TERM 4, 2018
CYBER SECURITY 3.5
million new jobs by 2021 p5
CBA cyber intel analyst Dan solves real-world crime p10
FAST GROWTH CYBER CAREERS
Top skills for cybersecurity careers p9
> STUDY PATHS <> CYBER CHALLENGES <>TOP GLOBAL HACKS <> PROTECT YOURSELF ONLINE <
Great things happen when you bring different perspectives together. Which is why at CommBank weâ€™re looking for the best and brightest minds to join us. With over 16 business areas to choose from, CommBank offers a vibrant, innovative environment to start your career. So if you didnâ€™t imagine yourself working at a bank, now is the time to start. To find out more visit commbank.com.au/unlikelymatch or to get a sneak peek at life at CommBank search #CommBankLife on your socials.
>FOREWORD< keeps growing. By 2021, he world of cybersecurity filled in be 3.5 mi llion roles* to be it’s estimated there wil l er threats, cyb new h wit ed , we are fac cybersecurity. Every day sta con ntly seeking ities, which is why we are ecurity sector. cha llenges and opport un e people to join the cybers ativ cre and e nat sio pas talented, of life. One thing rity come from all wa lks ecu ers cyb in s yee plo Em ort unity to engage cybersecurity is the opp I love about working in ally and professiona lly. e backgrounds – cultur wit h people from divers , economics, business, in computer science, law My peers have degrees kout for people who loo the re. We’re always on mo and e enc sci al itic pol apart just to see how who love taking things love to solve problems, communicate well. vitate towards they work, and who can many different people gra so y wh ng eri nd wo ’re I bet you in cybersecurity e the challenges we face cybersecurity. It’s becaus man behavioural hu and l ica olve both techn are multifaceted and inv ment of social and attacks involve an ele solutions. Many threats ted into clicking ula le, when people are manip engineering. For examp fake attachments. on links or downloading ates an attacker and understand what motiv to d nee This means we can defend against son being targeted so we the behaviours of the per helping people and s lding technica l solution attack. This involves bui steps (such as e tak and ) as phishing emails ch (su s eat thr ise ogn rec to ation safe and secure. es) to keep their inform creating strong passphras world of opport unity you? It means there is a What does this mean for of s tomorrow. A fut ure ome our cyber superstar for young people to bec llenges, and contributing cha g ng new and excitin kli tac es olv inv er cyb in the world – a safer place. to ma king Australia – and
LAUREN TROMPP. *CYBERSECURITYVENTURES.COM/JOBS/
Cyber y t i r u c e S – We need YOU!
Kate Ing wersen of the CISTO General Manager, Office ty & Trust Officer) uri Sec n (Chief Informatio Commonwealth Bank
wa is uys mat realsed in hs life! 1 Cryp
From togra protectin pher data g milit to chas cryp tographe ing digit ary and finan infor cial mation rs write al crooks, and unm algorithm ask cybe s to mas rterroris k How ts. math Mod ular arithm s is pad lock us s” and etic help ed basis key alge of “elliptic s; alge s create bra “dig protec cur ve” braic ital ts clas crypto geome try gra sifie d info phy; absis the rma trac tion t .
CAR Care IN ACT EER ersw ION S ithS vide TEM.com os /
> More than 200 real-world careers & 500 STEM
articles searchable by ‘STEM’ and your ‘X’ – your passion, goal or another study field
Disco with ver care math s ers
Maths is in spor used in ts, reta hundreds more. It’s criti il, architect of careers like UX cal to ure and new and datadesigner care , 3D ers you the scientist animator s – plus s you needproblem , it -solv for any ing skill gives care s er.
Get mo re
degrees, plus job and salary data
math Geo me is vita try and s is trigono used analysil for blo me od probab s; statist pat tern try ics ility whe n ma come and tching to the fore DNA pat tern s.
second buy, dollars s, you can ange are sell spent. decide Tr to quic and Foreign how ader kly spo invest t inef in curren currenmillions ficie cies cy trad of ncie s in and use ers the How mar maths kets. Statisticmaths traders s and prob is used ability spot Alge market help bra, calculus trigonom gaps. let trad etry and ers wor k out risk.
Grab the Care e-mag ers with Maths Care free onlin ersw e, ithSTEM or go to care er of cool ideas and .com to find brow , crea tive stud se hund more reds y opti ons.
> Career quizzes, videos and 1000 STEM + X
Just ic Sc like forensic the star ientis by anal t scientist s of TV’s ysing CSI, spat ter patt DNA sam s solve crim ples erns and muc , blood es h mor e.
Probab math trigono ility and s is metry statist used ics help s pre assess
dict Supp loca weathe r; This orted by tion work the and is licen Aust movem ralia sed unde n Gov ent. r a Crea ernm tive ent Dep Com mon artment s Attri of Edu butio n-Nocation and ncom merc Training ial 4.0 . Care Inter ers natio with STEM nal Publ ic Liceposters nse. are a publ Cont icati act info@ on refra of Refractio ction med n Med ia.co m.au ia. © 2017 or (02) Refr 9188 action 5459 Med
Nurse e frontl s are car at the e ine and in hospita of hea in the ls, clin lth com How ics mu nity Percen math . ratios tages, s is used frac tion who are par s, calc t are based consta of the dail ulation y on fact ntly monito work of s and ors nurses such ring dru as a , patient g dosage ’s wei s ght.
Accurat rolo gist e and fore time emergen casts are criti ly weather for extr cy serv cally ices impo eme deliv rtant even ts; and ery; prep for arat safe aviation ion .
S! VIS IT CA RE
> STEM Careers app with links to live job info > Classroom poster and curriculum-linked notes
M FO R
ING ia, all
E QU IZZ
ES AN D MO RE
> Weekly e-newsletters – sign up now!
CONNECT FOLLOW AND SUBSCRIBE AT CareerswithSTEM.com ENQUIRIES AT INFO@REFRACTIONMEDIA.COM.AU OR + 61 2 9188 5459 5
rism and The war against theft, terro line espionage is now fought on
Austra lian Cyber vey by the government’s ccording to a recent sur the countr y oss acr s of organisation Security Centre, about 90% 6. 201 and 5 201 en we attack bet suffered a cybersecurity where hackers e ctic pra n mo com a is mple, Spear phishing, for exa y using bog us emails. ormation from a compan inf or ney mo al ste to k see y to send money or someone wit hin a compan The idea is to convince hable. American tech s – and no one is untouc information to the bad guy mil lion (NZ$69.48m) $63 AU n rks lost more tha company Ubiquiti Netwo rs ago. email scam just a few yea due to a spear phishing cyber crime wil l cost 1 urity Ventures, by 202 Sec ber Cy to g din cor Ac 82t), and wit h the added rld AU$8 tril lion (NZ$8. companies around the wo par t of the Internet of 20 billion dev ices wil l be prediction that around everyt hing is vu lnerable. and tty much everyone pre 0, 202 by ) (IoT s ing Th s, such as pacemakers, lantable medical dev ice Even people wearing imp munication capabi lities. wit h their wireless com are at risk from hackers investing heavily in are ies and compan In response, governments 2018 more tha n rld. It is estimated that in securing our online wo ecurity worldw ide. ers wil l be invested in cyb 0b) $14 (NZ ion bill 7 $12 AU ecurity is a field s and investments, cybers Given all the growing risk oming high in demand. where jobs are rapidly bec
It’s up to you!
the world from ersecurity expert is to rid The ultimate goa l as a cyb cific. spe , however, is a bit more all cyber evi ls. The rea lity fixing technolog y and g tin ven pre of problems: processes and “We focus on three types new ing sof twa re related); design bui ld their to issues (both hardware and ple peo h wit not work; and working do t tha ses ces pro ing Sci fix Research entist Ma rthie Grobler, a Senior online resilience,” says CSIRO, Austra lia’s e and technolog y arm of at Data61, the data scienc . national science agency ormation technolog y job for everyone in the inf a is net the Protecting says Steve Morga n, ” rker needs to be involved, (IT) world. “Every IT wo es. – Ka rl Gruber tur Ven ty uri ief at Cybersec founder and Editor-in-Ch
E! BE SAF RSELF T YOU PROTECNST SPEAR AGAI NG PHISHI
t to he a r t ou ou r you r l w ith the p ’t n o D • Be ca refu ne. the web. n you sha re on li io t a in for m on li n ks n’t click u n less o D ? il a • Got em a d atta ch ments in g it. lo or dow n the person send w o y ou k n • Even then, ther e is your emai l wa s ha a chance cked, so be su re the emai l m akes sense to you and it doesn’t have an unex pected lin k or atta ch ment. • Tr ust your inst incts. If an emai l seems odd, report it to your un i, school, pa rent or IT secu rity staf f. Better sa fe than so rr y.
‟There will be 3.5 million cyber security jobs unfilled by 2021”*
Securing your future
e im r c in k c a b g in Track rsecurity career Vanessa Dwyer’s cybedetective work involves lots of st at a Dig ital Forensic Analy anessa Dw yer works as es olv inv job k, where her the Commonwealth Ban sometimes, thinking like and rk wo ive ect det plenty of like Sherlock Holmes am “I a cyber criminal might. involves ,” says Vanessa. “My job – except wit h computers taken has ary ers adv ial ent pot ta put ting all the steps tha .” of what they did together to form a story , countr y tow n nea r Ora nge all sm a in up g Growin ated by cin fas e am bec a ess in centra l west NSW, Van keyboa rd er showed her around a computers after her sist at just 13. er put com n ow her bui ld and she lea rned how to er her aft rity d in cybersecu Vanessa became intereste ter wa d, foo t tha out r pointed universit y facult y adv ise ked that to lin and – ds nee an and security are basic hum ued her. fessionals, which intrig a shortage in security pro ealth nw mo Com at m gra te pro “While doing my gradua tion ir cybersecurity sec Ban k I reached out to the
and asked for a rotation there. During my time, I found out that I rea lly loved it – so here I am!” Her role encompasses a range of tasks, from identifying threats to fin ding internal red flags – like identifying inadve rtent data breaches, data loss protection and even instances of social eng ineering. “You need to be able to lea rn quickly and enjoy being in a consta ntl y cha nging env ironment, because the re’s always new types of security inc idents happening,” she says. “It’ s never boring!” – Fra n Molloy
Bachelor of Information Technology, University of Wollongong
Developer Placements at 4Solutions and GBST
Graduate trainee, CBA
Digital Forensic Analyst, CBA
e c a p s r e b y c n i Careers
y surprisingly creative capacit th wi ea ar job d ce pa stfa ing, high-paid, Cybersecurity is a fast-grow ms s and rea l human proble g crime inst the sex trade, solvin jobs, rts, protecting people aga effo s in the top five emerg ing aud eer i-fr car ant to rity ple ecu ers cyb h wit d An us. ts rom finding missing peo rity protec of. ways in which cybersecu career field to be a par t – there are a my riad of -seekers, it’s an amazing job lion mil 525 of ort rep according to a Lin kedIn
Get cyber savvy
urity concepts? Lost in some cybersec ed hreatsaurus”, publish “T is th at ok lo a ve Ha mpany Sophos by Online Security Co
THREATSAURUS Backdoor Trojan
eone A backdoor Trojan allows som to take control of a user’s ission. computer without their perm
An exploit takes advantage of a vulnerability in order to . access or infect a computer
Keylogging is the process of s by secretly recording keystroke . rty an unauthorised third pa
s Phishing refers to the proces o int nts ipie of deceiving rec sharing sensitive information with an unknown third party (cyber criminal).
**SOURCE: EMERGING JOBS REPORT, LINKEDIN; CYBERSEEK, DATA 61
ess Software that denies you acc til un ter to your files or compu you pay a ransom.
sender Email spoofing is when the d for address of an email is forge eering. gin the purposes of social en
Get started in cybersecurity Take up these cybersecurity challenges! Cyberchallenge.com.au - a hacking competition for Australian undergraduate students Cybersecuritychallenge.org.nz - for tertiary and secondary students in New Zealand
Top skills for top jobs in cybersecurity (according to industry experts)
What do cybersecurit y specialists do? Jobs in cybersecur
ity include anything from cy ber communications to emergency response, on line security or sales and m arketing What’s a typic al day?
“My day-to-day job dep ends what I’m working on. I have built cybersecurity curricula, assessed vulne rabilities in critica l scenarios, contrib uted to national cybersecurity strategie s and policies, designed a vir tua l hea lth assistant and ana lysed a dataset of 1.3 billion passwords.” Dr Ma rthie Grobler – Sen ior Research Scientist, CSIRO’s Data6 1 “Most of my days involv e keeping abreast of evolving threat s, research and applications in emerging and disruptive tech (cyber, Internet of Things, Fintech etc). I advocate for cybersecu rity in these areas, help the innovatio n ecosystem and entrepreneurs in Austr alia, and build strategic par tnerships, alliances and revenue (grow th) opport unities.” Da niella Tra ino – Gener al Ma nager Cyber Security, aizoOn Austra lia, NonExecutive Director & Str ategic Advisor, IoT Security Austra lia
What problem are yo u trying to solve ATM?
“One problem I’m trying to solve is: which data can be trusted? Th is leads to the question of bringing tog ether data from different contexts and reasoning about their trustworthiness.” Professor Vijay Varadharajan – Director, Advanced Cyber Security Engineering Res earch Centre “At Google, we identify and mitigate threats to employees; fin d and respond to ma licious actions target ing our users and our company; prevent the loss of user trust and protect intellectual proper ty.” Googler cybersecurity spe cia lists “We focus on three typ es of problems: preventing and fixing tec hnology issues, designing new processes and fixing processes that do not wo rk, and working with people to build the ir online resilience.” Dr Ma rthie Grobler – Senior Research Scientist, CSIRO ’s Data61
another 11,000 specialists are needed over the next decade in Australia alone”
• P atience •G ood communication skills • T he ability to identify the sweet spot between security and usability and knowing when to compromise • P roblem solving and being able to investigate thoroughly •R esilience: Cybersecurity is a long game – a continuous and often complex process – so resilience is key • A bility to communicate and assess risk in both a technical and business context: cybersecurity risks and requirements will have trade-offs that need to be balanced alongside the risk appetite of the organisation/stakeholder • T he ability to understand all things abstract is crucial, since by definition cyber space is immaterial and intangible • P recise attention to detail, whether you are doing research, communicating the latest cyber threat or vulnerability, or if you’re just programming •W orking efficiently: you need to work with relative urgency, since the cybersecurity space is a fast-evolving domain
START YOU R CAREER HERE
Bachelor of Forensics, M Science (BSc) in Cyber urdoch, bit.l y/ BachCyber Security and Bachelor of ForensicsMur Cyber Secu doch rity and Beh Sydney Uni aviour, Wes versity, bit.l te rn y/ Ba ch CyberWestS Bachelor of ydUni Information Technology Cybersecuri (Networking ty), UniSA , and bit.ly/ BachIT NetworkUniSA
CS+cyber security J OBS Cyb
Hack into the gap • T here are 300,000 cybersecurity roles open in the US right now and demand is growing • There are five times as many cyber specialist roles now (2017) compared with four years ago** • More than 3.8 billion people access the internet RN • Every month, at least 50,000 new cyber threats arise that expose internet users to risk • Another 11,000 cybersecurity specialists are needed over the next decade in Australia alone
ersecu AU $59K– $1 rity analyst: 04K / NZ$ 36 K– $90K Information security man AU $97K– $1 65K / NZ$ 61 ager: K– $144K Security en gineer: AU $54K– $1 54K / NZ$ 58 K– $160K Senior secu AU $98K– $1 rity consultant : 32K / NZ$10 6K– $140K *Source: sala ries accordin g to payscale.c om
Read more on CareerswithSTEM.com: What is cybersecurity and cyber crime? bit.ly/CwSWhatisCyber
>CYBER+CBA< ical, Bachelor of Electr unications mm Co d an ics on ctr Ele r of Engineering/Bachelo SW Computer Science, UN
Network Asset Systems officer, Essential Energy Cube Satellite Developer (volunteer), ACSER
Gr aduate trainee, CBA
CyberSecurity Intel Analyst, CBA
Flip For Ca reers with Code
Cyber crime Fighter A career in cybersecurity involves a determined and persistent approach to problem solving, says Daniel Sherratt
t uni, Daniel Sherratt says he became intrigued with cybersecurity thanks to the fascinating ‘war stories’ from his lecturer about cyber heists and various hacking exploits through history. Tales such as the ‘Captain Crunch’ cereal box whistles, which could be used to imitate a code that bypassed international call restrictions – from a phone box – caught his attention. So, Daniel did a double degree in electrical, electronics and communications engineering with a Bachelor of Computer Science at UNSW Sydney, while also completing a summer internship in the cybersecurity area of Commonwealth Bank. “That’s when my interest in the field really blossomed,” he says. “I was offered a graduate role at the Commonwealth Bank after my degree, and worked on some really interesting projects.” He now works as a cyber intel researcher, exploring cyber threats to understand the ways the bank could be potentially targeted by cyber attacks. “It involves investigating malicious activity like phishing scams, where people are enticed to click on links and give their credentials,” he says. “We investigate those emails, find out more about that malicious actor, and then get those websites shut down so customer impact is minimised.” “To work in cybersecurity, you need a curious mindset and be willing to keep digging to find solutions,” he says. Cybersecurity specialists help enable companies, while making sure that data and systems are secure, Daniel says. “If we could stop everyone from using the Internet we’d be 100% secure. But our aim is to protect our customers and users. It’s a balancing act to build a more robust and resilient digital economy against emerging cyber threats.” – Fran Molloy
To work in cybersecurity, you need a curious mindset and be willing to keep digging to find solutions”