Welcome Reception | Sunday 2 September 2018

The ISACA Melbourne Chapter will be hosting welcome drinks for all delegates attending the Oceania CACS Conference. The Reception will feature a Keynote Address

17:30 Pre-registration for the conference
18:00 – 19:00 Welcome Reception | Pan Pacific Melbourne, 2 Convention Place, South Wharf, Victoria




Official Welcome from ISACA Melbourne Chapter

Anthony Rodrigues, Chair, Oceania CACS Conference 2018 Organising Committee


Opening remarks from the Chair


Keynote | Australia’s Cyber Security Strategy


KEYNOTE | Victorian State Cyber Strategy – Shifting the Conversation About Cyber Risk

Victoria’s CISO, John O’Driscoll will outline the 23-point strategy, the approach, the focus on partnering and risk, progress to date and the challenges and lessons learned from implementation.

John O’Driscoll, Chief Information Security Officer, Department of Premier and Cabinet Victoria


Networking and refreshment break


PANEL | Resilience and trust – before, during and after a cyber attack

Moderator: Michael Trovato, ICG Global Practice Leader Cyber Security and Managing Director, Information Integrity Solutions
Lynwen Connick, Chief Information Security Officer, ANZ
Carl Michael, Chief Technology Officer, LUCRF Super
Berin Lautenbach, CISO Asia Pacific, Telstra


KEYNOTE | ‘SheLeadsTech’ goes to the United Nations

ISACA’s ‘SheLeadsTech’ program, although in its infancy, has been recognised at the highest level globally. Hear how it’s global head, Jo Stewart-Rattray made valuable connections that opened extraordinary doors to allow ‘SheLeadsTech’ program to be an active part of the 62nd Session of the Commission on the Status of Women at the United Nations earlier this year.

Jo Stewart-Rattray, Director of Information Security & IT Assurance, BRM Holdich, Director, ISACA International Board of Directors


PANEL | Women in Technology: the Future

Come and hear some of our top female leaders talk about their visions for the future of women in the tech workforce and more specifically how women can rise to leadership roles in greater numbers than we are seeing today.


Lunch and networking break


Moderator: Daniel Tomah, Head of Enterprise Technology Risk and Compliance, ANZ

14:10 Effective executive and board presentations – start with the answer

Tim Mason, Senior Vice President, Operations & Chief Experience Officer, ISACA

14:45 The calm before the storm – how to prepare and manage a crisis

Ben Agar, Group Enterprise & Technology Risk Manager, SEEK

15:20 Afternoon Tea & Networking Break

15:50 Risk Culture – can you really measure it?

Justin Greenstein, Conduct Risk and Product Governance, ANZ
Emma Walch, Audit Director, Culture, ANZ

16:25 Cybersecurity and Business Architecture

Carl Michael, Chief Technology Officer, LUCRF Super


Moderator: Mitra Minai, Principal Security Risks and Controls Advisor, NAB

14:10 IT Governance

Tony Hayes, Deputy Director-General, Queensland Government

14:45 Evolving the Hunt – Reducing Attacker Dwell Time

Wayne Tufek, Director, Cyber Risk

15:20 Afternoon Tea & Networking Break

15:50 Implementing Information Security Governance: A Real-Life Example

Bruce Edwards, Manager – Information Systems Audit and Assurance, Audit New Zealand & President of ISACA Wellington Chapter

16:25 Securing Australia’s Cyberspace

Michelle Price, COO, Australian Cyber Security Growth Network


Moderator: Pippa Andrews, Principal – A&A Technology and Controls, Deloitte

14:10 Third Party Security Assessment – Risk & Pitfall to avoid

Abbas Kudrati, CISO, KPMG

14:45 Insider Risk: Mastering The Human Factors

Dr Tim Doyle, Principal Psychologist, Proof of Character

15:20 Afternoon Tea & Networking Break

15:50 Agile, Devops and Compliance

Nick Deitz, Enterprise Risk Manager, Atlassian

12:15 The New Normal, Critical Issues Reshaping the Privacy Landscape

Rachel Dixon, Privacy and Data Protection Deputy Commissioner, Office of the Victorian Information Commissioner


Closing Remarks


Opening Remarks from the Chair

Anthony Rodrigues, Chair, Oceania CACS Conference 2018 Organising Committee



Matt Loeb, Chief Executive Officer, ISACA


Sponsors Address


PANEL | Information Security Governance in Agile World

Agile gave us a set of principles that allowed us to build projects in an iterative fashion and respond to charge. In general, the security requirements are left until end that can be detrimental to product functionality and quality. This begs the question: What would it take to do application security in an agile manner.

Moderator: Ashutosh Kapse, Head of Cybersecurity, IOOF Holdings Ltd Australia
Samantha Macleod, Chief Information Security Officer, AGL
Catherine Buhler, Chief Information Security Officer, BlueScope Steel.
Michelle Beveridge, CIO, Intrepid Travel
Tristan Bui, Senior Manager, Technology & Cyber Risk, Australia Post


Networking and refreshment break


Moderator: Michelle Vierke, Cyber Security Governance – Risk & Assurance, Telstra

11:40 Security Awareness Training: You’re Doing it Wrong

Aaron Doggett, Regional Director & Principal Advisor, Hivint

12:15 Where are the Cybersecurity skills?

Daniel Merriot, Principal Consultant, BSMimpact


Moderator: Andreas Dannert, Enterprise Security – Architect, NBN

11:40 Cyber resilience in a hyper connected world: The Five Essentials

Phillimon Zongo, Head of CyberSecurity, Crestone Wealth Management

12:15 Critical Infrastructure Protection and Risk

Matthew Warren, Deputy Director of the Centre for Cyber Research, Deakin University


Moderator: Sandeep Taileng, Manager Technology and Cyber Risk, Australia Post

Integrated Assurance: Balancing Risk, Compliance & Quality

Michael Nyhuis, Director and Principal Consultant, Solisma

12:15 Boards and the Starship Enterprise have more in common than you think

Ashley Howden, CEO, KJR


Lunch and networking break


End of Conference

Careers Expo | Free to Attend
Afternoon 4 September 2018 | 14:00 – 17:00

This expo will provide information on education opportunities in information security, audit and assurance, governance, and risk management. It will exhibit a vast array of career advice, employment opportunities, corporate, and large University and training representation. This expo would offer advice to a broad range of job seekers, students, experienced professionals looking for a career change, professional development, or study’. Please refer to the website for further updates.


Contemporary IT Governance in Management using COBIT5 and other international best practices

This masterclass will focus on sharing insights on using ‘cotemporary’ approaches to using ‘timeless’ best-practices such as COBIT5. We will explore:

  •  IT’s identity crisis: How to remain essential as the business evolves
  •  Lies business and technology professionals tell themselves
  •  Modern day IT governance and assurance requirements
  •  Old-school IT GRC principles that still rule
  •  How to thrive as a ‘value broker’
  •  Bringing the ‘best’ out of ‘best practices’

Paras Shah, Practice Lead – Strategic Advisory, Vital Advisory


ISACA’s audit/ assurance program based on NIST framework

NIST Cybersecurity framework is widely used by enterprises as their cyber governance model. ISACA has developed an Audit/Assurance programme based on the NIST framework. ISACA’s program is aligned with the COBIT 5 framework & is designed to provide management with an assessment of the effectiveness of its organization’s cyber security identify, protect, detect, respond, and recover processes and activities. This audit/ assurance program provides enterprise leaders confidence in the effectiveness of their organisation’s cybersecurity governance, processes and controls.

Ashutosh Kapse, Head Cybersecurity and Technology Risk, IOOF Holdings Ltd.

Gala Dinner | Monday 3 September 2018

One of the main highlights of ISACA CACS, the Gala Dinner is a sumptuous sit-down event attended by delegates, sponsors, exhibitors, speakers and other attendees; offering a chance to truly solidify business relationships in an informal and enjoyable environment.

18:30 Showtime Events Centre, 61 South Wharf Promenade, South Wharf, Victoria

19:30–20:15 Presentation of Awards – Please see website for further updates and nomination process