Sydney CISO Executive Summit

8 November 2022 | Sofitel Sydney Wentworth

8 November 2022
Sofitel Sydney Wentworth

Collaborate with your peers

Get together with Sydney's top CISOs to tackle shared business challenges and critical priorities facing your role today. Participate in this one-day, local program with peer-driven topics and interactive discussions with your true C-level peers.

Join your peers to discuss the most critical issues impacting CISOs today:

Adapting to ever-changing digital business strategies, with security at the forefront

Accelerating high growth & a data first mindset, while empowering talent & protecting the enterprise

Driving worldwide innovation – optimizing processes and elevating customer experience

Sydney CISO Governing Body


The Governing Body Co-Chairs shape the summit agenda, ensuring that all content is driven by CISOs, for CISOs.

Co-Chairs

Dovid Clarke

Sydney Airport Corporation
Head of Cyber Security

Susie Costa

Sumitomo Mitsui Banking Corporation
SVP, Head of Security Management

Christian Daugbjerg

Demant
Vice President IT, Asia Pacific

Ben Doyle

Thales Australia
CISO Asia Pacific

David Reeve

Metcash Trading
CIO

What to Expect

Interactive Sessions

Hear from CISO practitioners and thought leaders on how they're solving critical challenges impacting your role today in Keynote sessions, and join smaller, interactive discussions with your peers in Breakout and Boardroom sessions.

Community Networking

Make new connections and catch up with old friends in casual conversations during dedicated time for networking designed to better acquaint you with your Sydney CISO community.

Peer-to-Peer Meetings

Connect with like-minded peers in a private, one-on-one setting through Evanta's Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Agenda


7 November 2022

18:00 - 21:00  Governing Body Welcome Reception

Governing Body Welcome Reception

Exclusive to community members, this "open house" style reception is a can’t-miss opportunity to connect with your peers prior to tomorrow’s Executive Summit. Please join your colleagues for an evening of good food, wine, and lively networking.

8 November 2022 - morning

08:00 - 09:00  Registration & Breakfast

09:00 - 09:45  Keynote

Why Many CIOs are Prioritising Security Management

Daniel Evans headshot

Daniel Evans

Chief Information Officer

Rio Tinto Australia

While cybersecurity has always been one of the biggest concerns for technology leaders, what’s more alarming is the evolving sophistication of these crimes. Organisations need to urgently adopt an enhanced cyber security posture and CIOs are expected to be more involved in cybersecurity this year while maintaining the role of the primary technology decision-maker. According to research security and risk management skills are also the top skills CIOs are expected to seek this year.

Join this keynote session, with Daniel Evans, CIO, Rio Tinto as he discusses:

  • His incredible journey from a security leader to a CIO
  • The changing role of the security leader from a gatekeeper to a strategic enabler
  • How to develop an effective governance structure by strengthening the CIO and CISO relationship

09:45 - 10:00  Break

10:00 - 10:45  Breakout Session

The Keys to Failure: A Historical Look at How to Prepare for and Address Your Future Breach

Stephen Moore headshot

Stephen Moore

Chief Security Strategist

Exabeam

What are the keys to security failure? Join this session to hear from Stephen Moore the Vice President and the Chief Security Strategist at Exabeam. He will discuss why security teams, specifically the SOC, fail when not aligned to adversary capabilities, leadership, and internal politics. Then, learn how to make your team more resilient using a simple model based on outcomes and use cases formed during breach response.

The session will also cover:

  • How to use available observations and outcomes to preempt failure
  • How to avoid making decisions in a vacuum of experience
  • A review of common shortcomings and observations
  • A take-home exercise for security leadership and SOC capability (tabletop and thought experiment)

10:00 - 10:45  Executive Boardroom

Beyond Initial Intrusion – Defending Against Advanced Threats on the Network

Chris Thomas headshot

Chris Thomas

Senior Security Advisor

ExtraHop

Ben Doyle headshot

Ben Doyle

CISO Asia Pacific

Thales Australia

Morgan Storey headshot

Morgan Storey

Chief Information Security Officer

Sonic Healthcare

Based on Gartner research, 75 percent of cybersecurity budgets go to preventing initial intrusion and only 25 percent on detection and mitigation. However, the real damage to the enterprise happens once the attacker is already inside the network, working their way toward carrying out a costly breach or extortion. Cyber defenders are also faced with increasingly sophisticated attackers, the rapidly growing complexity of modern IT infrastructures, and a persistent talent shortage exacerbated by The Great Resignation. CISOs need new approaches for managing technology, talent, and processes in the SOC to build a modern threat detection and response program.

Join this boardroom to discuss:

  • The advanced attack techniques that bad actors are forced to rely on and how to spot them
  • Strategies to increase the speed of detection and mitigation
  • How to strengthen your organisation’s resilience by finding the right approach to talent management

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CxOs).

10:00 - 10:45  Executive Boardroom

Leveraging Managed Expertise to Avoid Alert Fatigue

Graeme Pyper headshot

Graeme Pyper

ANZ MD & Director APAC Partner and Alliances

BlackBerry

Venkat Balakrishnan headshot

Venkat Balakrishnan

CISO

TAL Life

The sheer scale and complexity of cyber-threats have meant the challenge of securing your business has gone beyond a human-scalable problem. Security teams are inundated with alerts, while simultaneously trying to monitor data and activity spread across disparate environments and respond to attacks in real-time. To rise to this challenge, efficiently employing actionable threat intelligence is key to staying ahead of the next wave of threats.

Join this session to discuss:

  • How security leaders can pinpoint and leverage actionable threat intelligence
  • How to address alert fatigue while still maintaining detection efficacy
  • How to evolve and scale playbooks as the threat landscape changes

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CxOs).

10:45 - 11:30  Networking Break

10:55 - 11:20  Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

8 November 2022 - mid-afternoon

11:30 - 12:15  Breakout Session

Exploring Identity & Access Management Maturity

Brett Winterford headshot

Brett Winterford

Regional Chief Security Officer, APJ

Okta

Getting a modern identity strategy right is a tough gig. Legacy identity providers are everywhere, disjointed MFA solutions, script-driven joiner/mover/leaver approaches and constantly evolving business requirements are pervasive. Business leaders need to unify identity silos, simplify IAM and enable secure access to any technology. Many organisations are overwhelmed by the task ahead, and unsure how to break down the job of improving their IAM strategy into actionable steps. In this presentation, we will discuss some of the most important considerations as you chart the path forward.

Join this session to explore:

  • Steps for moving off legacy identity solutions (and from on-premises to the cloud)
  • Automating joiners, movers, and leavers
  • Managing third-party access & shadow IT

11:30 - 12:15  Executive Boardroom

Accounting for Third-Party Risk in Strategic Planning

Jonathan Ehret headshot

Jonathan Ehret

Vice President, Strategy and Risk

RiskRecon

Daniel Smith headshot

Daniel Smith

CISO

Hearing Australia

Sadeed Tirmizey headshot

Sadeed Tirmizey

Deputy CISO

Airservices Australia

Third parties expose businesses to strategic, operational, financial, and compliance risks. Moreover, leaders have less visibility into third parties than into their own businesses. For many organisations, the pandemic exposed the fragility of the organisation’s third-party network and impressed the need to flex quickly to new third and fourth parties in the extended enterprise to meet demand without increasing risk exposure.

Join this interactive session to discuss:

  • Standardising third-party risk management assessments to be used by business units       
  • Maintaining visibility of all ongoing third-party relationships
  • Identifying and mitigating the risks of the third-party network

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CxOs).

11:30 - 12:15  Executive Boardroom

How to Effectively Minimise User Exposure

Tim Bentley headshot

Tim Bentley

Regional Director APAC

Abnormal Security

Dovid Clarke headshot

Dovid Clarke

Head of Cyber Security

Sydney Airport Corporation

Santanu Lodh headshot

Santanu Lodh

Chief Information Security Officer

OFX

Three-quarters of Australian security leaders see human error as their organisation’s biggest cyber vulnerability. Today employees are exposed to threats at unprecedented and unacceptable levels, especially through email. The security industry has responded with training to educate users to make better decisions and reporting to identify targeted and risky employees. However, the real desired outcome is significantly less user exposure in the first place.  Learn how organisations can leverage advanced behavioural science and automation for precise decision-making on what is good and what is bad email.

 In this session we will discuss:

  • Account takeover techniques and measures that can be taken to help protect against them
  • New insights and controls over protecting against supply chain attacks
  • The accuracy of advanced behavioural data science in identifying anomalous behaviour
  • The extent to which organisations are able to reduce user exposure

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CxOs).

12:15 - 13:15  Lunch Service

13:15 - 13:50  Keynote

Securing Digital Business Transformation Starts With Zero

Heng Mok headshot

Heng Mok

CISO, APJ

Zscaler

Digital transformation is a powerful business enabler that is compelling leaders to fundamentally change their technology ecosystems. The potential of technology to unlock value and drive progress has never been greater and the imperative to transform your business, securely, has never been more urgent. With data, users, and devices everywhere, how can technology leaders reimagine cybersecurity in a world without boundaries?

Join this keynote to hear strategies on:

  • Accelerating transformation with innovative security services, and communicating their value to the business
  • Scaling and simplifying security across the organisation, minimising risk, and gaining agility
  • Protecting today's cloud-first, hybrid workforce with a proactive, intelligent, and radically simple security architecture

13:50 - 14:00  Break

8 November 2022 - afternoon

14:00 - 14:45  Breakout Session

Enterprise Cloud: Patterns of Success

Phil Le-Brun headshot

Phil Le-Brun

Enterprise Strategist

Amazon Web Services

What do enterprises who’ve adopted cloud successfully have in common? In this session, Phil Le-Brun, a Director of Enterprise Strategist at AWS, will share what he’s learned advising executives of AWS’s largest customers, in addition to his first-hand experience planning, leading, and executing successful IT initiatives in his former role as International CIO and Corporate VP of Global Technology Development at McDonald’s. We’ll take a look at strategies based on real-world experience for how to motivate and re-skill existing employees, do more with less, and organise teams to be as successful as possible, as quickly as possible.

In this session, we’ll cover how to:

  • Turn nay-sayers and doubters into allies
  • Build momentum in your transformation through small wins that deliver big results
  • Creating an environment that encourages calculated risk-taking and growth

14:00 - 14:45  Executive Boardroom

The Role of Identity and Access Management in Securing Digital Transformation

Thomas Fikentscher headshot

Thomas Fikentscher

Regional Director, ANZ

CYBERARK

Raghu Gandhy headshot

Raghu Gandhy

Chief Information Security Officer

Veolia Australia and New Zealand

Graham Thomson headshot

Graham Thomson

Group Head of IT Security

A2 Milk Company

Whether you are a government-labelled critical infrastructure entity or not, in a digital world, every connected ‘asset’ becomes critical. What matters most is who has access and what can be done with that access. Identities enable access and can be found everywhere in modern distributed business and IT environments. In addition, the rise of machine identities – used in automated processes and connected devices and often running into hundreds of thousands per organization – has driven a build-up of cybersecurity “debt”, leaving organisations exposed to highly increased cyber risk. 

It only takes one compromised identity for a threat actor or malicious insider to launch an attack. The question is how can businesses continue to grow at scale, while protecting critical assets and business services?

Join this interactive session to discuss:

  • The consequences of compromised identities, including examples from recent cyber attacks
  • How the need for digital transformation can be balanced with the requirement to secure modern business operations?
  • What is an effective approach to recognising and reducing Cyber Risk? What’s the role of Zero Trust?

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CxOs).

14:00 - 14:45  Executive Boardroom

How CIOs and CISOs can Drive Digital Trust During Business Disruption

Brett Winterford headshot

Brett Winterford

Regional Chief Security Officer, APJ

Okta

Melissa Clemens headshot

Melissa Clemens

Chief Security Officer

Service NSW

Nick Vine headshot

Nick Vine

Group Manager, Cybersecurity

Mirvac

In any trusting relationship, all parties know that they can rely on the other to treat them — and any sensitive information they choose to disclose — ethically and with respect. If Technology Leaders are to enable their organisations to earn and retain the digital trust of all stakeholders, especially external customers, they must give confidence in the reliability of their technology systems and the services it delivers. In times of ongoing uncertainty, it’s never been more critical for the CISO and CIO to earn stakeholder trust so that they can seamlessly and consistently safeguard people, privacy, and data to enable digital business. 

Join this Town Hall to discuss:

  • How to build trust and balance security demands
  • How to accelerate speed to market by building trusted digital experiences
  • How CISOs and CIOs can deliver digital customer and workforce experiences that stand out from the crowd

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CxOs).

14:45 - 15:30  Networking Break

14:55 - 15:20  Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

15:30 - 16:15  Breakout Session

How Technology and Data are Both Key Enablers of Digital Business Acceleration

Paul Murphy headshot

Paul Murphy

Chief Information Officer

GHD

Organisations are continuing their journeys into digital business, and IT needs to transform the way service and operations are delivered by building new digital capabilities, driving continuous innovation, and leveraging a data-driven approach. For such an ambitious journey, it’s important for IT leaders to identify what an effective data management program looks like and how data and analytics can support expanding their digital business and increasing their D&A maturity.

Join this session for thoughts and learnings on how to:

  • Use analytics as a driver for bigger business and stronger customer value
  • Future proof the workplace with data-driven strategies
  • Build an outcome-focused data strategy

15:30 - 16:15  Executive Boardroom

Navigating the Third-Party Threat Landscape

Anthony Panuccio headshot

Anthony Panuccio

Regional VP, APAC & EMEA

CyberGRX

Daniela Fernandez headshot

Daniela Fernandez

Head of Information Security Australia

PayPal Australia

Ornella Torres headshot

Ornella Torres

APAC Information Security Risk and Compliance Lead

Zurich Australia

Companies are increasingly dependent on vast networks of third parties which makes it difficult to monitor the level of exposure these risks pose to the organisation. Perfect monitoring of all third parties, especially at a global scale is impossible with limited resources. However, a proper third-party risk management program can be the lifesaving measure your business needs when your partners are under attack.

Join this session to discuss:

  • Prioritising your vendor inventory for assessment
  • Leveraging automation for calculating risk and streamlining the review process
  • Expanding third-party risk conversations beyond cybersecurity 

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CxOs).

15:30 - 16:15  Executive Boardroom

Building a Cloud Team – Developing World-Class Talent That Produces Results

Miriam McLemore headshot

Miriam McLemore

Director, Enterprise Strategy & Evangelism

Amazon Web Services

Mathews George headshot

Mathews George

Chief Information Officer

The Smith Family

Steve Orleow headshot

Steve Orleow

Chief Technology Officer

Guzman y Gomez

Successful cloud transformations require highly skilled people, but cloud skills are in high demand and the market for these skills is competitive. What strategies for recruiting and retaining top talent are working, and how do CIOs motivate and re-skill existing employees so they can be as successful as possible, as quickly as possible?

Join this session to discuss how to:

  • Practically up-skill existing employees with what they need to succeed
  • Develop an organisation that sees learning as a competitive advantage
  • Create space for reskilling

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CxOs).

16:15 - 16:25  Break

16:25 - 17:00  Keynote

Adopting a Growth Mindset and Boosting Resilience

Daniel Bull headshot

Daniel Bull

World Record-Breaking Adventurer

Guest Speaker

At the very top of the world, as in the business world, constant change means we’re all navigating new terrain. Come together and bounce back from the greatest disruptive event of our generation, while being inspired by 3x world record-breaking adventurer Daniel Bull. He shares powerful and practical strategies learnt from Everest to Antarctica and beyond while empowering you to defy limits, grasp opportunities, and conquer your own mountains – in work and in life.

Daniel will share:

  • Proven strategies for dealing with unrelenting change
  • Powerful insights on courageous leadership in the face of ongoing uncertainty
  • What it takes to reach the top – adopting a growth mindset and boosting resilience despite epic challenges

17:00 - 18:00  Closing Reception & Prize Drawing

We look forward to seeing you at an upcoming in-person gathering


Evanta programmes are uniquely positioned to succeed in the current landscape.

  • Our invitation-only gatherings are designed to be smaller in scale, providing a safe and comfortable environment.
  • All in-person programmes are local and complimentary, with zero impact on your organisation’s T&E.

We are committed to creating the safest possible environment for all participants, partners, and associates. As a part of our commitment we will continue to monitor and adhere to government, venue, and health agency guidelines. Information on vaccinations, face mask guidance, on-site safety measures, and more, can be found here: Health and Safety Resource Policy.

Location


Venue & Accommodation

Sofitel Sydney Wentworth

Your Community Partners


CIO and CISO Thought Leader
Key Partners
Program Partners

Community Program Manager


For inquiries related to this community, please reach out to your dedicated contact.

Kelly Douglas

Brand Director, Australia

(04) 3924 2184

kelly.douglas@gartner.com