Aviation
Aviation technology supply chain risk
This blog is also appeared in Australian Air Power Today, Winter 25, Volume 7 No. 2. During the past three years, over the course of
June 1, 2025
No Comments
Welcome
Join me as I undertake my Master’s of Cyber Security
About Me
I’m Luke Hally, I’ve been working in the digital sector for over 25 years across web development, IoT and product ownership for startups, enterprise, government and global brands. Building on this I’m currently undertaking a Master’s of Cyber Security Leadership at UNSW. I have a passion for aviation and believe it is a sector ill prepared for the connected future it faces, so I have focused my assessments on aviation cyber security where possible, with a goal of becoming an aviation cybersecurity SME.
Blog categories are broken down by the courses as I take them and tags will be by interest area.
Find out more about me in my intro blog.
Latest Posts
Categories
Tags
Capstone project
Zero-Trust Culture V: Capstone Strategy Proposal
Following on from Part IV: Report, this part of the capstone project will present a strategy proposal to achieve a human centred cybersecurity culture. NOTE:
September 21, 2024
No Comments
Capstone project
Zero-Trust Culture IV: Capstone Report
Following on from Part III: Presentation, this report will establish the importance of humans in our systems and explore how we can integrate zero-trust principles
September 21, 2024
No Comments
Capstone project
Zero-Trust Culture III: Capstone Presentation
Following on from Part II: Intro, this report will establish the importance of humans in our systems and explore how we can integrate zero-trust principles
September 21, 2024
No Comments
Capstone project
Zero-Trust Culture II: Capstone Intro
Following the university accepting my project proposal outlined in Part I: Pitch, this part of the capstone project will introduce the concept of zero-trust culture
September 21, 2024
No Comments
Capstone project
Zero-Trust Culture I: Capstone Pitch
Task The capstone project was the twelfth and final course of my masters. Students with an average grade of over 65% and willing external stakeholders
September 21, 2024
No Comments
Cloud security
SITA cyber-attack part II: report
Task It can be useful to look at cyber-attacks in the news to prepare ourselves for similar events. While the available information may be lacking,
December 11, 2023
No Comments
Cloud security
SITA cyber-attack part I: presentation
Task Research recent cloud security incidents with prominent media coverage, and identify one to study for this exercise. For the incident you select, you will
November 15, 2023
No Comments
Cyber leadership & governance
Aviation cybersecurity oversight presentation
Task In this assessment you will consider the policy implications of your new Cyber Strategy, highlighting and explaining two policy statements which support the strategy.
October 9, 2023
No Comments
Cyber leadership & governance
Aviation cybersecurity oversight strategy
Task As we have previously discovered, cybersecurity in the aviation sector is an emerging field. In light of other countries introducing specific aviation cybersecurity regulation
September 15, 2023
No Comments
Cyber risk & resilience
Risk assessment consulting report
Around the globe, car rental companies rely on technology for operating in an efficient and responsive manner. Here at RideWell we use a website and
June 19, 2023
No Comments
Cyber risk & resilience
Quantitative vs qualitative
Continuing on from our recent presentation to make a case for advanced cyber risk monitoring, RideWell’s management team would like your view and recommendation on
June 11, 2023
No Comments
Cyber risk & resilience
Advanced Cyber Risk Monitoring
The cyber security industry is increasingly recognising that they need to adopt mature risk management and monitoring practices in order to elevate the profession and
June 4, 2023
No Comments
Cyber & the law
Improvements to the Privacy Act
An area of the Privacy Act that could be improved is consent in regards to Privacy Principle 3 – collection of solicited personal information. The
February 22, 2023
No Comments
Cyber & the law
Data breach notification
The Notifiable Data Breach scheme seemed so simple back when I started this Master’s degree. Now we are exploring its intricacies in my Cyber and
February 13, 2023
No Comments
Cyber threats & crime
Financial inclusion, digital ID and cyberwar
In this final assessment I looked the current and emerging cyber security vulnerabilities of financial inclusion. In answering this question I looked at what financial
October 10, 2022
No Comments
Cyber threats & crime
Red teaming
An overview of Red Teaming and the role it plays in cybersecurity. Who should use it, how does it differ from penetration testing and is
September 19, 2022
No Comments
Cyber threats & crime
Cybercrime vs other crime
What distinguishes cybercrime from other types of crime, and why is this important to the cyber security profession? When considering what distinguishes cybercrime from other
September 6, 2022
No Comments
Cyber ops
Evolving aviation cybersecurity
Introduction: The aviation sector Aviation is an important sector, employing 58 million people, contributing $2.4 trillion to global GDP and annually carrying 3.3 billion passengers
July 1, 2022
No Comments
Cyber ops
Hacking back
What is “hacking back”, what are its advantages and disadvantages, and what role does it play in cyber defence? Hacking back is “the ability to
May 16, 2022
No Comments
Cyber ethics
Apple vs FBI
This was my final assessment for the cyber ethics course, it was a great topic that brought together the ethical theories with a real world
February 21, 2022
No Comments
Cyber ethics
How do the different ethical theories apply to cybersecurity?
The various normative ethical theories (deontology, utilitarianism, agent based) provide different ways of viewing the world and could lead to justifiably opposing outcomes. Let’s look
February 14, 2022
No Comments
Cyber ethics
Ethical deployment of cyber weapons, Exodus
In 2019 researchers from Security Without Borders discovered the Exodus malware had infected almost 25 apps in the Google Play Store (Franceschi-Bicchierai, 2019), further investigation
February 7, 2022
No Comments
Cyber ethics
Public obligation of cybersecurity professionals
The ethical considerations of cybersecurity professionals towards the public include: individual privacy vs public security; individual security vs availability of public goods; transparency vs preserving
February 7, 2022
No Comments
Cyber ethics
Will privacy exist in 2040?
One of the the things that we need to consider when making ethical decisions is the impact the decision will have, not just now and
January 30, 2022
No Comments
Cyber ethics
The Equifax breach
Equifax is one of the world’s largest credit reporting agencies (CRA), creating credit reports from consumer data which is sold to third parties. Being high
January 24, 2022
No Comments
Cyber ethics
The ethics of solar power
In looking at the ethics of a technology, we need to assess whether it is value laden or neutral. If a technology impacts on the
January 16, 2022
No Comments
Data security & privacy
Can I reset my fingerprint?
We all know that we should use unique passwords for each service (Facebook, Netflix etc) we use. This is to prevent a credential stuffing attack,
December 7, 2021
No Comments
Data security & privacy
Quantum computing
Quantum computers have potential for great advances in our understanding of the world, and it may be happening sooner than we think with recent advances
December 6, 2021
No Comments
Data security & privacy
The war on encryption
The ‘war on encryption’ – law enforcement attempting to bypass or limit consumer level encryption – is a global issue with many platforms utilising encryption
December 3, 2021
No Comments
Data security & privacy
Privacy
Looking in more detail at privacy this week. I encountered privacy in my first course, Foundations of Cyber Security. It had a profound impact on
November 4, 2021
No Comments
Data security & privacy
Attack Lifecycles
We see lifecycles everywhere, product lifecycles, software development lifecycles, data lifecycles. They are a useful way to gain a high level understanding of something and
October 29, 2021
No Comments
Data security & privacy
Asymmetric Warfare
Symmetry and asymmetry is something we see a lot of in cyber security. We break symmetry with passwords and authentication – making it easy for
October 28, 2021
No Comments
Data security & privacy
Data lifecycles
The data lifecycle is a useful tool to understand all of the stages data goes through. This can include: what is collected; how it is
October 27, 2021
No Comments
Data security & privacy
Intro to Data
The start of a new course this week, Data Security and Privacy. I’m looking forward to this one, we learn how to actually hack into
October 26, 2021
No Comments
Security engineering
Social engineering hack
“ Social engineering is an extremely effective technique used by hackers worldwide to compromise internal systems and proprietary information assets. In fact, it’s one of
October 10, 2021
No Comments
Security engineering
Annika Smethurst scapegoated by government
On 29 April 2018, NewCorp journalist, Annika Smethurst, reported that the federal government was wanting to expand its powers to spy on Australian citizens. This
September 27, 2021
No Comments
Security engineering
CIA’s peddle power
I’ve had a couple of opportunities to apply what I have learnt in the real world this week. Estimating Attacker Power This degree has affected
September 24, 2021
No Comments
Security engineering
Authentication protocols and attacks
We authenticate to solve real world problems. For example I want me to be able to access my bank account and I don’t want anyone
September 21, 2021
No Comments
Data security & privacy
Voiceprint hack
This one was from a few years ago, but with biometrics becoming more and more prevalent I think it’s relevant today. A successful voiceprint hack
September 21, 2021
No Comments