Author: Events Team

Posted on by Events Team

Security in a Digital First Age – Chary Chigurala

PANEL DISCUSSION

Moderator:
Chary Chigurala, Head of IT, Laminex

Panellists:

Berys Amor – Director of Technology, Corrs Chambers Westgarth

Damien Scalzo – Chief Information Officer, Mercedes-Benz Financial Services AU/NZ

David McGrath, Chief Digital Officer, Clubs Australia

Chary hosted a panel discussion that shared insights and knowledge on how we can ensure security in a digital first age. The cyber threat landscape that is evolving at a phenomenal rate is not just new modes of attack or increased points of vulnerability that are proving problematic for security professionals it is also attitudes towards security are changing, too. Comfort levels with sharing information, transacting online and trusting third parties have never been higher.

ABOUT CHARY CHIGURALA

A proven leader with 25 years industry experience in Fortune 100 and ASX 100 companies. He is incredibly passionate about designing and implementing future focused IT organisation strategies to succeed in the digital markets. His core skills include:

  • Providing vision and strategic leadership
  • Digital strategy
  • IT strategy & architecture
  • Leading high performance teams
  • Business engagement
  • IT enabled business transformation
  • Consulting
  • Large deal creation
  • P&L and budget management
  • Large projects management
  • Vendor management
  • IT service delivery and reporting

 

 

 

 

ABOUT BERYS AMOR

Berys Amor has worked in the legal sector for more than 25 years, starting in finance administration and then moving into information technology. She has worked for a number of top ten law firms and managed a range of areas within technology, including service delivery, training, system administration and project management. Berys has extensive experience in project management, having been a part of several large office moves and fit outs, major systems implementations and upgrades as well as the change management processes for implementing new systems.

Berys’ current role as Director of Technology at Corrs Chambers Westgarth involves collaborating with key business stakeholders to understand the business objectives and factors of success in the industry, and developing and implementing the IS strategy in line with the overall business strategy. She manages a national team which includes client technology solutions, IT project delivery, IT training, helpdesk and service delivery, and infrastructure and applications support. Berys is also a Knowledge Advisor for the International Legal Technology Association and was selected for CIO Australia’s top 50 CIOs for 2016.

 

 

 

 

ABOUT DAMIEN SCALZO

As a technology leader I am responsible for:
– creating an IT vision and delivering the IT Strategy in alignment with the business strategy
– instilling structure, discipline and prioritisation across IT activities
– planning and governance of all IT Plan, Build and Run activities
– building and coaching a highly effective team across Australia and New Zealand
– make or buy decisions
– contract negotiations
– supplier management
– IT risk and security management.

From 2014 to present I have extensively scaled the size of the team, IT landscape and delivery velocity.

With many years of experience with custom development implementations, I often support my team during detailed technical decisions in relation to architecture, integration, code, databases and infrastructure. This supports the best decision for the business, gains respect from my technical staff and leads to the creation of a culture of collaboration and best practice sharing within the team.

 

 

 

ABOUT DAVID MCGRATH

David is a globally credentialed technology executive, specialising in data-driven digital transformation across corporations of various sizes and locations. Successfully developing and implementing large scale company-wide change, David’s recent projects include the technical coordination and build of large scale data assets, importantly including its protection through security, governance, and data regulatory compliance.

Complementary to this approach is also the ability to successfully craft an operational structure for “all of business”, including educational change at a departmental level endorsed through Executive / Board buy-in.

David’s career background also includes digital product monetization, customer / audience growth, plus extensive digital marketing (programmatic) utilising data intelligence. David has successfully built teams from scratch as well as taken on established corporate units, leading both content, development & sales across APAC (including Japan), UK and the US.

Other elements include being a member of various Boards, Advisory Boards, and Investor relationships across technology and Not-For-Profit organisations, as well as being a sought after speaker at industry conferences.

Posted on by Events Team

Creating an Innovation Culture – Michael Henry

WORKSHOP 1

Michael Henry, Global Head of Digital Experience, BHP

Michael’s workshop discussed how the rules of the game have changed, and how we live in a time of disrupt or be disrupted.  It has never been more important for organisations to be innovative, resilient and self-disruptive.  But how do we remain relevant and create a culture of innovation and more importantly embed it in to all levels of the organisation?

This workshop unpacked the key principles for creating an innovative culture in a case study style that discussed:

  • The key steps to create an innovative corporate culture
  • The role of leaders and managers in fostering innovation
  • How to embed an innovation and growth mindset

Michael shared his experiences both professionally and from his studies at the University of Oxford.

ABOUT MICHAEL HENRY

Michael Henry is the Head of Digital Experience for BHP, a leading global resources company.
He is responsible for the Mobility, Collaboration and User Experience teams worldwide.
Michael specialises in global leadership, having inspired leaders and their teams across Australia, Asia, Europe, Africa, and the Americas.
A digital transformation pacesetter for over two decades, Michael has delivered both complex systems integration projects and managed global infrastructure services. Influencing the direction of global organisations amidst significant complexity, Michael has driven structural alignment, enhanced capability and business outcomes.
Joining Oxford University’s Organisational Leadership programme at the prestigious Saïd Business School in 2017, Michael’s studies have focused on understanding the keys to leadership success in the digital age. Specifically, his research has encompassed effective leadership strategies for environments characterised by disruption, fast-paced innovation and digital transformation.
Michael continues to evolve a personal leadership style recognised for its wide ranging vision, finessed stakeholder management and a passion for meaningful mentorship. This vision is anchored by Michael’s continual drive to identify, develop and implement the leadership and digital tools required to realise sustainable competitive advantage.
Michael will share his personal leadership journey and unpack the key principles he has used to develop and lead high performing teams.

Posted on by Events Team

Open Banking and API’s – Himanshu Shrivastava

Himanshu Shrivastava, Managing Director, Citibank Singapore

Himanshu’s presentation looked at Citibank’s Journey towards API and Open Banking partnerships. How being an ecosystem player helps the existing business to grow and get new revenue streams and how technology can simplify and nudge towards next generation platforms.

ABOUT HIMANSHU SHRIVASTAVA

  • Head of Digital Technology – APAC/EMEA, Global Consumer Technology, Global Consumer Business, Citibank NA.
  • Himanshu and his team are responsible for accelerated delivery of Citi’s Mobile first strategy and driving digital channels to next generation technology capabilities. Responsible for Development and Deployment of Internet and Mobile banking platform, API, ESB and CMR applications for Asia and EMEA Consumer Business. The primary focus for this role is application development, deployment of technology based business critical solutions, standardization of platforms & processes, managing large teams in diverse geographies, off shoring & outsourcing, vendor management.
  • Himanshu joined Citi in 2003 as a Manager – Application Development in Business Systems Team of CitiFinancial, India. Since then, he has had many stints within Consumer Business Technology in India and Singapore. He has extensive experience in Product Development, Project Management and Implementation. Product/Solution design using various technologies. He leverages his knowledge of Citi’s systems and technology to deliver solutions to clients.
  • He holds a Bachelors Degree from the Delhi University specializing in Computer Science, Mathematics and Science & a Masters of Business Administration from Institute of Management and Technology, Ghaziabad, India (I.M.T.) specializing in Marketing and Technology.

Posted on by Events Team

Rhys MacFarlane, Chief Security Officer – Luxury Escapes

Experienced Chief Security Officer – skilled in Physical Security, Loss Prevention, Risk Management, Internal Investigations, Leadership and Network Security. Strong military and protective services professional with a Bachelor of Arts – BA focused in Security, Terrorism and Counterterrorism from Murdoch University.

  • What do you feel are the biggest challenges IT security leaders are currently faced with within their business?  

I feel one of the biggest challenges IT security leaders will be facing in 2019 and beyond will be a shortage of suitably qualified and experienced IT security professionals. Ours is a rapidly growing field and I believe we will see far more small to mid-range companies employing full time IT security teams from now on, as a result of the escalating threat and new regulations. This could lead to a very competitive recruitment market and subsequently the level of cyber security experts in the field will be spread very thinly.

As an IT leader, what do you feel businesses continue to get wrong when it comes to their IT security strategy?

I believe when it comes to IT security most businesses have more focus on the software and technical aspects of security than they should. It is my belief that a solid IT security strategy should be far more focused on end-user development and training. By no means am I saying the technical aspects are not important, as they definitely are. However, I believe that if you’re able to upskill your workforce they will be able to identify threats; recognise potential vulnerabilities in their current workflow; and ultimately aid in your ability to quickly respond to any potential issues or avoid them altogether.

What are the latest trends and behaviours you predict will be surfacing on the market over the coming 12 months?

I believe we will see a solid increase in the sophistication and number of credential theft attacks. I believe we will also see this being focused far more on those roles who have high level access to valuable data, i.e. human resources, accounts payable and those responsible for large data sets of PII information. I base this on the current levels of income being generated by the illegal sale of sensitive data, as the same dataset can be sold numerous times for a relatively large amount. Such high levels of income will be highly appealing to threat actors and will mean they are able to organize themselves to present a sophisticated threat.

What is one key takeaway you hope our IT audience leaves with after hearing your presentation on site?

My hope is that people leave the seminar with a realistic understanding of the current threat; and a sense of optimism in our ability to meet this threat. We are operating at a threat level that is unprecedented and this threat continues to grow, change and improve on an almost daily basis. New technologies are being deployed by threat actors that are incredibly sophisticated and I believe this will continue to advance at a rapid pace, with tech such as machine learning only in its infancy. However, I also think we are at a time of opportunity. I believe that most executives are now far more engaged with security than ever before and that there is large interest in the development of new and improved IT security technologies. If we are able to capitalise on this we will be able to develop our abilities, training and technology in-order to meet these new threats, and save ourselves from falling further behind.

Posted on by Events Team

Interview with John Kouroutzoglou, Information Security & Compliance Manager – Domain Group

John Kouroutzoglou has been involved in physical and cyber security for over 15 years. He has worked in government and in the private sector at large global firms such Alcatel-Lucent, HP and EY. He is currently the Information Security & Compliance Manager at Australia’s leading real estate technology firm – Domain Group. John’s areas of expertise include: Assurance, Security Awareness Training, 3rd Party Due-Diligence, Privacy and Personal Security.

What do you feel are the biggest challenges IT leaders are currently faced with within their business?

From a cyber security perspective I would say managing privacy obligations with GDPR and Australia’s Mandatory Data Breach Notification legislation. There is an incomplete understanding of what compliance actual entails, and furthermore confusion with what needs to be done when a breach occurs.

As an IT leader, what do you feel businesses continue to get wrong when it comes to their IT strategy?

I have had discussions with IT leaders where the common complaint with security being it’s under-funded or under-resourced – this is a recurring theme. We keep seeing in the media regular announcements of businesses being breached – I would say quite simply that security might not be the top priority at these firms.

What are the latest trends and behaviours you predict will be surfacing on the market over the coming 12 months?

Machine Learning (ML) and Artificial Intelligence (AI) are all the rage in security at the moment and this will continue for the next 2 to 3 years. There is an expectation that ML and AI will lead to cost reduction and operating efficiencies. Time will tell if these benefits are realised.

What is the best piece of advice you have received within your job over the years?

It’s not what you know, but who you know – learn to network.

What is one key takeaway you hope our IT audience leaves with after hearing your presentation on site?

Security threats have evolved and they are closer to organisations, and much more damaging. Threats such as insiders and 3rd parties have long been deemed to be low risk, simply because associated risks were not understood and incidents weren’t published. I hope our audience come out with a deeper understanding of how vulnerable they are, and a better understanding of how to address these evolving risks.

Posted on by Events Team

Establishing a Cyber Security Centre

Marianne Cologon, Acting Chief Information Security Officer at Australian Digital Health Agency, presented a workshop on “Establishing a Cyber Security Centre”

Establishing a Cyber Security Centre is a complex and highly challenging process. Marianne shared the ADHA’s journey, lessons learned, and the challenges of creating a Cyber Security Operations Centre including:

  • Building Strategic Partnerships (Cyber is the ultimate team sport)
  • Defining Strategic Outcomes
  • Operationalizing the Security Operations Centre

About Marianne Cologon
Marianne started out her career working for ACT Health across a range of IT & risk related areas. She then moved into Federal Government, working with critical infrastructure organisations to improve the security of telecommunications & industrial control systems. Since then she has worked across a wide range of organisations in operational and non-operational security roles, prior to commencing with the Australian Digital Health Agency in 2015. She is currently the Acting General Manager and CISO for the Agency’s Cyber Security Centre, and also Director of Cyber Security Operations.

Posted on by Events Team

Critical infrastructure and risk

Garry Bentlin, Chief Security Officer at TransGrid, presented a workshop around “Critical infrastructure and risk”

How we work with risk in critical infrastructure? Garry discussed the risk equation versus the threat actors that are faced – defining an event horizon or sweet spot where intelligent investments can balance the risk/threat equitation versus the investment in counter-measures.

About Garry Bentlin
Garry Bentlin has over two decades of experience in mission-critical IT environments, ranging from energy, mining financial services, airlines and transport, the Sydney Olympic Games, and the Australian Government. He has eighteen years’ experience in IT Security in roles such as CISO, Deloitte’s National Director for Cyber Security, IBM Delivery Project Executive, line manager and client security adviser and have delivered numerous cybersecurity transformation programmes.

Posted on by Events Team

Case study on third party risk assessment – Practical approach

Lakshmana Ganugapati, APAC Information Security Director at Aon, presented a “Case study on third-party risk assessment – Practical approach” during his workshop at the CIO Leaders Summit.

This session aimed to promote discussion around third-party risk assessments depending on the scope of services.

About Lakshmana Ganugapati
His role is to lead and enable Aon business to pro-actively and proportionately manage security risk. He is a dedicated IT risk and security management professional with more than 12 years’ experience across various domains (IT operations, infrastructure and security).

Posted on by Events Team

Implementing a risk-based approach to privacy and data protection

Fred Thiele, Chief Information Security Officer at Velocity Frequent Flyer, presented a workshop around “Implementing a risk-based approach to privacy and data protection”

This session covered practical implementation of a risk-based approach to help map risks back to control frameworks for information security and privacy.

About Fred Thiele
Fred Thiele is a career-long information security professional that was fortunate enough to discover the field in 1998. Fred takes a pragmatic, risk-based approach to bring successful information security programs to both greenfields and established enterprises.  He currently protects the data of over 9 million Australian’s as the CISO and Transformation Program Director of Velocity Frequent Flyer.

Posted on by Events Team

New Zealand’s cyber security strategy

Paul Blowers —Chief Information Security Officer, New Zealand Police Force, Special Advisor National Cyber Policy Office, Department of Prime Minister & Cabinet, New Zealand— presented the session New Zealand’s cyber security strategy.

As CISO’s we wear many hats: advising the board, setting the strategic direction, managing policy, interpreting legal requirements, ensuring systems are safe to operate, overseeing risk and compliance, managing disparate teams of multi-skilled experts. In short: enabling the business but all too often we are embroiled in day-to-day operational matters.

However, our role is changing as businesses face a host of new digital challenges including: risks generated by the ubiquity of emerging technologies, globalisation of information assets, the ever-changing threat landscape and increasing sophistication of cyber-criminals.

ABOUT PAUL BLOWERS
I am currently completing my SABSA Masters degree on the topic of Offender Identity Management. I am an experienced executive manager and strategist with expert knowledge of Data and Information Governance. Developing associated security (including Cyber), compliance and assurance related strategies are key themes. I have extensive experience in the industry and cyber environment and formally qualified as a security management professional with a comprehensive business-centric IT security architecture and engineering background. My business knowledge has largely focused on organisations dealing with Law Enforcement, Border Security, Defence, Intelligence and critical infrastructure related matters in both the private and public service sectors. I have a first class record of achievement and considered an innovative thinker who advocates the use of the Sherwood Applied Business Security Architecture (SABSA) approach to deliver business facing solutions that balance governance, risk, compliance and assurance with business continuity, reliability and value. I have extensive knowledge of a wide range of data and international information, security and risk standard. My current areas of research include progressing mobility as a business enabler (where supported the secure implementation of the single largest deployment of law enforcement mobile devices worldwide), identity management, business intelligence, digital evidence, content management and information loss protection associated with the threat of systemic insider behaviors. Internationally respected, I have been invited to speak at many security-related conferences both as a presenter and expert panelist in Washington DC (Protect Conference), Melbourne (Connect 2014), Dublin (COSAC) and New Zealand.

Copyright 2025 ©Focus Network. All rights reserved