Agenda
Tuesday, 8 September 2026
“Trusted Autonomy & Machine-Speed Risk”
Please note that 1:1 meetings will be running throughout the day.
Registration & Check-In
Secure your seat and table of peers in the keynote room.
Welcome to the 13th Security Edge: "Trusted Autonomy & Machine-Speed Risk"
Jim Berry - CEO & Founder at ADAPT
Cyber risk has entered a new era. The advent of frontier AI models creates opportunity, but also materially increases risk, with the ability to expose vulnerabilities far faster than many realise.
Our CEO, Jim Berry will not only share key benchmarking insights but will also unpack market signals we are hearing from ADAPT’s CISO community:
- The evolving AI risk landscape
- The impact of Mythos phenomenon
- AI-enabled workflows and governing myriad of agents
- Unpacking ASD’s call for cyber uplift and why enterprises need to act now
- Securing the autonomous enterprise
What Are the Top Performers Doing Differently?
Gabby Fredkin - Head of Analytics & Insights at ADAPT
AI is scaling faster than most organisations can govern it.
Drawing on insights from 1,000+ Australian CIOs, CISOs, CFOs and data leaders, ADAPT’s Research & Advisory team explores how security leaders are balancing speed, governance and operational complexity as AI adoption accelerates.
This keynote benchmarks where organisations sit across data architecture and governance maturity, why some organisations struggle to operationalise AI safely at scale, and what top performers are doing differently.
Gabby will unpack the emerging operating models behind scalable AI, the governance challenges created by fragmented environments and agentic workflows, and the key questions CISOs should ask to turn trusted AI into competitive advantage.
Get an Edge: Making the Most of Your Day
Shannon Barry - Senior Community Success Manager at ADAPT
Armchair Interview:
From Securing World's Largest Bank to Defending the White House
Greg Rattray
- Former Global CISO at JP Morgan Chase
Dr. Rattray is a cybersecurity heavyweight who has shaped digital defense strategies across Wall Street, the White House, and the Department of Defense. As Global CISO at JPMorgan Chase, he architected the bank’s cyber defense program and spearheaded industry-defining resilience initiatives like the FSARC. A distinguished military and policy veteran, he served as the White House Director for Cybersecurity, commanded the Air Force Information Warfare Center, and pioneered the nation’s first cyber exercise programs. Beyond the public sector, he founded Delta Risk LLC and guided global policy as ICANN’s Chief Internet Security Advisor.
Make Your Business a Hard Target for Cybercriminals
Thought Leader at ThreatLocker
When it comes to potential targets for cyberattacks, easier to breach means more likely to fall victim. While you might not be able to influence your perceived value, there are changes that can eliminate your organization from being seen as an easy target. We’ll explore practical tactics to reduce your surface area of attack and controls to prevent lateral movement should a breach occur.
Morning Break: Refreshments, Snacks & Connections
Autonomous Risk: How Fast Can Security Really Move?
Maryam Shoraka - Award-Winning Cybersecurity Leader (IT/OT) Peter Hind - Principal Research Analyst at ADAPT
Boards want speed, but AI controls are still catching up, forcing leaders to ask what their real AI risk position is, what should be in inventory, and what good actually looks like.
Discussion points
- Is your AI security model keeping pace with autonomous systems?
- As foundation models multiply, how are leaders assessing their AI risk position?
- Where accountability sits when third-party AI decisions shape enterprise outcomes
- How organisations define “good” for AI control, resilience, and sovereignty in practic
- How should organisations think about sovereignty and identity control in a more volatile environment?
Building Cloud Security Programs That Can Shift Left
Thought Leader at Wiz
For organisations born in the cloud or seeking to adopt modern technologies like containers, Kubernetes, and Serverless architectures, shifting security left is foundational. It empowers engineering teams to collaborate effectively with security teams, and effectively prevent common risks associated with the cloud. But how can this be achieved when security and engineering teams often have transactional relationships? Join this session for real-world examples of how Australian organisations are bringing DevSecOps together with practical guidance from Australian Security leaders.
Secure the AI Future, Now
Thought Leader at Cyera
The Cyera team reveals the mindset shift forward-looking enterprises are making to thrive in the AI era.
- Why it is no longer enough for leaders to simply lock information down given that AI runs on data.
- Scaling AI responsibly without treating protection and progress as opposing forces.
- Understanding why only 14% of security leaders currently report success in unifying protection and progress.
ADAPT Executive Insight Roundtables - Share with confidence under the Chatham House Rule
Attend your pre-selected roundtable to participate in a peer discussion with confidence under Chatham House Rule moderated by an ADAPT analyst with subject matter experts.
Do More with Less: Cutting Complexity So You Can Focus on Defence
A boardroom session moderated by an ADAPT Analyst with Brione Smink - CISO Advisor, Rodney Heron - Director of Cybersecurity at Cisco and your peers.
Join Brione Smink, and Rodney Heron to discuss how to help FSI, retail, government and other organisations cut complexity and stay ahead of shifting regulatory frameworks.
Name every security tool in your stack. Out of breath yet? The average enterprise runs 76 of them, most bought to fix one problem, and a startling number that don’t even speak to each other. That’s the “complexity tax” — paid daily in alert fatigue, blind spots, duplicated spend, and analysts toggling between consoles instead of defending anything. Meanwhile the adversaries have automated, moving at machine speed with AI on their side. You’re moving at the speed of “which tab was that in?”
Every CISO knows the squeeze: fragmented stacks, flat budgets, and a board wanting you to consolidate, cut the noise, prove value — in plain English. The old “best of breed” reflex has quietly surrendered to “best of suite,” because a drawer full of award-winning point products that ignore each other isn’t a strategy. It’s a liability with great branding.
This session is about what comes next. We’ll explore the innovations designed to collapse that complexity — fusing machine-scale defence into the network itself and closing the gap between signal and action, so your team spends less time managing tools and more time defending the business.
Bring your perspective to questions such as:
- Where is tool sprawl really costing you — budget, response time, or your team’s sanity?
- You’re under pressure to consolidate. What’s holding you back from a platform approach, and what would make the leap worth it?
- 56% of organisations have prioritised AI, yet only 11% trust it for mission-critical work. How do you close that gap without betting the business?
- Machine and agentic identities now outnumber humans. How do you grant and revoke trust at that scale?
- Quantum could break today’s cryptography by 2029, and “harvest now, decrypt later” is already underway. How are you protecting data that has to stay secret for a decade?
- When resilience comes down to speed, how do you brief the board on risk you can’t fully predict — without putting them to sleep?
Building Trust in AI: Digital Sovereignty as the Control Plane for Responsible Innovation
A boardroom session moderated by an ADAPT Analyst with Pierre-Alain Gran, Business Information Security Officer
Sovereign Cloud Technology & Delivery at SAP
AI adoption is accelerating faster than most organisations can govern it. Much of it now runs on models, data, and infrastructure they don’t control or can’t see into. Join Pierre Alain Gran, Global BISO for SAP’s Sovereign Cloud, flying from Switzerland for this closed-door session with your peers.
- Balance AI velocity against strict sovereignty, security, and compliance obligations
- Know exactly where the shared-responsibility line falls for AI and SaaS workloads
- Explore how a sovereign cloud lets CISOs innovate with AI while keeping control of their data
- Decide where Data lives, who can access it, and under whose jurisdiction.
The goal: trusted, responsible AI that strengthens resilience rather than quietly expanding the attack surface.
Peer Networking Seated Lunch
ADAPT Executive Insight Roundtables - Share with confidence under the Chatham House Rule
Attend your pre-selected roundtable to participate in a peer discussion with confidence under Chatham House Rule moderated by an ADAPT analyst with subject matter experts.
Challenging your Beliefs: How Foundational Controls Significantly Reduce Risk
A boardroom session moderated by an ADAPT Analyst with Airlock Digital and your peers
As AI-driven threats and ransomware accelerate, many organisations are discovering that faster detection doesn’t always translate to lower risk. Security frameworks like CIS and NIST are increasingly reinforcing a shift toward foundational, preventative controls like Application Allowlisting as a necessary complement to modern detection. This session challenges the belief that allowlisting is operationally difficult. Expect real-world insight, framework context, and a forward-looking view of what “good” looks like over the next few years.
The End of Manual Trust: How Automation, Quantum Readiness, and AI Integrity Will Redefine Digital Security This Year
A boardroom session moderated by an ADAPT Analyst with Candice Smith - Solutions Engineer at DigiCert and your peers
As machine identities surge, certificate lifecycles shrink, and quantum computing threatens today’s cryptographic foundations, Australian organizations are rethinking how intelligent trust is established, managed, and future-proofed. With traditional algorithms facing deprecation and automation becoming essential rather than optional, security leaders are at an inflection point.
Be part of the discussion and answer questions such as:
- What does “manual trust” look like in today’s enterprise? Is it sustainable in practice?
- How are leading ANZ organisations prioritising automation in certificate lifecycle and crypto asset management?
- What practical steps are security leaders taking now to prepare for post-quantum cryptography? And where is the overlap with general security best practice?
- How can crypto-agility be embedded as a design principle rather than a retrofit?
- With AI systems becoming trust intermediaries, how do we ensure integrity at scale?
We look forward to hearing your point of view.
Rapid Evolution of the Threat Landscape: Keeping Up or Staying Ahead?
A boardroom session moderated by an ADAPT Analyst with Serkan Certin, Head of Solutions Engineering, ANZ at Tenable Security
The role of the CISO has fundamentally shifted - Managing ‘security debt’ to managing systemic business risk. Are you adapting and keeping pace?
Let’s debate:
- How do security teams keep pace when adversaries move at machine speed?
- What does smart risk prioritisation look like in an AI-driven environment?
- How can teams cut through noise across fragmented tools and alerts?
- Which assumptions about identity and perimeter still hold, and which no longer do?
- How do CISOs explain risk clearly to executives without overcomplicating it?
Afternoon Break
An opportunity to meet with other attendees and build your network
Fireside Chat - A Day in the Life of a CISO
Catherine Rowe - CISO at RBA Keith Howard - CISO at Suncorp Group David Gee - Author, CISO and ADAPT Advisor
David Gee’s new best-selling book distils more than 740 years of collective CISO wisdom and battle scars offering invaluable guidance for current and aspiring cyber leaders.
In this keynote fireside chat, David is joined by two of Australia’s most distinguished cybersecurity leaders: Keith Howard, CISO at Suncorp and Catherine Rowe at Reserve Bank of Australia.
This engaging and interactive session explores the pivotal moments, practical insights, and hard-earned lessons that have shaped both leaders’ careers. Keith and Catherine reflect on their own career journey and outlines the essential considerations every CISO should keep front of mind when stepping into these roles.
Key discussion highlights include:
- Diverse paths to Cybersecurity Leadership
- Priorities for the New CISO
This is a must-attend session for CISOs, cybersecurity practitioners, and emerging leaders seeking real-world guidance from two of the industry’s most respected voices.
Inside a Breach: Raw Lessons from the Frontlines
Alex Loizou - Cybersecurity Leader/MD at Intrinsic Security
Every CISO has a playbook, but few have had to use the whole thing. Alex Loizou joined Medibank in early 2022, leading the security function through one of the most significant and public cyber incidents in Australian history. In this opening keynote, Alex moves beyond the technical post-mortem to share the raw, practical lessons learned from the centre of the storm.
This is an honest discussion about the realities of managing a major breach focussing on the challenges of supporting your organisation, your board, and your team when the playbooks run out of pages. Alex shares his perspective on the structural and personal shifts required to navigate a crisis and, more importantly, how to lead through the aftermath.
Alex Loizou is a seasoned cybersecurity leader with a proven track record of building and leading high-performing security teams. He has extensive experience as a Chief Information Security Officer (CISO) for major organisations such as Medibank, Flybuys, and Bupa. Notably, he served as the CISO at Medibank during their 2022 cyber incident, where he played a crucial role in leading the response and recovery efforts. Since departing Medibank in January 2025, Alex has founded Intrinsic Security, a boutique cybersecurity consultancy with the goal of improving security practices in Australian companies.
Closing Comments by ADAPT
Security Edge Peer Networking Drinks
An opportunity to stay, mingle and meet other attendees over drinks and food and discuss the day.