Agenda
Wednesday, 8 October 2025
“Control the Chaos: Defend Today & Secure Tomorrow”
Please note that 1:1 meetings will be running throughout the day.
Registration & Check-In
Welcome to the 11th Security Edge: Lead the Defence
Jim Berry - CEO & Founder at ADAPT
Australia’s cyber-security market is on a double-digit growth path as boards rush to meet stricter regimes – APRA’s CPS 230 operational-resilience standard and the new Cyber Security Act 2024 – while a chronic skills shortage pushes organisations toward managed and cloud-delivered controls.
Recent breaches, including credential-stuffing losses at major super funds, and Australia’s world-first mandate to disclose any ransomware payments underscore stubborn exposure to extortion, supply-chain and identity attacks that must be contained even as plans for quantum-safe cryptography take shape.
Join your peers at ADAPT Security Edge to connect, learn, and lead through the challenges of our rapidly shifting security landscape.
ADAPT Research: Control the Chaos, Defend Today & Secure Tomorrow
Gabby Fredkin - Head of Analytics & Insights at ADAPT
ADAPT’s Research and Advisory team reveal the latest data-driven insights from over 1000 local surveys from regional Heads of IT, digital and finance enabling companies responsible for over 60% of Australia’s GDP.
Compare their resource allocation, investment priorities, barriers and the unique challenges of Australian IT Security and the Business leaders you serve.
Helping you to benchmark and validate your priorities and thinking, Gabby will reveal the core findings distilled from your aggregated pre-event surveys and examine which Security, AI and data protection strategies are creating the best outcomes.
Get an Edge: Making the Most of Your Day
Tenar Larsen - Head of People & Performance, Executive Programs
A Day in the Life of a CISO: Leadership and Resilience in the Face of Complexity
Daryl Pereira - APJ Head Office of the CISO at Google Cloud David Gee - Former CIO & CISO

Two world class CISOs share real stories and real lessons. With former CISO HSBC and Macquarie Group’s Global Head Technology, Cyber and Data Risk, David Gee interviewing Google’s Daryl Pereira on ‘How to rebuild after a major incident’.
In an era where cyber threats evolve daily and the role of the CISO has become more critical than ever, “A Day in the Life of a CISO” offers an unprecedented collection of real-world wisdom, practical strategies, and hard-earned lessons from cybersecurity’s most experienced practitioners.
This isn’t your typical cybersecurity presentation – we’ll reveal the highlights of David’s new book, which has 24+ CISOs sharing lessons for current CISOs and the next generation of leaders.
Debating how to advance cybersecurity leadership and build more resilient organisations in an increasingly complex threat landscape:
• Leadership Development
• Strategic Thinking
• Crisis Management
• Career Resilience
• Global Perspectives
Mitigating Risk within Multi-Cloud Environments
Mitch Ryan - Senior Solutions Engineer at Wiz James Ng - CISO at Insignia Financial

In this session, Insignia Financial will share their journey of modernising data architecture and securing complex multi-cloud environments. James Ng, CISO at Insignia will share the strategies undertaken to re-imagine cloud infrastructure, implement continuous compliance, and gain unified visibility across cloud platforms using tools like Wiz. This session will explore real-world use cases in cloud risk prioritisation, secure cloud adoption, and embedding security throughout the development lifecycle. Walk away with actionable insights to drive both operational efficiency and risk mitigation in your own cloud journey.
Morning Break
Refreshments, Snacks & Connections
From Boardroom to Cloud: Security Leadership in an AI-First World
Andrew Dell - GM Customer Security Management Office at Microsoft
Join Matt Boon, Director of Strategic Research at ADAPT, in a candid fireside conversation with Andrew Dell, former Group Chief Security Officer of QBE Insurance, and CISO of NAB – now the GM Customer Security Management Office at Microsoft.
Together, they’ll unpack how global security challenges are reshaping enterprise strategy, the evolving role of the CISO, and what leaders must prioritise in a cloud- and AI-driven future.
- Lessons learned from leading security at scale in financial services
- The shifting expectations of security leaders in boardrooms and across industries
- Practical insights for building resilience and trust in an AI-enabled enterprise
Agility, Compliance, Resilience: Rethinking Cryptography in the Age of Digital Trust
Daniel Sutherland - Regional Vice President at DigiCert
In an age defined by accelerating digital transformation, tightening regulatory expectations, and the looming impact of quantum computing, cryptography is at a crossroads. Traditional approaches to securing data and communications are no longer sufficient as organizations face mounting pressure to remain agile while meeting compliance mandates and strengthening resilience against emerging threats.
This fireside chat will explore how forward-looking Australian organizations are rethinking cryptography to stay ahead of adversaries and regulators alike. We’ll unpack the relationship between innovation and risk, examine the role of modern cryptographic frameworks in building trust, and highlight strategies for future-proofing security architectures. Attendees will gain insight into how agility, compliance, and resilience intersect—and why reimagining cryptography is becoming an urgent business and security imperative.
High Risk Users & Where to Find Them
Garrett O’Hara - Senior Director, Sales Engineering, Mimecast APAC
68% of cyber incidents are attributed to human error however risk isn’t evenly distributed with recent statistics revealing that 80% of security incidents are caused by just 8% of employees, underscoring the critical importance of identifying high-risk users within an organisation.
This session will explore the factors contributing to user vulnerabilities that lead to certain individuals being classed as high-risk. Participants will gain insights into measuring user risk effectively and implementing tailored strategies to enhance cybersecurity across their organisations. This session will also highlight how a personalised and adaptive security approach can provide customised security measures for each user. By focusing on these high-risk individuals, organisations can safeguard their workforce while maintaining operational productivity.
ADAPT Executive Insight Roundtables - Share with Confidence Under the Chatham House Rule
Attend your preselected roundtable to participate in a peer discussion moderated by ADAPT analysts with subject matter experts.
From Blind Spots to Business Strength: How to Build a Modern Data Security Strategy in the Age of AI
with CyeraData is the fastest-growing and most valuable business asset – yet 80- 90% of it is considered “dark,” leaving organisations blind to what they hold, where it lives, and how sensitive it is. As data volume & sprawl accelerates (set to hit 181 zettabytes by 2025), CISOs face the mounting challenge of protecting this unknown data across complex environments, while keeping pace with regulatory pressure and AI-driven threats.
Legacy approaches simply can’t keep up.
Join Cyera at this interactive roundtable to explore how forward-thinking security leaders are rethinking data security from the ground up – turning to AI-powered frameworks that bring visibility, context, and control to the forefront. Discover why modern data security is now the cornerstone of a resilient cybersecurity strategy, and how it can help shift your organisation from reactive defence to proactive advantage.
Key takeaways will include:
• The core pillars of a modern data security journey
• Why legacy tools fail in today’s AI-accelerated world
• How to embed data protection into your broader security fabric
• Ways to unlock the full potential of your business data while strengthening cyber resilience
Securing a Future-Ready Enterprise: Navigating Threats, AI Risks, and Regulatory Complexity
with MicrosoftExplore the growing challenges of cybersecurity and digital transformation. The discussion will focus on the rapid deployment of AI technologies, the tension between innovation and security, and the need for robust governance frameworks, zero-trust architectures, and improved AI risk management strategies.
How to get Board-ready with the New Cyber Threats of 2025 (DBIR 2025)
with VerizonJoin Verizon risk consulting and insights experts, backed by the Verizon Threat Research Advisory Centre (VTRAC), to learn about 2025’s new cyber risk threats and what to do about it. VTRAC is renowned for its deep analysis of cyber breach and incident trends. It publishes the annual global Data Breach Investigations Report (DBIR), now in its 18th year, which reflects the evolving landscape that today’s CISOs must navigate especially with Boards. As ‘Risky Business’, the preeminent cyber Australian publication stated in April this year, there’s “a handful of seminal reports in the cybersecurity industry and the Verizon DBIR is one of them”. All attendees receive a physical printed Executive Summary copy of the DBIR 2025 (including links to industry specific reports for Financial Services, Healthcare and Public Sector) and a Report on How to get your Board Cyber Ready.
The PKI Resurgence – Building Digital Trust
Daniel Sutherland - Regional Vice President at DigiCert
Digital trust is becoming the backbone of enterprise resilience in Australia. With certificate lifetimes shrinking, outages from expired certificates making headlines, and regulatory demands accelerating, cybersecurity leaders face growing pressure to secure identities, workloads, and data across every environment.
At the same time, boards are beginning to ask how well prepared their organisation is for the post-quantum era. NIST has released new cryptographic standards, and organisations may only have three years to transition — half the time it took to move from SHA-1 to SHA-2.
This discussion will explore three critical themes for Australian enterprises:
• Outages and Operational Resilience: eliminating blind spots in certificate and PKI management.
• Compliance Pressures: navigating global standards alongside Australia’s own tightening regulations on critical infrastructure and data protection.
• Quantum Readiness: preparing now for a seamless transition, starting with visibility and automation.
Enjoy a lively discussion with your peers and ask questions from experts in the field.
Peer Networking Seated Lunch
Lunch Roundtable 5: From Noise to Outcomes: Modernising the SOC in 2025
David Coleman - Director, Sales Engineering, APJ at Rapid7 Adrian Cockcroft - VP Cloud Architecture Strategy at Amazon Web Services

SOC teams are under pressure to do more with less — facing rising detections, static headcount, and increasingly complex environments. This roundtable explores what “good” looks like in 2025 across people, process, and platform, with a focus on practical strategies to reduce noise, demonstrate impact, and apply automation/AI without added complexity.
Key Takeaways:
• How to reduce alert fatigue without compromising coverage
• Metrics that matter: proving the effectiveness of SecOps
• Rethinking roles and workflows to improve agility and response time
• What “good” looks like in 2025 across people, process, and platform
• Where automation and AI truly save effort — and how to avoid complexity or over-promising
• Prioritising threats that matter using risk and context, not just signatures and volume
Lunch Roundtable 6: Securing Intelligence: Navigating Agentic AI’s Risks and Rewards
Mitra Minai - Global Cyber Health Managing Director at Accenture Juliana Bächtold - ANZ Microsoft Business Group Security Lead at Avanade

The threat landscape is more volatile, sophisticated, and accelerated than ever – and AI is now essential to help defenders keep pace.
As Agentic AI systems begin to autonomously perceive, reason, and act across enterprise environments, CISOs are weighing the opportunities and risks of Copilots and autonomous agents.
Join your peers for this 2-hour closed door session over lunch – expertly moderated under the Chatham House Rule by ADAPT’s Matt Boon with senior executives from Accenture’s Microsoft business unit. The group will explore:
– High-impact, real-world use cases that lift defender productivity
– Clarifying when a guided Copilot is appropriate versus when to employ autonomous agents
– How orchestration, guardrails, and continuous training underpin secure, successful deployments
ADAPT Executive Insight Roundtables - share with confidence under the Chatham House Rule
Attend your preselected roundtable to participate in a peer discussion moderated by ADAPT analysts with subject matter experts.
Securing the Future of AI on AWS: Leveraging Okta's Identity Security Fabric
Katheresh Jayaprakash - Solutions Engineer at Okta Chamandeep Singh - Senior Security Partner Solutions Architect at AWSAs artificial intelligence (AI) rapidly transforms the enterprise landscape, it introduces novel and complex identity security challenges, particularly concerning AI agents and sensitive data in cloud environments like AWS. As over 80% of breaches* involve compromised credentials, ensuring robust security for your AI initiatives is paramount.
This roundtable will delve into how the Okta Identity Security Fabric, in collaboration with AWS, provides the essential identity layer to safeguard your AI deployments. We will explore practical strategies for:
• Protecting AI agents and GenAI tools: Learn how to manage and protect identities for AI agents – ensuring they operate within defined permissions and confidently enabling organisations to adopt and scale AI.
• Strengthening your overall cloud security posture: Discover how Okta extends its identity security capabilities across your AWS infrastructure, applications, and APIs, ensuring secure access and robust governance for both human and machine identities
• Ensuring frictionless and secure AI operations: Understand how to implement robust authentication and access controls across various tools and platforms, leveraging orchestration capabilities to enable seamless AI operations while protecting sensitive data with strong identity controls.
Join us to learn how to confidently adopt AI, mitigate critical risks, and unlock the full potential of your initiatives.
Identity as the New Perimeter: Closing Blind Spots Across Hybrid Environments
Chris Russell - Area Vice President ANZ at Silverfort
The traditional network perimeter hasn’t vanished. It has simply lost its power. In today’s hybrid world, the real perimeter has shifted to identity. Yet defences have struggled to keep pace. The headlines tell the story: attackers no longer need to smash their way in; they simply log in; using stolen credentials, abusing overlooked non-human accounts, and moving laterally across Active Directory, cloud, and SaaS environments undetected. For CISOs and boards, identity blind spots across on-prem AD, cloud, and SaaS can no longer be ignored, as each represents a material business risk, not just a technical flaw.
This roundtable will cut through the noise and focus on what matters most in building an identity-first defence:
• How attackers use lateral movement to escalate privileges
• How to strengthen MFA and cover the gaps attackers exploit
• How non-human (service) accounts fuel undetected breaches and the steps to close this backdoor
• Closing identity gaps across legacy, on-prem, cloud, and SaaS systems
Value for Attendees:
Leaders will gain clarity into the most pressing identity risks shaping Australia’s threat landscape today, with insights into why these challenges persist and how peers are addressing them in complex hybrid environments. This session will surface proven, real-world approaches that go beyond theory, giving leaders the opportunity to exchange strategies, share experiences, and leave with actionable steps to unify identity control, reduce exposure, and strengthen organisational resilience against identity-based attacks.
Why Reactive Security Is Failing: The Case for Exposure Management
David Reeves - Major Account Manager - Regulated Industries Choo-Kai Kang - Senior Security Engineer at Tenable

Reactive vulnerability management is a losing battle, overwhelming security teams and failing to address the most critical risks. To truly fortify defences, security leaders must embrace a fundamental shift to exposure management.
This modern, proactive paradigm moves beyond simply patching known flaws. Exposure management holistically maps potential attack paths and prioritizes remediation based on actual business impact. It involves understanding and protecting your key business assets by strategically implementing controls to break the chain of interconnected weaknesses.
Learn how to:
• Move from reactive to proactive: Stop chasing endless vulnerabilities and start managing real exposures that matter.
• Prioritise by business impact: Focus resources on the risks that truly threaten your critical assets.
• Close real-world gaps continuously: Shift from point-in-time patching to ongoing exposure management.
• See the whole attack surface: Gain visibility across Cloud, Identity, OT, and emerging AI exposures.
• Build resilience, not just compliance: Strengthen security posture while enabling business confidence and agility.
Afternoon Break
Refreshments, Snacks & Connections
CISO Panel: No-Spin Reality Check - 6 Cyber Risks to tackle before 2026
Jason Murrell - Renowned Cyber Security Advocate and Consultant Emily Mailes - Chief eHealth Strategy Officer at VIC Department of Health Samrat Seal - Head of Transformation and Governance at Kmart Group Peter Wolski - General Manager - Reliability and Security at MYOB Tara Dharnikota - CISO at Victoria University




In the run-up to 2026, Australian security leaders face a tight set of concrete risks – not wish-list futures. This panel focuses on what’s hitting budgets, board agendas and incident queues right now. Senior practitioners will trade straight talk on where controls really break, where regulators are tightening screws and which fixes move the risk needle fastest.
• Ransomware as a profit engine – exfiltration-plus-extortion still wins when backups and segmentation fail.
• Credential-stuffing drain – reused passwords, slow MFA uptake and direct fraud losses.
• Third-party & SaaS exposure – one weak supplier or shadow tenant can unravel your whole stack; SBOMs and live vendor scores are now board questions.
• Generative-AI sprawl – prompt-injection, data leakage and “shadow-AI” tools opening fresh attack paths.
• Post-quantum crypto clock – ASD guidance says inventory and crypto-agility must start before NIST standards drop.
• Regulatory heat – tougher privacy fines, APRA CPS 230, and SOCI Act extensions raise the bar on reporting and resilience.
Winning the Boardroom: Helping Businesses Lead, Not Just Comply
Darren Argyle - Former Group Chief Information Security Risk Officer & Board Advisor at Standard Chartered Bank (Singapore)
In an era of mounting regulatory pressure and rising cyber threats, many organisations struggle to balance compliance with true leadership. Boards and regulators want assurance, clarity, and confidence—but too often, cyber and risk leaders fail to bridge the gap between technical jargon and actionable business impact. This keynote offers a roadmap for attendees to gain influence, avoid fines, and transform their organisations into the go-to examples of excellence in cyber resilience and delivering business value.
This workshop session will give you:
• Practical Tools: leave with a clear framework for engaging stakeholders, simplifying complex risks, and demonstrating business value.
• Real Outcomes: Darren shares how he helped go from regulatory scrutiny to trusted leadership by building confidence with the regulators.
• Relatable Lessons: Through storytelling, he’ll bring to life the challenges and triumphs of working with boards, regulators, and resistant stakeholders.
Key Takeaways:
1. How to Get Off the Naughty List: Proven strategies to regain regulators’ confidence and avoid costly fines or oversight.
2. Building Boardroom Influence: Practical steps to become a trusted advisor and align cybersecurity with business goals.
3. From Compliance to Leadership: Lessons on how to shift from simply “meeting standards” to setting them, becoming the example others follow.
Darren Argyle is a seasoned cybersecurity leader with executive roles spanning Standard Chartered Bank, Qantas Airlines, iCare and S&P Global.
Recognised for his contributions to the industry, in 2023 Darren secured a CSO30 award for the third consecutive year, along with the inaugural CSO30 Leadership Award. He was named a Top 100 CISO in 2022 + 2017, awarded “Innovator of the Year” by SANS (2022), “Outstanding Cybersecurity Professional” by the Cyber OSPAs (2022) and listed among the top 100 IT security influencers in 2018. Author of best seller “The Cyber Leadership Imperative”
Summary & Closing Comments
Security Edge Peer Networking Drinks
An opportunity to stay, mingle and meet other attendees over drinks and food and discuss the day.