Well now that we're in Perth, and Graham has dropped off the tour, he sent me his mini-interview questions. Better late than never I suppose. So, here are Graham's answers to the questions. I'll be doing his presentation in Perth and Auckland, but I'll hold to the same answers.

Aside from the boiler plate text that is posted on the eForum web site about your presentation, what would you say are the cool points in your presentation?

• We are showing some interesting application security and privacy vulnerabilities (aka hacking) demos that you would not have seen before, we are going to prove they exist in the real world and we will show you the best way to address them in a cost effective manner.

From your talk, what are the top 3 things you want the attendees to take home with them?

• Application Security and Privacy are problems today that need to be addressed.
• Simply looking for bugs in your code doesn’t work.
• You need to reduce the chance that security and privacy problems enter your design and code in the first place by implementing some light weight process improvements.  

Why is your talk important, what is the industry need behind it?

• Most analysts agree that at least 70% of the attacks today against a company’s web site are against the application tier.
• Increasingly, attacks are targeting Personal Identifiable (privacy) Data that is held in, and protected by, your applications.

Who do you think will get the most from your talk?

• Anyone involved in sponsoring, building, hosting or using a business application :-)  

What is your ‘pet’ security topic?

• Application and Development Security.

What do you think IT Pro and Developers need to be looking to do better in the future?

• Implementing Privacy and Security checkpoints into their Software Development Lifecycles.