Leaders of Tech Q&A: Adam King, auDA

There are many things that might come to mind when you hear the name "auDA" (domain names, .au, trusted and secure). For those who've been familiar with auDA for some time, "Adam King" is likely to be among them.

Adam, auDA's Chief Technology Officer (CTO), recently reached a 20-year career milestone at auDA. To mark the occasion, we sat down with him for the latest instalment of our Leaders of Tech interview series to discuss his incredible journey, the evolution of the internet and the importance of building expertise in the .au domain name system (DNS).

1. Congratulations on your recent milestone of 20 years at auDA. How has your role evolved since you first joined, and what is involved in your current capacity as CTO?

It goes quickly when you're busy. I started at auDA in 2004 in the Compliance area. I was on a 12 month maternity cover contract to look after the complaints function and was the fourth staff member hired at auDA. After about 6 months I expressed my desire to learn more about networking and system administration. It just so happened auDA was looking for someone to step into a technical role and I grabbed the opportunity.

At that time I knew very little about the DNS. I had an IT background and was mostly self-taught, but eager to learn. I was able to do a lot of on the job learning and training and was fortunate to have great mentors along the way. Over the years I've been involved in almost every aspect of IT within the organisation, such as configuring and managing physical and virtual servers, learning to code websites, network management, systems architecture, security policy, managing third party contractors, learning about the .au registry and deploying name server sites in multiple global locations.

I've been in the CTO role for 12 years and even this role continues to offer me a diverse set of experiences. I was a one-man band for a long time, and now manage a team of 11. With that comes the new skills of leadership, mentoring and delivering an always up service for the organisation. I'm currently building structure and depth in the team, sharing lessons and knowledge I've gained over the years, just as they were shared with me. The .au domain is critical infrastructure so having an expert team around me not only makes my job easier, it's essential to support the internet users around the world who use .au.

2. What have been one or two of the most significant or surprising changes to the internet over the last 20 years?

I'm always surprised at the pace at which technologies that underpin the internet move, and the resilience and creativity of the internet community. When I first started back in 2004, the internet was running out of IPv4 addresses and there was a rising push for IPv6 to be adopted. I found myself on various IPv6 working groups, learning about all the benefits of this new protocol which was going to take the internet into the future. Twenty years later, we're still finding ways to use and reuse IPv4 address space. Don't get me wrong, IPv6 plays its part and is reasonably well deployed but the ability of the internet community to extend the life of IPv4 is a testament to our collective ingenuity.

It also surprises me that so few people know and understand how the internet works, including the DNS, routing, packets and protocols. The basics are taught in the education system but there isn't a big appetite out there to learn about how the internet works and how to keep it working. You could say the internet's downfall is that it works so well and is thought to be so robust that it will just continue to function.

Over time, I've seen the spotlight swing across different education specialities. Everyone wanted to be a web developer, an app developer or a game developer. Then it was a dev-ops/sec-ops specialist now it's a cyber security expert or a solutions architect for one of the big cloud providers. Soon, it will be an AI specialist, but it's important more people to get involved in the DNS. The skillset of a DNS expert helps power digital technologies relied on by everybody else and is essential to the continued growth and stability of the internet.

3. Your team are experts given your role managing the .au domain - critical digital infrastructure in Australia. What are the top three things you advise people to do to protect their online security?

I have to choose three? Online security is incredibly important and should be front of mind for everyone. These are a few of the really crucial ones:

1. Patch your systems - in this current age of automated scanning and automated exploitation, it's too easy for cyber criminals to find and exploit an unpatched system. You should regularly apply patches to ensure you are fixing vulnerabilities and protecting your systems from being compromised.

2. Monitor your systems - you need to know the health of your systems and what 'normal' looks like. You need to know who is logging into your systems, if load is increasing, if traffic is increasing. Monitoring is the early warning system and if used properly, will save you hours/days/weeks or remediation work from either a hardware failure, hack or misconfiguration.

3. Security first, convenience second - use a risk-based approach to your infrastructure design. Restrict access everywhere you can, be that via role base, network segregation, role segregation, or through multiple layers of access. Only install required applications, close all unnecessary ports, use proxy servers where you can, lock down all systems, educate your teams and get off legacy systems as soon as possible.

4. What do you consider the most pressing challenges and opportunities facing auDA and the broader internet sector in the coming years?

Maintaining an open, free, secure and global internet is a constant challenge, not just for auDA but for the industry as a whole. Many within the community wish to introduce strict regulations and exert greater controls which is being passed off as a protection for the end user/consumer.

There is space for regulation but we need to be mindful that regulation in one area can impact all internet users as the internet is a global network. The multi-stakeholder model of internet governance, which auDA advocates for, is important for this as it ensures the technical community is consulted and involved in important decision-making processes.

auDA is a growing and maturing organisation. I think there is a great opportunity for auDA to assess the data it manages to tell stories and share unique insights such as using registry data to identify signals for economic growth or downturn (as we've recently done in our Atlas of Australia Online 2023report).

5. What advice would you give to young people interested in pursuing careers in IT or cyber security?

Be prepared to be forever learning. Education in the IT space never stops. Be prepared to feel like you don't know or understand a new technology - which is completely okay. If you lean into it and learn it, you can thrive with it.

Be prepared to constantly review and reinvent. Nothing in technology remains fixed, the only constant is change.

6. Can you share with us what you find most rewarding about working at auDA?

I'd say, the responsibility of providing an "always on" critical infrastructure service that is integrated into everything we do as a society and works so seamlessly that many take it for granted, or don't even know exists. There is a real sense of pride in operating and protecting a system that is so vital to our community and broader economy.

Just as rewarding, has always been the people. auDA's history over the past twenty years has been a pretty remarkable one. Throughout my double decade, there has always been someone in the organisation who has been an inspiration or a mentor to me, and I've always been surrounded by a great crew who are really passionate at what they do. So, I'm thankful for that.

Leaders of tech Q&A