58% Unprepared: Are We Sleepwalking Into the Big One
In the last two years we’ve seen breaches that once belonged in Hollywood scripts: Optus, Medibank, Latitude Financial here in Australia with MGM Resorts in the US and Marks & Spencer in UK as a few recent examples. These weren’t just embarrassing headlines. They caused billions in losses, eroded trust, and proved attackers can outpace ... Read more
Are Australian brands becoming sitting ducks in cyber security?
Reflections of a concerned practitioner Picture this: a row of ducks at a carnival shooting range. Most look identical, bobbing along on the conveyor belt. Then there’s one that looks slightly darker, slower, easier to hit. Now swap those ducks for some of Australia’s biggest brands and you start to see the problem. Despite spending ... Read more
From Tech Jargon to Boardroom Clarity: Why CISOs Must Become Translators, Not Technicians
Boards don’t want packet captures. They want clarity. Yet many CISOs still walk into boardrooms armed with acronyms, attack trees and war stories. The result? Blank stares. Take “lateral movement.” To a security team, it’s technical precision. To your board, it’s noise. What they actually need to hear is: “Attackers rarely stop at the first ... Read more
Can AI Fix What We Broke?
Rethinking the People–Process–Technology Equation in Cyber Security For over two decades, we’ve been told that the strength of any cyber security program rests on three legs: People, Process and Technology and how well they work together. The problem is, one of those legs often wobbles and we keep trying to balance it with expensive tech ... Read more
The new compliance clock: Why CISOs must treat SBOMs as business maps, not regulatory homework
“When something breaks, can you tell me what was affected, who owns it and how much it’s costing us per day?” That’s the question more boards are now asking and fewer CISOs can confidently answer. In 2025, that’s no longer just a visibility issue. It’s a regulatory one. Across the United States, Europe and Australia, ... Read more
Ransomware just got promoted to the Cloud
Reflections of a concerned practitioner You’ve definitely done the work after the last regulator report. You’ve locked the doors, patched the servers and armed your endpoints with more acronyms than a government tender. EDR. XDR. NGFW. You are using signature based detection, heuristics, sandbox, automated response and god knows what’s coming next year, job done ... Read more
The Missing Ingredient in Australia’s Cyber Security Strategy: Why Horizon 2 Needs an Innovation and Commercialisation Focus
Australia is full of strong cyber talent, quality research and people who know how to build good technology. What we lack is the machinery to turn those national strengths into companies that can stand on their own two feet globally. Despite the momentum behind the national cyber strategy, the earliest stages of cyber innovation still ... Read more
Building the Next Wiz From Australia: Escaping the Typical Start ups Valley of Death
Australia is at an inflection point. Recent major data breaches have pushed cybersecurity into the headlines, cybercrime is reported roughly every few minutes keeping boards on their toes. The Australian federal government has declared an ambition to be a world leader in cyber by 2030, backed by a multi‑year, multi‑billion‑dollar strategy. The ingredients look promising, ... Read more