Bachelor of Computer and Network Security (2009)
As the APAC lead for PwC’s Threat Intelligence division, Jason Smart engages with people across the region to provide pertinent information about threat actors or trends in threat intelligence to enable them to efficiently and successfully assist their clients.
“I work with a variety of sectors and clients, from a technical perspective all the way up to board level, to ensure they have the right context, advice and support during regular operations and during a security incident.”
Jason cites the focus on practical courses as the reason for the high level of preparedness exhibited by ECU graduates. While pursuing his Bachelor of Computer and Network Security, he recalls his lecturers prepared him for the professional world through coursework, but also by pushing him towards opportunities.
“One of my lecturers suggested I apply for Canberra-based government jobs, and I ended up working as an Information Security Analyst for the Australian Signals Directorate. It was very interesting and gave me a good springboard for the rest of my career.”
Jason then shifted into the private sector to work for CrowdStrike, a cyber security technology company which provides endpoint security, threat intelligence and incident response services. He says it was a great opportunity to enact change for clients and do more defensive preparation in tracking and stopping threat actors.
“That was good for a couple of years but it was all work from home; I'm one of those people who doesn't like to be the smartest person in the room, but when you work by yourself at home you are just that.”
Looking for the next challenge and more people to learn from, Jason moved to London to work at the UK branch of PwC. He spent four and a half years building out the intelligence team, which involved leading the analysis and reporting of Advanced Persistent Threat campaigns and Organised Crime campaigns, managing a team of reverse engineers and threat analysts and leading the development of capability for PwC's Threat Intelligence teams worldwide.
In 2017, PwC had multiple incident response cases that led to the publication of a report called Operation Cloud Hopper. The threat actor was using managed service providers to hop around different client networks and gain access to intellectual property. Since Jason’s team had been working on this threat actor, they received a request to publish a report and participate in a coordinated response.
“We spent seven days locked in an office writing the report. To this day, it’s one of the most important projects that I’ve been a part of and it was rewarding to meet one of PwC’s core values of building a secure digital society.”
The project’s impact extended beyond stopping a threat actor: they were able to secure client networks, talk to other clients about what they had seen and also support the NCSC and ACSC––the government agencies in the UK and Australia respectively––to educate organisations on understanding and managing their threat profile, including the risks associated with their supply chains.
Jason notes there are organisations that don't yet understand who their suppliers are or what their level of access to information, data and networks is. Additionally, as ransomware attacks continue to increase, Jason has seen threat actors take advantage of delays in responses to security incidents.
“Ransomware attacks aren’t going away and threat actors don’t care who you are, so everyone can be a target. Too often it’s just a box-ticking exercise for organisations when onboarding suppliers, but since suppliers can have significant access to your networks, if they are impacted, you will be impacted.
"With today’s security pressures, we can’t expect people to patch within a day or so, but when patching is occurring 30–60 days later, it's just too late. Those risks and vulnerabilities really need to be managed as a priority.”
Jason is looking forward to continuing to educate clients and others on cyber security, in addition to building out the threat intelligence capabilities of an Australian-based team to continue the transition of Threat Intelligence from a UK-based division into a global platform.