ANZ Summit
Virtual Summit February 16 - 17, 2022
Organizations from Australia and New Zealand have been dealing with the biggest cyber-attacks in 2021, falling victim to hackers from around the globe. The region saw increased ransomware, crypto mining, phishing, and supply chain attacks, along with massive data leaks and expensive ransomware pay-outs targeting large and medium enterprises. As CISOs continue to modernize their security program to adapt to the changes and changing threat landscape, the governments of Australia and New Zealand have evolved a comprehensive strategy, a Ransomware Action Plan to help tackle this challenge. Join our summit to gain insights from the cybersecurity thought leaders on the key aspects of 'zero trust', IAM, Ransomware, privacy, fraud, payments, IoT, cryptocurrency, endpoint protection, cloud security, and more that help you build better cybersecurity resilient enterprise in 2022.
ISMG's agendas provide actionable education and exclusive networking opportunities with your peers and our subject matter expert speakers.
Dr. Tim Nedyalkov
Technology Information Security Officer
Commonwealth Bank of Australia
Dr. Nedyalkov is technology information security officer at the Commowealth Bank of Asutralia. He brings more than 18 years of management and executive experience in information technology and cyber security across Europe, the USA, Australia, and the Middle East. Recently,...
Vidhu Bhardwaj
Former Lecturer – Networking & Cybersecurity
South Metropolitan TAFE
Bhardwaj is a senior consultant - cybersecurity strategy and governance atKPMG Australia and former lecturer in networking and cybersecurity at South Metropolitan TAFE. Besides, she is also the Perth Chapter Lead for the Australian Women in Security Network. A proactive...
Dr. Siva Sivasubramanian
CISO
Optus
Dr Sivasubramanian has been the CISO of SingTel Optus since 2002; between 2014 -2017 he was seconded to Bharti Airtel from Singtel as Global Chief of Security for Airtel Group. Earlier, he served as project director at Universal Studios in...
Amit Chaubey
Deputy Chair-AISA Sydney & Head-Cyber Risk & Compliance
Ausgrid
Chaubey is the deputy chair, AISA Sydney & head of cyber risk and compliance at Ausgrid. He is a seasoned technology and cyber security risk professional. He has more than 21 years of experience across Asia Pacific, with extensive experience...
Tom Daniewski
CISO
Federal Court of Australia
Daniewski is CISO for Federal Court of Australia. He has more than 20 years of experience in cybersecurity and digital transformation gained from global engagements within defence, media, financial services, airline and government industry sectors.
David Geber
CISO
AUB Group
Mr. Geber is the head of information security at the AUB Group. He has more than 20 years of experience in information technology, cyber security, risk management, governance and compliance. With expertise in developing and implementing cyber security strategies for...
Paul Prokop
Enterprise Security Engineer
LogRhythm
Prokop is the enterprise security engineer for LogRhythm ANZ. He has more than 25 years of experience in IT Security. In LogRhythm, he is a trusted advisor to customers and works with them to translate their business requirements into an...
Daniel Pludek
Global CTO
Kip McGrath
Pludek is the global CTO at Kip McGrath. He is a technology professional who has a solid history of partnering with businesses and using technology as an enabler to support optimisation, innovation and growth. Having spent more than 20 years...
John Kindervag
Senior Vice President-Cybersecurity Strategy
ON2IT
Kindervag is senior vice president of cybersecurity strategy and an ON2IT Group Fellow at ON2IT Cybersecurity. Previously, he was field CTO at Palo Alto Networks. Earlier, while working at Forrester Research, where he was a vice president and principal analyst...
Vrijesh Pandey
Former Senior Director-Global Network and Security Operations
Singtel
Pandey is the former senior director - global network and security operations- with Singtel. He has more than 22 years of experience in ICT space across key global telecom and system integrators. In his current role, he is taking care...
Geetha Nandikotkur
Managing Editor & Conference Chair, Asia & Middle East
ISMG
Nandikotkur is an award-winning journalist with over 20 years of experience in newspapers, audiovisual media, magazines and research. She has an understanding of technology and business journalism and has moderated several roundtables and conferences, in addition to leading mentoring programs...
Gabriel T. Akindeju
CISO
Waikato DHB
Akindeju is the CISO Waikato District Health Board. He is an innovative and strategic technology risk management and security management thought leader with background in enterprise technology risk management and enterprise security governance and architecture; Information Systems Management; Instrumentations and...
Nicki Doble
Former Group CIO
Cover More Group
Doble is the former group CIO and CISO at Cover-More Group. She is a C-Suite business technology executive with over 16 years of experience in insurance IT transformations and turnarounds. Doble specializes in creating cultures that enable change to flourish...
Sadiq Iqbal
Security Pre-Sales Team Lead
Check Point
Iqbal leads the security pre-sales engineering team at Check Point. He has more than 20 years of industry experience and specializes in advising organizations across the enterprise and critical infrastructure space on how to build and strengthen their security posture...
Abhishek Singh
CIO
UNICEF, Australia
Singh is currently the CIO at UNICEF Australia. In this role, he is responsible for technology enablement and transformation initiatives, operational excellence, cybersecurity and privacy. He has been a technologist all through his career having worked in Tier 1 IT...
Jo Stewart Rattray
Vice President-Communities and CISO
Silver Chain Group
Stewart-Rattray is chief security officer at Silver Chain Group. She has more than 25 years’ experience in the IT field some of which were spent as CIO in the utilities and as Group CIO in the tourism space, and with...
Dirk Hodgson
Director-Cybersecurity
NTT Ltd
Hodgson is sirector cybersecurit at the NTT. He has more than two decades of history in the technology, cybersecurity and intelligence industries. He has deep expertise in a wide variety of regulatory/compliance/best practice frameworks, backed by the requisite technical depth...
Krishnamohan Kasi
Vice President, Business and IT Audits
BNP Paribas
Kasi is vice president, business and IT audit with BNP Paribas. He has 20 years of experience driving various initiatives across multiple cybersecurity domains. He effectively brings together strategic business goals, security frameworks, tools, technology, and teams with special focus...
Suparna Goswami
Associate Editor
ISMG
Goswami has more than 10 years of experience in the field of journalism. She has covered a variety of beats including global macro economy, fintech, startups and other business trends. Before joining ISMG, she contributed for Forbes Asia, where she...
Ram Vaidyanathan
Cybersecurity Expert
ManageEngine, a division of Zoho Corporation Pty Ltd.
Vaidyanathan is an industry expert in IT security and cyber risk at ManageEngine, the IT management division of Zoho Corporation. He keeps himself updated about the latest techniques attackers use to compromise organizations and how we can defend ourselves. His...
Tony Jarvis
Director of Enterprise Security (APJ)
Darktrace
Jarvis is the director of enterprise security, Asia Pacific and Japan, at Darktrace. He is a seasoned cyber security strategist who has advised Fortune 500 companies around the world on best practice for managing cyber risk. He has counselled governments,...
Greg McKenna
Chief Executive Officer
Police Bank
McKenna is the CEO at the Police Bank. He has been part of the banking industry for more than 35 years. For much of his career Greg spent his time in markets where he was a trader, portfolio manager, currency...
View Agenda
Welcome to the ISMG Virtual Cybersecurity Summit: ANZ Summit!
Geetha Nandikotkur, Managing Editor & Conference Chair, Asia & Middle East, ISMG
Dr. Siva Sivasubramanian, CISO, Optus
Geetha Nandikotkur
Dr. Siva Sivasubramanian
  • 09:00 AM
  • 09:04 AM
Digital Security: Taking the C-Suite and Board on the Ride
Greg McKenna, Chief Executive Officer , Police Bank

The enterprises across Australia and New Zealand are encouraged to invest in the infrastructure needed to build a secure and robust platform for business transformation and support the digital economy.   
Can they align their strategy with the business priorities and rise to the expectations? What does digital innovation mean to security, and where is the disconnect? What needs to change both tactically and strategically to build a cyber-resilient organization?   

The keynote sets the tone for the board room agenda, how to get the ‘buy-in’ from the CEO and the board to invest in the resources you require, what should the board expect to understand about cybersecurity, and what can it do to eliminate obstacles that prevent organizations from developing a culture of proactive security? 

Greg McKenna
  • 09:15 AM
  • 09:48 AM
Winning Your Cyberwar with Zero Trust
John Kindervag, Senior Vice President-Cybersecurity Strategy, ON2IT

Zero trust revolutionizes network security architecture: it is data-centric and designed to stop data breaches. The ‘zero trust’ concept also adds a layer of agility to modern networks that is impossible to do in traditional network designs. These 21st-century networks have been adopted by government entities and large enterprises worldwide.  

In this plenary session, John will discuss: 

  • Why ‘zero trust’ concept is a critical part of your cybersecurity strategy
  • How to achieve your tactical and operational goals with ‘zero trust’ 
  • Demonstrate how ‘zero trust' will not only transform your network security but function as a business enabler, by focusing on the top business objectives 
John Kindervag
  • 09:45 AM
  • 10:12 AM
  • 10:15 AM
  • 10:30 AM
Track A
Paul Prokop
Track A: Building an Effective Security Program with Limited Resources
Paul Prokop, Enterprise Security Engineer, LogRhythm

Some organizations have a 24x7 security operations center (SOC) with teams of dedicated analysts monitoring for threats around the clock, while some organizations are deep in the trenches of building out their security program. Whether you have a formal SOC, are in the weeds of building or optimizing your security program, the desired outcome to detect and respond to threats fast remains. 

The session will discuss:

  • Best practices for an effective security program 
  • 7 steps to building a successful security program with limited resources  
  • How a NextGen SIEM solution is the ideal technology for building a SOC    
  • 10:15 AM
  • 10:30 AM
Track B
Tony Jarvis
Track B: Stopping Ransomware with Autonomous Response
Tony Jarvis, Director of Enterprise Security (APJ), Darktrace

New strains of ransomware are leaving organizations vulnerable, and security teams often cannot respond proportionately to an attack, leading to cyber disruption across the organization.
Join Tony Jarvis, Darktrace’s Director of Enterprise Security (APJ), as he unpacks some of today’s most advanced ransomware threats. Learn how Self-Learning AI understands the organization to reveal every stage of a ransomware attack – and takes targeted, autonomous action to stop the threat in its tracks.

This presentation will discuss:

  • Recent ransomware threat trends, including double extortion and RDP attacks
  • How "Autonomous Response" takes action to contain an emerging attack, even when security teams are out of office
  • Real-world examples of ransomware detected– including a zero-day witnessed recently
Applying Right Defenses in Fighting Ransomware Attacks
Ram Vaidyanathan, Cybersecurity Expert, ManageEngine, a division of Zoho Corporation Pty Ltd.

Ransomware attacks are becoming all-pervasive across organizations not limited to any region. The security teams need to be conscious of the five stages of its attack pattern—be it initial exploitation, installation, backup destruction, encryption, and extortion. What are some of the tactics attackers use to accomplish the goals, and what are some effective defense techniques security teams need to adopt in fighting ransomware intrusions?

The session will discuss:

  • Elaborating the five-stage ransomware exploitation process
  • A proactive response to ransomware attacks
  • Applying the right defense techniques in detecting and protecting from such attacks
Ram Vaidyanathan
  • 10:30 AM
  • 11:04 AM
  • 11:15 AM
  • 11:41 AM
Track A
Tom Daniewski
Track A: How to Build a Proactive Cyber Crisis Management Plan against Attacks?
Tom Daniewski, CISO, Federal Court of Australia

Security leaders say that an effective cyber crisis management is primarily a proactive approach to building enterprise resiliency. The strategy to make the resiliency align with the security, data protection, and tools with business priorities and enterprise risks. Do you agree that security teams need to build better resonance with regulations, frameworks, standards, controls, and threats for effective cyber crisis management? How do you build an empathy, alignment, trust, and collaborative environment and integrate with people, process, and technology to prepare for the crisis?  

The session will discuss:  

  • How to build an advanced cyber defense against anticipatory attacks
  • What kind of tools and technologies can be used in preparing for your defenses
  • How do CISOs orchestrate the cyber crisis management plan 
  • 11:15 AM
  • 11:46 PM
Track B
Daniel Pludek
Jo Stewart Rattray
Track B: Two-Way Street: A Cybersecurity Debate between CTO vs. CISO-Where is the Disagreement?
Daniel Pludek , Global CTO, Kip McGrath
Jo Stewart Rattray, Vice President-Communities and CISO, Silver Chain Group

Almost all CISOs across regions have a single most significant challenge of getting the necessary funding to support their cybersecurity programs. Are security leaders creating value for business and part of technology innovation? Is the CTO function aligned with security in driving innovation? Meeting the Expectations. Where is the Disconnect? 

The session discusses how to get a CTO and the CISO on a common goal to facilitate the continued success of their organization. Where is the disconnect?

  • 11:45 AM
  • 12:08 PM
Track A
Gabriel T. Akindeju
Track A: Building a Strategic Risk Model to Drive Business Value
Gabriel T. Akindeju, CISO, Waikato DHB

As CISOs, we play key bridging roles between corporate leadership at the very senior levels, and the security organisation.  We need to be able to see the bigger picture and link that to the everyday realities of security and other IS professionals that are the engine room of the enterprise.  It is a very delicate balancing act.  How then, do we maintain this balance and ensure we do not get lost in the details and yet be able to maintain the integrity of the profession?  This calls for a paradigm shift in how we manage technology related business risk.  We need to evolve a strategic value risk model that provides business value and enables optimization of risk profile, maximization of risk posture, improves agility and maximisation of the efficiencies of key controls across the enterprise. 

The session will discuss:  

  • Could security professionals define, maintain, and deliver an effective security strategy? If yes, how?  
  • Is there a way to harmonize risk management and security strategies, as well as security operations, into a unified value management strategy?  
  •  Could security drive value creation and protection of created value? If yes, how?  
  • 11:45 AM
  • 12:14 PM
Track B
Vidhu Bhardwaj
Track B: How to Maintain Security when Machines Interact with Each Other
Vidhu Bhardwaj, Former Lecturer – Networking & Cybersecurity , South Metropolitan TAFE

When striking a deal in person or with  a third-party, we often ask for a documented agreement that can assist in maintaining confidentiality, integrity, and availability of the systems and infrastructure. The biggest challenge for CISOs today is to establish security when the machines are talking to each other and also in a siloed environment, especially because of the relentless surge in cyberattacks against the systems and networks.

The session will discuss how to establish and maintain security when communication is happening over the network and:  

  • Bridging the network security gaps
  • Use of the right technologies and tools to establish security
  • Mechanics of maintaining the network Security-Use case scenario
  • 12:30 PM
  • 01:03 PM
Track A
Amit Chaubey
Nicki Doble
Abhishek Singh
Track A: Supply Chain Attacks: Are Enterprises Able to Detect and Respond?
Amit Chaubey, Deputy Chair-AISA Sydney & Head-Cyber Risk & Compliance, Ausgrid
Nicki Doble, Former Group CIO, Cover More Group
Abhishek Singh, CIO, UNICEF, Australia

We typically think of supply chain attacks as stealthy attacks on hardware components, such as malware on laptops and network devices. However, it can also be an attack on one of your service providers which can lead to an easy compromise. Keeping a watchful eye on suppliers' security status – always knowing the risks they bring in – is an essential part of building resilience and response . 

The session will discuss: 

  • How to respond to software-associated supply chain attacks?
  •  Intersection of DevOps and security 
  • Security by design approach to secure software applications and evaluating the third-party products 
  • 12:30 PM
  • 01:03 PM
Track B
Dr. Tim Nedyalkov
Krishnamohan Kasi
Vrijesh Pandey
Track B: Demystifying SASE: A Practitioner's Approach to Secure the Hybrid Workforce
Dr. Tim Nedyalkov , Technology Information Security Officer , Commonwealth Bank of Australia
Krishnamohan Kasi, Vice President, Business and IT Audits, BNP Paribas
Vrijesh Pandey, Former Senior Director-Global Network and Security Operations, Singtel

The need for enhanced business agility and secure remote access to support digital transformation has led to adopting the secure access service edge, or SASE, model among enterprises, the phrase coined by Gartner in 2019.  
Some say CISOs now don't have to procure individual discrete security solutions and tie them into the network security layer; instead, they can source from one logical place using the SASE security model. What kind of changes do you need to bring in the operational procedures to take advantage of the centralized control that SASE drives?  

The session will discuss:  

  • Factors to consider in the SASE adoption;  
  • Is SASE a rip and replace approach; how to leverage existing security investment
  • The biggest roadblock in implementing SASE
Lessons from Log4j's Zero-Day Vulnerability: Effective Mitigation Techniques
Dr. Siva Sivasubramanian, CISO, Optus

For many security teams, it's been all hands-on deck since the Apache Log4j zero-day vulnerability recently came to light. The vulnerability, CVE-2021-44228, is part of the open-source Log4j 2 software library. Its component, used for logging events, is part of tens of thousands of deployed applications and cloud-based services affecting organizations across geographies.

Experts say that the security threat posed by the bug is "about as serious as it gets," and organizations are now racing to try and identify their risks and exposure levels.

The session will discuss:  

  • The modus operandi of such vulnerabilities
  • Lessons for CISOs from this incident
  • Cybersecurity response and risk mitigation techniques
Dr. Siva Sivasubramanian
  • 01:00 PM
  • 01:30 PM
Stop the Ransomware Menace: Bridging Backup Gaps
Dirk Hodgson, Director-Cybersecurity, NTT Ltd
David Geber, CISO, AUB Group
Sadiq Iqbal, Security Pre-Sales Team Lead, Check Point

Defending against ransomware attacks has been a massive challenge for CISOs. With enterprise backups becoming targets for cybercriminals, it has further intensified.
In ransomware attacks, cybercriminals attack through the backups because they know that security practitioners rely on backups to save themselves after a ransomware attack. Question have been raised around the recovery and response process capabilities. What needs to change as CISOs experience increasing hacking burnout in preventing such malware intrusions? Can they operationalize technology in their prevention and incidence response mechanism to address ransomware issues?

The panel will discuss:

  • Building an effective incidence response and investigation mechanism 
  • How do deal with recovery response process in the event of an attack 
  • Taking a tactical and strategic approach to battling ransomware and protecting backups
Dirk Hodgson
David Geber
Sadiq Iqbal
  • 01:30 PM
  • 02:05 PM

Organizations from Australia and New Zealand have been dealing with the biggest cyber-attacks in 2021, falling victim to hackers from around the globe. The region saw increased ransomware, crypto mining, phishing, and supply chain attacks, along with massive data leaks and expensive ransomware pay-outs targeting large and medium enterprises. As CISOs continue to modernize their security program to adapt to the changes and changing threat landscape, the governments of Australia and New Zealand have evolved a comprehensive strategy, a Ransomware Action Plan to help tackle this challenge. Join our summit to gain insights from the cybersecurity thought leaders on the key aspects of 'zero trust', IAM, Ransomware, privacy, fraud, payments, IoT, cryptocurrency, endpoint protection, cloud security, and more that help you build better cybersecurity resilient enterprise in 2022.
ISMG's agendas provide actionable education and exclusive networking opportunities with your peers and our subject matter expert speakers.

Dr. Tim Nedyalkov
Technology Information Security Officer
Commonwealth Bank of Australia
Dr. Nedyalkov is technology information security officer at the Commowealth Bank of Asutralia. He brings more than 18 years of management and executive experience in information technology and cyber security across Europe, the USA, Australia, and the Middle East. Recently,...
Vidhu Bhardwaj
Former Lecturer – Networking & Cybersecurity
South Metropolitan TAFE
Bhardwaj is a senior consultant - cybersecurity strategy and governance atKPMG Australia and former lecturer in networking and cybersecurity at South Metropolitan TAFE. Besides, she is also the Perth Chapter Lead for the Australian Women in Security Network. A proactive...
Dr. Siva Sivasubramanian
CISO
Optus
Dr Sivasubramanian has been the CISO of SingTel Optus since 2002; between 2014 -2017 he was seconded to Bharti Airtel from Singtel as Global Chief of Security for Airtel Group. Earlier, he served as project director at Universal Studios in...
Amit Chaubey
Deputy Chair-AISA Sydney & Head-Cyber Risk & Compliance
Ausgrid
Chaubey is the deputy chair, AISA Sydney & head of cyber risk and compliance at Ausgrid. He is a seasoned technology and cyber security risk professional. He has more than 21 years of experience across Asia Pacific, with extensive experience...
Tom Daniewski
CISO
Federal Court of Australia
Daniewski is CISO for Federal Court of Australia. He has more than 20 years of experience in cybersecurity and digital transformation gained from global engagements within defence, media, financial services, airline and government industry sectors.
David Geber
CISO
AUB Group
Mr. Geber is the head of information security at the AUB Group. He has more than 20 years of experience in information technology, cyber security, risk management, governance and compliance. With expertise in developing and implementing cyber security strategies for...
Paul Prokop
Enterprise Security Engineer
LogRhythm
Prokop is the enterprise security engineer for LogRhythm ANZ. He has more than 25 years of experience in IT Security. In LogRhythm, he is a trusted advisor to customers and works with them to translate their business requirements into an...
Daniel Pludek
Global CTO
Kip McGrath
Pludek is the global CTO at Kip McGrath. He is a technology professional who has a solid history of partnering with businesses and using technology as an enabler to support optimisation, innovation and growth. Having spent more than 20 years...
John Kindervag
Senior Vice President-Cybersecurity Strategy
ON2IT
Kindervag is senior vice president of cybersecurity strategy and an ON2IT Group Fellow at ON2IT Cybersecurity. Previously, he was field CTO at Palo Alto Networks. Earlier, while working at Forrester Research, where he was a vice president and principal analyst...
Vrijesh Pandey
Former Senior Director-Global Network and Security Operations
Singtel
Pandey is the former senior director - global network and security operations- with Singtel. He has more than 22 years of experience in ICT space across key global telecom and system integrators. In his current role, he is taking care...
Geetha Nandikotkur
Managing Editor & Conference Chair, Asia & Middle East
ISMG
Nandikotkur is an award-winning journalist with over 20 years of experience in newspapers, audiovisual media, magazines and research. She has an understanding of technology and business journalism and has moderated several roundtables and conferences, in addition to leading mentoring programs...
Gabriel T. Akindeju
CISO
Waikato DHB
Akindeju is the CISO Waikato District Health Board. He is an innovative and strategic technology risk management and security management thought leader with background in enterprise technology risk management and enterprise security governance and architecture; Information Systems Management; Instrumentations and...
Nicki Doble
Former Group CIO
Cover More Group
Doble is the former group CIO and CISO at Cover-More Group. She is a C-Suite business technology executive with over 16 years of experience in insurance IT transformations and turnarounds. Doble specializes in creating cultures that enable change to flourish...
Sadiq Iqbal
Security Pre-Sales Team Lead
Check Point
Iqbal leads the security pre-sales engineering team at Check Point. He has more than 20 years of industry experience and specializes in advising organizations across the enterprise and critical infrastructure space on how to build and strengthen their security posture...
Abhishek Singh
CIO
UNICEF, Australia
Singh is currently the CIO at UNICEF Australia. In this role, he is responsible for technology enablement and transformation initiatives, operational excellence, cybersecurity and privacy. He has been a technologist all through his career having worked in Tier 1 IT...
Jo Stewart Rattray
Vice President-Communities and CISO
Silver Chain Group
Stewart-Rattray is chief security officer at Silver Chain Group. She has more than 25 years’ experience in the IT field some of which were spent as CIO in the utilities and as Group CIO in the tourism space, and with...
Dirk Hodgson
Director-Cybersecurity
NTT Ltd
Hodgson is sirector cybersecurit at the NTT. He has more than two decades of history in the technology, cybersecurity and intelligence industries. He has deep expertise in a wide variety of regulatory/compliance/best practice frameworks, backed by the requisite technical depth...
Krishnamohan Kasi
Vice President, Business and IT Audits
BNP Paribas
Kasi is vice president, business and IT audit with BNP Paribas. He has 20 years of experience driving various initiatives across multiple cybersecurity domains. He effectively brings together strategic business goals, security frameworks, tools, technology, and teams with special focus...
Suparna Goswami
Associate Editor
ISMG
Goswami has more than 10 years of experience in the field of journalism. She has covered a variety of beats including global macro economy, fintech, startups and other business trends. Before joining ISMG, she contributed for Forbes Asia, where she...
Ram Vaidyanathan
Cybersecurity Expert
ManageEngine, a division of Zoho Corporation Pty Ltd.
Vaidyanathan is an industry expert in IT security and cyber risk at ManageEngine, the IT management division of Zoho Corporation. He keeps himself updated about the latest techniques attackers use to compromise organizations and how we can defend ourselves. His...
Tony Jarvis
Director of Enterprise Security (APJ)
Darktrace
Jarvis is the director of enterprise security, Asia Pacific and Japan, at Darktrace. He is a seasoned cyber security strategist who has advised Fortune 500 companies around the world on best practice for managing cyber risk. He has counselled governments,...
Greg McKenna
Chief Executive Officer
Police Bank
McKenna is the CEO at the Police Bank. He has been part of the banking industry for more than 35 years. For much of his career Greg spent his time in markets where he was a trader, portfolio manager, currency...

View Agenda
Welcome to the ISMG Virtual Cybersecurity Summit: ANZ Summit!
Geetha Nandikotkur, Managing Editor & Conference Chair, Asia & Middle East, ISMG
Dr. Siva Sivasubramanian, CISO, Optus
Geetha Nandikotkur
Dr. Siva Sivasubramanian
  • 09:00 AM
  • 09:04 AM
Digital Security: Taking the C-Suite and Board on the Ride
Greg McKenna, Chief Executive Officer , Police Bank

The enterprises across Australia and New Zealand are encouraged to invest in the infrastructure needed to build a secure and robust platform for business transformation and support the digital economy.   
Can they align their strategy with the business priorities and rise to the expectations? What does digital innovation mean to security, and where is the disconnect? What needs to change both tactically and strategically to build a cyber-resilient organization?   

The keynote sets the tone for the board room agenda, how to get the ‘buy-in’ from the CEO and the board to invest in the resources you require, what should the board expect to understand about cybersecurity, and what can it do to eliminate obstacles that prevent organizations from developing a culture of proactive security? 

Greg McKenna
  • 09:15 AM
  • 09:48 AM
Winning Your Cyberwar with Zero Trust
John Kindervag, Senior Vice President-Cybersecurity Strategy, ON2IT

Zero trust revolutionizes network security architecture: it is data-centric and designed to stop data breaches. The ‘zero trust’ concept also adds a layer of agility to modern networks that is impossible to do in traditional network designs. These 21st-century networks have been adopted by government entities and large enterprises worldwide.  

In this plenary session, John will discuss: 

  • Why ‘zero trust’ concept is a critical part of your cybersecurity strategy
  • How to achieve your tactical and operational goals with ‘zero trust’ 
  • Demonstrate how ‘zero trust' will not only transform your network security but function as a business enabler, by focusing on the top business objectives 
John Kindervag
  • 09:45 AM
  • 10:12 AM
  • 10:15 AM
  • 10:30 AM
Track A
Paul Prokop
Track A: Building an Effective Security Program with Limited Resources
Paul Prokop, Enterprise Security Engineer, LogRhythm

Some organizations have a 24x7 security operations center (SOC) with teams of dedicated analysts monitoring for threats around the clock, while some organizations are deep in the trenches of building out their security program. Whether you have a formal SOC, are in the weeds of building or optimizing your security program, the desired outcome to detect and respond to threats fast remains. 

The session will discuss:

  • Best practices for an effective security program 
  • 7 steps to building a successful security program with limited resources  
  • How a NextGen SIEM solution is the ideal technology for building a SOC    
  • 10:15 AM
  • 10:30 AM
Track B
Tony Jarvis
Track B: Stopping Ransomware with Autonomous Response
Tony Jarvis, Director of Enterprise Security (APJ), Darktrace

New strains of ransomware are leaving organizations vulnerable, and security teams often cannot respond proportionately to an attack, leading to cyber disruption across the organization.
Join Tony Jarvis, Darktrace’s Director of Enterprise Security (APJ), as he unpacks some of today’s most advanced ransomware threats. Learn how Self-Learning AI understands the organization to reveal every stage of a ransomware attack – and takes targeted, autonomous action to stop the threat in its tracks.

This presentation will discuss:

  • Recent ransomware threat trends, including double extortion and RDP attacks
  • How "Autonomous Response" takes action to contain an emerging attack, even when security teams are out of office
  • Real-world examples of ransomware detected– including a zero-day witnessed recently
Applying Right Defenses in Fighting Ransomware Attacks
Ram Vaidyanathan, Cybersecurity Expert, ManageEngine, a division of Zoho Corporation Pty Ltd.

Ransomware attacks are becoming all-pervasive across organizations not limited to any region. The security teams need to be conscious of the five stages of its attack pattern—be it initial exploitation, installation, backup destruction, encryption, and extortion. What are some of the tactics attackers use to accomplish the goals, and what are some effective defense techniques security teams need to adopt in fighting ransomware intrusions?

The session will discuss:

  • Elaborating the five-stage ransomware exploitation process
  • A proactive response to ransomware attacks
  • Applying the right defense techniques in detecting and protecting from such attacks
Ram Vaidyanathan
  • 10:30 AM
  • 11:04 AM
  • 11:15 AM
  • 11:41 AM
Track A
Tom Daniewski
Track A: How to Build a Proactive Cyber Crisis Management Plan against Attacks?
Tom Daniewski, CISO, Federal Court of Australia

Security leaders say that an effective cyber crisis management is primarily a proactive approach to building enterprise resiliency. The strategy to make the resiliency align with the security, data protection, and tools with business priorities and enterprise risks. Do you agree that security teams need to build better resonance with regulations, frameworks, standards, controls, and threats for effective cyber crisis management? How do you build an empathy, alignment, trust, and collaborative environment and integrate with people, process, and technology to prepare for the crisis?  

The session will discuss:  

  • How to build an advanced cyber defense against anticipatory attacks
  • What kind of tools and technologies can be used in preparing for your defenses
  • How do CISOs orchestrate the cyber crisis management plan 
  • 11:15 AM
  • 11:46 PM
Track B
Daniel Pludek
Jo Stewart Rattray
Track B: Two-Way Street: A Cybersecurity Debate between CTO vs. CISO-Where is the Disagreement?
Daniel Pludek , Global CTO, Kip McGrath
Jo Stewart Rattray, Vice President-Communities and CISO, Silver Chain Group

Almost all CISOs across regions have a single most significant challenge of getting the necessary funding to support their cybersecurity programs. Are security leaders creating value for business and part of technology innovation? Is the CTO function aligned with security in driving innovation? Meeting the Expectations. Where is the Disconnect? 

The session discusses how to get a CTO and the CISO on a common goal to facilitate the continued success of their organization. Where is the disconnect?

  • 11:45 AM
  • 12:08 PM
Track A
Gabriel T. Akindeju
Track A: Building a Strategic Risk Model to Drive Business Value
Gabriel T. Akindeju, CISO, Waikato DHB

As CISOs, we play key bridging roles between corporate leadership at the very senior levels, and the security organisation.  We need to be able to see the bigger picture and link that to the everyday realities of security and other IS professionals that are the engine room of the enterprise.  It is a very delicate balancing act.  How then, do we maintain this balance and ensure we do not get lost in the details and yet be able to maintain the integrity of the profession?  This calls for a paradigm shift in how we manage technology related business risk.  We need to evolve a strategic value risk model that provides business value and enables optimization of risk profile, maximization of risk posture, improves agility and maximisation of the efficiencies of key controls across the enterprise. 

The session will discuss:  

  • Could security professionals define, maintain, and deliver an effective security strategy? If yes, how?  
  • Is there a way to harmonize risk management and security strategies, as well as security operations, into a unified value management strategy?  
  •  Could security drive value creation and protection of created value? If yes, how?  
  • 11:45 AM
  • 12:14 PM
Track B
Vidhu Bhardwaj
Track B: How to Maintain Security when Machines Interact with Each Other
Vidhu Bhardwaj, Former Lecturer – Networking & Cybersecurity , South Metropolitan TAFE

When striking a deal in person or with  a third-party, we often ask for a documented agreement that can assist in maintaining confidentiality, integrity, and availability of the systems and infrastructure. The biggest challenge for CISOs today is to establish security when the machines are talking to each other and also in a siloed environment, especially because of the relentless surge in cyberattacks against the systems and networks.

The session will discuss how to establish and maintain security when communication is happening over the network and:  

  • Bridging the network security gaps
  • Use of the right technologies and tools to establish security
  • Mechanics of maintaining the network Security-Use case scenario
  • 12:30 PM
  • 01:03 PM
Track A
Amit Chaubey
Nicki Doble
Abhishek Singh
Track A: Supply Chain Attacks: Are Enterprises Able to Detect and Respond?
Amit Chaubey, Deputy Chair-AISA Sydney & Head-Cyber Risk & Compliance, Ausgrid
Nicki Doble, Former Group CIO, Cover More Group
Abhishek Singh, CIO, UNICEF, Australia

We typically think of supply chain attacks as stealthy attacks on hardware components, such as malware on laptops and network devices. However, it can also be an attack on one of your service providers which can lead to an easy compromise. Keeping a watchful eye on suppliers' security status – always knowing the risks they bring in – is an essential part of building resilience and response . 

The session will discuss: 

  • How to respond to software-associated supply chain attacks?
  •  Intersection of DevOps and security 
  • Security by design approach to secure software applications and evaluating the third-party products 
  • 12:30 PM
  • 01:03 PM
Track B
Dr. Tim Nedyalkov
Krishnamohan Kasi
Vrijesh Pandey
Track B: Demystifying SASE: A Practitioner's Approach to Secure the Hybrid Workforce
Dr. Tim Nedyalkov , Technology Information Security Officer , Commonwealth Bank of Australia
Krishnamohan Kasi, Vice President, Business and IT Audits, BNP Paribas
Vrijesh Pandey, Former Senior Director-Global Network and Security Operations, Singtel

The need for enhanced business agility and secure remote access to support digital transformation has led to adopting the secure access service edge, or SASE, model among enterprises, the phrase coined by Gartner in 2019.  
Some say CISOs now don't have to procure individual discrete security solutions and tie them into the network security layer; instead, they can source from one logical place using the SASE security model. What kind of changes do you need to bring in the operational procedures to take advantage of the centralized control that SASE drives?  

The session will discuss:  

  • Factors to consider in the SASE adoption;  
  • Is SASE a rip and replace approach; how to leverage existing security investment
  • The biggest roadblock in implementing SASE
Lessons from Log4j's Zero-Day Vulnerability: Effective Mitigation Techniques
Dr. Siva Sivasubramanian, CISO, Optus

For many security teams, it's been all hands-on deck since the Apache Log4j zero-day vulnerability recently came to light. The vulnerability, CVE-2021-44228, is part of the open-source Log4j 2 software library. Its component, used for logging events, is part of tens of thousands of deployed applications and cloud-based services affecting organizations across geographies.

Experts say that the security threat posed by the bug is "about as serious as it gets," and organizations are now racing to try and identify their risks and exposure levels.

The session will discuss:  

  • The modus operandi of such vulnerabilities
  • Lessons for CISOs from this incident
  • Cybersecurity response and risk mitigation techniques
Dr. Siva Sivasubramanian
  • 01:00 PM
  • 01:30 PM
Stop the Ransomware Menace: Bridging Backup Gaps
Dirk Hodgson, Director-Cybersecurity, NTT Ltd
David Geber, CISO, AUB Group
Sadiq Iqbal, Security Pre-Sales Team Lead, Check Point

Defending against ransomware attacks has been a massive challenge for CISOs. With enterprise backups becoming targets for cybercriminals, it has further intensified.
In ransomware attacks, cybercriminals attack through the backups because they know that security practitioners rely on backups to save themselves after a ransomware attack. Question have been raised around the recovery and response process capabilities. What needs to change as CISOs experience increasing hacking burnout in preventing such malware intrusions? Can they operationalize technology in their prevention and incidence response mechanism to address ransomware issues?

The panel will discuss:

  • Building an effective incidence response and investigation mechanism 
  • How do deal with recovery response process in the event of an attack 
  • Taking a tactical and strategic approach to battling ransomware and protecting backups
Dirk Hodgson
David Geber
Sadiq Iqbal
  • 01:30 PM
  • 02:05 PM

Speaker Interviews

Critical Infrastructure Security Summit Preview - Grant Schneider on Water, Power and Financial Services
Critical Infrastructure Security Summit Preview - Grant Schneider on Water, Power and Financial Services
Critical Infrastructure Security Summit Preview - Grant Schneider on Water, Power and Financial Services
Cryptocurrency's significant year with landmark arrests, an executive order, and outrageous fraud schemes.
Cryptocurrency's significant year with landmark arrests, an executive order, and outrageous fraud schemes.
Cryptocurrency's significant year with landmark arrests, an executive order, and outrageous fraud schemes.
Importance of Medical Ethics in Cybersecurity - Christopher Frenz on Patient Care After a Cyberattack
Importance of Medical Ethics in Cybersecurity - Christopher Frenz on Patient Care After a Cyberattack
Importance of Medical Ethics in Cybersecurity - Christopher Frenz on Patient Care After a...
Transforming an Organization's Security Culture - CISO Bobby Ford on Building a New Cybersecurity Operating Model
Transforming an Organization's Security Culture - CISO Bobby Ford on Building a New Cybersecurity Operating Model
Transforming an Organization's Security Culture - CISO Bobby Ford on Building a New Cybersecurity...
Profiles in Leadership: Rob Hornbuckle, CISO, Allegiant - Beyond Security, More Than Business: Where is CISO Role Headed?
Profiles in Leadership: Rob Hornbuckle, CISO, Allegiant - Beyond Security, More Than Business: Where is CISO Role Headed?
Profiles in Leadership: Rob Hornbuckle, CISO, Allegiant - Beyond Security, More Than Business: Where...
Profiles in Leadership: Selim Aissi, IMT (Ellie Mae) - Perspectives on the CISO Relationship With the Board
Profiles in Leadership: Selim Aissi, IMT (Ellie Mae) - Perspectives on the CISO Relationship With the Board
Profiles in Leadership: Selim Aissi, IMT (Ellie Mae) - Perspectives on the CISO Relationship...
UK Cyber Security Council to Tackle Education, Standards - Dr. Claudia Natanson Describes Vision of U.K.’s New Self-Regulatory Body
UK Cyber Security Council to Tackle Education, Standards - Dr. Claudia Natanson Describes Vision of U.K.’s New Self-Regulatory Body
UK Cyber Security Council to Tackle Education, Standards - Dr. Claudia Natanson Describes Vision...
Data Risk Governance: The BISO's Perspective - Patrick Benoit of CBRE on Necessary Ingredients for a Mature Program
Data Risk Governance: The BISO's Perspective - Patrick Benoit of CBRE on Necessary Ingredients for a Mature Program
Data Risk Governance: The BISO's Perspective - Patrick Benoit of CBRE on Necessary Ingredients...
CISO Spotlight: Troels Oerting, World Economic Forum - Veteran Cybersecurity Leader on Evolution of Threats, Technology and Leadership
CISO Spotlight: Troels Oerting, World Economic Forum - Veteran Cybersecurity Leader on Evolution of Threats, Technology and Leadership
CISO Spotlight: Troels Oerting, World Economic Forum - Veteran Cybersecurity Leader on Evolution of...
Driving Healthcare Innovation With a Security Mindset - ChristianaCare CISO Anahi Santiago on Securing Hospitals Without Borders
Driving Healthcare Innovation With a Security Mindset - ChristianaCare CISO Anahi Santiago on Securing Hospitals Without Borders
Driving Healthcare Innovation With a Security Mindset - ChristianaCare CISO Anahi Santiago on Securing...
Touhill: What It Takes to Be Resilient - Ex-Federal CISO Starts New Role as Head of SEI’s CERT Division
Touhill: What It Takes to Be Resilient - Ex-Federal CISO Starts New Role as Head of SEI’s CERT Division
Touhill: What It Takes to Be Resilient - Ex-Federal CISO Starts New Role as...
Art Coviello: 'It's a Roaring '20s for Technology' - RSA's Former CEO on State of the Industry and Technologies to Watch
Art Coviello: 'It's a Roaring '20s for Technology' - RSA's Former CEO on State of the Industry and Technologies to Watch
Art Coviello: 'It's a Roaring '20s for Technology' - RSA's Former CEO on State...
Election Security: Lessons Learned from 2020 - FBI's Elvis Chan on Why This Was 'Most Secure Election of My Career'
Election Security: Lessons Learned from 2020 - FBI's Elvis Chan on Why This Was 'Most Secure Election of My Career'
Election Security: Lessons Learned from 2020 - FBI's Elvis Chan on Why This Was...
CISO Spotlight: Marene Allison, Johnson & Johnson - Reflections on Seismic Change in 2020 and Opportunities in the Year Ahead
CISO Spotlight: Marene Allison, Johnson & Johnson - Reflections on Seismic Change in 2020 and Opportunities in the Year Ahead
CISO Spotlight: Marene Allison, Johnson & Johnson - Reflections on Seismic Change in 2020...
Do You Need a Human OS Upgrade? - CISO of World Health Organization on Multilayered Defense Strategies
Do You Need a Human OS Upgrade? - CISO of World Health Organization on Multilayered Defense Strategies
Do You Need a Human OS Upgrade? - CISO of World Health Organization on...
Ariel Weintraub Takes Charge of Cybersecurity at MassMutual - New Head of Enterprise Cybersecurity Succeeds CISO Jim Routh
Ariel Weintraub Takes Charge of Cybersecurity at MassMutual - New Head of Enterprise Cybersecurity Succeeds CISO Jim Routh
Ariel Weintraub Takes Charge of Cybersecurity at MassMutual - New Head of Enterprise Cybersecurity...
Zero Trust': An Outdated Model? - Cyjax CISO Ian Thornton-Trump Offers a Critique
Zero Trust': An Outdated Model? - Cyjax CISO Ian Thornton-Trump Offers a Critique
Zero Trust': An Outdated Model? - Cyjax CISO Ian Thornton-Trump Offers a Critique
Zero Trust: 'What Are You Trying to Protect?' - Father of Zero Trust, John Kindervag, on How Conversation, Industry Have Evolved
Zero Trust: 'What Are You Trying to Protect?' - Father of Zero Trust, John Kindervag, on How Conversation, Industry Have Evolved
Zero Trust: 'What Are You Trying to Protect?' - Father of Zero Trust, John...
Better Identity Coalition: A Project Update - Jeremy Grant, Coalition Coordinator, Discusses Identity Management Progress
Better Identity Coalition: A Project Update - Jeremy Grant, Coalition Coordinator, Discusses Identity Management Progress
Better Identity Coalition: A Project Update - Jeremy Grant, Coalition Coordinator, Discusses Identity Management...
Changing Authentication for Employees - Navy Federal Credit Union’s Thomas Malta on Applying CIAM Techniques
Changing Authentication for Employees - Navy Federal Credit Union’s Thomas Malta on Applying CIAM Techniques
Changing Authentication for Employees - Navy Federal Credit Union’s Thomas Malta on Applying CIAM...
Equifax CISO Jamil Farshchi on SolarWinds and Supply Chains - ‘Supply Chain Security Is Broken, and It’s Time for a Change’
Equifax CISO Jamil Farshchi on SolarWinds and Supply Chains - ‘Supply Chain Security Is Broken, and It’s Time for a Change’
Equifax CISO Jamil Farshchi on SolarWinds and Supply Chains - ‘Supply Chain Security Is...
The Critical Role of Dynamic Authentication - Wells Fargo's Sridhar Sidhu on Redefining IAM for Remote Workforce
The Critical Role of Dynamic Authentication - Wells Fargo's Sridhar Sidhu on Redefining IAM for Remote Workforce
The Critical Role of Dynamic Authentication - Wells Fargo's Sridhar Sidhu on Redefining IAM...
NIST's Ron Ross: 'The Adversary Lives in the Cracks' - SolarWinds Breach Calls Attention to Fundamental Need for Better DevSecOps
NIST's Ron Ross: 'The Adversary Lives in the Cracks' - SolarWinds Breach Calls Attention to Fundamental Need for Better DevSecOps
NIST's Ron Ross: 'The Adversary Lives in the Cracks' - SolarWinds Breach Calls Attention...

February 16 - 17, 2022

ANZ Summit

© 2023 Information Security Media Group, Corp.
Privacy & GDPR Statement  |  CCPA: Do Not Sell My Personal Data
Summits Engage Roundtables Faculty About Contact Us