CISO Brisbane schedule

In this 10-minute networking session, the goal is to connect with three new people. Let the questions on the screen spark your conversation. Enjoy the opportunity to expand your network!

• Evolving the CISO Role from a technical expert to a strategic leader by balancing accountability
• Navigating board expectations, budget constraints and regulatory pressures
• Fostering sustainable leadership in high-risk environments

• Introduction – What is ransomware? Why is it a growing threat?
• Attack Lifecycle – How ransomware infiltrates, spreads, and executes.
• Real-World Case Studies  – Lessons from high-profile ransomware attacks.
• Prevention & Defence Strategies – Zero Trust, threat intelligence, and security best practices.
• Incident Response & Recovery – What to do if you’re hit and how to recover quickly.

• Viewing cyber security as not just as a protective measure but as an enabler for business innovation and trust
• Aligning business strategy with key security outcomes and targets to strengthen overall organizational maturity
• Delivering prudent, risk-based security outcomes to enable business change while achieving compliance targets

• Fostering a ‘security-first’ culture and leveraging tools to reduce human error effectively
• Highlighting the importance of collaborative efforts and community initiatives to enhance awareness of phishing and newer threats
• Transforming the ‘weakest link’ narrative into a culture of accountability and vigilance
  

Moderator

Guillaume Noé Executive Director Cyber Resilience Queensland Government

Panellists:

Glen Gooding Head of Information Security WorkCover Queensland

Nikki Peever Director Cyber Security CAUDIT

Rob Wiggan Senior Cyber Security Advisor

In today's digital world, security challenges are evolving rapidly. As Australia aims for ambitious security goals, the need for cost-effective solutions is rising. Domain Name System (DNS) technology holds immense potential yet many organisations don't fully understand its role in security.

We will highlight DNS vulnerabilities, threats exploiting the protocol and security approaches using DNS to defend against cyber threats. Learn about DNS's importance, vulnerabilities and how to leverage it for defence, gaining insights into threat detection and mitigation to bolster your security posture.

• Breaking down Australia’s evolving cyber security regulations and how organizations can stay compliant.
• Supporting businesses of all sizes with practical strategies for stronger security postures
• Moving beyond IT silos—positioning cyber security as a business enabler, not just a cost centre
• Building a security-first mindset that integrates cyber risk into corporate strategy, financial planning, and digital transformation

• Transforming legislative compliance into proactive organizational culture
• Bridging gaps in maturity with practical steps for CISOs to align with boards
• Preparing for upcoming changes in privacy laws, from stricter enforcement to aligning with global frameworks like GDPR

• How to build and maintain a robust ransomware response plan.
• The most effective strategies for containment, recovery, and resilience.
• Insights into current and emerging ransomware trends.
  
  

• Developing an organisational AI roadmap that enhances cyber security resilience and business alignment.
• Leveraging AI for efficiency while maintaining ethical decision-making and control.
• Implementing AI in cyber security while ensuring transparency, fairness, and regulatory adherence.
• Showcasing how organisations are leveraging AI to transform their security strategies.

• Ensuring the ethical stewardship of sensitive information
• Showcasing the current regulatory landscape and its influence on data protection practices
• Key considerations for CISOs in safeguarding data, access control and monitoring of data

• Understanding AI's dual role: as a tool for defense and an enabler of sophisticated attacks.
• Examining real-world examples of AI-driven phishing, deepfakes, and targeted cyber campaigns
• How Australian organizations can use AI responsibly to strengthen their cyber security programs.

Moderator

Gaurav Vikash Head of Security and Risk AXON

Panellists

Ben Kereopa Yorke Senior Security Consultant – Artificial Intelligence nbn Australia

Michael Poezyn Chief Security Officer Derivco

Andy Vadlamani Head of Information Security Compare the Market

• Reframing cyber security awareness to make employees active participants, not liabilities.
• Creating cost-effective campaigns and maximizing the impact of cyber-awareness
• Tactics for shifting mindsets and engaging an indifferent workforce while maintaining compliance.
• Moving beyond the “weakest link” narrative to drive a culture of shared cyber responsibility.

• How to use current threat intelligence to identify and counter emerging adversaries and attack methods
• Integrating threat models with your organization’s risk management framework to make data-driven decisions and strengthen defences
• Leveraging real-time threat intelligence to anticipate and counter advanced cyber adversaries

• CPS 230: Addressing APRA’s new operational risk standard for enhanced governance and incident management in critical sectors.
• AML Reform Act: Ensuring seamless compliance with stricter reporting standards
• Mitigating reputational risks from weak enforcement and exploring practical strategies to integrate these frameworks for operational efficiency
• Complying with CPS 234, CPG 234, CPG 235, and other standards such as ISO27001, NIST and Essential 8

Moderator

Ryan Ko Director of Research/Founding Director of UQ Cyber Research Centre The University of Queensland 

Panellists

Jeremy Leong Chief Risk Officer, Head of Risk and Compliance Taishin International Bank – Brisbane Branch

Ejaz Ahmed Cyber Security Operations Lead Airservices Australia

Richard Carter Head of Cyber and Information Security Brighter Super

• Optimise Security, Cut Costs – Improve security while reducing spend.
• Modernize Data Infrastructure – Shift from static to flexible, composable architectures.
• Future-Proof IT & Security – Adapt strategies to stay resilient for the next decade.

As the industry evolves, maintaining continuity while managing legacy systems is crucial. This session will explore how can ensure business continuity by implementing robust backup strategies and addressing the risks of outdated systems. We’ll discuss how legacy systems may fall short of modern cyber security standards and share insights on upgrading infrastructure to safeguard client data and ensure seamless operations within critical infrastructure.

Moderator

Dan Haagman CEO, Chaleit & Honorary Professor of Practice Murdoch University

Panellists

Marc Reinhardt Director, Cyber Security and IT Risk ICON Group

John Heaton Head of Strategy and Innovation Alex Bank

James Court Chief Security Officer Cleanaway Waste Management

During this session, we will show you just how easily your company’s sensitive data can be exposed using Microsoft Copilot with simple prompts. We will share practical steps and strategies to ensure a secure Microsoft Copilot rollout and prevent prompt hacking data exposure.

A quick, 5-minute dive into the key findings from Cythera’s latest CISO survey, highlighting the top trends and insights shaping the future of cyber security leadership.

• Fostering mental resilience in cyber teams, balancing workload and maintaining focus during high stakes crises.
• Highlighting the importance of mentorship, peer support and resources for CISOs
• The role of CISOs in shaping policies, standards, and global cyber security initiatives for mental health

Moderator

Michael Newman Honorary Professor of Practice University of Queensland

Panellists
Stephen Bennett CISO Domino’s
Amanda Pinaud Cyber Security Manager Megaport
Gabriela Guiu-Sorsa Community Founder and Mentor Cyber Security Champions of Tomorrow

• Best practices for vetting and securing third, fourth, and fifth parties, ensuring that all links are protected
• Strengthening collaboration and establishing comprehensive cyber security standards that cover all levels of the supply chain, from small businesses to large enterprises
• Strengthening supply chain security by ensuring continuity, and mitigating risks that stem from interconnected business relationships