In this Security Edge interview, Alex Serrano, Technology Governance Lead at the State Electricity Commission of Victoria, shared how governance and innovation can coexist securely.

Alex focuses on building strong governance, security, and operational standards to create a safe and agile technology environment.

He balances the needs of multiple stakeholders, from the security team and executive board to end users, ensuring that governance practices meet both strategic and ethical expectations.

He also reminds leaders to look after their own wellbeing, recognising the personal strain of accountability when managing cyber incidents or organisational risk.

A key part of his mission is embedding cyber awareness across the organisation.

He champions clear, relatable communication rather than technical jargon, helping staff understand everyday risks such as phishing, fraud, and poor password hygiene.

Alex also highlights the growing influence of AI in both work and personal life, noting that responsible use begins with awareness, including what information to share, which tools to trust, and how to stay safe online.

He believes AI adoption is inevitable, so organisations must provide safe environments for experimentation supported by strong safeguards and training.

He also reflects on how security teams can enable innovation without becoming bottlenecks.

Security, he says, should be built into daily workflows rather than added later, avoiding technical debt and supporting faster delivery of secure, high-quality products.

Drawing from agile methodologies, he recommends dedicating developer time to security maintenance, such as patching and vulnerability management, making it as routine as daily hygiene.

For Alex, security is not a constraint but a foundation that builds trust, resilience, and sustainable innovation.

 

Key takeaways

  • Governance and security must evolve together: Strong frameworks are essential to maintaining a safe and agile foundation for Victoria’s renewable energy transformation.
  • Awareness drives safer innovation: Clear, relatable communication helps staff make informed decisions about AI use and digital risks.
  • Security by design enables speed and trust: Integrating security into agile workflows allows innovation to flourish while maintaining resilience and confidence.
Contributors
Alex Serrano Technology Governance Lead at State Electricity Commission of Victoria
Alex helps organisations large and small, established and new, successfully navigate the world of complex technology change delivery and cyber security risk.... More

Alex helps organisations large and small, established and new, successfully navigate the world of complex technology change delivery and cyber security risk.

He brings curiosity, humility, credibility and energy to every organisational challenge he gets to lean into and help solve – for boards, executives, and technology teams.

Alex brings strategic thinking, coupled with a practical, hands-on bent, to get cyber security programs aligned and humming, technology changes delivered to specification and budget, and material risks well managed.

Certified Information Security (CISM). Certified in the Governance of Enterprise IT (CGEIT). Member of the Business Continuity Institute (BCI).

Less
Gabby Fredkin Head of Analytics & Insights at ADAPT
As the Head of Analytics and Insights at ADAPT, Gabby Fredkin’s primary role is managing analysis to produce ADAPT’s actionable insights to... More

As the Head of Analytics and Insights at ADAPT, Gabby Fredkin’s primary role is managing analysis to produce ADAPT’s actionable insights to identify trends supporting organisations in Australia.

With a passion for creating stories with data, Gabby is consistently rated as one of the top speakers at ADAPT’s events. In roundtable discussions, he specialises in using statistics to initiate thought-provoking discussions, enabling ADAPT’s customers to become more data-driven.​

Using modern data science techniques, he provides ADAPT and its customers with confidence in the accuracy and validity of the information used for ADAPT’s research, advisory and events.

Working across artificial intelligence, machine learning, AI ethics, DevSecOps, end-user behaviour, and human-centred design, Gabby’s vast experience continues to grow, supported in part by a Master of Business Analytics from Deakin University.

Less
security compliance leadership