. Stadard position-with-audience statement.

via Janetter for Mac

She begins! The Hon Nicola Roxon, Attorney General of Australia.

via Janetter for Mac

Still. Waiting. For. Nicola.

via Janetter for Mac

@juhasaarinen I’m pleased to see that you’re making even less sense than usual. Well done.

via Janetter for Mac in reply to juhasaarinen

It you came in late, I’m tweeting today from the Security 2012 conference program. asial.com.au/ConferenceProg…

via Janetter for Mac

The Attorney-General is a few minutes away now.

via Janetter for Mac

Oh. “Don’t overdo the risk part” was a separate point, making six in all. I can’t count.

via Janetter for Mac

5. Need diversity in your team. Don’t stack security with ex-police and military. They’ll work well together, but…

via Janetter for Mac

4. Play to your strengths, e.g. in a physical distribution company relate other security fields to that.

via Janetter for Mac

RT @semiboganman: ie: our employees are too stupid to have a clue, so we will spy on them [Sounds good to me. ]

via Janetter for Mac in reply to semibogan

It’s hard to explain security risks in an organisation because wirks like threat, risk, mitigate etc aren’t understood.

via Janetter for Mac

One challenge there is being able to measure and explain your security performance, since it’s so often reactive.

via Janetter for Mac

3. Must articulate the plan clearly, in language everyone can understand, in one-page business plan.

via Janetter for Mac

2. Need to understand the organisation. All security programs much the same, must meld to organisation’s existing culture.

via Janetter for Mac

That essentially means that you need a specific “champion” for security in the organisation.

via Janetter for Mac

1. Need real support at senior levels so it gets the focus and attention it needs.

via Janetter for Mac

This presentation is six key things you need to consider when developing a security culture. Useful, I reckon.

via Janetter for Mac

Attorney-General’s plane delayed, so next up Nicholas Martin, Occams Razor with “Creating a strong Corporate Security Culture”

via Janetter for Mac

@jamescmcpherson Heh. I don’t think there’ll be a Q&A with the Attorney-General. It’s a keynote and then out the door job.

via Janetter for Mac in reply to jamescmcpherson

Morning tea break. We resume at 1100 with the Attorney-General.

via Janetter for Mac

Apparently Thales’ security needs are a little more complex than most companies. Who knew?

via Janetter for Mac

Thales guy cites a case where BAE Systems pleaded guilty to defence security breaches, $400M fine. No schadenfreude at all.

via Janetter for Mac

@Davidramli True, there’s actually some good material downstairs as well. BUT YOU MISS THE POINT OF MY DIVISIVE TWEET.

via Janetter for Mac in reply to Davidramli

Technology won’t protect you from nation-state cyber-espionage, says Thales guy. It’s your organisational culture.

via Janetter for Mac

I think I’ve discovered another journalistc caste system. Who’s up here in the conference, who’s down there in the trade show.

via Janetter for Mac

It appears that @joshgnosis has crossed over into The Twilight Zone.

via Janetter for Mac in reply to joshgnosis

BTW, @franksting is tweeting from the trade show seminar program at so there’s a different angle.

via Janetter for Mac

So, the Thales model is useful if you want to develop a security strategy in your organisation. I’m sure they consult on this.

via Janetter for Mac

RT @shariv67: I’m sorry, but your safe word must use letters, numbers, punctuation and be at least 16 characters long. [HT @expectproblems]

via Janetter for Mac in reply to shariv67

And now, a sequence of complicated charts showing how Thales implements these systems and compliance across the organisation.

via Janetter for Mac

Thales guy is reinforcing the message that the Board and CEO need to understand security.

via Janetter for Mac

Oh there was a bit of a Thales vendor pitch happening just then. I won’t tweet the promo video. You’re welcome.

via Janetter for Mac

RT @peterhau: @stilgherrian I don’t brush my teeth every morning. WHAT DOES THAT MEAN?? [It means trouble forming relationships?]

via Janetter for Mac in reply to peterhau

[The PwC survey in the previous presentation was “6th PwC Global Economic Crime Survey”, thanks @intrepidfear]

via Janetter for Mac

@jamescmcpherson I’ll be tracking down the presentations later, but I also have reference-grade-only audio of the event.

via Janetter for Mac in reply to jamescmcpherson

“Every employee needs to be thinking about security the same way they think about brushing their teeth each morning.”

via Janetter for Mac

@semiboganman How dare you suggest that any membership-based organisation might work out a way to massively increase its membership!

via Janetter for Mac in reply to semibogan

Strategic Security Executive is most senior security professional in organisation, responsible for those outcomes.

via Janetter for Mac

Security outcomes: reputation, product integrity, suitable peple, available assets, trusted partnerships, shareholder support.

via Janetter for Mac

@S7U Google must really hate you.

via Janetter for Mac in reply to S7U

Next speaker: Jason Brown, National Security Director, Thales: “The strategic security executive”

via Janetter for Mac

There’s an iPad app containing all that PwC survey data on Australian attitudes to economic crime. Missed its name.

via Janetter for Mac

@lomantik I suspect it’s more that online commerce in Australia is a bit behind the pace. Cyber is someone else. My guess.

via Janetter for Mac in reply to lomantik

3. Investigate (incident response plan, resilience, legal involvement, insurance) All 3 steps need c-level support.

via Janetter for Mac

2. Detection (whistleblowing framework, detective controls, fraud analytics)

via Janetter for Mac

1. Prevention (policies, training, due diligence)

via Janetter for Mac

Another three-step plan is coming, this time on fraud control. Here we go…

via Janetter for Mac

Oops. Interesting background on new anti-bribery legislation in UK, and new actions by Australian Federal Police. Missed it.

via Janetter for Mac

3. Make sure your organisation has a cyber-savvy CEO. [So, sackings are imminent?]

via Janetter for Mac

2. Raise cybersecurity awareness in the organisation, ‘cos knowledge tends to lag behind the threat landscape.

via Janetter for Mac

1. Develop a written cyber-incident response plan, with specialists to call upon as soon as an incident is discovered.

via Janetter for Mac

Three-step plan for getting your company better protected against cybercrime. Here they come…

via Janetter for Mac

Odd. He sees Anonymous’ attacks on Visa and Mastercard as “oblique” reasons. I thought the WikiLeaks thing was pretty clear.

via Janetter for Mac

[Please insert standard types of cybercrime orientation messages here.]

via Janetter for Mac

In Australia 60% of companies see greatest cybercrime risk coming from outside organisation, but globally the figure is 46%.

via Janetter for Mac

There’s lots of facts and figures in this presentation, so I’ll try to post the full thing somewhere later up.

via Janetter for Mac

@peterhau Yeah this is security in its fullest spectrum. From Maglites for nightclub bouncers to fraud detection for financial services.

via Janetter for Mac in reply to peterhau

Profile of a fraudster: Age 31-40 (55%); male (75%), that’s usual; management or junior staff (90%); 3-5 years service (40%)

via Janetter for Mac

Why is the man from PwC saying the economy is “in a tough patch” at the moment? I suddenly doubt everything else he says.

via Janetter for Mac

Proportion of fraudsters who were internal to organisation has risen from 33% in 2009 to 54% in 2011.

via Janetter for Mac

In 2003, 2% of Aust companies experienced bribery and corruption. Now 27%, what with overseas business links etc.

via Janetter for Mac

PwC survey showed Aust business suffer higher economic crime than average. Healthcare worst, 50% suffered fraud in last 12 mo.

via Janetter for Mac

RT @peterhau: @stilgherrian so what is a CISSP then? [Think less Snort logs, more security cameras and burglar alarms.]

via Janetter for Mac in reply to peterhau

Next speaker: Malcolm Shackell, Partner, PwC, on “Cybercrime: Out of obscurity and into reality” on economic crime.

via Janetter for Mac

ASIAL is launching today a certification program for security technicians. So there wasn’t one before?

via Janetter for Mac

Yes, Big Date, @purserj. A really big, juicy date.

via Janetter for Mac

5. Everything is a service.

via Janetter for Mac

4. Big Date is a thing, and using that Big Data can make things simpler.

via Janetter for Mac

3. We have an expectation of a safe world.

via Janetter for Mac

2. We’re moving into a smart, connected, mobile world.

via Janetter for Mac

1. In a carbon-constrained world we’ll need to use less energy.

via Janetter for Mac

The Schneider Electric rep has five significant megatrends for the security industry, which I shall now tweet for you.

via Janetter for Mac

“Electronic security can enable productivity growth,” says sponsor representative, who sells electronic security.

via Janetter for Mac

From the lower regions, I am receiving a message than man cannot live by tub waan alone.

via Janetter for Mac

Ged Byrnes, president ASIAL: Industry challenges are Fair Work Australia and licensing regimes. So bugger the bad guys.

via Janetter for Mac

@leslienassar As a Cold War baby, I believe the long-term plan is to roll right back to flint knives and bear skin rugs.

via Janetter for Mac in reply to leslienassar

@leslienassar The Attorney-General will be here later this morning, so the message is very much that it’s NOT safe yet.

via Janetter for Mac in reply to leslienassar

I’m about to start tweeting from the Security 2012 conference. All day. asial.com.au/ConferenceProg… I’ll hashtag so you can filter.

via Janetter for Mac

@SnarkyPlatypus @jeamland I do like the sound of “dirty energy”. I think I actually met him in… oh… never mind.

via Janetter for Mac in reply to SnarkyPlatypus

Passing the Clean Energy Week conference. The RI is abysmal.

via Plume for Android

RT @jeremybrown @stilgherrian quarry st cafe if you are near Harris st and fwy overpass [Filed for future reference, ta.]

via Plume for Android

@oberonsghost Oh I’m not that fussed by coffee quality, generally. It’s just the gut-destroying conference-grade coffee pots I loathe.

via Janetter for Mac in reply to oberonsghost

At this stage, I am going to leave my hotel room and walk to the Sydney Convention Centre. They’ll have further shit coffee there too.

via Janetter for Mac

@alexkidman Who are you, young man, and what are you doing on my lawn?

via Janetter for Mac in reply to alexkidman

OK, who subscribed me to Aging News Alert?

via Janetter for Mac

@sylmobile The cocktails don’t start until 1730, and even then the final session ran late last year and it was nearly 1600 before booze.

via Janetter for Mac in reply to sylmobile

Trying to figure out which bits of today’s Security 2012 conference might be newsworthy. Or snarkworthy. asial.com.au/ConferenceProg…

via Janetter for Mac

@SnarkyPlatypus Des conneries peut être dissous dans le vermouth. Rappelez-vous cette astuce de nettoyage pratique.

via Janetter for Mac in reply to SnarkyPlatypus

@SnarkyPlatypus Bonjour. Je me prépare pour une journée de conférence en cours. Avec des oeufs. Et vous?

via Janetter for Mac in reply to SnarkyPlatypus

Microsoft Word Track Document Changes why even?

via Janetter for Mac

RT @HappySinger: I can’t stop laughing at this. Send help. twitpic.com/ab6lis [Or, send magnets.]

via Janetter for Mac in reply to HappySinger

New blog post: “Talking malware and stuff on @phildobbie’s Balls Radio, FM 99.3”, with last night’s audio. stilgherrian.com/conversations/…

via Janetter for Mac

New blog post: “And for the trifecta, I’m speaking at ACCAN’s conference” stilgherrian.com/personal/and-f…

via Janetter for Mac

I cheated and did parts of some of those things last night.

via Janetter for Mac

Wed plan, already: Write for @technologyspec; blog posts; Security 2012 conference asial.com.au/Security2012 all day; dinner with somebody.

via Janetter for Mac

Hello Wednesday, you bitch.

via Janetter for Mac