Seriously Risky Business is back!

Our weekly newsletter returns next Thursday with a new author

I’m Tom Uren, the new editor of the Seriously Risky Business newsletter. We'll be firing off a new edition next Thursday, but before then I thought I should introduce myself.

My path into the security discipline, like many of yours, wasn't a straight line. My formal training was as a scientist: I have a degree in Biochemistry and Molecular Biology from the Australian National University.

In the early 2000s, after spending some time researching the molecular genetics of forest trees, I joined the Australian Signals Directorate, (known then as the Defence Signals Directorate). ASD is Australia’s information security and signals intelligence organisation, our version of the United State’s NSA or Britain’s GCHQ.

At ASD I had a number of different roles that included collection operations and collection management, but I spent the bulk of my career there leading technical analysis teams. This involved understanding various technologies at the level of bits and bytes, but as signals interception is… well… illegal (outside of these agencies), there aren't really equivalent roles in the outside world.

A few years ago I moved from the high security Defence intelligence world, where the culture is to say as little as possible, to the Australian Strategic Policy Institute, a national security think tank that aims to inform and influence public debate about national security issues. My job there was to have informed opinions about cyber security issues and to express them in print and in the media. It was quite a change from the highly secretive mindset at Defence.

During my time at ASPI I researched a variety of topics including: offensive cyber capabilities and how the Australian military might use them; intellectual property theft; and disinformation operations as they evolved.

In my career to date I’ve focussed on state-backed espionage and offensive cyber operations, but I'm looking forward to broadening what I cover to include the commercial and criminal aspects of cyber security.

My first edition of the newsletter will go out next Thursday, July 22. There's a lot going on in the security discipline right now and I'll be doing my best to cut through the noise and deliver something worthwhile to your inboxes every week.

My email address is, and you can follow me on Twitter here.

See you next week!