It was great to have a debate on balancing innovation and security keynote panel, where we dug into both the promise and the perils of AI adoption from the CISO and CIO perspectives.
Your biggest AI risks really depend on where and how you’re using it. I recommend reviewing your product roadmap for AI-powered features to anticipate potential gaps.
Map out whether AI is home-grown, vendor-sourced or embedded. When it comes to governance, we can borrow from what we learned with BYOD, cloud and shadow IT. Extend existing security reviews, supply-chain checks and third-party assessments into your AI program. For quick wins, manage it like a SaaS risk: think privacy controls and boundaries around sensitive data.
‘You won’t see it all’ – that’s what I was told before I headed out to the RSA Conference for the first time! With so many great talks, side events, meetings, vendor showcases people will have very different impressions of this event. Here are mine.
I’m thrilled to share that I’ve recently earned the GIAC Strategic Planning, Policy, and Leadership (GSTRT) certification- a milestone that validates my ability to architect and sustain cybersecurity programs with a sharp focus on business value and executive alignment.
I’ve completed the train the trainer workshop on AI skills organised by the CyberPeace Institute, equipping me with the knowledge to help not‑for‑profits harness the power of AI for good.
I look forward to supporting not‑for‑profits in building their AI capabilities, from foundational training on responsible use of AI to hands‑on guidance on transforming data into actionable insights.
Navigating the intersection between AI and cybersecurity can be tricky. If you’re looking to elevate your AI skills, or if you’re curious about how AI can amplify your mission, please reach out!
I’m excited to share that I have graduated with Excellence from the Executive MBA program at AGSM UNSW Business School. This transformative 2-year journey has been as challenging as it has been rewarding, redefining my approach to strategy, leadership and execution.
Throughout the program, I had an incredible opportunity to bring theory into practice – collaborating with a diverse cohort of leaders to work on real-world challenges across Australian industries such as technology, manufacturing, financial services and retail. These experiences not only honed my analytical skills but also deepened my appreciation for applying business concepts in evolving fields like cybersecurity and AI.
The international exchanges were equally transformative. Spending time in Shanghai at Fudan University and completing a semester at Yale School of Management allowed me to engage with global leaders, enhancing my understanding of cross-cultural leadership. The practical case studies and strategic projects I completed in these environments reinforced the significance of a global mindset in today’s interconnected world.
With courses ranging from accounting and marketing to negotiations, I am grateful for every lesson learnt, every challenge overcome and every connection made along the way. I look forward to leveraging these insights to drive innovation, inspire ethical leadership and create meaningful impact.
This recognition reflects the hard work and dedication of my incredible team, as well as the support from colleagues, partners and the wider community.
Cybersecurity is a collective effort and I’m grateful to contribute to an industry that plays such a vital role in keeping organisations and people safe.
A huge thank you to everyone who has been part of this journey – I couldn’t have done it without you. And congratulations to all the finalists!
During the session, Richard broke down risk quantification, focusing on identifying the risks most likely to cause significant business losses where assets, threats and vulnerabilities intersect.
I’m also glad to receive his book for correctly estimating cost in our the discussions. It’s one of the most influential books in security: it challenges subjective risk assessments, offering practical frameworks for using data, probability and economics to drive smarter security decisions.
I had the privilege of joining a panel discussion on the rapidly evolving regulatory landscape and its impact on businesses worldwide. With cyber threats, operational disruptions, and AI risks on the rise, governments are strengthening regulations to drive security, resilience and accountability across industries.
In Europe, major frameworks like DORA (Digital Operational Resilience Act), NIS2 (Network and Information Security Directive) and the EU AI Act are reshaping how organisations approach cybersecurity, operational resilience, and responsible AI governance. But this shift isn’t limited to the EU – regulatory scrutiny is increasing globally, from the U.S. to APAC, with frameworks reinforcing risk management, third-party oversight and AI transparency.
A huge thank you to my fellow panelists and engaged audience members for an insightful discussion.
Cyber security is a relentless race to keep pace with evolving threats, where staying ahead isn’t always possible. Advancing cyber maturity demands more than just reactive measures—it requires proactive strategies, cultural alignment, and a deep understanding of emerging risks.
I had an opportunity to share my thoughts on staying informed about threats, defining cyber maturity, and aligning security metrics with business goals with Corinium’s Maddie Abe ahead of my appearance as a speaker at the upcoming CISO Sydney next month.
The festive period can bring joy, but it can also be a time of loneliness and stress, which is why it’s so important to check in with ourselves and others.
One way I’ve had the chance to contribute is through volunteering as a telephone crisis supporter with Lifeline Australia. I’ve been answering calls from people who may be facing one of the toughest moments of their lives. Every conversation reinforces the power of simply being there for someone when they need it most.
One of the most moving parts of this role is hearing the shift in a caller’s voice – from distress to a sense of calm – because they feel heard, supported and not alone. It’s a small moment that can make a big difference.
As we head into the holidays, remember that you’re not alone either. If you’re struggling, reach out – whether to a friend, family member or a service like Lifeline. And if you’re looking for a meaningful way to give back, I can’t recommend volunteering with Lifeline enough. It’s been one of the most rewarding experiences of my life.
Take care of yourself and those around you this holiday season. Let’s make kindness, connection and understanding the greatest gifts we give.
Cyber Security Leadership 