Associate Director of Information Security, QUT
Rob Wiggan has over 25 years of experience in IT and cybersecurity. He joined the Queensland University of Technology in May 2018 where he is responsible for the information security function for the university including learning, teaching, and research. Before that, he was a Manager of Information Security at Queensland Urban Utilities.
How has the pandemic affected the cybersecurity posture in your organization?
At the beginning of the pandemic, the whole university closed down. One of the big questions was whether we would have an increased risk profile as a result. There was a larger exposure, of course, because more people were working at home. Fortunately, we had already looked at things like multifactor authentication and how we protect our email inboxes as two key controls that we needed to have in place. Most of our cybersecurity incidents come out of email phishing, so we needed to make sure that people with their own mobile devices, or with corporate devices, all had the same level of protection.
How will you drive your organization’s cybersecurity strategy forward in 2021?
As a university, we have grown significantly in recent years. As we have centralized our operations, we have inherited a whole lot of legacy technology. Since then, we have gone through a significant exercise to identify and risk assess all those legacy systems. The second thing is that we need to make sure that we are focusing on the identities of our people and how we manage their access to the systems. We need to verify their identities and put them in the right place on the network in such a way that they can access what they need and get the best possible user experience.