Anti Virus
Network Security
Analytics
Cyber Security
Mobile & cloud
security
Identity
Management
Fraud
Protection
End Point
Security
Head of Software Systems & Cybersecurity, Monash University
General Manager, IT Security, Controls & Governance, AIA
Head of Cybersecurity, Monash Health
Network and Cloud Security Engineering Lead, APA Group
The summit program is a draft and is subject to change.
30min
5mins
Anthony Caruana has worked for almost every major masthead in the Australian IT press with his work appearing around the world. As an experienced [...]
As economic pressures tighten and technology budgets come under intense scrutiny, CIOs and CISOs are often at a crossroads, should limited resources be directed toward reducing risk or accelerating business growth? In this interactive debate, two seasoned executives go head to head to argue their side of the boardroom tug of war.
Throughout this debate we will see the CIO advocate for bold technology investments that unlock innovation, drive operational efficiency, and keep the business competitive in a fast changing market. While on the other side, the CISO will make the case that without robust security and risk mitigation, growth initiatives could collapse under the weight of cyber threats, compliance failures, and reputational damage.
With the future of digital transformation and organisational resilience hanging in the balance, this session will challenge the audience to consider:
Where does the real value lie when budgets are on the line?
20min
Quantum computing is on the horizon and while its mainstream use may be a few years away, the time to prepare is now. Quantum’s ability to break current encryption standards poses a future risk to all sensitive data.
This session explores how security leaders can assess their cryptographic footprint and begin transitioning toward post-quantum cryptography (PQC). We’ll review emerging NIST recommendations, how to protect long-life data today, and how to build a strategic roadmap for quantum resilience. Even in the absence of immediate quantum disruption, the groundwork laid now will determine your organisation’s future resilience.
Key Takeaways:
20min
As organisations accelerate digital transformation, CIOs and CISOs must collaborate to modernise infrastructure without exposing the business to new vulnerabilities.
This panel will explore how IT modernisation initiatives, such as cloud migration, AI integration, and legacy system replacement, are being strategically aligned with evolving cyber threat landscapes.
Key Takeaways:
30min
Jimmy is a passionate cyber security and risk management professional who has held global and regional leadership roles with a diversified [...]
- 15 years of experience in Cyber Security, technology and 8 years in leadership - Passionate about enabling people and bringing people together [...]
Cloud adoption in Australia is accelerating, but with it comes a growing attack surface riddled with misconfigurations, fragmented policies, and limited visibility.
This session explores how CISOs are using next-generation tools, like Cloud Security Posture Management (CSPM) and Cloud Native Application Protection Platforms (CNAPP) to implement security policies that scale and adapt across multi-cloud environments.
Learn how AI is enhancing cloud visibility, policy enforcement, and real-time threat detection. Attendees will walk away with strategies to ensure secure cloud transformation while maintaining compliance and agility.
Key Takeaways:
30mins
Bio [...]
10:35
15mins
In today's interconnected world, ransomware attacks are no longer a matter of "if" but "when." Businesses need solutions that not only safeguard their critical assets but also reduce costs and improve operational efficiency. Join Rubrik as we delve into the critical need for a modern cyber resilience strategy.
Simplify. This session will break down the anatomy of a ransomware attack, exposing the vulnerabilities that legacy backup solutions simply can't address. We'll explore why traditional backups are no longer enough to guarantee recovery in the face of sophisticated cyber threats. By consolidating, simplifying and automating data protection, you can dramatically reduce the total cost of ownership.
Connect. Discover how Rubrik's platform empowers you to simplify your data management, connect your critical systems, and ultimately protect your business from the devastating impact of a cyber incident. And in a world where data is increasingly moving to the cloud, ensure your cloud data is protected and managed as seamlessly as on-premises data.
Protect. Learn how to achieve true cyber resilience and ensure business continuity, even in the face of a successful attack. Ask yourself…
30min
This session explores how automation and orchestration are reshaping AI governance—enabling real-time compliance, embedded controls, and continuous oversight.
Tech and security leaders will gain insights on enforcing guardrails at scale, ensuring traceability, and building governance into the AI fabric without slowing innovation.
30min
As AI transforms how businesses operate, it’s also redefining the identity threat landscape. Many organisations are still grappling with how to effectively manage human identities and now face the added challenge of growing machine identities, which already outnumber human ones by 46 to 1 and are projected to surpass 45 billion by the end of 2025.
This explosion of access across cloud platforms is dramatically expanding the attack surface. Threat actors are taking advantage, using AI to exploit gaps in visibility and privilege at speed and scale.
For security leaders, identity has become the new perimeter and securing it means protecting everything: people, systems, and applications. But how do you manage that at scale while maintaining efficiency?
This session will explore:
Join senior security leaders to unpack the realities of managing identity risk in a cloud-first, AI-driven world.
30min
Zeeshan is the Lead Cybersecurity Solution Engineer at Delinea with over 15 years of experience in IT security, specializing in Privileged Access [...]
Ariel Lumbroso is a cybersecurity leader specializing in Privileged Access Management, identity security, and compliance. With expertise in [...]
Identity is now the number one attack vector. Attackers are bypassing outdated security controls, exploiting misconfigured identities, excessive permissions, and poor session management. Traditional PAM (Privileged Access Management) solutions weren’t designed for today’s dynamic, cloud-first environments.
A 2024 threat intelligence report found that credential-based attacks accounted for 38% of all data breaches—significantly more than phishing (17%) and exploits (16%). This shift highlights a growing risk for security teams: legacy PAM tools alone aren’t enough to stop identity-based threats.
The session will explore where the biggest gaps and challenges lay in today’s PAM and identity security strategies that include:
With identity now at the centre of the attack surface, organisations need a modern PAM approach that integrates with broader identity security strategies—ensuring access is continuously verified, monitored, and minimised.
This breakout session will bring together cybersecurity and IAM leaders to discuss:
30min
Scott Hesford has over a decade of experience in IT security. Before joining BeyondTrust in 2019, he worked as Principal Consultant for CA [...]
In today’s complex threat landscape, malicious insiders pose one of the most difficult security challenges for CISOs. Unlike external threats, insiders have access, knowledge, and often the trust of the organization, making detection and prevention uniquely complex.
In this session, Professor Monica Whitty draws on cutting-edge research in cybersecurity, psychology, and behavioural science to explore how organisations can build true resilience to insider threats.
The talk will unpack the human and contextual factors that lead to insider risks, discuss how organisations can shift from reactive to preventative strategies, and present evidence-based frameworks to better predict, manage, and reduce these threats across critical environments.
Key Takeaways:
30min
Professor Monica Whitty is the Head of Department for Software Systems and Cyber Security, and holds a Professorship in Human Factors in Cyber [...]
CISOs are now expected to be strategic advisors, translating technical risks into business decisions that influence the boardroom.
This session will explore how you as a cybersecurity leader can effectively engage with executive stakeholders, communicate evolving threats in business terms, and influence enterprise strategy.
You will be presented with lessons on gaining executive buy-in, justifying security budgets, and aligning cybersecurity with broader business and ESG goals. The conversation will also touch on what boards really want to know and how CISOs can deliver insights that drive action without inducing unnecessary fear.
Key Takeaways:
30min
Discuss real-world tactics to identify and mitigate risks in third-party software, open-source components, and CI/CD pipelines in the wake of increasing supply chain attacks.
30min
Examine how CISOs are adapting GRC frameworks to address AI governance, new regulatory expectations, and the need for continuous assurance across evolving tech stacks.
30min
A focused discussion on the current effectiveness of AI in detecting and responding to threats, how mature the tools really are, and the practical challenges of integrating them into legacy environments.
30min
Explore strategies for recruiting, developing, and retaining top cybersecurity talent amid growing competition, evolving skill demands, and the rise of AI-assisted security roles.
30min
13:15
40min
Compliance is important, but resilience is essential. In this discussion, CISOs will share how they are evolving beyond checkbox-driven compliance to build agile, resilient cybersecurity cultures that can adapt to shifting threats and regulations.
The panel will examine how to embed security across teams, build response muscle through simulations and tabletop exercises, and develop high-performance security teams. The conversation will also explore how to use AI and automation to reinforce controls and detect risk in real time.
Whether you're responding to supply chain attacks or adapting to new privacy laws, building resilience is the new benchmark of mature security programs.
Key Takeaways:
30min
Zero Trust is no longer a buzzword it's becoming a necessity. But while the theory is compelling, execution across large, hybrid organisations remains a complex and often fragmented process.
This session will provide practical insights into what Zero Trust looks like beyond the whiteboard. Learn how to phase in Zero Trust across users, devices, applications, and networks, and understand the critical role of identity, segmentation, and continuous validation. We’ll also explore lessons from Australian companies that have moved beyond pilots to build sustainable Zero Trust architectures that deliver measurable results.
Key Takeaways:
20min
As cyber threats grow in complexity, speed, and volume, traditional detection methods are no longer sufficient. Artificial intelligence and machine learning are now essential components in modern Security Operations Centers (SOCs), helping teams identify and respond to threats faster than ever before.
This session delves into how AI is being deployed across leading enterprises in Australia to power anomaly detection, behavioural analytics, and automated triage. We’ll also examine how to balance AI decision-making with human oversight, reduce false positives, and establish trust in these intelligent systems.
Learn from real-world implementations and understand how to scale AI initiatives responsibly within your cyber infrastructure.
Key Takeaways:
20min
15:20
5min
Anthony Caruana has worked for almost every major masthead in the Australian IT press with his work appearing around the world. As an experienced [...]
15:25
60min
30min
5min
Anthony Caruana has worked for almost every major masthead in the Australian IT press with his work appearing around the world. As an experienced [...]
This topic addresses the often-conflicting priorities of rapid technological adoption and stringent security requirements. Focusing on whether the CIO’s drive for innovation or the CISO’s focus on security should take precedence.
Join this engaging session where Brett and Jamie will have a light-hearted battle between CIO and CISO on a topic where each member will argue their side trying to convince you they have the right opinion on the matter.
20min
Jamie Rossato, has served in CISO roles for over a decade across a range of industries. He has served as a non-executive director at [...]
Recognised in the CIO50 in 2022, 2021, 2020 and 2019 for innovation and leadership. An executive leader with experience in digital [...]
As cities evolve, the intersection of AI, data, and digital platforms is transforming mobility and infrastructure. This session will explore how technology is shaping the future of transport, delivering seamless and secure experiences at scale. Drawing from award-winning, multi-modal transport innovations, Kurt will share key insights on:
30min
Kurt is an internationally renowned technology executive with over 25 years’ experience in the industry. He is currently the Chief Digital and [...]
Join our expert panel as we explore the intersection of AI, innovation, and security in the enterprise. Our discussion will delve into the opportunities and challenges of AI adoption, from driving business growth to mitigating cyber threats.
CIOs and CISOs alike will gain valuable insights on how to harness the power of AI while ensuring the security and integrity of their organisations.
30min
With experience operating at the intersection of risk, cyber security, technology, law and governance, I have built a successful career leading [...]
Leron is a forward-thinking technology executive specialising in cyber strategy, management and delivery. He has led large scale, global, high [...]
Global technology executive delivering transformation, commercial value, and innovation at scale. With experience across 10 [...]
Anthony Caruana has worked for almost every major masthead in the Australian IT press with his work appearing around the world. As an experienced [...]
68% of cyber incidents are attributed to human error however risk isn’t evenly distributed with recent statistics revealing that 80% of security incidents are caused by just 8% of employees, underscoring the critical importance of identifying high-risk users within an organisation.
This session will explore the factors contributing to user vulnerabilities that lead to certain individuals being classed as high-risk. Participants will gain insights into measuring user risk effectively and implementing tailored strategies to enhance cybersecurity across their organisations. This session will also highlight how a personalised and adaptive security approach can provide customised security measures for each user. By focusing on these high-risk individuals, organisations can safeguard their workforce while maintaining operational productivity.
30min
Scott is a experienced cybersecurity professional with a strong track record of working across Africa, Europe, the UK, and Australia. Over the [...]
10:45
15min
This session explores how automation and orchestration are reshaping AI governance—enabling real-time compliance, embedded controls, and continuous oversight.
Tech and security leaders will gain insights on enforcing guardrails at scale, ensuring traceability, and building governance into the AI fabric without slowing innovation.
30min
Darren Cockerell is Head of Sales and Solutions Consulting ANZ at SS&C Blue Prism where he is responsible for understanding the strategic [...]
As AI transforms how businesses operate, it’s also redefining the identity threat landscape. Many organisations are still grappling with how to effectively manage human identities and now face the added challenge of growing machine identities, which already outnumber human ones by 46 to 1 and are projected to surpass 45 billion by the end of 2025.
This explosion of access across cloud platforms is dramatically expanding the attack surface. Threat actors are taking advantage, using AI to exploit gaps in visibility and privilege at speed and scale.
For security leaders, identity has become the new perimeter and securing it means protecting everything: people, systems, and applications. But how do you manage that at scale while maintaining efficiency?
This executive roundtable will explore:
Join senior security leaders to unpack the realities of managing identity risk in a cloud-first, AI-driven world.
30min
Ariel Lumbroso is a cybersecurity leader specializing in Privileged Access Management, identity security, and compliance. With expertise in [...]
Identity is now the number one attack vector. Attackers are bypassing outdated security controls, exploiting misconfigured identities, excessive permissions, and poor session management. Traditional PAM (Privileged Access Management) solutions weren’t designed for today’s dynamic, cloud-first environments.
A 2024 threat intelligence report found that credential-based attacks accounted for 38% of all data breaches—significantly more than phishing (17%) and exploits (16%). This shift highlights a growing risk for security teams: legacy PAM tools alone aren’t enough to stop identity-based threats.
Where are the biggest gaps in today’s PAM and identity security strategies?
Legacy PAM solutions that don’t scale – Traditional vault-based PAM was built for static infrastructure, not today’s hybrid-cloud and SaaS environments.
Mismanaged permissions creating hidden risk – Overprivileged accounts, orphaned identities, and excessive standing access leave the door open for attackers.
Fragmented identity controls – Security teams struggle to enforce least privilege consistently across hybrid environments, SaaS applications, and third-party access.
Session monitoring gaps – Without real-time insights into privileged activity, it’s harder to detect and prevent identity-based attacks before they escalate.
With identity now at the centre of the attack surface, organisations need a modern PAM approach that integrates with broader identity security strategies—ensuring access is continuously verified, monitored, and minimised.
This invite-only roundtable will bring together cybersecurity and IAM leaders to discuss:
Join an exclusive discussion with senior cybersecurity and IAM leaders to explore the future of modern PAM and identity security. Secure your seat today.
30min
Bio [...]
In today's interconnected world, ransomware attacks are no longer a matter of "if" but "when." Businesses need solutions that not only safeguard their critical assets but also reduce costs and improve operational efficiency. Join Rubrik as we delve into the critical need for a modern cyber resilience strategy.
Simplify. This session will break down the anatomy of a ransomware attack, exposing the vulnerabilities that legacy backup solutions simply can't address. We'll explore why traditional backups are no longer enough to guarantee recovery in the face of sophisticated cyber threats. By consolidating, simplifying and automating data protection, you can dramatically reduce the total cost of ownership.
Connect. Discover how Rubrik's platform empowers you to simplify your data management, connect your critical systems, and ultimately protect your business from the devastating impact of a cyber incident. And in a world where data is increasingly moving to the cloud, ensure your cloud data is protected and managed as seamlessly as on-premises data.
Protect. Learn how to achieve true cyber resilience and ensure business continuity, even in the face of a successful attack.
Ask yourself…
30min
A sales leader who can lead high performing sales teams through applying strong commercial, customer and people management skills. Have built a [...]
As cyber threats continue to evolve, adopting a Zero Trust security model and Multi-Factor Authentication (MFA) has become essential, particularly in Singapore's fast-moving digital landscape. Zero Trust ensures that no entity—whether internal or external—is trusted without verification. Combined with MFA, which adds additional layers of authentication beyond passwords, this approach helps organizations protect critical data, reduce unauthorized access, and enhance security resilience.
This session will discuss how implementing Zero Trust and MFA can combat sophisticated cyberattacks and offer CISOs practical strategies to deploy these models across their organizations.
Key Takeaways:
30min
I am an experienced IT leader who has enjoyed a career spanning 30 years across multiple industries, including Banking and Finance, Retail, Online [...]
As cyber threats become more sophisticated, Australian organizations must move beyond reactive defence and embrace proactive cyber threat intelligence strategies. In this session, James Kay will share insights from the Australian Cyber Security Centre (ACSC) on how intelligence-led threat hunting can enhance national cyber resilience. He will explore the evolving cyber threat landscape, the role of the National Cyber Watch Office in identifying emerging threats, and best practices for integrating intelligence-driven security strategies within enterprise cybersecurity frameworks.
Key Takeaways:
30min
James is the Assistant Director‐General for Standards, Technical Advice, and Research, at the Australian Signals Directorate’s (ASD) [...]
Modern CIOs are turning to the powerful combination of AI and low-code to lead enterprise innovation.
This session explores the key factors driving this trend and how AI powered low-code empowers IT leaders to deliver faster business outcomes. We will also discuss a play-book that CIOs can adapt to drive this change.
30min
30min
Rob is a keenly active cyber-security practitioner and has over 20 years’ experience in the Cyber Security industry. Prior to joining [...]
As AI becomes a crucial component of modern IT strategies, observability becomes even more relevant. The 2024 Observability Forecast revealed that the adoption of AI technologies was the top strategy or trend driving the need for observability (41%), with 42% of those surveyed saying they had already deployed AI monitoring.
But how can CIOs maximise their investments and get the best value from observability? This roundtable explores key features of AI, including enhanced predictive capabilities and streamlined incident management, and how to use them to drive the best business outcomes.
Roundtable attendees will discuss the challenges they face, and share insights on leveraging AI-driven observability components, such as predictive alerts.
Key takeaways include:
30min
Aron has been working in the Technology space for over 15 years with a background in SysOps, System and Solution Architecture and a hobby developer [...]
In today’s economic climate, IT leaders are under growing pressure to do more with less—balancing cost efficiency with the need to modernise and innovate.
This breakout session will uncover how forward-thinking organisations are leveraging third-party support to reduce operational costs, extend the life of critical systems, and reinvest in the technologies that matter most.
Key takeaways:
30min
With over three decades of experience across local, national, and international IT landscapes, Dennis leads Rimini Street’s Asia-Pacific team [...]
Bio [...]
13:25
40min
In today's complex threat landscape, Security Operations Centres (SOCs) must be equipped to detect and respond to advanced threats in real-time. As a seasoned security operations executive, Maryam will delve into the technical aspects of building and optimising a world-class SOC, including threat detection, incident response, and security analytics.
Takeaways:
30min
I am a seasoned security operations executive with extensive experience building world class (24/7) security operations centres from the ground, [...]
In this presentation, River will explore the intersection of data-driven leadership and human-centric leadership in cybersecurity. She’ll discuss how Chief Information Security Officers (CISOs) can leverage data analytics to inform strategic decisions while also building strong relationships with their teams and stakeholders. By combining these two approaches, CISOs can create a more comprehensive cybersecurity strategy that not only protects organisational assets but also fosters a culture of collaboration, trust, and innovation.
Key takeaways:
20min
A respected industry leader & advocate for women in Cybersecurity, Tech and Business, River is driven by inclusion, innovation, process [...]
In this session, Peter will explore the complexities of managing cyber security risks in a healthcare setting. With the increasing reliance on digital technologies, healthcare organisations face a unique challenge in protecting sensitive patient data while providing timely and effective care. Our speaker will share insights on strategies for mitigating cyber threats, ensuring regulatory compliance with Australian standards (e.g. My Health Record, Australian Digital Health Agency), and maintaining patient trust.
Key Takeaways:
20min
I am a cyber security and IT leader with over 20 years of experience across government, healthcare, academia, and telecommunications. I have a [...]
15:35
15min
Join us for an intimate fireside chat with Anna Aquilina, Chief Information Security Officer, UTS, a renowned cybersecurity expert and thought leader. As a seasoned CISO with extensive experience in driving cybersecurity strategy and innovation, Anna will share her insights on the evolving cyber threat landscape, the importance of diversity in cybersecurity, and the future of cybersecurity leadership.
Key Takeaways:
20min
An experienced and successful senior executive with broad and deep knowledge of the domestic and international dimensions of cyber security, [...]
Anthony Caruana has worked for almost every major masthead in the Australian IT press with his work appearing around the world. As an experienced [...]
As the cybersecurity landscape evolves at an unprecedented pace, this closing keynote panel will bring together industry leaders to discuss the transformative innovations reshaping the future of cybersecurity, the challenges that lie ahead, and the strategies CISOs must adopt to navigate this dynamic environment.
Key takeaways:
30min
Head of Security at Nuvei | Author | Co-Chair AWSN | Diversity & Inclusion Advocate | Cybersecurity Leader Madhuri is a hands-on [...]
I am an accomplished ‘Cyber Security Leader’ & Security Speaker with overall IT Security experience of more than 13 years including [...]
Manasseh Paradesi is an experienced CISO and executive advisor, known for delivering pragmatic, risk-based cybersecurity leadership across top-tier [...]
Anthony Caruana has worked for almost every major masthead in the Australian IT press with his work appearing around the world. As an experienced [...]
16:55
5min
Anthony Caruana has worked for almost every major masthead in the Australian IT press with his work appearing around the world. As an experienced [...]
17:00
60min
We invite only the leading international and local experts to provide sessions on site, this allows for attendees to be taught by front-line executives that compress years of meaningful experience into a systematic, well organised learning program.
Keeping in line with the main goal of the event in achieving new relationships, we provide a huge amount of networking opportunities for attendees through breakfast, luncheons, cocktails and informal introductions.
Allowing both buyers and sellers the opportunity to engage with one another onsite in a series of prearranged business meetings. These provide both parties a great opportunity to build new relationships by interacting face to face.
Being able to experience different sessions is what makes this event unique; whether you are looking to attend an interactive workshop, roundtable, 1-1 meeting or panel discussion.
Interacting face-to-face is still one of the most effective ways to do business. During lunch hour you will have the opportunity to do just that in a very relaxed atmosphere.
The summit is personalised for YOU, this means that what is important to your business is important to us. We create personalised itineraries around sessions you want to attend, allowing for your time to be spent wisely while out of the office.
Should you wish to attend this years upcoming 16th Australian CISO Leaders Summit on the 2nd of September 2025 at the Grand Hyatt Hotel in Melbourne, please purchase your tickets below
$1990
$1790
$1500
Some pictures from previous events.
Frank De Sa, Chief Information Officer, Just Group Limited The presentation was based around “Attitude, Language & Approach – Keys to […]
Panellists: Amanda Bennie, Head of Technology, Cbus Property John Tait, Head of Technology, T2 Tea SAR Raheem, APAC Region Manager, Security & […]
Jason Mantell, Director of Sales Engineering APAC, Cloudian Jason spoke about how Cloudian’s data immutability goes beyond protections […]
Damien Lewis, Sales Manager, ExtraHop A quantitative risk assessment is great for getting really precise about the potential financial impact, […]
– 20TH CENTURY FOX
– GENESYS
– OPTUS
DOMINO’S PIZZA CORPORATION
Grand Hyatt Melbourne
123 Collins St, Melbourne VIC 3000
Telephone: +61 (03) 9657 1234
Email Enquiries: melbourne.grand@hyatt.com
