<img height="1" width="1" style="display:none" alt="" src="https://www.facebook.com/tr?id=367542720414923&amp;ev=PageView&amp;noscript=1">

    Not Found


  • 08:00

    Register; grab a coffee. Mix, mingle and say hello to peers old and new.

  • 08:50
    Elliot Tempest

    Welcome from Corinium and the Chairperson

    Elliot Tempest - Cyber Security Assurance Specialist - Silverchain

  • 09:00
    Mike Laytham-1

    Opening Keynote: A cyber security journey – taking a holistic approach from transformation to maturity

    Mike Laytham - General Manager, Global Networks and Security - Commonwealth Bank

    As the severity of scams and fraud increases and cybercrime becomes more sophisticate than ever, staying ahead of the game is critical. During this session, you’ll hear what a successful cybersecurity journey and transformation look like at one of Australia’s largest banks.
  • 09:25
    Cameron Townshend-1

    Shielding Your Company: Safeguarding the SDLC from Malware

    Cameron Townshend - Principal Architect - Sonatype


    Cameron delves into the realm of upstream supply chain attacks, examining the latest regulatory developments worldwide. He then explores proactive measures organizations can adopt to thwart malware infiltration into their Software Development Life Cycle (SDLC), along with strategies for staying compliant with upcoming regulations.

  • 09:50
    Robbie Whittome_Photo-2

    Keynote: The evolving role of CISOs – leading and delivering digital identity programs

    Robbie Whittome - CISO - Curtin University


    Digital identity is a key enabler for secure, agile, accessible and evolving digital services. In a world where cyber threats are constantly evolving and customers demand seamless online experiences, CISOs play a vital role in leading and delivering digital identity programs that meet the needs of both the organisation and their stakeholders. 
    Robbie Whittome, CISO of Curtin University, will share his journey and insights on how he successfully led the delivery of a transformational digital identity program for his organisation. He will also discuss the role of partners in improving success outcomes and return on investment. 

  • 10:15
    Joe Gillet-1

    How to Strengthen Your Organisation's Last Line of Defense: Your Human Firewall

    Joe Gillett - Head of Australia and New Zealand - KnowBe4


    Social Engineering attacks, in the form of phishing, business email compromise, and ransomware attacks are becoming ever more commonplace. The number of cyberattacks that start by manipulating a human into allowing access to protected systems or sensitive information steadily increases.
    Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defence. This session will help you better understand how you can keep your users on their toes with security top of mind. It will also include a product demonstration of the innovative Kevin Mitnick Security Awareness Training Platform, which will show how easy it is to train and phish your users:

    • Send fully automated simulated phishing attacks, using thousands of customisable templates with unlimited usage.
    • Train your users with access to the world's largest library of always-fresh awareness training content.
    • AI-driven phishing and training recommendations based on your users' phishing and training history.
    • Use assessments to gauge proficiency of your users in security knowledge and security culture attitudes.
    • Easy user management using Active Directory or SCIM integration.
  • 10:40


  • 11:10
    Kath Forward

    Australia’s Cyber Security Strategy and the work of the CSRCU

    Kath Forward - Assistant Director, Cyber Security Outreach - National Office of Cyber Security

  • 11:35
    Steve Molloy

    Harnessing Global Threat Intelligence to Stay Ahead of the Game

    Steve Molloy - Principal Solutions Engineer - Cloudflare


    By consolidating threat feeds from a global source of intel, businesses can swiftly adapt security configurations to counter emerging risks. This streamlined approach simplifies security management across diverse systems, empowering proactive defense against evolving cyber threats. Join us as we explore how this integration enhances organizational resilience and fortifies digital assets against today's dynamic threat landscape.

  • 12:00
    Panel Discussion-1

    Panel: Convergence of physical and cyber – improving the security of assets and networks

    • How to overcome legacy challenges when compliance costs become too great
    • Strategies to overcoming the increase of cyber risk to industrial control.
    • Adopting cybersecurity strategies across your ICT (industry control systems)
    • Effectively managing vulnerabilities of OT and IoT devices
    • Key cybersecurity considerations of networks, mobile and the cloud

    Panel moderator:

    Helen McLeish, Chief Cybersecurity Officer, East Metropolitan Health Service


    Paul Karan, Cybersecurity Advisor, Roy Hill

    Raymond Griffiths, Cyber Defence and Resilience Manager, Wesfarmers Chemicals, Energy & Fertilisers

    Ian McMurray, IT & Cyber Security Manager, DDH1 Limited

    Waqar Sabir, Cyber Security Governance, Risk & Compliance, South32

    Spencer Lai, Cyber, Risk and Security Principal, CITIC Pacific Mining 

  • 12:35
    Vito Forte (1)-1

    Cybersecurity is a team sport – sharing cross-sector intelligence for stronger resilience

    Vito Forte - CIO - Edith Cowan University

    • Lifting IAM security and preventing identity proliferation from become a ripe area for bad actors
    • You’re only as strong as your weakest part – mirroring cross-sectors practices to mitigate common issues
  • 13:00


  • TRACK A - Critical Infrastructure

  • 14:00
    Elliot Tempest-2


    Elliot Tempest - Cyber Security Assurance Specialist - Silverchain

  • 14:00
    Osmar Couto

    Security by design – hype or reality?

    Osmar Couto - Senior Principal Consultant – OT Cyber Security - Worley


    In an ideal world, security would be considered at the initial stages of project delivery, with adequate budget and resource allocation for reasonable in-built protection against malicious actors. But in real life, security is often an afterthought, leading to a lack of commitment to compliance and exhausted budgets, making it impossible for patching systems and incident response actions to keep the organisation secured. During this session, we’ll explore why organisations must shift how they implement security and take a security-by-design approach seriously in the project delivery lifecycle.

  • 14:25
    Paul Thomas - Axonius-2

    Asset Intelligence: The Bedrock of Cyber Security

    Paul Thomas - Senior Solutions Architect, ANZ - Axonius


    Extensive knowledge of assets that need to be secured is foundational for any effort to secure any type of asset. It’s no surprise that the Security of Critical Infrastructure Act 2018 (SOCI) addresses this in its initial requirements and recommendations.

    When an Asset Intelligence platform is implemented as the bedrock of a cyber security initiative asset information is continuously collected, aggregated, correlated and analysed making all subsequent activities easier.

    Join me to learn what constitutes an Asset Intelligence platform and how specific capabilities optimise every step of the process to compliance.

  • 14:50
    Panel Discussion-1

    Panel discussion: Relying upon your CI incident response plans


    Having an effective incident declaration process in place is key when developing your compliance strategy and meeting critical infrastructure regulations and standards. During this session, we’ll explore:

    • Managing lack of clarity of SOCI Act and SoNS by developing documented interpretation of the frameworks
    • Good practices defining and fine-tuning incident declaration processes and response plans
    • How to identify what your organisation is doing right and what needs improvement
    • Effective ways to advance your maturity model

    Panel Moderator:

    Michelle Ribeiro, Head of Cybersecurity Community, APAC, Corinium


    Yusuf Denath, Manager Cyber Security, Child and Adolescent Health Service, WA Health

    Nathan Kelly, Cyber Security Manager, Synergy

    Prashant Singh, State Branch Chair WA, IT Service Management Forum (itSMF) & CSO30 Award Winner 2023

  • 15:15

    Applied Zero Trust Identity

    Steve Dillon - Head of APJ Architecture - Ping Identity


    In the era of increasing cyber threats, the security of our networks, data and systems has become paramount. With each passing day, cyber threats are becoming ever more sophisticated, posing significant risks to governments, businesses and individuals alike. To safeguard our public and private infrastructure against these ever-evolving threats, it is crucial to embrace two fundamental concepts: Cyber Resilience and Zero Trust Architecture.

  • TRACK B - Cross-Function

  • 14:00
    Joshua Qwek


    Joshua Qwek - Cyber Security Architect - Wesfarmers Chemicals, Energy & Fertilisers

  • 14:00
    1143 CISO Brisbane_Icon_Networking

    Speed Networking


    During this 10-minute networking session, the aim of the game is to go and meet three people you don't already know. Use the questions on the screen to guide your conversation. Have fun!

  • 14:10
    Marc De Frontignac

    Stop Email Misdelivery and Prevent Data Loss with AI

    Marc de Frontignac - Sales Engineering Manager, ANZ - ProofPoint


    Misdirected email is one of the simplest and most significant sources of data loss.

    Most organisations have little, if any visibility into the risk of sensitive data loss from misdirected emails, which can lead to negative business impacts on reputation, compliance, and employee productivity.

    Join us as we dive into the multi-faceted impacts to your organisation and explain how to leverage the power of artificial intelligence (AI) to stop sensitive data loss from emails being sent to the wrong recipients.

    Join us to learn about:

    • How you can stop sensitive data loss from misdirected emails in just days
    • Building the business case to stop misdirected emails with behavioural AI
  • 14:40
    Panel Discussion-1

    Panel discussion: How GRC supports cyber maturity


    Governance is the foundation of strong and effective cybersecurity strategy. During this panel, we’ll explore how to embrace governance as an enabler for cyber maturity, and how implementing a structured, risk-based, management system helps to optimise the organisation’s cybersecurity programs.

    • How can the GRC better support the cyber function?
    • What are the challenges incorporating cybersecurity into the organisation’s governance, risk and compliance strategies?
    • Compliance burden: successfully navigating through CPS 234, CPG 234, CPG 235, and other standards such as ISO27001, NIST and Essential 8

    Panel moderator:

    Joshua Qwek, Cyber Security Architect, Wesfarmers Chemicals, Energy & Fertilisers


    Vito Forte, CIO, Edith Cowan University

    Karen Owens, Cybersecurity Coordinator, WA, AEMO

    Madeleine Trezise, Cyber Security Risk and Compliance Manager, Laing O'Rourke

  • 15:15
    Cheyenne Seagull

    The New Cloud Security Operating Model: Bridging Runtime & Buildtime Intelligence to Reduce Friction and Boost Productivity

    Cheyenne Seagull - Solutions Architect for Australia and New Zealand - Upwind


    This talk will focus on the need to reinvent the way cloud security is done by bridging intelligence from runtime to build time - leveraging a ״shift-right״ security approach and runtime insights for a dynamic, modern cloud-native security that effectively consolidates Devs, Sec & Ops. Explore how this contextual analysis from runtime to build time provides end-to-end visibility, highly accurate risk prioritization and real-time threat detection and response.

  • 15:40


  • 16:05
    Craig Joyce

    Networking drinks address

    Craig Joyce - Director - Cythera

    Cythera’s began providing sovereign managed security services over 5 years ago.   In 5 minutes, Craig will share the 5 key security outcomes that customers should seek from their managed security providers.
  • 16:10
    Vidhu Bhardwaj-2

    Exposing How Cyber Criminals Exploit Human Psychology

    Vidhu Bhardwaj - Change Lead, Cyber Security - Perenti


    Ever felt like someone was playing mind games with you? Within the digital space, cybercriminals are the ultimate masters of manipulation. They understand exactly what makes us tick, using our feelings and instincts to get what they're after, including sensitive information. This presentation uncovers their cunning strategies, exposing how they employ psychology to pull unsuspecting victims into their traps. From exploiting our fears to painting a picture of urgency, we'll uncover the psychological biases that cybercriminals use to deceive and defraud. By understanding their playbook, you'll be better equipped to outsmart their schemes and safeguard your organisation.

  • 16:35
    1143 CISO Brisbane_Icon_Fireside Chats

    Fireside Chat: Effective collaboration between the Board, Senior Management and Cyber Security

    • Speaking the board and senior management’s language to raise importance of cybersecurity
    • What is expected from CISOs when evaluating and reporting risks to the board?
    • How can the C-Suite collaborate to ensure technology measures and controls are aligned with the company’s security needs?
    • The power of joining forces to ensure security strategies meet business strategies
    • How to become a ‘security champion’ and get senior management to be advocates for your projects


    Cecily Rawlinson, Director, WA Cyber Security Innovation Hub


    Stuart Smith, Assistant Director-General, ASD

    Jon Fowler, ICT General Manager, MMA Offshore

    Steve Woods, Manager ICT Security, Risk & Compliance, Department of Justice

  • 17:00
    Helge Janicke

    Corporates Compromised: A Cyber Simulation

    Helge Janicke - Deputy CEO and Research Director - Cyber Security Cooperative Research Centre


    How will you overcome a cyber-attack on your organisation?
    In our rapidly evolving digital world, cyber skills are critical to ensure reasonable, appropriate and informed business decisions can be made at an executive level.
    We will lead participants through an interactive cyber-attack, which includes ‘live’ news reports and calls for quick responses and decision making. Our user friendly physical boardgame is the centrepiece of our Gamification experience, designed to help participants better understand the cyber security application. The game facilitates open discussion in a fast-paced, fun and memorable environment, an innovative way to introduce cyber security into an organisation’s security awareness training and to complement routine computer-based education.
    In a collaborative project, the Cyber Security Cooperative Research Centre (CSCRC), CSIRO’s Data61, Government of Western Australia through the Office of Digital Government, with the support of Edith Cowan University, have created an interactive board game to raise awareness and encourage critical thinking about how to prepare and respond to a ransomware attack. 

  • 17:30

    Closing remarks & End of CISO Perth 2024

  • 17:35

    Cheers with Peers - Continue the conversations in a fun and entertaining way.