-
CISO Perth 2025 - AGENDA
-
08:00
Register; grab a coffee. Mix, mingle and say hello to peers old and new.
-
08:40
Welcome from Corinium and the Chairperson
Prof Dan Haagman - CEO, Chaleit & Honorary Professor - Murdoch University
-
08:50
Speed Networking – Making New Connections!
In this 5-minute networking session, the goal is to connect with three new people. Let the questions on the screen spark your conversation. Enjoy the opportunity to expand your network!
-
08:55
Navigating the Threat Landscape and Strategic Path Forward
Serena King - Assistant Director Cyber Security Engagement WA - National Cyber Security Office, Department of Home Affairs
- Uncover what lies ahead - a brief guide outlining key initiatives, strategic imperatives and the challenges that CISOs must navigate
- Outline a strategic path forward for strengthening national cyber security resilience through proactive measures and workforce development.
- Learn about the key challenges and success factors identified for the strategy, including the need for long-term but flexible commitment.
-
09:20
Panel: The Chain Reaction– Assess, Mitigate and Manage Supply Chain Cyber Risk
- Identify key vulnerabilities in the supply chain, focusing on gaps in vendor cyber security practices and their potential business impacts.
- Examine the anatomy of supply chain attacks, highlighting the critical role of risk assessment, due diligence, and continuous third-party monitoring.
- Implement actionable strategies for improving vendor oversight and securing the entire supply chain against evolving cyber threats.
- Develop tailored mitigation strategies to address financial, reputational, and operational risks posed by third-party vulnerabilities.
Moderator:
Neel Goradia, Cyber Security Lead, PLS
Panellists:
Joel Earnshaw, Senior Manager Cyber Security, Perenti
George Siemens, Cyber Security, Risk & Compliance Officer, CalEnergy Resources (Australia)
Tara Lie, Information & Technology Governance Manager, Department of Water and Environmental Regulation
Jason Fraser, Head of Cyber & Influence, Capricorn Society
Ariel Lumbroso, Solutions Engineer, Delinea
-
09:55
Ransomware Unmasked: How to Prevent, Detect, and Respond to Modern Threats
Matt O'Kane - Director Notion Digital Forensics, Distinguished Lecturer UNSW & Cloudflare Advocate - Cloudflare
- Introduction – What is ransomware? Why is it a growing threat?
- Attack Lifecycle – How ransomware infiltrates, spreads, and executes.
- Real-World Case Studies – Lessons from high-profile ransomware attacks.
- Prevention & Defence Strategies– Zero Trust, threat intelligence, and security best practices.
- Incident Response & Recovery – What to do if you’re hit and how to recover quickly.
-
10:20
Morning Coffee Break
-
10:50
Cyber Crime Trends 2025 - Find Out About The Biggest Global Trends And How Australia Is Measuring Up
Jacqueline Jayne - Advocate for Human-Centric Security - SoSafe
There is no denying that the scale and impact of cybercrime has reached new heights and attackers are no longer relying on just one entry point - they're using every channel available. Knowing where to focus is an essential skill of the modern security leader, and a constant stress. We will be discussing:
- The rise of AI as an exploitable attack surface
- The rise of multichannel attacks
- Supply chain attacks
- Personal identities
- Cyber resilience inequality
- The boom of cybercrime
Join us for the latest global and Australian insights and how evolving technologies and tactics are shaping the digital threat landscape in 2025. Learn how to protect your organisation from emerging risks and stay one step ahead of cybercriminals.
-
11:15
Redefining the Role of CISO to Drive Innovation
Rob Labbé - CEO & CISO in Residence - Mining and Metals ISAC
- Exploring how the CISO’s responsibilities are evolving from solely managing risks to enabling business growth and innovation.
- Understanding how CISOs can design adaptable security frameworks that support business agility and innovation while safeguarding against emerging threats.
- Discussing how CISOs can cultivate a mindset where security is not seen as a barrier but as a driver of business agility, empowering teams to innovate with confidence.
-
11:40
Harnessing the Power of a Human-Centric Approach to Safeguarding Your Data
Matthew Patterson - Staff Solutions Architect: Information Protection - Proofpoint
In this session, we will explore how a human-centric approach to cybersecurity can significantly transform your data protection efforts. Moving beyond traditional technical solutions, we’ll highlight how integrating data classification, behavioural insights (i.e. user intent), and threat context creates a dynamic defence against data loss.
-
12:05
Lunch
-
Track A: Strategic Resilience
Track A Chair: Prof Dan Haagman, - CEO, Chaleit & Honorary Professor, - Murdoch University
-
13:05
The Unofficial AI Survival Guide for Security Leaders
Mick McCluney - Field CTO, ANZ - Trend Micro
Are you feeling overwhelmed by the rapid evolution of AI? Are you tired of being bombarded with questions about AI? Are you trying to figure out where to start and how to protect your organisation in the new landscape?
Learn the key tactics being used by attackers today to take advantage of the explosion of AI technology including fraud enablement and discover how rogue AI and AI-enabled hacking will impact you in the future. Cut through the noise and explore strategies you can implement to defend your organisation from AI-enabled threats and attacks to reduce risk and bolster resilience.
-
13:30
Panel: From Risk to Transformation– AI's Impact on Next-Gen Cyber Security
- How would you assess the current level of AI implementation within your organisation?
- What challenges have you encountered in adopting AI, and how have you addressed them?
- What are the key criteria and considerations for evaluating AI technologies as part of a holistic cyber risk management strategy?
- What indicators or benchmarks should organisations consider to evaluate the effectiveness of AI-driven cyber defence initiatives?
Moderator:
Vannessa Van Beek, Global CISO, Fortescue
Panellists:
Daryll Holland, CISO, Alii Technology Group
Tim Downing, Director Information Security, Clean Energy Finance Corporation
Brenda van Rensburg, Cyber Security GRC & Assurance Specialist, working for P&N Group (P&N Bank and BCU Bank)
Prashant Singh, Member Board of Directors, ISACA Perth Chapter
Adam Plotnikov, Senior Solutions Engineer, BigID
-
14:05
Partner Presentation
Topic to be confirmedSteve Dillon - Head of APJ Architecture - Ping Identity
-
14:30
Maturity Uplift for the Essential 8 and the "Further Five"
Steve Woods - CISO - Department of Justice WA
- Implement practical strategies and methodologies to elevate your maturity level within the Essential 8 framework, showcasing key steps and milestones.
- Identify and address real-world challenges, bridging gaps and mitigating risks that remain even after achieving high maturity.
- Highlight effective solutions and adjustments that enhance resilience and ensure continuous improvement in cyber security practices.
-
14:30
Unlocking the Value: Elevating Cyber Security from Technical Concern to Strategic Asset
Robbie Whittome - CISO - Curtin University
- Discuss how cyber security initiatives can be better aligned with overall business goals to enhance organisational resilience and growth.
- Explore how other C-suite members can be effectively engaged in cyber security strategies to ensure it is prioritised at the highest levels of the organisation.
- Highlighting how cyber security, when positioned as a strategic asset, can drive business value, increase organisational resilience, and create a competitive advantage.
- Discuss how organisations develop more proactive approaches to managing cyber risks
-
Track B: Technical Excellence
Track B Chair: Karen Owens - Head of IT Security and Risk Management - Insurance Commission of WA
-
13:05
Safely Enabling AI Copilots with Varonis
Jack Eid - Regional Sales Manager - Varonis
During this session, we will show you just how easily your company’s sensitive data can be exposed using Microsoft Copilot with simple prompts. We will share practical steps and strategies to ensure a secure Microsoft Copilot rollout and prevent prompt hacking data exposure.
-
13:30
Panel: OT Security— So What? Why Cyber Security Can't Just Take Over OT
- How do you address the misconception that traditional IT security measures can be directly applied to OT systems?
- How can OT security leaders effectively communicate the unique risks and challenges of OT systems to senior management?
- How can we ensure OT security remains a priority without over-relying on cyber security frameworks designed for IT?
- How can OT security leaders balance the need for updates with the realities of maintaining legacy equipment in critical operational environments?
- How do you see the growing trend of convergence between IT, OT, and IoT impacting security operations and incident response?
Moderator:
Miriam Sanchez-Blanco, CTO, City of Stirling
Panellists:
Trevlyn Farrar, A/Manager Cyber Security, WA Health
Rob Labbe, CEO & CISO in Residence, Mining and Metals ISAC
Osmar Couto, Senior Principal Consultant – OT Cyber Security, Worley
Dane Hobson, Head of Cyber Security, Western Power
-
14:05
Topic to be confirmed
Robin Long - Director, Regional CTO - Rapid7
-
14:30
ML for Phishing Defence: Decoding Psychological Manipulation in Real Time
Dr Keyvan Ansari - Senior Lecturer in Information Technology - Murdoch University
- Leverage NLP and machine learning to identify psychological manipulation.
- Explore the potential of deep learning for improving email phishing detection and protecting against this pervasive threat.
- Evaluate the effectiveness of different deep learning architectures and techniques for email phishing detection.
-
14:55
How DevSecOps Platforms Help Secure the Software Supply Chain
Rob Williams - Senior Solutions Architect - GitLab
As organisations accelerate digital transformation initiatives, they face mounting pressure to harmonise rapid software delivery with robust security measures. This session explores how the convergence of DevSecOps, Artificial Intelligence, and Value Stream Management (VSM) creates a comprehensive framework for secure, efficient software development. We'll examine practical strategies for integrating AI-powered security controls into development pipelines, leveraging VSM metrics to optimise security processes, and building resilient software supply chains.
Join us to unlock a seamless delivery pipeline, fortified security, and enhanced business value amidst the ever-evolving threat landscape. -
15:20
Afternoon Tea Break
-
15:50
How to Pay Less for your Cyber Insurance
Joh McPhee - WA Regional Sales Manager - Cythera
As our customers improve their cyber maturity, some have seen their Cyber Insurance premiums fall by up to 30%. This short presentation compiles feedback from Cythera customers and industry findings to share quick wins that your business can take to reduce their cyber insurance premiums
-
15:55
Panel: Invest Smart, Secure Smart– Maximising the Value through Strategic Resource Allocation
- What strategies effectively prioritise resource allocation towards high-value targets without over-allocating to less critical areas? What metrics or KPIs should be tracked?
- How crucial are comprehensive risk assessments for identifying critical assets?
- How can businesses balance thorough risk assessments with the fast-paced threat landscape?
- What are the main challenges in getting the board to prioritise cyber security investments, and how do you tackle them? What do you do when the board says no?
Moderator
Gavin Ryan, Global Head of Information Security, Navitas
Panellists
Karen Owens, Head of IT Security and Risk Management, Insurance Commission of WA
Helen McLeish, Chief Cybersecurity Officer, East Metropolitan Health Service
Robbie Whittome, CISO, Curtin University
-
16:30
Panel: Building Resilience from Within– Fostering a Cyber-Aware Culture
- Understand the influence of human behaviour and organisational culture on the effectiveness of cyber security practices.
- Implement strategies to foster a security-conscious mindset, encouraging proactive cyber hygiene and responsible digital behaviour across the workforce.
- Measure and evaluate the impact of security awareness initiatives, refining approaches to maintain a continuously improving cyber-aware culture.
- Empower employees to become active defenders, fortifying the organisation’s resilience.
Moderator:
Caitriona Forde, Managing Director, caIT Cyber Safe
Panellists:
Peter Gigengack, Director Cyber Security, Department of the Premier and Cabinet of WA
Mia Araminta, Cyber Security Resilience Lead, South32
Gavin Ryan, Global Head of Information Security, Navitas
Faiza Khawar, President & Chair of the Board of Directors, ISACS Perth Chapter
-
17:05
CISO Perth 2025 Chair's Closing
-
17:10
Cheers with Peers
Not Found