A practical approach
I had a great week at the AICD’s Company Directors Course learning about governance, risk, strategy, legal environment, financial literacy, performance and achieving board effectiveness.
I particularly liked the interactive discussions and case studies to practice ethical decision making, applying concepts in practice and adopting the director mindset.
I had the privilege to join a brilliant cohort of CISOs at the RSA Conference CISO Bootcamp. It was an energising experience, where seasoned experts and emerging leaders in cybersecurity came together to tackle our industry’s most pressing challenges.
The bootcamp was more than just a learning experience; it was a platform for sharing personal insights, gaining fresh perspectives and engaging in a thought-provoking debate.
From discussing emerging threats to exchanging strategies for resilience, it was a reminder of the power of community in cybersecurity. A huge thanks to all organisers and speakers for creating a space where we can grow together and tackle our industry’s biggest challenges.
It’s been fantastic to have an opportunity to give back to the community and volunteer with ISACA this year.
The Sydney Chapter hosted a number of professional development events for cyber, risk, governance and IT professionals with a common objective of building digital trust and securing our interconnected world. I had a chance to support these initiatives, ranging from fundraising for a mental health charity to helping organise conferences.
I found this experience incredibly rewarding and made some good friends along the way.
In cybersecurity, collaboration is essential. With growing complexity in the threat landscape, leaders often find themselves working with parties they may not fully align with—whether internal teams, external stakeholders, or even rival firms.
Adam Kahane’s book Collaborating with the Enemy: How to Work with People You Don’t Agree with or Like or Trust outlines principles for collaborating effectively, especially in challenging environments where trust and agreement are minimal. Kahane’s “stretch collaboration” approach can transform the way cybersecurity leaders address conflicts and turn rivals into partners to meet critical security goals. In this blog, I’ll share my key takeaways.
Cyber security leaders have to be effective change agents to be successful. Cyber capability uplift and risk reduction initiatives often require significant transformation in the organisation. In this blog, I’ll introduce a tried and tested change management framework and demonstrate its application to cyber security in an illustrative case study.
I’m proud to be named CyberPeace Institute‘s Volunteer of the Month.
A big shoutout to CyberPeace for this awesome recognition! It’s been such a rewarding experience to help them in their mission to make the digital world safer for everyone.
The CyberPeace Institute is a non-profit focused on reducing the harm caused by cyberattacks to individuals and communities. Through their CyberPeace Builders program, they offer free cybersecurity support to organisations that need it most, especially those where cyber threats can have a serious impact.
As a volunteer, I’ve had the chance to help for-purpose organisations respond to cyber attacks, develop incident response plans, run security awareness training, perform dark web monitoring and craft essential policies and procedures. Plus, I’ve provided general cyber advice along the way. It’s been an incredible journey being part of a team that’s making a real difference.
Scenario analysis is a powerful tool to enhance strategic thinking and strategic responses. It aims to examine how our environment might play out in the future and can help organisations ask the right questions, reduce biases and prepare for the unexpected.
What are scenarios? Simply put, these are short explanatory stories with an attention- grabbing and easy-to-remember title. They define plausible futures and often based on trends and uncertainties.
I recently completed a masterclass on embedding sustainable leadership in organisations. The best part was the interactive simulation to identify the trade-offs necessary to achieve a balanced approach to decision making for both immediate business goals and long-term sustainability.
NIST released a new version of the Cybersecurity Framework with a few key changes:
I often use this framework to develop and deliver information security strategy. Although, other methodologies exist, I find its layout and functions facilitate effective communication with various stakeholder groups, including the Board.
Cyber Security Leadership 