
to engage with the country's leading IT Security professionals on the

standing committee and advisory board from
the country's most respected Security / IT Leaders.
These will be addressed over the course
of the CISO Leaders Summit Australia.
The summit program is a draft and is subject to change.
45min
08:45
5mins
08:55
5min
Recent supply chain attacks highlight the severe downstream consequences when a technology vendor is compromised. Supply chain attacks are increasingly being used as a vehicle for the most sophisticated and damaging attacks.
This presentation will highlight the vulnerabilities that are present in today’s supply chains. It will then discuss rapid detection and mitigation of supply chain attacks.
Key takeaways will include an understanding of supply chain vulnerabilities and ways to mitigate supply chain threats.
20min
Recently, we have seen a series of devastating ransomware attacks which have included attacks on critical infrastructure. We’ve also seen an increase in attacks on soft targets such as schools and hospitals.
Key discussion points in this panel will include, the reasons why the threat from ransomware is increasing and the best ways to mitigate ransomware risk.
30min
Passionate Information Security strategist, with proven expertise in Information Security Strategy & Governance, Business Engagement, [...]
The cornerstone of business resilience is building a cultural foundation that encourages people to work together. I work to strengthen [...]
A zero-trust approach requires a change of focus for organisations. It requires an assumption that breaches will occur as organisations evaluate current and desired cybersecurity posture, aligned with risk appetite.
This presentation will explain how to adopt a zero-trust approach and how it can be aligned with cybersecurity policies. Key takeaways will include an understanding of how to take a zero-trust approach and the benefits of zero-trust.
30min
10:35
15mins
Confusion remains around the segregation of responsibilities for cloud security. This leads to unnecessary vulnerabilities and potentially devastating attacks. Key discussion point in this roundtable are the elements of cybersecurity that are typically addressed by cloud service providers and the elements which must be managed by the customer.
30min
Too many companies focus purely on preventing all breaches and assume that all company resources remain inside corporate firewalls. As remote working and the use of multiple clouds becomes normal, this approach has become outdated.
Key discussion points in this roundtable include how companies need to move beyond a traditional preventive ‘castle and moat’ approach to cybersecurity, and how they can take a much more proactive approach.
30min
As companies start to embrace DevSecOps, developers will increasingly act as policy enforcers by building policy into code. Security by design will become more common as security programs align with DevOps to provide the automation required to secure complex technology environments. Developers will start to see baking security into code, not as an inconvenience, but as a critical part of creating new applications rapidly.
Key discussion points will include best practices in DevSecOps and embedding cybersecurity policies into code.
30min
Companies are struggling with increased cybersecurity complexity as they wrestle with a growing number of cybersecurity tools, typically operating independently of each other. A new approach is required where controls are integrated and policy is consistent.
This roundtable will discuss how a cybersecurity mesh can enable the centralised control of policies and the scaling of controls. It will also discuss how a cybersecurity mesh can offer greater flexibility and reliability.
30min
Confusion remains around the segregation of responsibilities for cloud security. This leads to unnecessary vulnerabilities and potentially devastating attacks. Key discussion point in this roundtable are the elements of cybersecurity that are typically addressed by cloud service providers and the elements which must be managed by the customer.
30min
Too many companies focus purely on preventing all breaches and assume that all company resources remain inside corporate firewalls. As remote working and the use of multiple clouds becomes normal, this approach has become outdated.
Key discussion points in this roundtable include how companies need to move beyond a traditional preventive ‘castle and moat’ approach to cybersecurity, and how they can take a much more proactive approach.
30min
As companies start to embrace DevSecOps, developers will increasingly act as policy enforcers by building policy into code. Security by design will become more common as security programs align with DevOps to provide the automation required to secure complex technology environments. Developers will start to see baking security into code, not as an inconvenience, but as a critical part of creating new applications rapidly.
Key discussion points will include best practices in DevSecOps and embedding cybersecurity policies into code.
30min
Companies are struggling with increased cybersecurity complexity as they wrestle with a growing number of cybersecurity tools, typically operating independently of each other. A new approach is required where controls are integrated and policy is consistent.
This roundtable will discuss how a cybersecurity mesh can enable the centralised control of policies and the scaling of controls. It will also discuss how a cybersecurity mesh can offer greater flexibility and reliability.
30min
The traditional network infrastructure model of centralised corporate data centres secured by on-premises network perimeters does not work today. Data that once resided in data centres is now in the cloud, on SaaS applications, and on endpoints.
This presentation will focus on the need for companies to transform and modernise their approach to cybersecurity, and adapt to the constantly changing threat landscape. Key takeaways will include, the benefits of a threat informed defence and the how to secure assets that sit outside the traditional network perimeter.
20min
Attacks on critical infrastructure have highlighted the vulnerabilities that emerge as operational technology converges with information technology. Greater digitalisation of the physical world combined with edge computing and new IoT technologies are accelerating the pace of this convergence.
This presentation will discuss the blending of information technology with operational technology and the new threats that this brings, particularly with reference to critical infrastructure.
Key takeaways will include an explanation of the types of vulnerabilities that operational technology presents and the best practices in mitigating the risk of attacks on operational technology.
20min
Banking security into code is critical for securing applications. To do this effectively, DevOps teams also need to work with security teams. This presentation will discuss the importance of baking security into code and best practices in ‘shifting left’. Key discussion points will include,
20min
13:05
40min
The pandemic experience and changing labour market has reset work norms, while often distracting leaders from the fundamentals of productivity.
This session will provide CIOs clarity of the human-centric work practices that make IT employees more productive and high-performing.
20min
Too many companies focus purely on preventing all breaches and assume that all company resources remain inside corporate firewalls. As remote working and the use of multiple clouds becomes normal, this approach has become outdated. Key discussion points in this roundtable include how companies need to move beyond a traditional preventive ‘castle and moat’ approach to cybersecurity, and how they can take a much more proactive approach.
30min
30min
Sudhakar is a Cyber Security professional with over 19 years of experience in managing risk, architecting security solutions, developing strategy [...]
15:20
15min
The Secure Access Service Edge (SASE) approach to cybersecurity has given way to SSE. SSE accommodates changing working patterns and wider cloud usage.Key takeaways from this presentation will include the importance of SSE platforms as remote working and cloud usage become more widespread and the importance of integrating multiple cloud cybersecurity services in the cloud
20min
Organisations need to take a forward-leaning proactive approach to cybersecurity. They need to minimise attacks by identifying them and responding to them before any damage is caused. Threat hunting requires the use of automation and AI to be effective. It also needs access to the best sources of threat intelligence.
This panel will discuss best practices in threat hunting and how companies can become the hunters instead of being the hunted
30min
I have years of progressive consulting experience working on a myriad of projects. My experience entails industries such as Financial Services, [...]
Holding proven success in building a best-in-class cyber security capability and culture in, Australia Post, a diverse organisation that has [...]
Daniel Muchow joined La Trobe Financial in February 2023 as Head of Cyber Risk and Security. Prior to La Trobe Financial Daniel was a Director [...]
Experienced Executive Manager, Chief Technology Officer (CTO) and CISO, with a demonstrated history of working in the financial services [...]
No company can eliminate all breaches. Instead, companies can focus on mitigating risk by minimising the damage and breach can cause. Increasingly, companies are implementing multiple layers of controls.
Key takeaways from this presentation will be the need for multiple complementary controls to manage risk and how a defence in depth approach can be implemented.
20min
Sourish is a strategic, result-oriented Security & Risk Management Leader with two decades of global experience in leading security [...]
5min
17:00
60min
45min
08:45
5min
Tyron McGurgan is an accomplished entrepreneur, media specialist, and events professional with over 17 years of experience in the industry. He is [...]
08:50
5min
Anthony Caruana has worked for almost every major masthead in the Australian IT press with his work appearing around the world. As an experienced [...]
This presentation will explore the current state of cybersecurity in Australia and the challenges and opportunities facing Chief Information Security Officers (CISOs) in today's rapidly evolving threat landscape. Drawing on the latest industry research and analysis by Focus Network analysts, the presentation will provide insights into the key trends and emerging technologies that are shaping the CISO role.
During this session we will delve deeper into areas that cover:20min
Mr. Marc Einstein has over 20 years of telecommunications and digital media industry experience as an analyst, market researcher and consultant. [...]
Recently, we have seen a series of devastating ransomware attacks which have included attacks on critical infrastructure. We’ve also seen an increase in attacks on soft targets such as schools and hospitals.
Key discussion points in this panel will include, the reasons why the threat from ransomware is increasing and the best ways to mitigate ransomware risk.
30min
A recognised industry practitioner with extensive senior leadership, cyber security, technology risk and engineering experience in government, [...]
With over 18 years' experience in IT, Daniela Fernandez is a cyber security and analytics leader, who values integrity, diversity of thought, [...]
Santanu has over 28 years of experience in management of Cyber Security, Risk, and IT. He has proven expertise and skills in Project Management, [...]
Kevin is a CISO leader in the Australian Digital Banking sector and a seasoned information security veteran in the financial services industry. [...]
Cloud adoption is expanding rapidly, and with that expansion comes new complexities. The speed of growth and change in the cloud creates an ever-changing threat landscape. Wiz Research is at the forefront of the cloud's threat landscape and is behind the discovery of vulnerabilities like ChaosDB, ExtraReplica, AttachMe and OMIGOD. In this session, we will cover the major cloud threats recently seen by the Wiz Research team which includes supply chain risks, data exposure, API security threats, and attack patterns used by groups such as LAP$U$. This session summarizes key insights across customers, Wiz and third-party threat research, and numerous other sources.
30min
Matt Preswick is the Enterprise Solutions Engineer for Wiz in APJ, with experience in network, email and cloud security at leading security [...]
10:35
15min
30min
Greg’s background covers almost 20 years of IT sales experience, with the last 7 years laser focused on cyber security sales and consulting. As [...]
Kyle Bunting leads the Lenovo AP Cybersecurity team. With over 20 years of security, Cloud, SaaS and infrastructure experience, he manages [...]
30min
[...]
As the use of cloud infrastructure (IaaS and PaaS) continues to soar within organizations, security teams struggle to scale to the needs of the business due to fragmented cloud security stacks and the visibility gaps that persist, making organizations vulnerable to compliance breaches and security threats. With researchers expecting an increase in breaches due to the growing use of cloud services and associated misconfigurations, the existing shortcomings leave organizations with an inability to scale securely. In this session, you will learn how to take a new approach to cloud security by simplifying your security stack and using a new cloud security operation model. Objectives
• Best-in-class approach to cloud security – Our customers journey with Wiz
• Importance of key relevant personas needed to be involved in the new cloud security operation model
• Insights into technologies would be useful to stay in control
30min
Matt Preswick is the Enterprise Solutions Engineer for Wiz in APJ, with experience in network, email and cloud security at leading security [...]
Scott is an accomplished business leader with over 20 years of experience in the technology industry. As the Regional Head of APJ for Wiz - a [...]
30min
[...]
30min
Greg’s background covers almost 20 years of IT sales experience, with the last 7 years laser focused on cyber security sales and consulting. As [...]
Kyle Bunting leads the Lenovo AP Cybersecurity team. With over 20 years of security, Cloud, SaaS and infrastructure experience, he manages [...]
30min
[...]
As the use of cloud infrastructure (IaaS and PaaS) continues to soar within organizations, security teams struggle to scale to the needs of the business due to fragmented cloud security stacks and the visibility gaps that persist, making organizations vulnerable to compliance breaches and security threats. With researchers expecting an increase in breaches due to the growing use of cloud services and associated misconfigurations, the existing shortcomings leave organizations with an inability to scale securely. In this session, you will learn how to take a new approach to cloud security by simplifying your security stack and using a new cloud security operation model. Objectives
• Best-in-class approach to cloud security – Our customers journey with Wiz
• Importance of key relevant personas needed to be involved in the new cloud security operation model
• Insights into technologies would be useful to stay in control
30min
Matt Preswick is the Enterprise Solutions Engineer for Wiz in APJ, with experience in network, email and cloud security at leading security [...]
Scott is an accomplished business leader with over 20 years of experience in the technology industry. As the Regional Head of APJ for Wiz - a [...]
30min
[...]
The traditional network infrastructure model of centralised corporate data centres secured by on-premises network perimeters does not work today. Data that once resided in data centres is now in the cloud, on SaaS applications, and on endpoints.
This presentation will focus on the need for companies to transform and modernise their approach to cybersecurity, and adapt to the constantly changing threat landscape. Key takeaways will include, the benefits of a threat informed defence and the how to secure assets that sit outside the traditional network perimeter.
30min
Matt is responsible for Australian Cyber Security Centre’s (ACSC) incident management functions, including digital forensics, incident response [...]
Our digital footprint relies on passwords. They allow employees, partners, and sometimes customers to access a broad range of tools and systems that enable them to work, collaborate, and transact. However, passwords are also notoriously weak as a security tool, statistics from reports such as the 2022 annual Verizon DBIR show that approximately 80% of breaches are related to credential theft.
To address this issue, Governments in the Asia Pacific region are now recommending the use of password managers to generate complex passwords automatically. Join this session to gain insights into regional cybersecurity trends, understand how human behaviour and organisational culture can lead to cyber threats like phishing, stolen or compromised credentials, and ransomware, and witness how LastPass can fortify your organisation's security posture.30min
The explosion of Machine Learning technology, materials technology and advanced controls systems has seen robots enter our lives in meaningful ways. Whether it is chatbots for customer services, robot vacuums, self-driving cars or autonomous drones; robots are in our hands, our lives and flying over our heads.
In this presentation we will cover the explosion of robotic technology, a quick understanding of machine learning and then dive deep into Magic to understand how we hack the human mind and our robot servants. It isn’t all bad news though, we will also explore ways of protecting robots from hackers.
20min
Brad is a CISO and Non Executive Director with experience in Cyber, Agile, DevOps, Digital, Cloud and IT Governance. He focuses on explaining [...]
13:40
40min
This session provides insights on how Secure by Design is a proactive and effective approach to security practice that can help organizations prevent security breaches, save time and money, improve user experience, comply with security standards, and protect their reputation.
30min
I have over 27 years of experience providing secure industry best practice IT solutions to organisations within FMCG, food manufacturing, financial [...]
30min
An aspiring CISO with 20 years' experience of defining IT Strategies and successfully leading large-scale Cyber Security & GRC portfolios in [...]
Organisations need to take a forward-leaning proactive approach to cybersecurity. They need to minimise attacks by identifying them and responding to them before any damage is caused. Threat hunting requires the use of automation and AI to be effective. It also needs access to the best sources of threat intelligence.
This panel will discuss best practices in threat hunting and how companies can become the hunters instead of being the hunted.
30min
An experienced and successful senior executive with broad and deep knowledge of the domestic and international dimensions of cyber security, [...]
Bio Coming [...]
Bio coming [...]
Maxime is a cyber security leader with strong business acumen mixed with top-tier technical expertise. He has forged his expertise from [...]
Mr. Marc Einstein has over 20 years of telecommunications and digital media industry experience as an analyst, market researcher and consultant. [...]
Modernising the SOC involves moving away from traditional manual processes to a more automated approach that integrates threat intelligence and network monitoring tools.
This can help to identify and respond to threats more quickly and reduce false positives, freeing up analysts to focus on higher-level tasks.
Adapting technologies like SIEM, UEBA, and SOAR enable SOC teams to aggregate, correlate, and analyse security data from multiple sources in real-time, and automate routine tasks. The goal is to augment and assist human analysts, not replace them entirely.
Join this session to unpack.
20min
Experienced Cyber Security Specialist with a demonstrated history of working in the Consulting, Banking, oil & energy industries. [...]
5min
Anthony Caruana has worked for almost every major masthead in the Australian IT press with his work appearing around the world. As an experienced [...]
16:40
50min
We invite only the leading international and local experts to provide sessions on site, this allows for attendees to be taught by front-line executives that compress years of meaningful experience into a systematic, well organised learning program.
Keeping in line with the main goal of the event in achieving new relationships, we provide a huge amount of networking opportunities for attendees through breakfast, luncheons, cocktails and informal introductions.
Allowing both buyers and sellers the opportunity to engage with one another onsite in a series of prearranged business meetings. These provide both parties a great opportunity to build new relationships by interacting face to face.
Being able to experience different sessions is what makes this event unique; whether you are looking to attend an interactive workshop, roundtable, 1-1 meeting or panel discussion.
Interacting face-to-face is still one of the most effective ways to do business. During lunch hour you will have the opportunity to do just that in a very relaxed atmosphere.
The summit is personalised for YOU, this means that what is important to your business is important to us. We create personalised itineraries around sessions you want to attend, allowing for your time to be spent wisely while out of the office.
Should you wish to attend this years upcoming 12th Australian CISO Leaders Summit on the 5th September 2023, Melbourne, please purchase your tickets below
$1990
$1790
$1500
Some pictures from previous events.
– 20TH CENTURY FOX
– GENESYS
– SHOOTSTA
TRAVERS STOW – SIGMA HEALTHCARE
RACV City Club, Melbourne
501 Bourke St, Melbourne VIC 3000
Telephone: +61-3-9944-8888
Enquiries: Click here