13 - 14 August, 2019 | Mercure Resort, Hunter Valley Gardens, NSW

Exchange Day 1: Tuesday 13th August 2019


7:15 am - 8:00 am Breakfast & Registration


8:00 am - 8:10 am Chairperson's Opening Remarks

Case Study

8:10 am - 8:40 am How ANZ NZ Are Creating Cyber Resilience Through An Award Winning Cyber Awareness Program

In November 2018, Tony and his team were awarded the Best Security Awareness Campaign in NZ at the iSANZ awards. Since then, there has been a continued focus on the internal cyber ambassadors program, given the importance of educating both internal staff members and customers when it comes to protecting an organisation from cyber threats. In this session, hear Tony dive into:
  • The what, how and why of their cyber ambassadors programme
  • How ANZ NZ are gaining insights into posed cyber threats and how these inform the programme
  • The keys to maintaining an educated, cyber-smart organization
Tony Arnold, Head of Technology and Information Security at ANZ New Zealand

Tony Arnold

Head of Technology and Information Security
ANZ New Zealand

Panel Discussion

8:40 am - 9:10 am How to Build Internal Cyber Capability To Address The Skills Shortage In The Market

Australia is going through a cyber security skills drought, with a low-supply, high-demand environment for cyber skill sets becoming increasingly present. The nature of cyber skills needed by the industry is fast changing. Therefore, the focus of many organisations now is not just obtaining the correct skill sets, but sourcing the right personalities who can be continuously trained in the relevant areas of cyber security to embellish the teams’ capabilities. With this in mind, this session will see Siva discuss how Information Security Professionals are:
  • Identifying the right people to put into the cyber program
  • Keeping the learning syllabus up to date to ensure right skills are developed
  • Retaining existing staff whilst recruiting and up-skilling new talent
Siva Sivasibramanian, Chief Information Security Officer at Optus

Siva Sivasibramanian

Chief Information Security Officer

Case Study

9:10 am - 9:40 am Session Reserved For Mimecast


9:40 am - 10:10 am Morning Tea & Networking Break

BrainWeave & Business Meetings

10:10 am - 11:10 am BrainWeave™ - User Behavior, Analytics, AI and Deep Learning: The Future of Cyber Security

In this round table discussion, deep dive into bleeding-edge topics surrounding the future of cyber security in an increasingly digitised world. Engage with your peers on topics such as:
  • Mitigating advanced and automated cyber threats
  • Leveraging next-generation capabilities to enhance IT Security detection and response
  • The future of the cyber space and other preventative cyber methods
Steven Cvetkovic, Chief Information Security Officer at Swinburne University of Technology

Steven Cvetkovic

Chief Information Security Officer
Swinburne University of Technology

10:10 am - 10:40 am One-to-One Business Meetings

10:40 am - 11:10 am One-to-One Business Meetings

Case Study

11:10 am - 11:40 am Leveraging Business Insights and New Technologies to Optimize Security Operations Across The Board

As the Australian Digital Health Agency becomes more mature, advanced technologies such as ML and AI are being introduced to optimise security operations. But with the adoption of new technology also comes the potential for new risk which needs to be effectively managed to maintain secure operations. In this session, learn how Marianne and her team are managing the balance by applying the right tools and strategies.

·         Implementing new technology to streamline security operations while effectively managing risk
·         Investing in solutions that deliver on expectations and that are appropriate to your level of organizational maturity
·         Automating low-value tasks to minimize resources whilst still maintaining a human-touch in high-value tasks
·         Effectively measuring and reporting the impact of technology to maintain full visibility over your security operations

Marianne Cologon, Director Cyber Security Operations at Australian Digital Health Agency

Marianne Cologon

Director Cyber Security Operations
Australian Digital Health Agency

BrainWeave & Business Meetings

11:40 am - 12:40 pm BrainWeave™ - Awareness Training: Is Virtual Reality the Next-Gen Training Tool?

Compliance training is a necessary part of all organisations, and for a good reason – it ensures that employees are educated on laws, regulations and policies that apply directly to their day-today responsibilities. Let’s face it though, it can be boring, bland and disengaging. So how do you make awareness training a process that not only actively educates employees, but is something they enjoy? What are the tools to getting people engaged? What does the board need to see in order to invest in more exciting education tools? Is Virtual Reality the answer?

11:40 am - 12:10 pm One-to-One Business Meetings

12:10 pm - 12:40 pm One-to-One Business Meetings


12:40 pm - 1:40 pm Lunch & Networking Break

Case Study

1:40 pm - 2:10 pm Protecting Employee's Through Cyber Security Initiatives

Safety is written into the very DNA of cyber security teams across the globe, driving them to defend and protect their organisation against IT threats and compromises. But what happens to cyber teams when the definition of a cyber threat extends past that of a corporate issue, morphing into an issue that can fatally impact human life? Following a workplace accident in 2017, Boral are dealing with this first hand. In this session, Daminda will deep-dive into:
·         IT-OT use cases to protect the lively hood of employees: Smart Cameras and IoT Trucks
·         The risk that IT-OT exposes to business security
·         Driving end-to-end security process across the whole business process
·         Testing the success of cyber defense through internal hackathon’s
Daminda Kumara, Cyber Security Lead at Boral

Daminda Kumara

Cyber Security Lead

2:10 pm - 2:40 pm Data Ownership: Leadership, Challenges, and Data Governance

In some organisations, there is a general perception that privacy and IT security teams are responsible for all privacy and security risks, and thus responsible for any breach or compromise. It is important that guidelines are put in place to clarify exactly who is responsible for data, including the risks that surround it. In this session, hear Scott discuss:
  • Defining, Enabling and Empowering Data Owners
  • Implementing use-cases and ‘what-if’ scenarios to highlight the importance of risk management
  • Changing the security mind-set through both a top-down, bottom-up approach
Scott Hawkins, Manager Cyber Security, Risk and Assurance at Mater Group

Scott Hawkins

Manager Cyber Security, Risk and Assurance
Mater Group

BrainWeave & Business Meetings

2:40 pm - 3:40 pm BrainWeave™ - Harnessing The Power Of Network Visibility

Learn how next-generation network packet brokers (NGNPBs) mitigate security tool sprawl, simplify IT management and improve network availability.

2:40 pm - 3:10 pm One-to-One Business Meetings

3:10 pm - 3:40 pm One-to-One Business Meetings


3:40 pm - 4:00 pm Afternoon Tea and Networking Break

4:10 pm - 4:40 pm Demystifying OT Security Challenges and Mitigation Strategies To Simplify The Cyber Threat Environment

The OT environment is a complex one, and as it continues to digitize it’s complexity continues to grow. As a cyber leader, it is important to be able to take a step back and not just look at the bigger picture, but to simplify it. In this session, Beenu will look at how his team at NBN are demystifying OT security challenges, as well as covering topics such as:
-          Understanding the cyber complexities and threat landscape of OT and IT
-          Mapping out mitigation strategies to address complexities
-          Re-visiting the drawing board to map out what an effective OT program  actually looks like
Beenu Arora, Cyber Security Operations Manager at NBNco

Beenu Arora

Cyber Security Operations Manager

4:40 pm - 5:10 pm Unpacking The Cyber Tool-Kit: The Critical Need For A Strong Cyber Culture

Despite organisations continuously investing in security tools , the number of data breaches worldwide has continued to increase year-on-year. Why? What is the integral missing piece in your security tool kit and how can it be addressed to ensure a stronger cyber culture across A/NZ? In this session, follow Ray as he covers:
  • What a technically trained leader means for the business
  • Assessing the capabilities of your cyber tool-kit
  • Reaching outside the cyber team from broader skill sets
  • A look at how NZ is driving security culture and lessons learned so far
Ray Chow, Head of IT Risk and Security at New Zealand Post

Ray Chow

Head of IT Risk and Security
New Zealand Post

BrainWeave & Business Meetings

5:10 pm - 6:10 pm BrainWeave™ - Third Party Risk Management: Getting An Accurate Understanding Of Your Partners True Capability

With cyber breaches rapidly increasing in both number and complexity, organisations are re-assessing the security strength of existing third-parties and potential future partners. Currently, the on-boarding process can drag out to months and has proved unrealistic for such a fast-paced environment. In this session, discuss:
  • Minimizing steps in the vetting process to move potential partners from A to Z quickly
  • Maintaining ownership of sensitive data and increasing visibility of third party systems
  • Ensuring the third party complies with the regulation and legislation under which your company operates
  • Remembering the ‘people’ side of cyber security and strengthening the human relationship between your organisation and your partners
Steven York, Chief Information Security Officer at Bank of Queensland

Steven York

Chief Information Security Officer
Bank of Queensland

5:10 pm - 5:40 pm One-to-One Business Meetings

5:40 pm - 6:10 pm One-to-One Business Meetings