-
DAY 1
Tuesday, 14 July
-
08:20
Register; grab a coffee. Mix, mingle and say hello to peers old and new.
-
9:00
Welcome from Corinium and the Chairperson
Tara Dharnikota - CISO - Victoria University
-
09:10
Speed Networking – Making New Connections!
In this 5-minute networking session, the goal is to connect with three new people. Enjoy the opportunity to expand your network!
-
09:15
International Opening Keynote
Securing an AI-Native Organisation at Scale: Mercari, Japan’s Largest C2C MarketplaceJason Fernandes - VP Security & Privacy - Mercari
As organisations race to adopt Generative AI, transitioning to an "AI Native" business model introduces unprecedented cyber security challenges. In this international keynote, discover how Mercari, Japan's largest C2C marketplace and one of Japan's first tech unicorns, is safely navigating the LLM revolution. We will explore the current state of agentic AI, common challenges, and essential frameworks, strategies and guardrails to govern and secure the modern agentic enterprise. By examining real-world security models through this case study, attendees will learn practical and actionable strategies to safely accelerate AI integration while ensuring effective controls are in place.
-
09:40
Agentic Runtime Security - Solving Identity and Access Gaps in Agentic AI
Chris Hockings - Global Strategy Leader, Identity Technology - IBM
AI agents are poised to transform enterprise operations, but they also introduce unprecedented identity and security challenges. This session will discuss the emerging risks associated with agentic AI and share a framework for securing autonomous systems through modern identity, access, and governance controls. Discover how leading organizations are preparing to scale AI adoption while maintaining security, compliance, and operational resilience.
-
10:05
Executive Tabletop
How Do Executive Teams Align During a Live Cyber Incident?Cyber incidents require coordinated decisions across security, risk, legal, and operations leaders.
Scenario: It is early in the business day at a critical infrastructure organisation that shares digital systems used for operations, decision-making, and external communication. A third-party technology provider has reported investigating unauthorised activity involving a system connected to customer records. At this stage, the scope, impact, and origin of the activity are not yet clear, including whether any sensitive data has been accessed or copied. Core services remain operational, but uncertainty is escalating and the executive team has been called together to decide what to do next with incomplete information.
Panellists will take on executive roles during the exercise:-
Facilitator: Chirag Joshi CISO & Founder 7 Rules Cyber
-
CISO: Anya Avinash Head of Cybersecurity Bank First
-
CLO: Sarah Tinsley Former Chief Legal Officer & Company Secretary ex-Southern Cross Austereo
-
CRO: Stephen Tiley Director Internal Audit & Risk Assurance Australian Red Cross Lifeblood
-
CIO: Mariana Paun Chief Business Resilience Officer Zepto
-
-
10:40
Get refreshed! Mingle
-
11:10
From Copilot to Autonomous AI: Managing Data Risk in the AI Era
Andrew Chisholm - Snr Sales Specialist, Information Protection - Proofpoint
AI is transforming how organisations operate, but it also introduces new security, compliance and data protection risks. From unsanctioned AI tools and risky prompts to the exposure of sensitive corporate data, traditional controls often lack the visibility needed to detect emerging threats.This session explores how security teams can strengthen detection and response capabilities for AI-related risks, helping reduce data exposure, improve governance and enable secure, responsible AI adoption across the enterprise.
-
11:35
Showcase Panel
Viability, Feasibility, and Applicability: AI That Actually Reduces Operational BurdenThis session showcases specific AI use cases from each panellist that have reduced operational burden for security teams. The conversation will then explore what worked, what didn’t, and the lessons CISOs can apply to adopt AI safely, effectively, and with proper oversight.
- What unexpected challenges did you face, and how did you respond?
- Which governance or oversight decisions were critical for success?
- What practical lessons should other CISOs take away before adopting similar AI initiatives?
Moderator:
Amanda Ferguson Director AI Transformation & Strategic Partnerships Court Services Victoria
Panellists:
Igor Aleksenitser Head of IT Security Toll Group
Nigel Hedges GM – Cyber & Risk (CISO) Sigma Healthcare
Ash Diffey Vice President, ANZ Ping Identity
-
12:05
Architecting Resilience: Strategies for Web Application Security in an AI and Multi-Cloud Landscape
Charlie Bricknell - CSOC Engineer - Fastly
Native cloud controls are no longer sufficient in an era of AI-driven attacks and multi-cloud fragmentation. This talk demands a fundamental shift: fusing security and resilience into a unified design principle. We explore how to move beyond disparate tools to a unified defence posture, ensuring consistent protection and resilience against sophisticated Bot and API threats across every environment.
-
12:30
Panel
When Good Security Gets in the Way of Good BusinessExplore the tension between protecting the organisation and enabling innovation. Learn how top CISOs navigate tricky trade-offs and keep security aligned with business outcomes.
- How do you decide when to enforce controls and when to compromise?
- Can friction be productive, or is it always a blocker?
- What separates leaders who influence business outcomes from those who just enforce rules?
- How do you maintain trust while challenging business priorities?
Moderator:
Peter Baussmann CTO Airlock Digital
Speakers:
Muzamil Rashid Head of Cyber Security Mazda Australia
Jason Hargenrader GM of IT Services, Infrastructure & Cyber Treasury Wine Estate
Mariana Paun Chief Business Resilience Officer Zepto
-
12:55
Tools Don’t Defend Organisations, People Do
Tim Sank - Co-Founder & Sales Director - Cythera
Most breaches don’t occur because a tool failed. They occur because ownership, context, or response broke down. Despite unprecedented investment in cyber security technology, many organisations remain vulnerable. This presentation explores why, now more than ever, tools alone are not enough, and how human judgement, clear ownership, and decisive action ultimately determine security outcomes.
-
13:00
Lunch
-
TRACK A: AI in Practice
Dan Haagman - CEO Chaleit & Honorary Professor of Practice - Murdoch University
-
14:00
Fireside Chat
Making AI Work in the SOC: Reality vs ExpectationEven with AI integrated through outsourced or hybrid SOCs, organisations still face alert fatigue, slow response, and gaps in detection. This session shares a CISO’s journey managing AI-enabled security operations, highlighting the decisions, trade-offs, and lessons learned in strengthening defensive capability and ensuring effective incident response.
Speakers:
Dan Haagman CEO Chaleit & Honorary Professor of Practice Murdoch University
James Court CSO Cleanway Waste Management -
14:25
Managing Non-Human Identities in the Era of AI Agents (TBC)
With non-human identities now outnumbering human identities in many environments, securing them has become a pressing challenge for security leaders. Join Krish and Itay as they explore how organisations are addressing the rise of AI agents and NHI in practice. The discussion will cover:
- Visibility into under-managed and unfederated non-human identities across environments
- How to extend unified access control policies to AI agents and non-human identities
- Applying zero-trust security principles to non-human identities alongside human identities
- Strategies for preventing unintended data leakage and maintaining auditability as AI scales
- Emerging risks including prompt injection, data poisoning, and shadow access created by autonomous agents
Speakers:
Anand Chinnachamy Senior Presales Solution Architect Okta
Itay Harel Identity Practice Lead Versent
-
14:50
Crawl, Walk, Run: A Pragmatic AI Adoption Roadmap for CISOs
Vijay Narayan - CISO - Mercy Health
This session focuses on the real decisions behind adopting AI in security. Delve into how to get early wins, navigate common pitfalls, manage AI-driven risks, and implement governance controls while scaling responsibly. Unlike use-case sessions, this is about the journey and decisions that enable safe, practical AI adoption in complex environments.
-
15:15
AI Is Hungry: How to Stop Your Data Becoming Its Next Meal
Alex Anketell - Sales Engineer - Varonis
AI is accelerating faster than ever and so are the risks. As organisations race to adopt generative AI, sensitive data is becoming the unintended fuel feeding these models. In this session, we’ll break down how modern AI systems ingest and learn from corporate information, where the hidden exposure points are, and what leading APAC organisations are doing to stay in control. You’ll leave with practical strategies to safeguard your data, enforce boundaries around AI usage, and unlock value without becoming the next cautionary tale. If your business is embracing AI, this is the playbook you need before the appetites grow.
-
TRACK B: Governance & Oversight
Muzamil Rashid - Head of Cyber Security - Mazda Australia
-
14:00
Presentation
Building Fit for Purpose Governance from the Ground UpAndrew Kennan - GM Technology & Data - SEC Victoria
This session explores how to establish security capability and oversight from the ground up, creating structures, processes and roadmaps that grow with the organisation, communicate trade offs effectively, and balance risk, accountability and operational priorities, with practical lessons for scaling organisations.
-
14:25
AI Authority Drift — Closing the Governance Gap
David Fairman - Chief Security Officer - Netskope
As agentic AI systems become operational participants inside enterprise environments, organizations face a new governance challenge: controlling the authority, behavior and data access of autonomous systems operating across complex digital ecosystems in real-time, while enforcing operational boundaries. Scaling AI safely requires governance across identity, authority, behavior, and data, to enable innovation without unmanaged risk.
Join this session to learn more about:- Understanding how agentic AI increases enterprise risk with autonomous digital actors
- Implementing real-time governance models to address authority drift and unintended AI behavior
- Applying a practical framework for secure users, AI and data for safe adoption
-
14:50
How CISOs Respond to Funding and Risk Questions
John Ellis - Global Head of Security Trust & Influence - QBE
CISOs are increasingly asked to justify cyber security budgets while managing uncertainty and risk. This session explores how to determine the right size of GRC investment under constrained resources, communicate risk and uncertainty effectively, and maintain credibility with boards and executives.
-
15:15
Fireside Chat
Beyond Risk Appetite - Challenging Threat Assumptions About RiskRisk registers, heat maps, risk appetite statements, and governance discussions frequently focus on estimating probability before considering anything else. The challenge is that many of the incidents that cause the greatest damage to organisations are difficult to predict with confidence. Whether it is a cyber breach, insider incident, AI misuse, supply chain compromise, or fraud event, organisations often struggle to accurately estimate the likelihood before it occurs.
In this session, we will explore how we can combine the external attacker, the human insider, and the trust dimensions to prioritise spending and remediation effort based on consequences and exposures, thereby improving your cyber resilience.
Speakers:
Wayne O’Young Country Manager XM Cyber
Boaz Fischer Founder Australian Institute of Insider Threats -
TRACK C: Resilience
Tara Dharnikota - CISO - Victoria University
-
14:00
Group discussion
What Makes Security Human? And When It Shouldn’t BeChristie Wilson - Cyber Resilience Manager - UniSuper
Human behaviour is often highlighted in security incidents, but the real risk lies in cognitive overload, decision fatigue, and misplaced confidence. The focus moves from mistakes to effective decision design and prioritisation. This session examines which decisions humans should retain, and how technology can absorb routine risk.
-
14:25
Are You Mythos Ready? When Machine Speed Becomes The Risk
Sam Salehi - A/NZ Managing Director - Qualys
As AI-driven threats continue to compress the time between vulnerability discovery and exploitation, security teams are under increasing pressure to improve how they detect, prioritise and remediate risk at scale. This session explores how organisations are evolving exposure management to operate at machine speed, improving visibility, decision-making and response across increasingly complex environments. It will also highlight how Qualys' modern exposure management platforms support these outcomes at scale.
- AI‑Speed Detection: Leverage machine‑speed vulnerability detection and a unified inventory of internal and external assets to stay ahead of attackers.
- Hyper‑Prioritisation: Focus on what truly matters by combining threat intelligence, business context, and asset criticality, while validating exploitability against existing controls.
- Zero‑Day Remediation: Respond to zero‑days with operational resilience, using automated patching, mitigation, and continuous validation to shrink exposure windows.
-
14:50
Presentation
From Point-in-Time to Real-Time: Tackling Gaps and Modern Challenges in Supply Chain ResilienceIgor Aleksenitser - Head of IT Security - Toll Group
Point-in-time assessments leave blind spots in supply-chain risk. In this session, we’ll explore how continuous monitoring and real-time telemetry can help reduce risk, improve resilience, and provide actionable insights. Using practical examples, Igor shows why episodic reviews fall short, how to track vendor and technology risks effectively, and steps to make continuous monitoring realistic and achievable.
-
15:15
Cyber Security is Broken: Hard Truths We Can’t Ignore
Andrew Kay - Senior Director, Sales Engineering APJ - Illumio
Security leaders are under pressure to defend increasingly complex environments against increasingly capable attackers. But some of the assumptions shaping security programs no longer reflect reality. This session explores uncomfortable truths about modern cybersecurity: why protecting everything equally is impossible, why risk isn’t binary, and how AI is accelerating attackers faster than defenders can adapt.
-
15:40
Get refreshed! Mingle
-
TRACK A: AI in Practice
Dan Haagman - CEO Chaleit & Honorary Professor of Practice - Murdoch University
-
16:10
Interactive Session
Is AI Governance Just Privacy 2.0 or Something Fundamentally Different?Dan Goldberg - AI and Security Governance - Omnicom
As organisations race to deploy Gen AI, many are relying on existing privacy, risk, and cyber security frameworks to govern it. But is AI governance simply an extension of existing controls or does it require an entirely new approach? This discussion explores where privacy, cyber security, and AI governance increasingly overlap and where traditional models may no longer be enough.
- Is AI governance fundamentally different from privacy and cyber risk management?
- Who should ultimately own AI risk inside the organisation?
- How can organisations enable AI adoption without creating governance bottlenecks?
-
16:35
Are We Genuinely Transforming Cyber Security or Simply Adding AI to Existing Complexity?
(Are we creating a meaningful path forward, or a rod for our own back?)John Taylor - APAC Field CTO - Mimecast
We begin with a fireside conversation to cut through the hype, then open the floor to the room. Expect candid views and healthy debate. Come ready to challenge John and Dan, test your own assumptions, and weigh in with your perspective. The aim of the session is for attendees to leave with understanding of some quick wins and where true value can be obtained.
- Are we creating a meaningful path forward, or introducing new problems at scale?
- Are we unlocking value, or accumulating technical and operational debt?
- What are organisations actually gaining from AI today?
- Where are the practical opportunities, risks and trade-offs for security leaders?
Speakers:
John Taylor Field CTO – APAC Mimecast
Dan Haagman CEO Chaleit & Honorary Professor of Practice Murdoch University
-
17:00
Interactive Group Discussion
Every Conference Talks About AI. But What Progress?Samrat Seal - Head of Transformation & Governance - Kmart
Reflect on AI decisions from the past year, what’s changed, and share your thoughts on new challenges and opportunities. Join us in a small group discussion to share your experiences with the fellow leaders.
- Which AI decisions truly moved the needle?
- How has AI adoption or governance changed in the last year?
- What lessons on trust, risk, and accountability stick out?
-
17:25
Closing Remarks by the Track Chair
Dan Haagman - CEO Chaleit & Honorary Professor of Practice - Murdoch University
-
TRACK B: Governance & Oversight
Muzamil Rashid - Head of Cyber Security - Mazda Australia
-
16:10
Presentation
Beyond the Scan: Making Vulnerability Management Actually Reduce RiskHasnat Buttar - Cyber Security & Risk Manager - Accent Group
This session provides practical guidance on structuring a program that prioritises remediation by risk, establishes clear governance and SLAs, delivers meaningful reporting to the board, and embeds continuous improvement.
-
16:35
Making the Case for Asset Intelligence and Actionability
Paul Thomas - Solutions Architect - Axonius
Security processes are hampered by the complexity of accessing data spread across many tools. This data problem limits individual tool contributions, yielding incremental instead of exponential improvement. Join us to review common suboptimal security scenarios and explore how Asset Intelligence and Actionability can resolve this. We'll also cover its impact on current operations and the future effectiveness of AI.
-
17:00
Fireside Chat
Defining “Sufficient” Oversight: How Much Assurance Is Enough?Join this session to explore the grey areas of oversight, where judgement and decision-making matter more than checklists. This closing discussion is your chance to reflect on the day, debate the dilemmas, and leave with insights to guide real-world decision-making.
- What counts as “enough” oversight?
- How much assurance is reasonable?
- Who decides when controls are sufficient?
Rucha Gatti Director Tech and Info Risk NAB
Ian Pham CISO Victorian Managed Insurance Authority -
17:25
Closing Remarks by the Track Chair
Muzamil Rashid - Head of Cyber Security - Mazda Australia
-
17:30
CISO Drink Reception
Not Found
-
DAY 2
Wednesday, 15 July
-
08:15
Register; grab a coffee. Mix, mingle and say hello to peers old and new.
-
08:55
Welcome from Corinium and the Chairperson
Prof Dan Haagman - CEO Chaleit & Honorary Professor - Murdoch University
-
09:00
Keynote Dialogue
Signals from the Frontline: Global Threat Intelligence in ActionThis keynote dialogue explores what global threat intelligence is revealing and what it means for organisations and national cyber resilience.
- How are cyber threats shifting, from state-linked campaigns to hybrid criminal activity?
- How can government and industry collaborate to detect and respond faster?
- How can global intelligence be translated into actionable strategies?
- What lessons from recent incidents should CISOs prioritise? What have we learned from 2025?
Speakers:
John Ellis Global Head of Security Trust & Influence QBE
Stephen Beaumont AM Non-Executive Director & Chair CI-ISAC Australia
-
09:25
No More Guessing: How Real-Time Intelligence & AI Changes a Security Team's Day
Matt Waite - Senior Director of Solution Engineering - Tanium
Security teams don't have a data problem — they have a speed-to-answer problem. What's exposed, what's exploitable, what's changed since the last scan: every question still means hopping between tools, waiting on tickets, and losing time you don't have. This session shows what happens when AI sits on real-time, unconstrained visibility instead of yesterday's snapshot — faster investigations, sharper prioritisation, and incident response measured in minutes, not days.
- See true current state, not last week's snapshot — how real-time, unconstrained data is what makes AI actually trustworthy, not just fast.
- Ask a question, get an answer — how Tanium Atlas replaces hours of tool-hopping and ticket-waiting with instant, evidence-backed answers.
- Respond at the speed of the threat — how real-time AI compresses investigation and response time when every minute of exposure counts.
-
09:50
Keynote Panel
When the Best-Laid Plans Collapse, What’s Your Move?No system is completely secured and no plan survives every challenge. Join us for a candid, practical conversation that will challenge how you think about leadership, risk, and success in an unpredictable world.
- How do you decide what’s truly worth protecting?
- Can failure ever become an advantage?
- Which policies, processes, or habits add real value and what would you eliminate?
- What happens when your best defence still fails?
- What separates teams that adapt and thrive from those that crumble?
Moderator:
David Rajkovic Regional Vice President – Australia and New Zealand Rubrik
Panellists:
Deniz Molokov CISO Downer
Jo Stewart-Rattray Australian CISO Advisory Board Corinium Global Intelligence
Alison Stretch GM Information Security Melbourne Archdiocese Catholic Schools
-
10:20
Powering Up Resilience: Inside SA Power Networks' Data Security Journey; From Data Exposure to a Connected Security Program
South Australia's electricity network is essential infrastructure and an increasingly attractive target for sophisticated, persistent adversaries. Nathan Morelli, Head of Cyber Security and IT Resilience at SA Power Networks, sits at the front line of that challenge — a role that recently saw him named the only energy-sector member of Australia's national Cyber Incident Review Board.
In this fireside chat, Nathan discusses how data sits at the centre of SA Power Networks' Cyber Security Strategy 2025–30. After recognising that visibility and protection of sensitive data were critical to reducing cyber risk, the organisation partnered with Cyera to improve visibility and governance of sensitive data across the environment — reducing exfiltration risk today and supporting the organisation's strategies to adopt AI and new grid technologies with confidence. Nathan will share what it takes to defend an essential service against persistent adversaries, and why strong data foundations are an essential component of cyber resilience.
Speakers:
Marcin Zyman Account Executive Cyera
Nathan Morelli CISO SA Power Networks
-
10:45
Keynote Panel
Systematic Risk in Critical Infrastructure: Are We Over-Reliant on the Same Vendor?Explore the tough decisions behind vendor concentration in critical infrastructure, where over-reliance can amplify risk. This panel discusses how organisations assess, mitigate, and live with systemic dependencies.
- Which vendor dependencies keep you awake at night?
- When is reliance on a single vendor acceptable and when is it risky?
- How do you handle tough conversations with boards or regulators about concentration risk?
- What vendor surprises over the past year changed your approach?
Moderator:
Ian Pham CISO Victorian Managed Insurance Authority
Panellists:
Varun Acharya CISO Healthscope
Ben Lester Head of Digital Security (CISO) St John of God Health Care
Dr Huon Curtis Head of External Affairs CI-ISAC Australia
Ciara Spencer Deputy Secretary, Law Enforcement & Domestic Security Department of Home Affairs
-
11:15
Get refreshed! Mingle
-
TRACK A: Leadership in Action
Lauren Veenstra - CSO - Ibedrola Australia
-
11:55
Interactive Group Discussion
The Cyber Budget Challenge: Where Would You Spend Your Last Dollar?Andrew Morgan - GM Cyber Security and Enterprise Services - John Holland
Join this interactive session to wrestle with the tough choices CISOs face when cyber budgets are tight and every dollar counts.
- Which cyber initiatives get your first dollar?
- How do you balance investment between prevention, detection, and response?
- What’s a compromise you can live with and what’s a deal-breaker?
-
12:20
Staying Ahead of the Adversary: Managing the 2026 ANZ Cyber Threat Landscape
Junaid Siddiqui - ANZ Pre-Sales Manager - Group-IB
Group-IB's ANZ Threat Intelligence analysts turns the last quarter of raw threat intelligence into decisions that can be acted on. From industrialised phishing kits and mobile banking trojans converging on financial services, nation-state actors probing regional sectors, to the ransomware economy's expanding access-broker supply chain - this session cuts through technical noise to show what's actually changed, why it matters, and what to prioritise. Expect clear trend analysis, real world data, and practical recommendations to help shape your security priorities for Q3 2026, rather than just another threat roundup.
-
12:45
Presentation
What SOCs Can Learn from Control Rooms: Insights from Critical InfrastructureSam Mackenzie - VP - Australian Control Room Network Association
SOCs are central to cyber defence, but they are still a relatively young function. Control rooms, managing energy networks, transport systems, and emergency services, have decades of experience coordinating complex, high-stakes operations. This session challenges cyber security leaders to rethink SOC strategy through the lens of mature operational leadership, providing fresh perspectives on managing risk, investment, and executive decision-making in an increasingly complex cyber environment.
-
TRACK B: Threats & Tech Horizon
Prof Dan Haagman - CEO Chaleit & Honorary Professor of Practice - Murdoch University
-
11:55
Presentation
Space as Critical Infrastructure: The Next Blind Spot for CISOsSandeep Taileng - Information Security Officer - State Trustees
As reliance on satellite communications and GPS grows, so does systemic risk. This session examines how space-enabled services intersect with enterprise risk, and why security leaders need to factor space dependencies into their business continuity and cyber resilience strategies.
-
12:20
Adapting Security Operations to the Modern Threat Landscape
Today, staying ahead of cyber threats requires a proactive and adaptive approach. This session will focus on how organisations can optimise threat detection, response, and attack surface management to enhance visibility and build more resilient security operations.
-
12:45
Solo Debate
Point–Counterpoint: Quantum Computing – Strategic Threat or Governance Exposure?Fatima Hoblos - Senior Engineer – Identity & Access Management - Energy Company
This structured solo debate examines quantum computing from both sides of the executive dilemma.
- Explores whether quantum disruption of RSA and ECC is closer than organisations are prepared for.
- Challenges assumptions around harvest-now-decrypt-later risk and long-lived data exposure.
- Questions whether large-scale quantum timelines justify immediate large capital investment.
- Examines the dependency of identity systems, PKI, certificates, federation, and trust chains on current cryptography.
- Reframes quantum not as a physics problem, but as a governance and architectural maturity test.
- Confronts whether organisations truly understand their cryptographic inventory and crypto agility.
- Provides a practical executive decision framework to navigate quantum uncertainty without hype or paralysis.
-
13:10
Lunch
-
14:10
LEGO Prize Announcement!
-
14:10
Insider Threat Beyond the Human: Rethink Your Security Program for the AI Insider
Steve Moore - Chief Security Strategist - Exabeam
As AI agents become embedded across the enterprise, insider threat is no longer limited to human behaviour. The dynamic workforce of AI agents and automated systems is operating at a velocity that traditional security cannot match. This session explores how AI is reshaping insider risk, why traditional approaches need to evolve, and practical considerations for adapting insider threat programmes.
Key takeaways
▪️An overview of the evolution of insider threats
▪️How ownership of insider threat will shift
▪️Why the old incident response metrics no longer work
▪️Token “strength" as a defensive measure of resilience
▪️Advice on how to rethink the AI insider -
14:35
Keynote Presentation
Operational Resilience Under Pressure: What CPS 234 and CPS 230 RevealAshutosh Kochhar - Chief Information Risk Officer (CIRO) - Northern Trust Corporation
This session explores what happens when CPS 234 and CPS 230 are put into practice, focusing on how organisations are actually implementing governance, managing oversight, and dealing with competing business priorities. Discussing where execution becomes difficult, and what leaders are learning as they try to make operational resilience work in reality.
-
15:00
Future-Proofing Trust-How Leaders Can Govern AI, Machine Identity, and Quantum Risk
Daniel Sutherland - Area Vice President, ANZ - DigiCert
This session explores three areas that leaders should be focusing on today: putting the right governance around AI, modernising machine identity and certificate management, and preparing for the transition to post-quantum cryptography. You'll come away with practical insights into where the biggest risks are emerging, what actions you can take now, and how to build a stronger foundation for digital trust as technology continues to evolve.
-
15:25
Closing Fireside Chat
Are Your Identities Controlling You or Your Business?As organisations shift more services and operations into SaaS and cloud environments, identity is no longer just a technical issue—it’s a business-critical risk factor. This conversation explores how technology and security leaders are navigating identity sprawl, trust, and operational resilience beyond the tools and dashboards.
- Where does identity risk show up first in the business?
- How can CISOs balance simplicity, user experience, and control?
- What is the best approach to managing both user and service accounts at scale?
- How can leaders maintain visibility over access, privilege, and lifecycle in cloud environments?
Moderator:
Winston Fernando Head of Cyber Security & Compliance Darebin City Council
Speakers:
Kanchana Devi Head of Group Cybersecurity JB Hi-Fi
Hemanth Kanakamedala Senior Manager Identity & Cyber Engineering EBOS Group
-
15:50
Chairperson's Closing Remarks
Prof Dan Haagman - CEO Chaleit & Honorary Professor - Murdoch University
-
16:00
Close of CISO Melbourne 2026 & Afternoon Tea
Not Found