At Security Edge, Australia’s cyber and tech leaders shared how they are aligning AI, business, and operations to drive secure innovation and outpace threats.

The discussions were framed around a shared challenge.

Cyber threats are increasing in scale and frequency, and the adoption of AI is changing how organisations operate and how adversaries attack.

Leaders need to modernise their response, rethink how security integrates across teams, and push for more meaningful accountability at all levels.

The most effective responses came from those who were building capability, not just defending risk.

Across every session, one idea kept surfacing: cyber security is not a separate discipline.

It is a central force shaping how Australia competes, operates, and grows. The question is whether organisations are ready to treat it that way.

Turn AI ambition into capability

AI is expanding quickly across business units.

Security must keep pace with its scale and complexity.

Gabby Fredkin, Head of Analytics and Insights at ADAPT, said organisations need to align cyber functions with business goals and the speed of digital delivery.

If security remains disconnected from how the organisation operates, it will be unprepared for AI initiatives.

Antonie Falco, APJ CTO at Zscaler, pointed out that many CTOs are being asked to deliver productivity and cost savings within regulatory environments that are becoming more complex.

This creates friction unless there is a clear strategy that supports innovation while managing risk.

Brett Winterford, Regional CISO at Okta, said security leaders should focus on building broad, scalable AI capabilities that support multiple environments and use cases.

He cautioned against overcommitting to tools designed for single applications. Resilience depends on versatility and good security foundations.

William MacMillan, former CISO at the CIA, added that the .

Quantum computing will soon enable the decryption of data that is already being collected.

Security leaders need to start preparing for that now by reviewing how long sensitive data must remain protected and what protections are in place.

Back to top

Influence with business clarity

The most effective CISOs are building influence by linking security to strategic outcomes.

Darren Argyle, former Group CISO at Standard Chartered Bank, explained how educating the board and executive team can change how cyber risk is perceived.

When leaders understand how a major security incident affects reputation, revenue, and long-term strategy, support becomes easier to secure.

Gabby Fredkin reinforced this with an example. Automation becomes more valuable when it includes context.

When security teams can identify the type of incident and recommend specific responses, they work faster and reduce analyst fatigue.

These results can be reported in terms that show improvement over time.

These approaches reflect a shift in the role of the CISO. Effective leaders are not seeking approval.

They are showing how their decisions enable resilience, protect productivity, and reduce exposure across the business.

Back to top

Confront transparency and structural gaps

Australia has become one of the most targeted nations for cyber attacks.

Many leaders said the structures needed to manage that risk are still missing.

Kylie Watson, Head of Cyber Security at DXC Technology, said there is not enough active measurement of risk or maturity, even within critical industries.

The lack of national benchmarks or reporting standards makes it hard to understand where progress is being made.

Brett Waddington, GM Cyber at Superloop, warned that the consequences of cyber crime extend far beyond technical remediation.

When trust is damaged, organisations may need years to recover their position.

Those that do not address this early will struggle to maintain performance.

Jason Murrell, Chair and Co-Founder of the Australian Cyber Network, highlighted the gap between policy and execution.

He noted that government investment in reporting and transparency remains limited, and that public accountability should not be left to individual organisations.

National coordination is needed to guide a consistent response.

Catherine Rowe, former Global CISO at QBE Insurance, said organisations must elevate how they view cyber security.

She argued that leadership in this space requires an understanding of law, finance, risk, and crisis response.

Security must be seen as part of the broader operating model, not a function on the sidelines.

Back to top

Streamline operations and tech stack to outpace threats

Operational complexity remains one of the biggest risks facing security teams. Leaders described how they are consolidating tools, unifying data, and simplifying infrastructure to improve decision speed and reduce gaps in visibility.

William MacMillan said cyber security teams should not operate in isolation.

He recommended forming advisory groups with HR, legal, and medical stakeholders to strengthen oversight and ensure better judgment during response planning.

Fabio Fratucello, Field CTO International at CrowdStrike, emphasised the need to improve signal quality.

He said many organisations collect large volumes of telemetry without integrating or analysing it in ways that improve detection and response.

Aligning these data sources is essential.

Matt Preswick, Principal Solutions Engineer at Wiz, focused on architecture.

He said having a horizontal view across the software lifecycle from code to deployment makes it easier to track vulnerabilities and assess where sensitive data may be exposed.

In an interview at Security Edge, Matthew Duckworth, Director of Information Technology Risk and Security at MetLife, described how his team is consolidating tools and combining their data.

This approach has improved their ability to confirm whether patching is effective and to identify unexpected server behaviours in advance.

Back to top

Australia’s cyber security leaders are focusing on practical action.

They are aligning with the business, improving how they communicate risk, streamlining their environments, and preparing for AI and quantum.

What matters now is whether these shifts happen fast enough.

The environment is changing. The organisations that act on these lessons will be in a stronger position to manage risk and deliver secure innovation with confidence.

Back to top

 

Contributors
Justina Uy Content Strategist
Justina Uy is a data-driven content producer that thrives on democratising elite know-how to empower Australia’s underdogs. Skilled at translating complex ideas... More

Justina Uy is a data-driven content producer that thrives on democratising elite know-how to empower Australia’s underdogs.

Skilled at translating complex ideas into a compelling story across formats and channels, she shifts seamlessly between writing long-form articles, creating viral social media posts, and producing thumb-stopping videos.

Since 2015, Justina executes her vision through a sophisticated understanding of the rapidly evolving digital and business landscape to serve entertaining and educational insights to the executive community.

Less
security leadership compliance