CISO Brisbane schedule

In this 10-minute networking session, the goal is to connect with three new people. Let the questions on the screen spark your conversation. Enjoy the opportunity to expand your network!

• Evolving the CISO Role from a technical expert to a strategic leader by balancing accountability
• Navigating board expectations, budget constraints and regulatory pressures
• Fostering sustainable leadership in high-risk environments

• Introduction – What is ransomware? Why is it a growing threat?
• Attack Lifecycle – How ransomware infiltrates, spreads, and executes.
• Real-World Case Studies  – Lessons from high-profile ransomware attacks.
• Prevention & Defence Strategies – Zero Trust, threat intelligence, and security best practices.
• Incident Response & Recovery – What to do if you’re hit and how to recover quickly.

• Viewing cyber security as not just as a protective measure but as an enabler for business innovation and trust
• Aligning business strategy with key security outcomes and targets to strengthen overall organizational maturity
• Delivering prudent, risk-based security outcomes to enable business change while achieving compliance targets

• Fostering a ‘security-first’ culture and leveraging tools to reduce human error effectively
• Highlighting the importance of collaborative efforts and community initiatives to enhance awareness of phishing and newer threats
• Transforming the ‘weakest link’ narrative into a culture of accountability and vigilance
  

Moderator

Guillaume Noé Executive Director Cyber Resilience Queensland Government

Panellists:

Glen Gooding Head of Information Security WorkCover Queensland

Nikki Peever Director Cyber Security CAUDIT

Rob Wiggan Senior Cyber Security Advisor

In today's digital world, security challenges are evolving rapidly. As Australia aims for ambitious security goals, the need for cost-effective solutions is rising. Domain Name System (DNS) technology holds immense potential yet many organisations don't fully understand its role in security.

We will highlight DNS vulnerabilities, threats exploiting the protocol and security approaches using DNS to defend against cyber threats. Learn about DNS's importance, vulnerabilities and how to leverage it for defence, gaining insights into threat detection and mitigation to bolster your security posture.

In this facilitated session, teams will be presented with a cyber incident scenario and tasked with forming a response under time constraints. Explore how different leadership styles, instincts, and strategies play out when the heat is on.

What would you do if your CEO’s calendar vanishes and your SOC flags suspicious login activity? In this 25-minute challenge, each table becomes a mini-incident response team. Collaborate, investigate, and present your final theory.

What would you escalate, who would you call, and what lessons would you walk away with?

• Transforming legislative compliance into proactive organizational culture
• Bridging gaps in maturity with practical steps for CISOs to align with boards
• Preparing for upcoming changes in privacy laws, from stricter enforcement to aligning with global frameworks like GDPR

In the modern enterprise responding to cyber threats is harder than ever.  Even the largest businesses with vast resources are getting breached. 

In this session we'll discuss a new approach to detect and respond faster, to help keep enterprises running even when a breach occurs, and how we can stay one step ahead of the most advanced threat actors.

• Developing an organisational AI roadmap that enhances cyber security resilience and business alignment.
• Leveraging AI for efficiency while maintaining ethical decision-making and control.
• Implementing AI in cyber security while ensuring transparency, fairness, and regulatory adherence.
• Showcasing how organisations are leveraging AI to transform their security strategies.

As organizations accelerate digital transformation initiatives, they face mounting pressure to harmonize rapid software delivery with robust security measures. This session explores how the convergence of DevSecOps, Artificial Intelligence, and Value Stream Management (VSM) creates a comprehensive framework for secure, efficient software development.

We'll examine practical strategies for integrating AI-powered security controls into development pipelines, leveraging VSM metrics to optimize security processes, and building resilient software supply chains. 

Join us to unlock a seamless delivery pipeline, fortified security, and enhanced business value amidst the ever-evolving threat landscape.

• Understanding AI's dual role: as a tool for defense and an enabler of sophisticated attacks.
• Examining real-world examples of AI-driven phishing, deepfakes, and targeted cyber campaigns
• How Australian organizations can use AI responsibly to strengthen their cyber security programs.

Moderator

Gaurav Vikash Head of Security and Risk AXON

Panellists

Michael Poezyn Chief Security Officer Derivco

Andy Vadlamani Head of Information Security Compare the Market

Adam Plotnikov Senior Solutions Engineer BigID

• Reframing cyber security awareness to make employees active participants, not liabilities.
• Creating cost-effective campaigns and maximizing the impact of cyber-awareness
• Tactics for shifting mindsets and engaging an indifferent workforce while maintaining compliance.
• Moving beyond the “weakest link” narrative to drive a culture of shared cyber responsibility.

Digital innovation isn’t optional—it’s the engine of modern business growth, driving sharper customer experiences, operational efficiency, and bottom-line impact. But this momentum comes with risk. As organisations accelerate transformation, cybersecurity must evolve just as fast.

In this session, we unpack how security leaders can move from blockers to enablers—managing emerging risks, embedding structured resilience, and using AI to fuel secure innovation at scale.

Key Takeaways:

• Managing Cyber Risks in Digital Transformation – Identify and mitigate the fast-evolving threats that come with rapid innovation and tech adoption.
• Proactive Risk Assessment – Use structured, risk-based methods to boost resilience, maximise return on security investments, and ensure compliance.
• AI for Cyber Defence & Innovation – Harness AI not just to defend, but to accelerate secure innovation—automating response, reducing risk, and enabling scale.

• CPS 230: Addressing APRA’s new operational risk standard for enhanced governance and incident management in critical sectors.
• AML Reform Act: Ensuring seamless compliance with stricter reporting standards
• Mitigating reputational risks from weak enforcement and exploring practical strategies to integrate these frameworks for operational efficiency
• Complying with CPS 234, CPG 234, CPG 235, and other standards such as ISO27001, NIST and Essential 8

Moderator

Ryan Ko Director of Research/Founding Director of UQ Cyber Research Centre The University of Queensland 

Panellists

Jeremy Leong Chief Risk Officer, Head of Risk and Compliance Taishin International Bank – Brisbane Branch

Ejaz Ahmed Cyber Security Operations Lead Airservices Australia

Richard Carter Head of Cyber and Information Security Brighter Super

• Optimise Security, Cut Costs – Improve security while reducing spend.
• Modernize Data Infrastructure – Shift from static to flexible, composable architectures.
• Future-Proof IT & Security – Adapt strategies to stay resilient for the next decade.

As the industry evolves, maintaining continuity while managing legacy systems is crucial. This session will explore how can ensure business continuity by implementing robust backup strategies and addressing the risks of outdated systems. We’ll discuss how legacy systems may fall short of modern cyber security standards and share insights on upgrading infrastructure to safeguard client data and ensure seamless operations within critical infrastructure.

Moderator

Dan Haagman CEO Chaleit 

Panellists

Marc Reinhardt Director, Cyber Security and IT Risk ICON Group

John Heaton Head of Strategy and Innovation Alex Bank

James Court Chief Security Officer Cleanaway Waste Management

During this session, we will show you just how easily your company’s sensitive data can be exposed using Microsoft Copilot with simple prompts. We will share practical steps and strategies to ensure a secure Microsoft Copilot rollout and prevent prompt hacking data exposure.

A quick 5-minute dive into how Cythera leverages security automation to dramatically reduce response times and eliminate noise, enabling our security operations team to focus on what truly matters—real threats and meaningful customer engagement.

• Fostering mental resilience in cyber teams, balancing workload and maintaining focus during high stakes crises.
• Highlighting the importance of mentorship, peer support and resources for CISOs
• The role of CISOs in shaping policies, standards, and global cyber security initiatives for mental health

Moderator

Sanja Marais CTSO Aspen Medical

Panellists
Stephen Bennett CISO Domino’s
Amanda Pinaud Cyber Security Manager Megaport
Gabriela Guiu-Sorsa Community Founder and Mentor Cyber Security Champions of Tomorrow

• Best practices for vetting and securing third, fourth, and fifth parties, ensuring that all links are protected
• Strengthening collaboration and establishing comprehensive cyber security standards that cover all levels of the supply chain, from small businesses to large enterprises
• Strengthening supply chain security by ensuring continuity, and mitigating risks that stem from interconnected business relationships