13 - 14 August, 2019 | Mercure Resort, Hunter Valley Gardens, NSW

Exchange Day 1: Tuesday 13th August 2019


7:30 am - 8:20 am Breakfast & Registration


8:20 am - 8:30 am Chairperson's Opening Remarks

Case Study

8:30 am - 9:00 am How ANZ NZ Are Creating Cyber Resilience Through An Award Winning Cyber Awareness Program

Tony Arnold - Head of Technology and Information Security, ANZ New Zealand
In November 2018, Tony and his team were awarded the Best Security Awareness Campaign in NZ at the iSANZ awards. Since then, there has been a continued focus on the internal cyber ambassadors program, given the importance of educating both internal staff members and customers when it comes to protecting an organisation from cyber threats. In this session, hear Tony dive into:
  • The what, how and why of their cyber ambassadors programme
  • How ANZ NZ are gaining insights into posed cyber threats and how these inform the programme
  • The keys to maintaining an educated, cyber-smart organization

Tony Arnold

Head of Technology and Information Security
ANZ New Zealand

Panel Discussion

9:00 am - 9:40 am Driving A Cyber Security Business Culture

Changing the mindset of a business is a key pain point faced by digitizing organisations. Ensuring that the business remains digitally prepared requires the whole workforce to embrace cyber security, not just those
working in immediate contact with it. In this session, hear 3 Cyber Leaders Discuss how they are:
  • Translating a cyber security vision throughout the organisation
  • Making sure the board embrace a cyber safe attitude
  • Maintaining the right skill sets and knowledge within the business

Case Study

9:40 am - 10:10 am How to Build Internal Cyber Capability To Address The Skills Shortage In The Market

Siva Sivasibramanian - Chief Information Security Officer, Optus
Australia is going through a cyber security skills drought, with a low-supply, high-demand environment for cyber skill sets becoming increasingly present. The nature of cyber skills needed by the industry is fast changing. Therefore, the focus of many organisations now is not just obtaining the correct skill sets, but sourcing the right personalities who can be continuously trained in the relevant areas of cyber security to embellish the teams’ capabilities. With this in mind, this session will see Siva discuss how Information Security Professionals are:
  • Identifying the right people to put into the cyber program
  • Keeping the learning syllabus up to date to ensure right skills are developed
  • Retaining existing staff whilst recruiting and up-skilling new talent

Siva Sivasibramanian

Chief Information Security Officer


10:10 am - 10:40 am Morning Tea & Networking Break

BrainWeave & Business Meetings

10:40 am - 11:40 am BrainWeave™ - User Behavior, Analytics, AI and Deep Learning: The Future of Cyber Security

Steven Cvetkovic - Chief Information Security Officer, Swinburne University of Technology
In this round table discussion, deep dive into bleeding-edge topics surrounding the future of cyber security in an increasingly digitised world. Engage with your peers on topics such as:
  • Mitigating advanced and automated cyber threats
  • Leveraging next-generation capabilities to enhance IT Security detection and response
  • The future of the cyber space and other preventative cyber methods

Steven Cvetkovic

Chief Information Security Officer
Swinburne University of Technology

10:40 am - 11:10 am One-to-One Business Meetings

11:10 am - 11:40 am One-to-One Business Meetings

Case Study

11:40 am - 12:10 pm Unpacking The Cyber Tool-Kit: The Critical Need For A Strong Cyber Culture

Ray Chow - Head of IT Risk and Security, New Zealand Post
Despite organisations continuously investing in security tools , the number of data breaches worldwide has continued to increase year-on-year. Why? What is the integral missing piece in your security tool kit and how can it be addressed to ensure a stronger cyber culture across A/NZ? In this session, follow Ray as he covers:
  • What a technically trained leader means for the business
  • Assessing the capabilities of your cyber tool-kit
  • Reaching outside the cyber team from broader skill sets
  • A look at how NZ is driving security culture and lessons learned so far

Ray Chow

Head of IT Risk and Security
New Zealand Post

BrainWeave & Business Meetings

12:10 pm - 1:10 pm BrainWeave™ - Awareness Training: Is Virtual Reality the Next-Gen Training Tool?

Compliance training is a necessary part of all organisations, and for a good reason – it ensures that employees are educated on laws, regulations and policies that apply directly to their day-today responsibilities. Let’s face it though, it can be boring, bland and disengaging. So how do you make awareness training a process that not only actively educates employees, but is something they enjoy? What are the tools to getting people engaged? What does the board need to see in order to invest in more exciting education tools? Is Virtual Reality the answer?

12:10 pm - 12:40 pm One-to-One Business Meetings

12:40 pm - 1:10 pm One-to-One Business Meetings


1:10 pm - 2:10 pm Lunch & Networking Break

Case Study

2:10 pm - 2:40 pm Data Ownership: Leadership, Challenges, and Data Governance

Scott Hawkins - Manager Cyber Security, Risk and Assurance, Mater Group
In some organisations, there is a general perception that privacy and IT security teams are responsible for all privacy and security risks, and thus responsible for any breach or compromise. It is important that guidelines are put in place to clarify exactly who is responsible for data, including the risks that surround it. In this session, hear Scott discuss:
  • Defining, Enabling and Empowering Data Owners
  • Implementing use-cases and ‘what-if’ scenarios to highlight the importance of risk management
  • Changing the security mind-set through both a top-down, bottom-up approach

Scott Hawkins

Manager Cyber Security, Risk and Assurance
Mater Group

BrainWeave & Business Meetings

2:40 pm - 3:40 pm BrainWeave™ - Harnessing The Power Of Network Visibility

Learn how next-generation network packet brokers (NGNPBs) mitigate security tool sprawl, simplify IT management and improve network availability.

2:40 pm - 3:10 pm One-to-One Business Meetings

3:10 pm - 3:40 pm One-to-One Business Meetings

Case Study

3:40 pm - 4:10 pm Developing an Effective Response to Australia’s Security Regulations: The GDPR and NDB Scheme

Steven Cvetkovic - Chief Information Security Officer, Swinburne University of Technology
A year and a half on from Australia’s double-regulation hit, which saw EU’s General Data Protection Regulation and Australia’s Notifiable Data Breach Scheme come into effect, many CISO’s are still searching for the right approach to ensure organisational compliance. This session will see Steven look at:
  • Identifying organisational risks and pain-points in regards to regulation compliance
  • Understanding the critical paths to compliance – why do I need my data and how do I document my reasons for it?
  • Maintaining compliance without reducing the ability to collect and store data relevant to business analytics

Steven Cvetkovic

Chief Information Security Officer
Swinburne University of Technology


4:10 pm - 4:30 pm Afternoon Tea and Networking Break

4:30 pm - 5:00 pm Keynote: TBC

BrainWeave & Business Meetings

5:00 pm - 6:00 pm BrainWeave™ - Third Party Risk Management: Getting An Accurate Understanding Of Your Partners True Capability

Steven York - Chief Information Security Officer, Bank of Queensland
With cyber breaches rapidly increasing in both number and complexity, organisations are re-assessing the security strength of existing third-parties and potential future partners. Currently, the on-boarding process can drag out to months and has proved unrealistic for such a fast-paced environment. In this session, discuss:
  • Minimizing steps in the vetting process to move potential partners from A to Z quickly
  • Maintaining ownership of sensitive data and increasing visibility of third party systems
  • Ensuring the third party complies with the regulation and legislation under which your company operates
  • Remembering the ‘people’ side of cyber security and strengthening the human relationship between your organisation and your partners

Steven York

Chief Information Security Officer
Bank of Queensland

5:00 pm - 5:30 pm One-to-One Business Meetings

5:30 pm - 6:00 pm One-to-One Business Meetings