Page 1


TERM 4, 2018


million new jobs by 2021 p5

CBA cyber intel analyst Dan solves real-world crime p10


Top skills for cybersecurity careers p9



Great things happen when you bring different perspectives together. Which is why at CommBank weâ&#x20AC;&#x2122;re looking for the best and brightest minds to join us. With over 16 business areas to choose from, CommBank offers a vibrant, innovative environment to start your career. So if you didnâ&#x20AC;&#x2122;t imagine yourself working at a bank, now is the time to start. To find out more visit commbank.com.au/unlikelymatch or to get a sneak peek at life at CommBank search #CommBankLife on your socials.

>FOREWORD< keeps growing. By 2021, he world of cybersecurity filled in be 3.5 mi llion roles* to be it’s estimated there wil l er threats, cyb new h wit ed , we are fac cybersecurity. Every day sta con ntly seeking ities, which is why we are ecurity sector. cha llenges and opport un e people to join the cybers ativ cre and e nat sio pas talented, of life. One thing rity come from all wa lks ecu ers cyb in s yee plo Em ort unity to engage cybersecurity is the opp I love about working in ally and professiona lly. e backgrounds – cultur wit h people from divers , economics, business, in computer science, law My peers have degrees kout for people who loo the re. We’re always on mo and e enc sci al itic pol apart just to see how who love taking things love to solve problems, communicate well. vitate towards they work, and who can many different people gra so y wh ng eri nd wo ’re I bet you in cybersecurity e the challenges we face cybersecurity. It’s becaus man behavioural hu and l ica olve both techn are multifaceted and inv ment of social and attacks involve an ele solutions. Many threats ted into clicking ula le, when people are manip engineering. For examp fake attachments. on links or downloading ates an attacker and understand what motiv to d nee This means we can defend against son being targeted so we the behaviours of the per helping people and s lding technica l solution attack. This involves bui steps (such as e tak and ) as phishing emails ch (su s eat thr ise ogn rec to ation safe and secure. es) to keep their inform creating strong passphras world of opport unity you? It means there is a What does this mean for of s tomorrow. A fut ure ome our cyber superstar for young people to bec llenges, and contributing cha g ng new and excitin kli tac es olv inv er cyb in the world – a safer place. to ma king Australia – and



Cyber y t i r u c e S – We need YOU!

Kate Ing wersen of the CISTO General Manager, Office ty & Trust Officer) uri Sec n (Chief Informatio Commonwealth Bank


wa is uys mat realsed in hs life! 1 Cryp


From togra protectin pher data g milit to chas cryp tographe ing digit ary and finan infor cial mation rs write al crooks, and unm algorithm ask cybe s to mas rterroris k How ts. math Mod ular arithm s is pad lock us s” and etic help ed basis key alge of “elliptic s; alge s create bra “dig protec cur ve” braic ital ts clas crypto geome try gra sifie d info phy; absis the rma trac tion t .

CAR Care IN ACT EER ersw ION S ithS vide TEM.com os /

> More than 200 real-world careers & 500 STEM

articles searchable by ‘STEM’ and your ‘X’ – your passion, goal or another study field



Disco with ver care math s ers

Maths is in spor used in ts, reta hundreds more. It’s criti il, architect of careers like UX cal to ure and new and datadesigner care , 3D ers you the scientist animator s – plus s you needproblem , it -solv for any ing skill gives care s er.

Get mo re

degrees, plus job and salary data



math Geo me is vita try and s is trigono used analysil for blo me od probab s; statist pat tern try ics ility whe n ma come and tching to the fore DNA pat tern s.

second buy, dollars s, you can ange are sell spent. decide Tr to quic and Foreign how ader kly spo invest t inef in curren currenmillions ficie cies cy trad of ncie s in and use ers the How mar maths kets. Statisticmaths traders s and prob is used ability spot Alge market help bra, calculus trigonom gaps. let trad etry and ers wor k out risk.

Grab the Care e-mag ers with Maths Care free onlin ersw e, ithSTEM or go to care er of cool ideas and .com to find brow , crea tive stud se hund more reds y opti ons.

> Career quizzes, videos and 1000 STEM + X

Fore ign



Just ic Sc like forensic the star ientis by anal t scientist s of TV’s ysing CSI, spat ter patt DNA sam s solve crim ples erns and muc , blood es h mor e.

stuf f!






Probab math trigono ility and s is metry statist used ics help s pre assess

dict Supp loca weathe r; This orted by tion work the and is licen Aust movem ralia sed unde n Gov ent. r a Crea ernm tive ent Dep Com mon artment s Attri of Edu butio n-Nocation and ncom merc Training ial 4.0 . Care Inter ers natio with STEM nal Publ ic Liceposters nse. are a publ Cont icati act info@ on refra of Refractio ction med n Med ia.co m.au ia. © 2017 or (02) Refr 9188 action 5459 Med



Nurse e frontl s are car at the e ine and in hospita of hea in the ls, clin lth com How ics mu nity Percen math . ratios tages, s is used frac tion who are par s, calc t are based consta of the dail ulation y on fact ntly monito work of s and ors nurses such ring dru as a , patient g dosage ’s wei s ght.


Accurat rolo gist e and fore time emergen casts are criti ly weather for extr cy serv cally ices impo eme deliv rtant even ts; and ery; prep for arat safe aviation ion .







> STEM Careers app with links to live job info > Classroom poster and curriculum-linked notes





ING ia, all




s reser











> Weekly e-newsletters – sign up now!




rism and The war against theft, terro line espionage is now fought on

Austra lian Cyber vey by the government’s ccording to a recent sur the countr y oss acr s of organisation Security Centre, about 90% 6. 201 and 5 201 en we attack bet suffered a cybersecurity where hackers e ctic pra n mo com a is mple, Spear phishing, for exa y using bog us emails. ormation from a compan inf or ney mo al ste to k see y to send money or someone wit hin a compan The idea is to convince hable. American tech s – and no one is untouc information to the bad guy mil lion (NZ$69.48m) $63 AU n rks lost more tha company Ubiquiti Netwo rs ago. email scam just a few yea due to a spear phishing cyber crime wil l cost 1 urity Ventures, by 202 Sec ber Cy to g din cor Ac 82t), and wit h the added rld AU$8 tril lion (NZ$8. companies around the wo par t of the Internet of 20 billion dev ices wil l be prediction that around everyt hing is vu lnerable. and tty much everyone pre 0, 202 by ) (IoT s ing Th s, such as pacemakers, lantable medical dev ice Even people wearing imp munication capabi lities. wit h their wireless com are at risk from hackers investing heavily in are ies and compan In response, governments 2018 more tha n rld. It is estimated that in securing our online wo ecurity worldw ide. ers wil l be invested in cyb 0b) $14 (NZ ion bill 7 $12 AU ecurity is a field s and investments, cybers Given all the growing risk oming high in demand. where jobs are rapidly bec



It’s up to you!

the world from ersecurity expert is to rid The ultimate goa l as a cyb cific. spe , however, is a bit more all cyber evi ls. The rea lity fixing technolog y and g tin ven pre of problems: processes and “We focus on three types new ing sof twa re related); design bui ld their to issues (both hardware and ple peo h wit not work; and working do t tha ses ces pro ing Sci fix Research entist Ma rthie Grobler, a Senior online resilience,” says CSIRO, Austra lia’s e and technolog y arm of at Data61, the data scienc . national science agency ormation technolog y job for everyone in the inf a is net the Protecting says Steve Morga n, ” rker needs to be involved, (IT) world. “Every IT wo es. – Ka rl Gruber tur Ven ty uri ief at Cybersec founder and Editor-in-Ch




t to he a r t ou ou r you r l w ith the p ’t n o D • Be ca refu ne. the web. n you sha re on li io t a in for m on li n ks n’t click u n less o D ? il a • Got em a d atta ch ments in g it. lo or dow n the person send w o y ou k n • Even then, ther e is your emai l wa s ha a chance cked, so be su re the emai l m akes sense to you and it doesn’t have an unex pected lin k or atta ch ment. • Tr ust your inst incts. If an emai l seems odd, report it to your un i, school, pa rent or IT secu rity staf f. Better sa fe than so rr y.

‟There will be 3.5 million cyber security jobs unfilled by 2021”*

Securing your future


e im r c in k c a b g in Track rsecurity career Vanessa Dwyer’s cybedetective work involves lots of st at a Dig ital Forensic Analy anessa Dw yer works as es olv inv job k, where her the Commonwealth Ban sometimes, thinking like and rk wo ive ect det plenty of like Sherlock Holmes am “I a cyber criminal might. involves ,” says Vanessa. “My job – except wit h computers taken has ary ers adv ial ent pot ta put ting all the steps tha .” of what they did together to form a story , countr y tow n nea r Ora nge all sm a in up g Growin ated by cin fas e am bec a ess in centra l west NSW, Van keyboa rd er showed her around a computers after her sist at just 13. er put com n ow her bui ld and she lea rned how to er her aft rity d in cybersecu Vanessa became intereste ter wa d, foo t tha out r pointed universit y facult y adv ise ked that to lin and – ds nee an and security are basic hum ued her. fessionals, which intrig a shortage in security pro ealth nw mo Com at m gra te pro “While doing my gradua tion ir cybersecurity sec Ban k I reached out to the



and asked for a rotation there. During my time, I found out that I rea lly loved it – so here I am!” Her role encompasses a range of tasks, from identifying threats to fin ding internal red flags – like identifying inadve rtent data breaches, data loss protection and even instances of social eng ineering. “You need to be able to lea rn quickly and enjoy being in a consta ntl y cha nging env ironment, because the re’s always new types of security inc idents happening,” she says. “It’ s never boring!” – Fra n Molloy

Bachelor of Information Technology, University of Wollongong

Developer Placements at 4Solutions and GBST

Graduate trainee, CBA


Digital Forensic Analyst, CBA



e c a p s r e b y c n i Careers

y surprisingly creative capacit th wi ea ar job d ce pa stfa ing, high-paid, Cybersecurity is a fast-grow ms s and rea l human proble g crime inst the sex trade, solvin jobs, rts, protecting people aga effo s in the top five emerg ing aud eer i-fr car ant to rity ple ecu ers cyb h wit d An us. ts rom finding missing peo rity protec of. ways in which cybersecu career field to be a par t – there are a my riad of -seekers, it’s an amazing job lion mil 525 of ort rep according to a Lin kedIn


Get cyber savvy

urity concepts? Lost in some cybersec ed hreatsaurus”, publish “T is th at ok lo a ve Ha mpany Sophos by Online Security Co

THREATSAURUS Backdoor Trojan

eone A backdoor Trojan allows som to take control of a user’s ission. computer without their perm


An exploit takes advantage of a vulnerability in order to . access or infect a computer


Keylogging is the process of s by secretly recording keystroke . rty an unauthorised third pa

Phishing emails

s Phishing refers to the proces o int nts ipie of deceiving rec sharing sensitive information with an unknown third party (cyber criminal).



ess Software that denies you acc til un ter to your files or compu you pay a ransom.

Spoofing (Email)

sender Email spoofing is when the d for address of an email is forge eering. gin the purposes of social en

Get started in cybersecurity Take up these cybersecurity challenges! Cyberchallenge.com.au - a hacking competition for Australian undergraduate students Cybersecuritychallenge.org.nz - for tertiary and secondary students in New Zealand



Top skills for top jobs in cybersecurity (according to industry experts)

What do cybersecurit y specialists do? Jobs in cybersecur

ity include anything from cy ber communications to emergency response, on line security or sales and m arketing What’s a typic al day?

“My day-to-day job dep ends what I’m working on. I have built cybersecurity curricula, assessed vulne rabilities in critica l scenarios, contrib uted to national cybersecurity strategie s and policies, designed a vir tua l hea lth assistant and ana lysed a dataset of 1.3 billion passwords.” Dr Ma rthie Grobler – Sen ior Research Scientist, CSIRO’s Data6 1 “Most of my days involv e keeping abreast of evolving threat s, research and applications in emerging and disruptive tech (cyber, Internet of Things, Fintech etc). I advocate for cybersecu rity in these areas, help the innovatio n ecosystem and entrepreneurs in Austr alia, and build strategic par tnerships, alliances and revenue (grow th) opport unities.” Da niella Tra ino – Gener al Ma nager Cyber Security, aizoOn Austra lia, NonExecutive Director & Str ategic Advisor, IoT Security Austra lia

What problem are yo u trying to solve ATM?

“One problem I’m trying to solve is: which data can be trusted? Th is leads to the question of bringing tog ether data from different contexts and reasoning about their trustworthiness.” Professor Vijay Varadharajan – Director, Advanced Cyber Security Engineering Res earch Centre “At Google, we identify and mitigate threats to employees; fin d and respond to ma licious actions target ing our users and our company; prevent the loss of user trust and protect intellectual proper ty.” Googler cybersecurity spe cia lists “We focus on three typ es of problems: preventing and fixing tec hnology issues, designing new processes and fixing processes that do not wo rk, and working with people to build the ir online resilience.” Dr Ma rthie Grobler – Senior Research Scientist, CSIRO ’s Data61

another 11,000 specialists are needed over the next decade in Australia alone”

• P atience •G  ood communication skills • T he ability to identify the sweet spot between security and usability and knowing when to compromise • P roblem solving and being able to investigate thoroughly •R  esilience: Cybersecurity is a long game – a continuous and often complex process – so resilience is key • A bility to communicate and assess risk in both a technical and business context: cybersecurity risks and requirements will have trade-offs that need to be balanced alongside the risk appetite of the organisation/stakeholder • T he ability to understand all things abstract is crucial, since by definition cyber space is immaterial and intangible • P recise attention to detail, whether you are doing research, communicating the latest cyber threat or vulnerability, or if you’re just programming •W  orking efficiently: you need to work with relative urgency, since the cybersecurity space is a fast-evolving domain


CS+cyber security

Bachelor of Forensics, M Science (BSc) in Cyber urdoch, bit.l y/ BachCyber Security and Bachelor of ForensicsMur Cyber Secu doch rity and Beh Sydney Uni aviour, Wes versity, bit.l te rn y/ Ba ch CyberWestS Bachelor of ydUni Information Technology Cybersecuri (Networking ty), UniSA , and bit.ly/ BachIT NetworkUniSA

CS+cyber security J OBS Cyb

Hack into the gap • T here are 300,000 cybersecurity roles open in the US right now and demand is growing • There are five times as many cyber specialist roles now (2017) compared with four years ago** • More than 3.8 billion people access the internet RN • Every month, at least 50,000 new cyber threats arise that expose internet users to risk • Another 11,000 cybersecurity specialists are needed over the next decade in Australia alone


ersecu AU $59K– $1 rity analyst: 04K / NZ$ 36 K– $90K Information security man AU $97K– $1 65K / NZ$ 61 ager: K– $144K Security en gineer: AU $54K– $1 54K / NZ$ 58 K– $160K Senior secu AU $98K– $1 rity consultant : 32K / NZ$10 6K– $140K *Source: sala ries accordin g to payscale.c om

Read more on CareerswithSTEM.com: What is cybersecurity and cyber crime? bit.ly/CwSWhatisCyber


>CYBER+CBA< ical, Bachelor of Electr unications mm Co d an ics on ctr Ele r of Engineering/Bachelo SW Computer Science, UN

Network Asset Systems officer, Essential Energy Cube Satellite Developer (volunteer), ACSER

Gr aduate trainee, CBA

CyberSecurity Intel Analyst, CBA

Flip For Ca reers with Code

Cyber crime Fighter A career in cybersecurity involves a determined and persistent approach to problem solving, says Daniel Sherratt



t uni, Daniel Sherratt says he became intrigued with cybersecurity thanks to the fascinating ‘war stories’ from his lecturer about cyber heists and various hacking exploits through history. Tales such as the ‘Captain Crunch’ cereal box whistles, which could be used to imitate a code that bypassed international call restrictions – from a phone box – caught his attention. So, Daniel did a double degree in electrical, electronics and communications engineering with a Bachelor of Computer Science at UNSW Sydney, while also completing a summer internship in the cybersecurity area of Commonwealth Bank. “That’s when my interest in the field really blossomed,” he says. “I was offered a graduate role at the Commonwealth Bank after my degree, and worked on some really interesting projects.” He now works as a cyber intel researcher, exploring cyber threats to understand the ways the bank could be potentially targeted by cyber attacks. “It involves investigating malicious activity like phishing scams, where people are enticed to click on links and give their credentials,” he says. “We investigate those emails, find out more about that malicious actor, and then get those websites shut down so customer impact is minimised.” “To work in cybersecurity, you need a curious mindset and be willing to keep digging to find solutions,” he says. Cybersecurity specialists help enable companies, while making sure that data and systems are secure, Daniel says. “If we could stop everyone from using the Internet we’d be 100% secure. But our aim is to protect our customers and users. It’s a balancing act to build a more robust and resilient digital economy against emerging cyber threats.” – Fran Molloy


To work in cybersecurity, you need a curious mindset and be willing to keep digging to find solutions”


Profile for Refraction Media

Careers with STEM: Cybersecurity 2018  

Careers with STEM: Cybersecurity 2018  

Recommendations could not be loaded

Recommendations could not be loaded

Recommendations could not be loaded

Recommendations could not be loaded