Interview by Molly O'Brien, Marketing & Communications Specialist, Advance  

Stephanie Jensen travelled to Paris in June this year. Not for a holiday, like most of her 26-year old peers, but as an Australian delegate to the 2017 OECD Forum as part of the Global Voices Program. A current Central Queensland University student, Stephanie has been researching cyber security policy in Australia and has spoken with government representatives in Canberra about Australia's security threat landscape. Stephanie is passionate about taking an introspective stance on Australia’s domestic security policy, saying “it’s evident that more needs to be done to mitigate the impact on Australian institutions and businesses.”


You travelled to the OECD Forum in Paris earlier this year as a Global Voices delegate to learn more about cyber security. Can you tell us about your experience there?

As a Global Voices delegate to the OECD I attended the OECD Forum in Paris in June this year, which focused on bridging divides throughout digitalisation and globalisation. As part of this delegation, I met with Ambassadors and politicians to discuss my research on minimising the threat landscape of financial institutions, and gain a further understanding of how the OECD implements change internationally. It was an absolutely incredible experience - Not only did I get to experience the delights of Paris, I also got to network with major leaders in their respective fields. It was quite surreal to be in the same room as crowned princess Mary of Denmark and speak with Mari Kiviniemi, former Primister of Finland and the Deputy Secretary-General of the OECD.        


What sessions did you particularly enjoy and find enlightening?

One of the first sessions I went to was on cognitive intelligence held by John Foster, Director for Telefonica’s Strategic Data Unit. This session was quite thought provoking as it got me thinking about new avenues that cognitive intelligence could be used in the development of future information security implementations. I was also lucky enough to have a quick chat to him after the session about this. Another session that oddly enough was one of my favorites was by world renowned neurologist Susan Greenfield who spoke about how humans perceive consciousness. It was fascinating and I ran into her during the lunch break and asked a few questions about her research. It was incredible how approachable everyone was.                  


Who did you meet that was particularly inspiring?

I particularly enjoyed meeting Mr Andrew Wyckoff, Director for Science, Technology and Innovation for the OECD. His view on the future of technology and the way in which we need to address the concerns of the future of digitalisation really resonated with my interests in technology. I also found Mr David Bradbury, Head of the Tax Policy and Statistic division for the OECD quite inspiring. Chatting about cryptocurrency and dark web regulation was very topical.        


In your opinion, why is the work the OECD is doing important?

The development of global policy is becoming increasingly important in all industries. The OECD assist with the creation, development and implementation of these policies through the input of many different countries around the world. It is important for everyone to be on the same page and promote these policies for a cohesive global environment. What is different about the OECD is that they have experts delve into a multitude of important policy topics from digitalisation (cyber security, artificial intelligence, digital workforce) all the way to global economics. With all this direction spanning globally in so many areas of expertise the OECD can catalyse real change, which I think is undeniably significant.          


How can the cyber security threat landscape of financial institutions be minimised?

With the complexity of intertwined systems there will always be the ability to manipulate these systems in an unintended manner that can often lead to the exposure of critical data. No matter what you do, vulnerabilities will always exist within systems, it’s just a matter of time before they are discovered. The more important part is who these vulnerabilities are discovered by – someone with malicious intent, or someone involved in the securing of these systems. Financial institutions need to be focusing on preventative measures first and foremost by not only being on the forefront of detecting disclosed vulnerabilities in their systems but also discovering undiscovered vulnerabilities (zero-days) in their own systems, before threat actors do, as well as foreseeing future threats. These preventative implementations are rather difficult with a small dataset (ie one institution) and limited technical standardisation. However, with the implementation of an industry specific internationally spanning governing body focusing on preventative research and in-depth technical standardisations for security implementations, financial institutions could begin to minimize their threat landscape.      


What other topics were covered at the Forum?

Emerging technologies, trade liberalisation, the future of jobs, and the changing roles of governments and corporations to tackle civil society issues were all major themes throughout the OECD Forum.


Was this your first time in Paris? Did you also get a chance to experience art and culture? How long were you there for?

Yes, it was my first time in Paris and it was incredible. I stayed for a week, although I wish it could have been longer! I did get to visit the Eiffel Tower which was stunning lit up at night. I also visited Montmatre Sacré-Cœur basilica which was beautiful in it’s architectural design. We ate out most nights so we had the opportunity to sample the cuisine including escargot and frog legs which were surprisingly good. The local deserts were amazing and I still miss the assortment of croissants every morning for breakfast.       


What do you plan to do once graduating from your IT degree at CQU?

Currently I am working in digital forensics and penetration testing which I really enjoy. So, I want to stay within these technical areas of IT and possibly try technical consulting. I hope to make a difference in the future of information security and maybe help play a part in shaping the direction the industry is taking.