Leading in a crisis: data breach response

Data breaches are unforeseen events that can have significant repercussions for organisations, demanding immediate action, composure, and transparent communication. In this blog, I explore the essential components of managing a data breach and provide practical guidance for security leaders to effectively navigate this complex situation.



How to uplift your data analytics capability

Source: adapted from Davenport and Harris (2017)

Data strategy begins with an understanding of your business goals. What capabilities do you need to develop to realise your strategic objectives? In this blog I continue to build on the data analytics concepts to outline how to improve the analytics capability in your organisation.


Trust in People: Macquarie University Cyber Security Industry Workshop

I’ve been invited to to share my thoughts on human-centric security at the Macquarie University Cyber Security Industry Workshop.

Drawing on insights from The Psychology of Information Security and my experience in the field, I outlined some of the reasons for friction between security and business productivity and suggested a practical approach to a building a better security culture in organisations.

It was great to be able to contribute to the collaboration between the industry, government and academia on this topic.

Scuba diving and cyber security

During one of my dives I pondered if there are any parallels we can draw between scuba diving and cyber security. They may seem like vastly different activities, but they share many important similarities. Both are dealing with unknown and often rapidly changing environments, where careful preparation, attention to detail and a focus are critical for success. I list some themes in this blog, feel free leave a comment to add your own.


CISO’s perspective: a guest lecture at UNSW

As technology becomes increasingly integrated into our daily lives, the importance of cyber security cannot be overstated. Cyber attacks are becoming more sophisticated, and the costs associated with them are rising. This is why it is crucial for businesses and organisations to have a robust cyber security strategy in place.

Recently, I had the opportunity to deliver a guest lecture at the University of New South Wales as part of the Cybersecurity Management and Governance course.

I discussed the importance of having a clear understanding of cyber security threats. I emphasised that cyber threats are constantly evolving, and businesses need to stay vigilant and adapt their security measures accordingly. This means that cyber security is not a one-time fix; it requires continuous effort.

I also spoke about current challenges and opportunities in the field and what skills and ways of thinking are particularly useful. It was a fantastic experience, and I appreciated the chance to share my insights with a group of future cyber security professionals.

Ethical cyber security leadership

Picture an easy Sunday morning. It’s sunny and quiet with only birds chirping outside. You make yourself a cup of coffee and sit on the sofa to catch-up on what’s happening in the world. You open your favourite news site and here it is – first story of the day in large font.

Breaking news: massive data breach! It’s your company in the headline.

This is the modern reality, cyber attacks are becoming increasingly common and it’s no longer a matter of if but when.

How do you manage this PR nightmare? What do you tell the media? Can you regain the trust of your customers and partners?

These are not the questions you want to be thinking about in the middle of a crisis. The real story begins way before that. It starts with responsible data management practices and securing people’s information.


Generative AI acceptable use policy

Encouraging the use of Generative AI technology at work can enhance productivity and streamline tasks. Generative AI can provide valuable support in various areas, from customer service and problem-solving to research and data analysis.

By leveraging the power of Generative AI, we can improve our workflows, reduce time spent on manual tasks, and ultimately achieve better results. However, we should also recognise the importance of using Generative AI responsibly and in accordance with company policies and guidelines. By doing so, we can maximise the benefits of Generative AI while protecting sensitive information and intellectual property. 


Working together to nurture the next generation of cybersecurity ventures

I’m thrilled to join an exclusive cybersecurity investment community – Cyber Club London . CCL is a group of cybersecurity experts and leaders who have access to new and innovative early-stage startups, the opportunity to invest in them privately, and use their expertise and connections to help these startups succeed.

The community was established to provide a platform where cybersecurity leaders, executives, startups, and venture capitalists can share knowledge and work together to invest in promising early-stage companies. This closely aligns to my goals of contributing to the community and helping ventures thrive in the cyber space, serving as a Board Advisor and Non-Executive Director.

I’ve been named as one of top 10 Cybersecurity Leaders in Australia

I am excited to be recognised as one of the Top 10 Cybersecurity Leaders in Australia driving innovation and demonstrating business value. Although relatively new to Australia, I had the opportunity to use my global experience to address key cybersecurity challenges within the Financial Services sector.

A massive thank you to my team – it’s a privilege to lead such high performing and dedicated individuals and be able to build a cutting-edge cyber capability. Congratulations to all the award winners!