Samrat Seal, Head of Transformation and Governance at Kmart Group, shares how regulated-sector lessons, AI governance, and business-aligned security are shaping his approach to the next wave of cyber risks.

He led cyber and governance in banking, telecoms, media, insurance, and healthcare.

His career across some of the most regulated industries has shaped his approach in retail, where fewer formal guardrails exist.

He explained that the discipline of constant audits, regular testing, and continuous governance must carry across sectors to ensure security keeps pace with business change.

Ahead of his session at Security Edge on 8 October at the Grand Hyatt, Melbourne, Samrat spoke with ADAPT’s Content Lead Justina Uy about lessons from regulated industries, building AI governance guardrails, and quantifying risk to prepare for the next wave of cyber threats.

 

Embedding governance into AI adoption

As AI tools proliferate across workplaces, Samrat warned that unregulated use creates blind spots.

Staff often deploy new platforms without awareness of confidentiality risks, exposing sensitive data to external systems.

His approach is to anchor AI adoption in governance frameworks built on responsible, ethical, and explainable principles.

For him, resilience depends on ensuring AI tools can be interrogated, understood, and controlled, rather than treated as black boxes.

“If you are not going to give the guardrails and governance to your workforce, they will do anything and everything.”

 

Preparing for the inevitable

Samrat also emphasised that resilience planning must assume incidents will occur.

In the case of ransomware, he sees recovery capability as the make-or-break factor.

Tested backup and restoration processes, rather than negotiations with attackers, give an organisation control in a crisis.

This pragmatic stance reflects his broader philosophy: prepare continuously, validate controls, and never assume they will perform as expected until they are proven.

 

Communicating with boards

Budgets are often only unlocked after incidents, but Samrat argued that effective leaders translate risks into measurable business impacts before crises strike.

He described how he frames security investments in financial terms that boards cannot ignore, quantifying potential revenue loss, regulatory costs, and insurance consequences if key systems go down.

By tying security directly to business performance, he ensures leadership can prioritise resilience alongside growth.

“The moment leadership sees the risk in numbers, it is easier for them to prioritise investment.”

 

Gearing up for 2025

Looking ahead, Samrat believes the most urgent priority is integrating security into the fabric of business operations.

He noted that security cannot function from “the other side of the table” but must align with commercial objectives and critical processes.

This means tailoring controls to real business needs, embedding governance early, and engaging proactively with teams exploring AI and other emerging technologies.

For him, resilience before 2026 is less about chasing every new threat and more about ensuring security is inseparable from how the business operates.

 

Key takeaways

  • Apply lessons from regulated sectors to embed ongoing risk assessments and governance.
  • Treat AI adoption as a governance issue, not a technical add-on.
  • Focus resilience on recovery and preparation rather than negotiations with attackers.
  • Translate security into business impact to unlock investment before a breach.
  • Align security objectives with business priorities to prepare for 2026.

 

Hear more from Samrat and other leading CISOs at Security Edge on 8 October in Melbourne, where he will join the panel discussion on the most urgent cyber risks facing leaders today.

150 enterprise and government security leaders will gather to share practical strategies for defending against today’s threats, rebuilding after major incidents, and sustaining leadership resilience in complex environments.

Contributors
Samrat Seal Head of Transformation and Governance at Kmart Group
A technology strategy thought leader with a legacy of shaping and delivering high-stakes digital transformations, Samrat is known for leading from the... More

A technology strategy thought leader with a legacy of shaping and delivering high-stakes digital transformations, Samrat is known for leading from the front—where innovation, security, and business value converge. With a sharp strategic lens and deep domain expertise, he has successfully built and managed complex portfolios across cross-section of business, while delivering enterprise-wide transformation initiatives, with end-to-end P&L ownership and NorthStar commercial acumen.

Samrat brings an unique combination of strategic clarity, technical depth, and business-first mindset to every engagement—driving change at scale, mitigating risk, and unlocking long-term value for stakeholders. He is adept at navigating ambiguity and aligning technology investments with business outcomes, while ensuring agility, regulatory compliance, and secure-by-design principles remain at the core of delivery.

A proven people leader, Samrat has built and led high-performing, cross-functional teams across geographies—fostering collaboration, ownership, and continuous innovation. His leadership approach empowers talent, nurtures future leaders, and builds a culture of excellence, accountability, and resilience.

With a strong foundation across cybersecurity, AI, cloud computing, API ecosystems, and over-arching digital transformation, Samrat is committed to advancing enterprise capabilities through secure, scalable, and future-ready platforms. He is passionate about shaping the next frontier of technology, translating vision into execution, and delivering measurable business impact in an ever-evolving digital landscape.

Less
Justina Uy Content Marketing Manager
Justina Uy is a data-driven content marketer that thrives on democratising elite know-how to empower Australia’s underdogs. Skilled at translating complex ideas... More

Justina Uy is a data-driven content marketer that thrives on democratising elite know-how to empower Australia’s underdogs.

Skilled at translating complex ideas into a compelling story across formats and channels, she shifts seamlessly between writing long-form articles, creating viral social media posts, and producing thumb-stopping videos.

Since 2015, Justina executes her vision through a sophisticated understanding of the rapidly evolving digital and business landscape to serve entertaining and educational insights to the executive community.

Less
security data employee experience