Welcome to the SydneySEC presentation hub!
This is your guide to the conversations shaping AI-sa: Defending Tommorrow, Today.
The hub brings together SydneySEC presentations in one place helping you understand the program on offer. The drop down menu is designed for you to access the content by clicking on the arrow.
Time: 9:15am - 10:15am
Location: Hilton Grand Ballroom
Speaker: Dr Karl Kruszelnicki
Overview:
Artificial Intelligence or Artificial Idiocy? In his trademark engaging style, Dr Karl will unpack the rapid rise of AI, the risks of hallucinations and deepfakes, and why scientific literacy matters more than ever in an algorithm-driven world. It’s a timely, thought-provoking session designed to challenge assumptions and spark meaningful conversations.
Time: 10:45am - 11:25am
Location: Hilton Grand Ballroom
Stream: The AI Security World
Speaker: Nakshathra Suresh, Co-Founder, eiris
Overview:
As artificial intelligence (AI) rapidly transforms the cyber threat landscape, organisations are confronting a new reality: AI is not only accelerating the scale and sophistication of attacks, but also reshaping how trust, decision-making, and human behaviour influence security outcomes. From AI-enabled social engineering and automated cybercrime to defensive AI systems that rely on human oversight, the world demands a fundamental rethink of how we approach cyber resilience.
This interactive session introduces a human-centred, criminological perspective on AI security, which is one that positions human behaviour, social context, and system design as central to both risk and defence. While much of the current discourse focuses on technical capabilities, this session will explore how AI-enabled threats actively exploit cognitive biases, behavioural patterns, and systemic vulnerabilities, often outpacing traditional security controls.
Drawing on real-world examples of AI-facilitated cybercrime, emerging threat trends, and frontline insights from cyber criminology, the session will examine the evolving relationship between humans and intelligent systems.
It will challenge participants to consider critical questions:
1. How do we design AI-enabled systems that are secure not just technically, but socially and ethically?
2. Where does human judgment remain essential in AI-driven defence?
3. How can organisations anticipate and mitigate harms before they scale?
Following a 15-minute provocation, the session will shift into a highly interactive format. Participants will engage in guided discussions and scenario-based exercises that simulate AI-enabled threat environments. Acting as co-designers, attendees will collaboratively develop practical, safety-by-design strategies that integrate behavioural insights, ethical considerations, and defensive AI capabilities.
This session is designed for leaders, practitioners, and policymakers navigating the complexities of an AI-augmented security environment.
Time: 10:45am - 11:25am
Location: Room 3&4 (Level 2)
Stream: Responsible Leadership
Speaker: Prof Patrick Fair, Managing Director, Patrick Fair Associates
Overview:
Electronic surveillance is and important part of our national and law enforcement framework.
Key agencies have significant powers to require access to electronic systems to obtain control of accounts, read messages and obtain meta data. These powers are being consolidated in a new consolidated and updated Electronic Surveillance Act. In Patrick's talk he will provide an overview:
* of the 10+ National security agencies, their mission, their powers and how they are supervised
*the key statutory powers that enable these agencies to obtain electronic surveillance information and how much they are used; and
* discuss the implications of the proposed updated and consolidated Electronic Surveillance Act.
Time: 10:45am - 11:25am
Location: The State Room (Level 2)
Stream: Cyber Resilience
Speaker: Dr Huon Curtis, Head of External Affairs, Ci-isac Australia
Overview:
Australia's critical infrastructure sector faces a compounding risk: adversaries are leveraging AI to accelerate attack velocity and complexity, while defenders remain fragmented across sector silos, operating on incomplete threat pictures. The Independent Review of the Security of Critical Infrastructure Act 2018 (Slay Review, 2026) identified this fragmentation as a systemic strategic risk — not merely an operational inconvenience, but a structural vulnerability in national resilience.
This session argues that the policy and technical response to AI-enabled threats against critical infrastructure must run through intelligence sharing — and that the architecture for doing so already exists. Drawing on cross-sector threat data from CI-ISAC Australia's 200 member network, the presentation examines how shared threat intelligence transforms AI-generated noise into actionable signal: enabling faster detection, cross-sector pattern recognition, and informed defensive prioritisation that no single organisation can achieve alone.
The session will explore three interconnected challenges: how AI is changing the threat landscape for operators of critical infrastructure; why the Slay Review's findings about coordination gaps demand a structural — not just behavioural — response; and how mandated, trusted intelligence sharing can function as a force multiplier across sectors whose individual security postures are constrained by resource reality.
The argument is not theoretical. It is grounded in operational intelligence and the hard-won lessons of building cross-sector sharing from the ground up — including what genuine vendor-neutral, sovereign intelligence capability looks like in practice.
Time: 11:30am - 12:10pm
Location: Hilton Grand Ballroom
Stream: The AI Security World
Speaker: Josh Lemon, Chief of DFIR, SoteriaSEC
Overview:
Everyone has an opinion on AI and cyber security. Some people think it's going to replace analysts entirely, others think it's just a glorified autocomplete that hallucinates registry keys that don't exist and confidently tells you a process is malicious because it "looks suspicious." The truth, as always, sits somewhere in the middle, and Josh has spent the last couple of years trying to find exactly where that is.
Having previously researched the intersection of AI and Digital Forensics and Incident Response (DFIR), Josh is back with something more practical: a head-to-head look at how today's leading AI models — ChatGPT, Claude, and Gemini — actually perform when you throw real investigative tasks at them. Not marketing slides. Not a demo with carefully curated prompts and a suspiciously clean dataset. Actual cyber security investigation work, the kind you do at 11pm when you've got a compromised endpoint, a mountain of logs, and a client who wants answers by morning.
This talk walks through how each model handles a common DFIR scenario, from parsing artefacts and assisting analysts on what to do next or how to protect the victim's systems. You'll see where these tools genuinely save time, where they confidently lead you down the wrong path with the enthusiasm of a golden retriever, and where they flat-out refuse to help because someone somewhere decided your forensic query looked a bit too spicy.
This presentation will give you an honest, practical account of what these tools can and can't do right now, so you can start using them effectively in your investigations, rather than waiting for the industry to figure it out for you.
Time: 11:30am - 12:10pm
Location: Room 3&4 (Level 2)
Stream: Responsible Leadership
Speaker: Stuart Mort, Executive Director, Global Industry Lead, CyberCX
Overview:
Are organisations best placed to support their CISO? It’s not just about titles, teams and tools, but a much deeper and broader support structure, independent representation, and being immersed in an enabling environment. This presentation will focus on introducing the concept of having the CISO’s "Six”; making sure that the CISO’s back is covered.
CISO's Six - six concepts an organisation should consider that will assist cyber leaders in protecting the organisation. Put another way, by enabling an organisation to be more cyber-leader ready, the CISO can be successful in their role; successful in protecting the organisation.
In many cases CISOs sometimes fight harder against internal bureaucracy, severe lack of understanding about the importance of cyber maturity, politics and budget constraints as they do against those wishing harm.
The content is intended to provide food-for-thought that can be a take-away for attendees:
Time: 11:30am - 12:10pm
Location: The State Room (Level 2)
Stream: Building Cyber Resilience
Panellists:
Overview:
As AI technology becomes increasingly integrated into public sector operations, NSW Government agencies face both significant challenges and opportunities in safeguarding citizens and data. This panel will explore how agencies are transforming workforce practices, maintaining robust governance, and leveraging automation while ensuring ethical and secure AI use. Central to this discussion is the role of the Chief Artificial Intelligence (AI) Office in guiding AI projects aligned with NSW AI Ethics Principles and managing AI-related risks collaboratively with assurance, legal, cyber, and privacy teams.
The panellists will share insights on enforcing IT security policies, mitigating insider risks through people-centred security strategies, and balancing efficiency with ethical standards. Real-world examples, including insider threat case studies and the NSW Department of Education’s NSWEduChat platform, will illustrate practical measures in protecting sensitive data and maintaining public trust. The panel will also discuss adapting cyber security strategies in response to evolving threats, as highlighted by recent reports such as the 2025 Scamwatch, emphasising a multi-layered approach that combines technological, procedural, and human factors.
Time: 1:15pm - 1:55pm
Location: Hilton Grand Ballroom
Stream: The AI Security World
Panellists:
Overview:
The focus on the panel is to drive expectations from the regulators on what good looks like. Recently APRA, ASIC and other regulators have released open letters to the market calling on leaders to ensure that their governance meets rapidly evolving technology advancements in AI, sounding concern that organisations are not keeping up. This session brings those concerns to the forefront, and provide AISA members with strong, clear guidance on what they and their clients need to focus on in the coming 12 months.
Time: 1:15 pm - 1:55 pm
Location: Room 3&4 (Level 2)
Stream: Responsible Leadership
Speaker: Dame Christine Ferguson, Inclusion Specialist Lead, DXC Technology
Overview:
Cyber security is often described as a technical problem. In reality, it is a human system under pressure. The strongest controls can be undone by human overload, poor judgement, fatigue, or cultures that silence difference. Neurodiversity natural cognitive variation including autism, ADHD, dyslexia, and dyspraxia forces us to rethink how people, culture and workforce design influence cyber risk.
Let’s begin with human risk and decision‑making under pressure. Cyber environments are high‑stakes, time‑critical, and ambiguity‑heavy. Many neurodivergent professionals excel here: pattern detection, sustained focus, systems thinking, anomaly recognition. However, the same environments can amplify risk if cognitive load is unmanaged constant context switching, noisy escalations, and unclear authority structures degrade decision quality. When ND staff are forced to operate in neurotypical norms, we create avoidable human error, not resilience.
This leads directly to security culture and behavioural change. Culture is not training slides it is psychological safety in action. Neurodivergent staff are often excellent at rule adherence and ethical consistency, but struggle in cultures that rely on unspoken expectations, informal escalation paths, or vague urgency signals like “just use your judgement.” Clear protocols, explicit thresholds, and predictable workflows are not accommodations they are security controls that benefit everyone.
Next: workforce pathways, skills and career sustainability. Cyber already faces a retention crisis. Neurodivergent professionals burn out faster in environments that reward performative confidence over competence. Traditional career progression networking, self‑promotion, ambiguous leadership criteria filter out high‑value capability. Sustainable cybersecurity requires redesigning pathways based on skills depth, not visibility. Mentoring, role clarity, and alternative leadership tracks directly reduce attrition and protect institutional knowledge.
Professional practice, ethics and standards are another hidden strength of neurodiversity.
Many Neurodiverse professionals demonstrate strong ethical reasoning, low tolerance for shortcuts, and consistency under pressure critical traits in incident response and AI‑enabled cyber operations. However, ethical distress arises when Neurodiverse staff are exposed to conflicting expectations without safe escalation channels. Ethics must be operationalised, not assumed.
This brings us to diversity, equity and inclusion. Neurodiversity is not a social initiative it is a workforce capability strategy. Inclusion failures convert strength into risk. Exclusion silences dissent, suppresses reporting, and increases breach likelihood. Equity means designing work so difference does not become danger.
Finally, wellbeing, burnout, human‑machine teaming and AI ethics are inseparable. As automation reshapes cyber roles, ND professionals are often early adopters and deep users of AI tools. Yet without ethical guardrails, transparency, and consent, cognitive overload increases while accountability blurs. Sustainable cyber resilience depends on respecting human limits as much as technical ones.
Time: 1:15 pm - 1:55 pm
Location: The State Room (Level 2)
Stream: Building Cyber Resilience
Panellists:
Overview:
Data minimisation and deletion are foundational to good privacy and information governance, yet adverse digital events – from data breaches to regulatory inquiries – repeatedly expose a different weakness: organisations cannot reconstruct events or defend decisions because evidence no longer exists, cannot be accessed, or resides with a third-party.
This panel explores selective memory, how different data types (e.g. instant messages, email, activity logs, SaaS artefacts) justify different retention and availability choices, and how those choices intersect with privacy and transparency obligations, surveillance legislation, proportionality and minimisation, and incident response realities. Rather than offering a one-size-fits-all model, our experts will debate the conflicting priorities that privacy, legal, and risk professionals must navigate to build a truly defensible data environment.
Time: 2:00 pm - 2:40 pm
Location: Hilton Grand Ballroom (Level 3)
Stream: The AI Security World
Speaker: Rob Kenefeck, Field CTO, ControlPlane
Overview:
AI Workloads on Kubernetes inherit every Cloud Native vulnerability and then introduce a whole extra class of threats that traditional tooling wasnt designed to catch, and isn't quick enough to defend against.
From GPU mega-clusters training million dollar models, to MCP servers acting as a universal adapter for autonomous agents, the infrastructure running today's AI is riddled with attack surfaces most teams haven't even considered yet. The vulnerabilities are real, they are exploitable in production and the blast radius when they go wrong are huge.
This session draws on hands-on experience securing AI infrastructure at scale to walk through the real attack surface. NVIDIA container escapes, GPU memory side-channels that leak models weights and training data, tool poisoning attacks on agentic systems and agent trust boundary failures that turn your autonomous pipeline into an uncontrolled execution environment.
Using the FINOS (Fintech Open Source Foundation) AI Readiness Framework as a starting point we'll discuss where controls exist, where the gaps are, and how to communicate that risk to leadership and boards. At the end of the day, securing AI is still fundamental cloud native security, just with more enticing treasure and greater consequences. This isn't a guess about the future of AI, it's a practical view of where the active threats already exist today.
Time: 2:00 pm - 2:40 pm
Location: Room 3&4 (Level 2)
Stream: Responsible Leadership
Speaker: Andrew Robinson, Co-founder, 6clicks
Overview:
AI governance has matured faster than most expected. Organisations are certifying against the likes of ISO/IEC 42001. Boards are engaged. NIST AI RMF is being referenced globally. The EU AI Act is forcing conversations that needed to happen.
That progress is real for many. But a structural gap remains, one that existing standards, tools, and schemes were never designed to close. In high-risk deployments, that gap is a material board-level exposure right now.
This talk maps the AI assurance landscape honestly across three layers. Layer one is high-level governance covering how organisations manage AI responsibly at the enterprise level. Standards exist. Certification infrastructure exists through accredited certification bodies. Boards have cover here. This layer is largely functional.
Layer two is model assurance. Whether a specific AI system does what it claims, behaves consistently in your deployment context, and is being managed against its known risks. You are deploying OpenAI, Google Gemini, Anthropic Claude, AWS Bedrock. You are building RAG architectures on top of those models. Standards are forming. Tools like Credo AI, Fiddler, and Lakera are real and useful. But an independent, ongoing, accredited evaluation regime does not exist.
Layer three is agent assurance. Evaluation of autonomous AI agents that plan, decide, and act across multiple steps with limited human oversight. AIUC-1 is the most forward-looking framework available, and it is very new. Everything else is nascent or non-existent.
Most organisations are starting to operate confidently at layer one and deploying technology at layers two and three with practically no assurance.
The talk draws a direct parallel with cyber security. Organisations once had security policies and compliance frameworks and believed they were covered. Then the industry recognised that policy compliance said nothing about whether systems were actually secure. Red teaming and penetration testing became foundational. DevSecOps embedded security assurance into the development lifecycle. The result was a mature, independent, ongoing assurance regime that boards and regulators can rely on. AI is at the same inflection point. The tools exist. The methodology is forming. What does not yet exist is the independent evaluation regime that connects those tools to real accountability.
Attendees will leave with a clear picture of where the AI assurance landscape actually stands, what the gaps are and why they matter, and five questions every board should be asking before approving any high-risk AI deployment.
Time: 2:00pm - 2:45pm
Location: The State Room (Level 2)
Stream: Building Cyber Resilience
Panellists:
Overview:
As the countdown to "Q-Day" accelerates, the transition from theoretical risk to operational urgency has arrived. This panel brings together three critical pillars of the Australian ecosystem—Banking, State Government, and Cybersecurity Vendors—to discuss the reality of achieving Quantum Fiduciary Longevity.
While the "Harvest Now, Decrypt Later" (HNDL) threat looms over long-term data, the path to Post-Quantum Cryptography (PQC) is fraught with legacy complexity and shifting regulatory expectations. Our experts will move beyond the hype to examine how organizations are currently mapping their cryptographic landscapes, the role of crypto-agility in critical infrastructure, and the collaborative frameworks required to protect NSW’s digital economy.
Time: 2:40 pm - 3:25 pm
Location: Hilton Grand Ballroom (Level 3)
Stream: The AI Security World
Speaker: Edward Farrell, CEO, Mercury
Overview:
Artificial Intelligence is rapidly moving from novelty to necessity in professional services, yet its adoption within regulated and high‑assurance environments remains ambiguous, uneven, and risk‑laden. Much of the current discourse is dominated by hype, vague optimism, moralising narratives, and poorly grounded claims about transformation. This session deliberately avoids feelings, “vibes,” and theoretical capability, focusing instead on what has actually worked, what has failed, and what professional firms and internal services teams must do differently to use AI effectively, without degenerating into “tech‑bro slop” by a failed marketer turned digital thought leader.
Drawing on Mercury Information Security Services’ direct experience integrating AI into day‑to‑day professional practice, the presentation examines how AI has been instantiated, tested, governed, and refined inside a regulated consulting business operating across government, Defence, and critical‑infrastructure contexts. The emphasis is on practical outcomes, risk containment, and professional accountability rather than novelty or scale.
The session walks through the internal genesis of AI use at Mercury, including early experimentation, research pathways, false starts, and the hard limits discovered along the way. It argues strongly for augmentation and orchestration over replacement, showing how AI operates most effectively as a constrained capability that amplifies professional judgement rather than attempting to substitute it.
Market fears, uncertainty, and job‑displacement narratives are addressed head‑on, with concrete examples of where AI meaningfully improves capability, and where it provably does not. This will also look to incorporate an analysis of industry including overlooked causes for job loss and future job opportunities. The presentation then explores how AI capability must mature through governance, leadership, and explicit oversight mechanisms, particularly in environments subject to regulatory, legal, and ethical scrutiny.
Common practitioner pitfalls are examined candidly, including over‑reliance, output laundering, intellectual‑property leakage, and failure to maintain defensibility. Finally, the session reframes the discussion outward, explaining how customers, regulators, and stakeholders can extract greater value from AI‑enabled professional services without compromising trust, accountability, or outcomes.
Attendees will leave with a grounded, experience‑driven understanding of how to use AI properly in professional practice—and how to know when not to.
Time: 2:40 pm - 3:25 pm
Location: Room 3&4 (Level 2)
Stream: Responsible Leadership
Facilitator: Presenter Jakub Zverina and Facilitator Monica Millar
Overview:
CyberPath is the Australian Government's flagship cyber workforce professionalisation pilot, launched in December 2025 in collaboration with industry. This workshop brings together leaders, practitioners, educators and workforce specialists to shape the national Cyber Capability Framework which is a key deliverable that will define the skills, capabilities and attributes needed across both technical and non-technical cyber roles. Insights from the session will directly inform the draft framework and support CyberPath's broader goal of building an inclusive, industry-endorsed professionalisation scheme for Australia's cyber workforce
Time: 2:40pm - 3.25pm
Location: The State Room (Level 2)
Stream: Building Cyber Resilience
Panellists:
Overview:
Join Australi.ai members, Cole Cornford, Ben Gittins, and Hortense Rothery to discuss and debate AI security. Australi.ai was founded to help establish Australian sovereign capability across AI security. It provides free advice, free online education, and open source technology to help move our country forward.
Today, our panellists will discuss pertinent topics and share their knowledge. Some topics include:
· Does AI favour attackers or defenders, or just compress timelines?
· Are existing vulnerability disclosure systems fit for purpose given how quick PoC's can be generated?
· How do we reason about the security of a system where we cannot decipher how it operates?
· Is human in the loop security theatre? Does fatigue and cadence kill any operator intervention?
· What are harnesses and why is discussion centred around those over models?
· Do we need a sovereign model? Why does that matter?
· Where does liability lie if a tool is wrong?
· Are we prepared as a country?
· What do we need to do?
Time: 4:00pm - 4:50pm
Location: Hilton Grand Ballroom
Speaker: Dave Gerry, CEO, Bugcrowd
Overview:
A 27-year-old bug, hiding in plain sight inside one of the internet's most trusted operating systems, was found in two days by an AI model. It cost $20,000 in compute. For a human researcher, it would have taken months, if they'd thought to look at all.
That's not a hypothetical. That happened last month. And it's one of thousands of bugs AI models found in that same period.
Welcome to Bugmageddon. AI-powered vulnerability discovery has stopped being a future concern and become a present one. Bug submissions are up 76% year-on-year. The average time to fix a vulnerability has blown out from 160 to 230 days. And the window between a bug being found and it being actively weaponised has collapsed from over two years to less than 22 hours.
But here's what the headlines aren't telling you: more bugs doesn't automatically mean better security. It can mean the opposite. As AI accelerates discovery at one end, it's also flooding organisations with something just as dangerous as unpatched vulnerabilities: noise. At Bugcrowd, we've seen submission queues increase by more than 334% in three weeks, driven not by legitimate research but by what we call "sloptimism" — AI-generated, unvalidated reports submitted in bulk, with thin evidence and little to no proof of real-world impact. Security teams are already stretched. Sorting through waves of speculative findings pulls focus away from the vulnerabilities that actually matter.
The organisations that navigate Bugmageddon successfully won't be the ones who simply receive more reports. They'll be the ones who can tell the difference between a finding and a real risk, and act on it faster than the attackers can.
In this session, Bugcrowd CEO Dave Gerry draws on the company's platform data and its annual research across more than 2,000 ethical hackers to lay out what this moment actually demands from security teams. AI is a powerful discovery tool on both sides of the fence. But human judgement — the kind that validates a finding, understands its context, and knows where it sits in your risk profile, is what determines whether any of it makes your organisation safer.
82% of ethical hackers now use AI in their workflows. 74% say it's made their work more valuable. And 73% still believe human skill outperforms AI when it counts most. The goal isn't to slow AI down. It's to keep humans firmly in the loop.
Australian Information Security Association (AISA) Ltd
Level 8, 65 York Street, Sydney NSW 2000 | 02 8076 6012 | ABN: 18 171 935 959
Copyright © 2026 AISA Sec Days All Rights Reserved