Kylie Watson – CISO at DXC Technology, Donald Elliott – CIO at Cricket Australia, and Olivia Loadwick – Partner at McKinsey & Company explored managing cyber incidents and stressed the importance of involving leaders beyond the cyber team in a Security Edge panel discussion.

Peter Hind, Principal Research Analyst at ADAPT, moderated the session, guiding the conversation around the need for broader leadership involvement in managing cyber incidents and how a multi-departmental approach builds resilience.

Donald highlights the importance of aligning cyber security language with business goals.

He emphasises that cyber security shouldn’t be seen as an obstacle, but rather an enabler, ensuring operations like test matches and community cricket continue smoothly.

Donald explains that communicating the impact of data breaches in a way that resonates with different stakeholders, from board members to grassroots organisers, helps drive awareness.

While blocking certain actions for security reasons may seem obstructive, it’s vital to provide safer alternatives that allow the business to function without compromising security.

Olivia agrees, advocating for shared responsibility in managing cyber risk, stating that businesses must work closely with the security team to integrate controls that support business objectives.

Kylie adds to this by warning against relying solely on technological solutions to eliminate risk, stressing the importance of understanding behavioural insights.

She supports using tools like nudge theory to encourage secure behaviours and highlights the risks when users fail to understand the consequences of their actions.

Olivia also expands on how connecting cyber security strategy to overall business goals creates a necessary feedback loop, ensuring security efforts align with business objectives and risk appetite.

The discussion also covers the value of wargaming exercises as a way to boost organisational preparedness. These exercises involve a wide range of stakeholders and external parties to simulate real-life incidents and fine-tune processes accordingly.

The panel emphasises the importance of scenario planning that includes various stakeholders to raise security awareness and capabilities.

Regular scenario discussions with legal, corporate, and risk teams help identify vulnerabilities and improve understanding. It also prepares executives for decision-making.

The conversation highlights the chaotic nature of incident response, comparing the leader’s role during a crisis to that of a kindergarten teacher, who must maintain calm and order amidst the stress and urgency, ensuring clear communication and a steady approach.

 

Key takeaways:

  • Broader leadership involvement: Effective incident management needs leaders from outside the cyber team to address the wider organisational impact, allowing technical teams to focus on solving the immediate issues.
  • Scenario planning and stakeholder engagement: Regular scenario discussions involving various departments (legal, corporate, risk) are crucial for identifying vulnerabilities and helping executives and stakeholders better understand the importance of cyber security.
  • Keeping calm during crises: The chaotic nature of cyber incidents requires strong leadership to maintain order and strategic focus, ensuring clear communication and steady decision-making under pressure.
Contributors
Kylie Watson CISO at DXC Technology
Kylie Watson is an experienced executive in the Information Technology Infrastructure, Apps, and Services Industry. Driven by a strong client focus, she... More

Kylie Watson is an experienced executive in the Information Technology Infrastructure, Apps, and Services Industry. Driven by a strong client focus, she supports large-scale business and technical transformation, leveraging her expertise in change management and behavioural economics. Kylie excels in leading large sales and delivery teams across multiple disciplines and regions, driving the adoption and embrace of new technologies. She is adept at growing capabilities and skills to meet market demand across Australia, New Zealand, and Asia, and at building partnerships and alliances to solve client challenges.

Kylie has extensive experience working across all industries and is well-connected with key C-suite stakeholders in federal, state, and local government, as well as in retail, mining, oil and gas, utilities, distribution, health, and financial services. She has a proven track record of driving cultural change and embracing diversity and inclusion, earning awards in coaching, mentoring, and innovation.

With over 25 years of executive leadership experience in technology and consulting, spanning multiple industries, international geographies, and platforms, Kylie is well-versed in Google, AWS, IBM Cloud, and Azure. Her solution experience and qualifications include cybersecurity, data, AI, cloud, and change management. Additionally, she is an AI ethicist with some quantum computing capability.

Kylie is also a media spokesperson, keynote speaker, and author on technology topics, and serves as an advisor to universities and government agencies on cyber, technology research, and education.

Less
Donald Elliott CIO at Cricket Australia
Don has built a reputation as a versatile leader who delivers results by building high performing and resilient teams. He is passionate... More

Don has built a reputation as a versatile leader who delivers results by building high performing and resilient teams. He is passionate about developing people and organisational culture to improve customer satisfaction. His experience in large and complex environments demonstrates an ability to sell and implement company-wide strategic programs often within a framework of competing divisions and agendas.

Don has strong commercial acumen and the ability to simplify complex business and technical problems to build understanding and consensus. He relishes the opportunity to delivery technology solutions to address business opportunities through strong collaboration and partnering.

Don has worked across all aspects of IT Strategy, Planning, Delivery and Operations in both startups and multi-nationals and has gaining a deep understanding of many industries including Retail, Manufacturing, Supply Chain, Finance, Utilities and Telecommunications.

Less
Olivia Loadwick Partner, McKinsey & Company
Corporate finance and corporate strategy specialist. Adviser to leading companies and governments on strategy, transformation, risk, capital management and M&A. Well regarded... More

Corporate finance and corporate strategy specialist. Adviser to leading companies and governments on strategy, transformation, risk, capital management and M&A.

Well regarded for strategic thinking and leadership. Recognised in the Westpac/Australian Financial Review 100 Women of Influence Awards. Representative at the B20 Leaders Summit.

Direct experience in the following sectors: healthcare, energy and resources, financial services, engineering and construction, automotive, property, infrastructure and utilities, technology, services, consumer and retail.

Experience in international markets having lived and worked in China, South Korea, North America, the Middle East, Europe, New Zealand and Australia.

University medal awardee and valedictorian for undergraduate and post graduate degrees.

Less
Peter Hind Principal Research Analyst at ADAPT
One of the ICT industry’s foremost analysts and commentators, Peter Hind has spent over 25 years advising and talking on topics across... More

One of the ICT industry’s foremost analysts and commentators, Peter Hind has spent over 25 years advising and talking on topics across the technology industry. His primary areas of interest are the potential of technology to transform the way organisations operate, the change management obstacles executives encounter in realising this potential, as well as the tactics and techniques leaders have deployed to overcome these difficulties.​

With roles across IDC, Unisys, NCR, Sigma Data, and others, Peter now takes on multiple roles within ADAPT including the moderation of private events and roundtables, interviewing business executives about the strategies they are pursuing and assisting with the structuring of delegate surveys.​

Less
Security Leadership Transformation