Controversy has erupted at CyberCon, Australia’s largest cybersecurity conference, as two well-known cybersecurity experts have been disinvited from speaking with only a week’s notice. The event organizer has said in an email to one of the speakers that they did so at the request of a partner.
That raises questions about whether the Australian Signals Directorate (ASD), that country’s counterpart to the NSA, pressured the conference to silence critical voices. The ASD and the Australian Cyber Security Centre (ACSC), part of the ASD, are partners of the show organizer, the Australian Information Security Association (AISA). CyberCon opened October 7, in Melbourne, Australia.
NSA whistleblower Drake one of the speakers
One of the speakers is Thomas Drake, the NSA whistleblower whose ultimate firing contributed to Edward Snowden’s decision to leak classified information about mass surveillance programs to journalists. He was set to speak on the national security state, encryption, and other topics. The other speaker, Dr. Suelette Dreyfus, a professor at the University of Melbourne, was due to deliver a talk on secure and anonymous digital drop boxes as an anti-corruption tool.
“I was invited as a speaker 11 months ago, and reconfirmed over the intervening time,” Dr. Dreyfus tells CSO. ” About a week before the event I was told I was disinvited as a speaker.”
Diversity of thought is widely recognized as key to addressing cybersecurity issues going forward, and CyberCon’s decision to disinvite two leading cybersecurity thinkers prompted Dreyfus to call this “head-in-the-sand behavior.”
No enterprise would hire a red team of yes men. The point of hiring external penetration testers is to get a different point of view. Yet that is exactly what CyberCon has done this year, Dr. Dreyfus says. “Cybersecurity requires open discussion at forums like this to change the actual culture inside organizations,” she says.
The talks were directly relevant to enterprises attending CyberCon. From Drake’s talk description: “Mr. Drake will provide a provocative peek at the present future of the national security state, encryption and the de-evolution of democracy and the rise of technocracy from both a personal and professional perspective…. His talk directly impacts and implicates information security and the challenges faced by industry in the digital age.”
Attempt to silence discussion of whistleblowing, mass surveillance
Drake believes this was a deliberate act by the Australian government to silence discussion of whistleblowing and mass surveillance issues at CyberCon. “AISA has ACSC and ASD as partners for this conference,” Drake tells CSO. “The manner in which I was suddenly disinvited clearly reflects directly on the Australian Security Services/Directorate involvement that led to my removal from the conference agenda as a speaker, formally invited last year and acceptance of my talk earlier this year.”
Dr. Dreyfus agrees. “ACSC is now part of ASD. So, it is the Australian Government,” she says. “ACSC are partners in the conference that AISA, a professional body, runs. This was ACSC’s decision to disinvite speakers at the last moment.”
The conference organizers did not offer either speaker a reason for the abrupt, last-minute cancellations. “They did not give a specific reason other than my presentation was ‘incongruent’ with the conference,” Drake tells CSO, but believes that it is “because of my inconvenient voice as a whistleblower and former senior executive at the National Security Agency.”
“So, they chose to silence me instead and not permit the discussion or debate directly relevant to cyber security,” Drake adds.
CyberCon did not respond to our requests for comment. We will update this story when they do.