Cyber resilience gets stronger when security stops operating from the other side of the table and starts aligning governance, recovery, and AI guardrails with real business risk.

Samrat Seal, Head of Transformation and Governance – AI and Cyber at Kmart Group, has led cyber and governance in banking, telecoms, media, insurance, and healthcare.

His career across some of the most regulated industries has shaped his approach in retail, where fewer formal guardrails exist.

In this interview with ADAPT’s Content Lead Justina Uy, he explained that the discipline of constant audits, regular testing, and continuous governance must carry across sectors to ensure security keeps pace with business change.

 

Embedding governance into AI adoption

As AI tools proliferate across workplaces, Samrat warned that unregulated use creates blind spots.

Staff often deploy new platforms without awareness of confidentiality risks, exposing sensitive data to external systems.

His approach is to anchor AI adoption in governance frameworks built on responsible, ethical, and explainable principles.

For him, resilience depends on ensuring AI tools can be interrogated, understood, and controlled, rather than treated as black boxes.

“If you are not going to give the guardrails and governance to your workforce, they will do anything and everything.”

 

Preparing for the inevitable

Samrat also emphasised that resilience planning must assume incidents will occur.

In the case of ransomware, he sees recovery capability as the make-or-break factor.

Tested backup and restoration processes, rather than negotiations with attackers, give an organisation control in a crisis.

This pragmatic stance reflects his broader philosophy: prepare continuously, validate controls, and never assume they will perform as expected until they are proven.

 

Communicating with boards

Budgets are often only unlocked after incidents, but Samrat argued that effective leaders translate risks into measurable business impacts before crises strike.

He described how he frames security investments in financial terms that boards cannot ignore, quantifying potential revenue loss, regulatory costs, and insurance consequences if key systems go down.

By tying security directly to business performance, he ensures leadership can prioritise resilience alongside growth.

“The moment leadership sees the risk in numbers, it is easier for them to prioritise investment.”

 

Cyber resilience depends on security being embedded in the business

Looking ahead, Samrat believes the most urgent priority is integrating security into the fabric of business operations.

He noted that security cannot function from “the other side of the table” but must align with commercial objectives and critical processes.

This means tailoring controls to real business needs, embedding governance early, and engaging proactively with teams exploring AI and other emerging technologies.

The real resilience challenge is building security into the fabric of the business, rather than chasing threats one by one.

 

Key takeaways:

  • Run security like a regulated industry, with constant audits, recurring control tests, and ongoing governance reviews. That discipline is easier to build before a crisis than after one.
  • AI adoption needs to be governed like any other business risk, with clear guardrails around how tools are used, what data they can access, and how decisions are explained. Security leaders who leave AI outside formal governance create blind spots that grow quickly.
  • Resilience depends on recovery capability and board level understanding of business impact. Security investment becomes easier to prioritise when leaders can connect outages, breaches, and control gaps to revenue, operations, and regulatory cost.
Contributors
Samrat Seal Head of Transformation and Governance at Kmart Group
A technology strategy thought leader with a legacy of shaping and delivering high-stakes digital transformations, Samrat is known for leading from the... More

A technology strategy thought leader with a legacy of shaping and delivering high-stakes digital transformations, Samrat is known for leading from the front—where innovation, security, and business value converge. With a sharp strategic lens and deep domain expertise, he has successfully built and managed complex portfolios across cross-section of business, while delivering enterprise-wide transformation initiatives, with end-to-end P&L ownership and NorthStar commercial acumen.

Samrat brings an unique combination of strategic clarity, technical depth, and business-first mindset to every engagement—driving change at scale, mitigating risk, and unlocking long-term value for stakeholders. He is adept at navigating ambiguity and aligning technology investments with business outcomes, while ensuring agility, regulatory compliance, and secure-by-design principles remain at the core of delivery.

A proven people leader, Samrat has built and led high-performing, cross-functional teams across geographies—fostering collaboration, ownership, and continuous innovation. His leadership approach empowers talent, nurtures future leaders, and builds a culture of excellence, accountability, and resilience.

With a strong foundation across cybersecurity, AI, cloud computing, API ecosystems, and over-arching digital transformation, Samrat is committed to advancing enterprise capabilities through secure, scalable, and future-ready platforms. He is passionate about shaping the next frontier of technology, translating vision into execution, and delivering measurable business impact in an ever-evolving digital landscape.

Less
Justina Uy Content Marketing Manager
Justina Uy is a data-driven content marketer that thrives on democratising elite know-how to empower Australia’s underdogs. Skilled at translating complex ideas... More

Justina Uy is a data-driven content marketer that thrives on democratising elite know-how to empower Australia’s underdogs.

Skilled at translating complex ideas into a compelling story across formats and channels, she shifts seamlessly between writing long-form articles, creating viral social media posts, and producing thumb-stopping videos.

Since 2015, Justina executes her vision through a sophisticated understanding of the rapidly evolving digital and business landscape to serve entertaining and educational insights to the executive community.

Less
security data employee experience