MAY 13 | SECURITY LEADERS TRACK

For CISOs and senior decision-makers shaping strategy and resilience.

9:00 AM AEST
KEYNOTE: THE CISO’s ROLE IN ENTERPRISE TRANSFORMATION

The role of the CISO has expanded far beyond protecting systems and responding to incidents. Today’s security leaders are expected to influence culture, guide enterprise-wide change, and align security strategy with evolving business priorities – often without direct authority.

In this keynote, senior security leaders and industry experts explore how modern CISOs operate as transformation leaders. The discussion examines how effective CISOs drive change across complex organizations, manage resistance without relying on fear or technical mandates, and build durable partnerships across IT, cloud, and engineering teams.

Rather than focusing on tools or frameworks, this session offers candid leadership perspectives on navigating uncertainty, balancing progress with operational reality, and embedding security into the fabric of the business. Attendees will leave with practical insight into what it takes to lead security transformation that lasts.

Brian Castagna
SVP, Chief Security Officer
Rapid7

Horst Moll
CISO, Information Technology Security, Risk & Compliance
Miltenyi Biotec

Craig Robinson
Research Vice President, Security Services
IDC

10:00 AM AEST
HOW EXPOSURE INSIGHTS HELP ESTABLISH ACTIONABLE RISK AND SECURITY GOALS

Jane Man
Senior Director, Product Management
Rapid7

Jamie Cowper
Director, Product Marketing
Rapid7

Learn more

Security leaders rarely fail due to lack of visibility. They fail when decisions made under pressure can’t be explained, defended, or sustained across the organization.

This exposure management session examines the ways that security leaders collaborate with their cross-functional partners to set security and risk goals across the business, and how they use SLAs/SLOs as a governance mechanism to bridge the gap between identifying exposures and remediating them. Using real-world scenarios and industry research, including IDC findings on cross-functional accountability and cloud responsibility models, we explore the ways that modern security programs prioritize action to known exposures, build formal processes for managing risk exceptions, and accelerate their time to respond to active threats.

11:00 AM AEST
A CISO’s GUIDE TO MDR ACCOUNTABILITY AND OUTCOMES

Alan Simpson
Field CISO
Rapid7

Jamie Ridge
VP, Sales Engineering
Rapid7

Mikayla Wyman
Senior Manager, Product Marketing – MDR and Services
Rapid7

Learn more

Security leaders can no longer rely on activity to demonstrate effectiveness – they’re held accountable for outcomes. As attackers move faster and complexity increases, CISOs must decide what actually matters, what can be ignored, and how much risk is acceptable in real time.

Through a candid discussion, CISOs and industry experts explore what “good” MDR actually looks like in practice, how leaders measure effectiveness beyond alert volume, and where responsibility truly sits. Attendees will gain practical insight into how MDR supports faster, more confident decision-making, enables risk tolerance in the face of attacker speed, and helps organizations focus on outcomes rather than activity.

11:40 AM AEST
CUSTOMER PANEL: WHAT CISOs WOULD DO DIFFERENTLY IF STARTING TODAY

If today’s CISOs could start over, what would they change first?

In this closing panel, experienced CISOs and security leaders reflect candidly on the lessons they’ve learned running security programs through rapid change, growing complexity, and escalating threats. Rather than revisiting tools or roadmaps, the conversation focuses on what actually matters in 2026 – where leaders would simplify, what they would stop doing immediately, and which decisions had the greatest impact on reducing risk and building resilience.

This session offers practical perspective for security leaders at any stage, grounding the summit’s themes in real experience and leaving attendees with clarity, confidence, and a sharper sense of where to focus next.

Jonathan Chow
Chief Information Security Officer
Genesys

Gregory Pickett
Cybersecurity Expert
Hellfire Security

Chris Hippensteel
Director of Information Technology
New Resources Consulting

Tony Arnold
CISO
TSB Bank Limited