CISO Canberra schedule

In this 10-minute networking session, the goal is to connect with three new people. Let the questions on the screen spark your conversation. Enjoy the opportunity to expand your network!

As Australia transitions from Horizon 1 to Horizon 2 of the 2023–2030 Cyber Security Strategy, government systems play a foundational role in setting the security standard for the broader economy. This keynote reflects on the lessons learned from early implementation—what’s working, what’s been challenging—and outlines how the federal government is uplifting its own posture to build trust, improve interoperability, and support national resilience.

Join Andrew Brydon, Field CTO at HashiCorp, as he shares a Zero Trust playbook for CISOs to accelerate innovation without compromising compliance. Learn how identity-driven security, automation, and policy-as-code can secure multi-cloud environments, meet sovereignty requirements, and enable teams to move faster while staying audit-ready.

This panel explores the practical and legal realities of adopting AI in government without binding regulatory standards. Examining where risk and opportunity intersect, how organisations are applying voluntary frameworks, and why future AI regulations must reflect not just ethical intent, but technical reality ensuring accountability, transparency, and trust in the event of a cyber incident.

• Who is winning in the AI race – defenders or attackers?
• How does your organisation define AI? Gen AI, predictive models, automation etc
• What indicators or benchmarks can help evaluate AI readiness?
• How can you utilise frameworks to rightfully apply governance?
• What would meaningful regulation look like?

Moderator: 

Chui Yong  Assistant Secretary - Cyber Security and Desktop Services AS Office Department of Agriculture Fisheries and Forestry

Panellists:

Tony Castley CTO & CISO Department of Infrastructure, Transport, Regional Development, Communications and the Arts

Jamie Rossato CISO CSIRO

Krishna Bagla Manager Cyber Security Operations & Implementation NSW Education Standards Authority

Federal agencies face relentless cyber threats while navigating complex mandates like the PSPF, ASD Essential Eight, and SOCI Act. This session explores how BigFix enables sovereign, on-premises control of endpoints with real-time patching and compliance automation. We will discuss how government organizations can strengthen cyber resilience, streamline audits, and safeguard sensitive national data.

This panel discusses considerations for ensuring secure, timely, and transparent information sharing between government agencies and external partners to build trust.

• What are the biggest barriers to securely sharing data across government agencies in a timely manner – technical, legal or cultural?
• Who owns the risk when data is shared, and how clear are those responsibilities in practice?
• What role should cyber and legal teams play in enabling secure data sharing, both internally and across third-party systems?
• What does good governance look like in a multi-stakeholder environment, and are we close to achieving it?

Moderator:

Sandeep Taileng Information Security Officer State Trustees

Panellists:

Rose MacDonald Board member & Director Australian Risk Policy Institute

Winston Fernando Head of Cyber Security & Compliance Darebin City Council

“Defenders think in lists, attackers think in graphs, and as long as this continues attackers win” – JLambert (Microsoft). 

Join us for an insightful look at how AI Powered Security Graphs are revolutionising breach identification, helping reframe detection in a decentralised world, represent a vital component of defenders’ security observability and are transforming breach containment into board-level resilience.

A cyber-conscious mindset and security-aware culture are non-negotiable. It is not just about ticking boxes with e-learning or phishing tests. Real success is when cyber security becomes second nature—when people instinctively make safer choices and even share tips with family and friends. That’s when culture truly sticks. This session explores practical ways to embed that mindset and turn everyday behaviours into security habits.

This session will dive deep into the challenges and threats faced by the modern environments, how to govern and practice identity hygiene and how AI can assist with the securing identity landscapes quicker.

AI has become more adept at resembling human behaviour and quantum computing pushes the limits of what’s possible. It is critical to understand the vulnerabilities these emerging technologies introduce. This presentation explores how AI-driven innovations and disruptive technologies are reshaping risk, trust, and identity in the public sector and what today’s cyber leaders must do to prepare.

One of the critical challenges when organisations transition to a Zero Trust security model is the need to modernise legacy systems. Traditional security measures, such as firewalls, are no longer enough, and Zero Trust with micro-segmentation is essential to secure networks from the inside out. This session will explore the practical steps and strategies required to update ageing infrastructures while maintaining operational continuity.

One of the critical challenges when organisations transition to a Zero Trust security model is the need to modernise legacy systems. Traditional security measures, such as firewalls, are no longer enough, and Zero Trust with micro-segmentation is essential to secure networks from the inside out. This session will explore the practical steps and strategies required to update ageing infrastructures while maintaining operational continuity.

Driving real investment and informed decisions, cyber leaders need to communicate cyber risk in terms that stakeholders understand the impact, likelihood, and cost. This panel examines a range of frameworks and methods to explore how to make cyber risk measurable, actionable, and meaningful and how to choose the right approach for your organisation.

• What does it mean to quantify cyber risk in a way that resonates with both technical and non-technical stakeholders?
• What are some of the most effective frameworks or models and how do you decide which one works best for your organisation?
• How can organisations move beyond generic risk scores and articulate the real financial impact of a cyber incident, including costs like reputational damage and public trust loss?
• How can quantifying cyber risk effectively drive investment in cyber security and help prioritise spending in a way that aligns with overall organisational strategy?

Moderator:

Jamie King CISO Australian Federal Police

Panellists:

Jagdish Mehra National Manager Cyber Strategy, Governance and Engagement Services Australia

Jonathan Dean Defence CISO Department of Defence

Toby Amodio Cyber Security Practice Lead Fujitsu

Nation-state cyber threats are growing in frequency and sophistication, increasingly targeting critical infrastructure and government systems. This panel will delve into the current challenges and necessary steps to strengthen coordination, improve threat intelligence sharing, and build a comprehensive approach to cyber resilience.

• How are we defining and moving closer to a truly unified, nationwide cyber defence against state-based threats?
• What are we doing to close the coordination gaps between governments and private entities?
• What has been done to improve threat intelligence sharing and incident response protocols to strengthen intergovernmental collaboration?
• How are we enabling a “whole-of-nation” approach to cyber resilience?
• What one action is your organisation prioritising in the next 12 months to improve national cyber coordination

Moderator: 

Michael Frater Chair Canberra Cyber Hub

Panellists:

Jamie King CISO Australian Federal Police

Marnie Fraser Assistant Secretary Digital Strategy and Architecture; CISO Department of the Prime Minister and Cabinet

Nishant Rao Head of Resilience Taskforce and Director of Hosting Certification Framework Department of Home Affairs

Continue the conversations in a fun and entertaining way.