Welcome Reception | Sunday 2 September 2018

The ISACA Melbourne Chapter will be hosting welcome drinks for all delegates attending the Oceania CACS Conference. The Reception will feature a Keynote Address

17:30 Pre-registration for the conference
18:00 – 19:00 Welcome Reception | Pan Pacific Melbourne, 2 Convention Place, South Wharf, Victoria




Official Welcome from ISACA Melbourne Chapter

Anthony Rodrigues, Chair, Oceania CACS Conference 2018 Organising Committee & President, ISACA Melbourne Chapter


Opening remarks from the Chair


KEYNOTE | The Future of Cyber Security in Australia

Gai Brodtmann, Shadow Assistant Minister for Cyber Security


KEYNOTE | Victorian State Cyber Strategy – Shifting the Conversation About Cyber Risk

Victoria’s CISO, John O’Driscoll will outline the 23-point strategy, the approach, the focus on partnering and risk, progress to date and the challenges and lessons learned from implementation.

John O’Driscoll, Chief Information Security Officer, Department of Premier and Cabinet Victoria


Networking and refreshment break


PANEL: Resilience and trust – before, during and after a cyber attack

High profile data breaches at PageUp, Equifax, Target, Sony, and others have demonstrated the perils of poorly handling a bad situation. Today’s landscape provides for enormous opportunities and daunting challenges for boards and executives to manage privacy and security. But how do you manage risks and opportunities to grow, enhance profit or manage costs, protect and optimise performance, and innovate continuously? Hear from the expert panel how they resist, respond, and reshape their organisations to protect brand and reputation, while delivering value to their organisation.

Moderator: Michael Trovato, ICG Global Practice Leader Cyber Security and Managing Director, Information Integrity Solutions
Lynwen Connick, Chief Information Security Officer, ANZ
Carl Michael, Chief Technology Officer, LUCRF Super
Berin Lautenbach, CISO Asia Pacific, Telstra


KEYNOTE | ‘SheLeadsTech’ goes to the United Nations

ISACA’s ‘SheLeadsTech’ program, although in its infancy, has been recognised at the highest level globally. Hear how it’s global head, Jo Stewart-Rattray made valuable connections that opened extraordinary doors to allow ‘SheLeadsTech’ program to be an active part of the 62nd Session of the Commission on the Status of Women at the United Nations earlier this year.

Jo Stewart-Rattray, Director of Information Security & IT Assurance, BRM Holdich, Director, ISACA International Board of Directors


PANEL | Women in Technology: the Future

Come and hear some of our top female leaders talk about their visions for the future of women in the tech workforce and more specifically how women can rise to leadership roles in greater numbers than we are seeing today.

Diana Hamono, Partner – Internal Audit, Synergy Group
Mitra Minai, Principal Security Risks & Controls Advisor, NAB
Marie Felsbourg, Director, Astral Consulting Services Pty Ltd.
Moderator: Jo Stewart-Rattray, Director of Information Security & IT Assurance, BRM Holdich, Director, ISACA International Board of Directors


Lunch and networking break


Moderator: Daniel Tomah, Head of Enterprise Technology Risk and Compliance, ANZ

The Future of IT Audit

Gary Van Prooyen, Vice President of Marketing, Communications and Content, ISACA

14:45 The calm before the storm – how to prepare and manage a crisis

Ben Agar, Group Enterprise & Technology Risk Manager, SEEK

15:20 Afternoon Tea & Networking Break

15:50 Risk Culture – can you really measure it?

Justin Greenstein, Conduct Risk and Product Governance, ANZ
Emma Walch, Audit Director, Culture, ANZ

16:25 Cybersecurity and Business Architecture

Carl Michael, Chief Technology Officer, LUCRF Super


Moderator: Mitra Minai, Principal Security Risks and Controls Advisor, NAB


Business reform, competitive advantage and cost minimisation are fundamental to the success of private sector, not for profit and public sector agencies across the world. Underpinning these initiatives are properly balanced governance arrangements that ensure the reform delivers as intended. IT Governance is integral to this as IT is present in all areas of business and service delivery.

This presentation will cover the following critical issues of IT Governance to enable you to be well equipped at the Board and senior executive levels of your organisation.

– IT Governance in the past and present
– What lessons have been learnt?
– What does the IT industry say?
– Impact of emerging technologies and trends
– Areas to strengthen
– Governance of Digital Transformation into the future.

Tony Hayes, Deputy Director-General, Queensland Government

14:45 Evolving the Hunt – Reducing Attacker Dwell Time

Wayne Tufek, Director, Cyber Risk

15:20 Afternoon Tea & Networking Break

15:50 Implementing Information Security Governance: A Real-Life Example

Bruce Edwards, Manager – Information Systems Audit and Assurance, Audit New Zealand & President of ISACA Wellington Chapter

16:25 Securing Australia’s Cyberspace

Belinda Newham, AustCyber’s Chief of Strategy, will be discussing how the cyber security sector can build overall sectoral resilience through achieving the trust of the public.

Cyber security is still an emerging sector and arguably immature when compared to fields such as medical, law and industry. Belinda will be discussing examples of highly trusted professions and how they achieved it, as well as how the cyber security sector can become more recognised and trusted to further secure our place in the ecosystem, while securing Australia.

Belinda Newham, Chief of Strategy, AustCyber


Moderator: Pippa Andrews, Principal – A&A Technology and Controls, Deloitte

14:10 Third Party Security Assessment – Risk & Pitfall to avoid

Abbas Kudrati, vCISO/ Principal- Cyber Security, Pitcher Partners

14:45 Insider Risk: Mastering The Human Factors

Dr Tim Doyle, Principal Psychologist, Proof of Character

15:20 Afternoon Tea & Networking Break

15:50 Agile, Devops and Compliance

Nick Deitz, Enterprise Risk Manager, Atlassian

16:25 The New Normal, Critical Issues Reshaping the Privacy Landscape

Rachel Dixon, Privacy and Data Protection Deputy Commissioner, Office of the Victorian Information Commissioner


Closing Remarks

Gala Dinner | Monday 3 September 2018

One of the main highlights of ISACA CACS, the Gala Dinner is a sumptuous sit-down event attended by delegates, sponsors, exhibitors, speakers and other attendees; offering a chance to truly solidify business relationships in an informal and enjoyable environment.

18:30 Showtime Events Centre, 61 South Wharf Promenade, South Wharf, Victoria

19:30–20:15 Presentation of Awards – Please see website for further updates and nomination process


Opening Remarks from the Chair

Anthony Rodrigues, Chair, Oceania CACS Conference 2018 Organising Committee & President, ISACA Melbourne Chapter


KEYNOTE | Effective executive and board presentations – start with the answer

Gary Van Prooyen, Vice President of Marketing, Communications and Content, ISACA


Use of leading edge technology to better manage cyber risks

Charlie Offer, Partner, EY


PANEL | Information Security Governance in Agile World

Agile gave us a set of principles that allowed us to build projects in an iterative fashion and respond to charge. In general, the security requirements are left until end that can be detrimental to product functionality and quality. This begs the question: What would it take to do application security in an agile manner.

Moderator: Ashutosh Kapse, Head of Cybersecurity, IOOF Holdings Ltd Australia
Samantha Macleod, Chief Information Security Officer, AGL
Catherine Buhler, Chief Information Security Officer, BlueScope Steel.
Michelle Beveridge, CIO, Intrepid Travel
Tristan Bui, Head of Risk – Technology, Cyber, Fraud and Head of Risk – International, Australia Post


Networking and refreshment break


Moderator: Michelle Vierke, Cyber Security Governance – Risk & Assurance, Telstra

11:40 Security Awareness Training: You’re Doing it Wrong

Aaron Doggett, Regional Director & Principal Advisor, Hivint

12:15 Where are the Cybersecurity skills?

Daniel Merriott, Principal Consultant, BSMimpact


Moderator: Andreas Dannert, Enterprise Security – Architect, NBN

11:40 Cyber resilience in a hyper connected world: The Five Essentials

Phillimon Zongo, Head of CyberSecurity, Crestone Wealth Management

12:15 Critical Infrastructure Protection and Risk

Prof. Matthew Warren, Deputy Director of the Centre for Cyber Research, Deakin University


Moderator: Sandeep Taileng, Manager Technology and Cyber Risk, Australia Post

11:40 Integrated Assurance: Balancing Risk, Compliance & Quality

Michael Nyhuis, Director and Principal Consultant, Solisma

12:15 Boards and the Starship Enterprise have more in common than you think

Ashley Howden, CEO, KJR


Lunch and networking break


End of Conference

Tuesday 4 September 2018 | 14:00 – 17:00

Contemporary IT Governance in Management using COBIT5 and other international best practices

This masterclass will focus on sharing insights on using ‘cotemporary’ approaches to using ‘timeless’ best-practices such as COBIT5. We will explore:

  •  IT’s identity crisis: How to remain essential as the business evolves
  •  Lies business and technology professionals tell themselves
  •  Modern day IT governance and assurance requirements
  •  Old-school IT GRC principles that still rule
  •  How to thrive as a ‘value broker’
  •  Bringing the ‘best’ out of ‘best practices’

Paras Shah, Practice Lead – Strategic Advisory, Vital Advisory


ISACA’s audit/ assurance program based on NIST framework

NIST Cybersecurity framework is widely used by enterprises as their cyber governance model. ISACA has developed an Audit/Assurance programme based on the NIST framework. ISACA’s program is aligned with the COBIT 5 framework & is designed to provide management with an assessment of the effectiveness of its organization’s cyber security identify, protect, detect, respond, and recover processes and activities. This audit/ assurance program provides enterprise leaders confidence in the effectiveness of their organisation’s cybersecurity governance, processes and controls.

Ashutosh Kapse, Head Cybersecurity and Technology Risk, IOOF Holdings Ltd.

Careers Expo | Free to Attend
Tuesday 4 September 2018 | 14:00 – 17:00

This expo will provide information on education opportunities in information security, audit and assurance, governance, and risk management. It will exhibit a vast array of career advice, employment opportunities, corporate, and large University and training representation.

This expo would offer advice to a broad range of job seekers, students, experienced professionals looking for a career change, professional development, or study’. Please refer to the website for further updates.


Registration (For non-conference delegates only)


Official welcome from ISACA Melbourne Chapter

Anthony Rodrigues, Chair, Oceania CACS Conference 2018 Organising Committee & President, ISACA Melbourne Chapter


KEYNOTE | It’s Your Career!

Come and hear Jo Stewart-Rattray talk about taking control of your career to achieve your goals etc.

Jo Stewart-Rattray, Director of Information Security & IT Assurance, BRM Holdich


La Trobe University

Dr Paul A. Watters, Professor & Program Director – Cybersecurity, La Trobe University




Swinburne University of Technology

Dr. Mark Dale, Industry Fellow, Program Director: Masters of Digital Business Management, Swinburne University of Technology


Box Hill Institute

Deborah Thomas, Box Hill Institute




Networking and refreshment break


KEYNOTE | New friends, colleagues and clients, my ISACA journey

  • 10 years ago David was elected to the ISACA Canberra Chapter Board, since that time David has contributed to ISACA both locally and internationally in a variety of roles.  In this presentation David will share how his contribution to ISACA has helped him develop his career and make some lifelong friends.

David Berkelmans, IT Audit Executive Director, Synergy Group


PANEL | Career Development

  • Career support, advancement and sustainment;
  • Enhancing leadership development, training and educational opportunities
  • Attracting more women into the technology professions
  • Sharing of practical experiences or tips for women to excel in their journey

Marie Felsbourg, Director, Astral Consulting Services Pty Ltd
Prof. Jill Slay, Optus Chair of Cyber Security, LaTrobe University and Director of Cyber Resilience Initiatives, Australian Computer Society
Shamane Tan, Cyber Security Advisor – APAC, Privasec
Abbas Kudrati, vCISO/ Principal- Cyber Security, Pitcher Partners
Moderator: Matt Tett, Chairman & Managing Director, Enex Test Lab


CLOSING | Closing remarks from the Chair