Our panelists

Insurance CISO Panel


Moderator: Helaine Leggat, Director, Information Legal



Helaine Leggat is one of a few people in the world to hold a bachelor of law degree together with CISSP, CISM, CIPP and CIPP/IT Credentials. Helaine has specialised in information (cyber) law, information security, information governance and information privacy since 2000 and has provided services to public and private sector organisations globally across all sectors. In 2012 she settled in Melbourne where she co-founded Information Legal, a uniquely differentiated risk and advisory service founded on a belief that cyber law is empowering and that it is essential to know your rights. Helaine’s professional affiliations and memberships are numerous, and include her appointment as a Member of the Expert Network for the Australian Department of Industry and Science and inclusion in the Ducere Global Faculty of thought leadership. Her understanding of the relationships between people, information technology, global business and international imperatives lie at the heart of Information Legal’s strategy. Her current energies are directed at the establishment of new norms in Cyberspace, including the adoption of active defence and the development of international law and ethics in support of a continuing rules-based global order. 


Grae Meyer-Gleaves

 

Grae Meyer-Gleaves has a Masters in Business Administration and has been working in Information and Communications Technology (ICT) for over 20 years. Grae started his career in the Australian Army where he became a soldier and studied electronics &; communications systems.

Since leaving the Army, Grae has held positions with some of Australia’s leading organisations such as Westpac, QGC – A BG-Group business, Bank of Queensland, Data#3, Brisbane City Council and Fortinet. He is responsible for IT Security, Risk & Compliance in his current role at Allianz Australia Limited.

Ajoy Ghosh

Honoured by AusCERT as one of three a finalists for the 2015 AusCERT Awards, by ISC2 as Australia’s Senior IT Security Professional for 2009 and by ISACA for achieving the top score in the world for the CISA examination, Ajoy Ghosh has 20+ years experience in cyber security. After graduating as a Computer Engineer, he spent a number of years in various capacities in law enforcement, banking, consultancy and government. He is currently serving as the interim CISO for Insurance and Care NSW, the NSW Government’s recently formed general insurance company.

Ajoy is the author of Standard Australia’s Handbook 171 Guidelines on the Management of IT Evidence and co-author of Handbook 231 Information Security Risk Management Guidelines (now ISO 27005). He advises a number of industry and government committees on cyber security and terrorism. He also lectures in cybercrime, computer evidence and cyber warfare to post-graduate law and international studies students.

Ian Cameron, IAG



Ian is currently head of Cyber Security Strategy & Governance for Australia’s largest general insurer, Insurance Australia Group (IAG). He has over 30 year’s experience in the IT industry with 20 of those years specializing in Security Design & Architecture. Before joining IAG, Ian has held various roles in financial services, telco and logistics sectors. Ian holds a Bachelor of Business as well as certifications in CISSP, CISM and CRISC.

Guy Eilon, Forcepoint



Guy Eilon has been with Forcepoint (formerly Websense) for almost 8 years, starting out as the company’s Mediterranean Regional Manager in 2009. In 2012, he was promoted to the role of South East Europe Regional Manager, which later expanded to cover Russia, and he eventually went on to assume the role of Eastern Europe, Russia & CIS Regional Director.

In 2015, Guy was appointed Forcepoint Country Manager for Australia and New Zealand. With extensive experience in the IT, technology and security space working across multiple markets, Guy has firmly established himself as a leading force in the industry. In his current role, Guy supports large enterprises to implement the latest IT security solutions, helping them to effectively manage risk and protect against emerging threats across all aspects of their business.

Ron Gula



Frequently sought out by media such as the Bloomberg, Forbes and New York Times, Ron Gula is one of the leading cyber security thinkers in the industry. Ron started his career in information security at the National Security Agency conducting penetration tests of government networks and performing advanced vulnerability research. He was also the original author of the Dragon Intrusion Detection System and CTO of Network Security Wizards, acquired by Enterasys Networks. After co-founding Tenable Network Security in 2002, Ron served as CEO. Under his leadership the company became the leader in continuous network monitoring and is now relied upon by organisations world-wide to identify vulnerabilities, reduce risk, and ensure compliance.
Ron has received special awards for leadership from both The Washington Post and The Baltimore Sun, and was named Ernst and Young Entrepreneur of the Year 2013 for defense and security. Ron holds a BS from Clarkson University and an MSEE from the University of Southern Illinois.

Health panel


Moderator: Louisa Vogelenzang, Dimension Data



Louisa’s career in cyber security commenced at nCipher (Cambridge, UK), specialising in encryption solutions widely adopted by banks and governments for securing payments and underpinning trust of digital certificates. Working with European based clients and channel partners for nCipher and Global French defence organisation; Thales e-Security, Louisa witnessed the European market embracing cyber-security and the effect of EU directives for data protection and e-privacy.  One of Louisa’s passions was to live in Australia and the opportunity arose in 2012 where she took up a Security Specialist role with Dimension Data Australia. Louisa is passionate and combined with strong communication and commercial skills, enables her to bridge the missing link between business requirements and the technical elements of cyber security. She was recently appointed Security Practice Manager for Dimension Data Victoria and South Australia where she leads a team of over 30 Security Architects, Technical Consultants and Engineers. As an active member of AISA since moving to Australia, Louisa has been contributing to the Melbourne committee since 2014. Louisa also holds a BSc (Hons) (2:1) in Physiotherapy (2004) and is currently studying for her CISM.

 John Musich - Telstra Health



John Musich is a security professional with a broad range of experience covering security and risk program management, security consulting, audit, architecture and solution design, and development and implementation of policies and standards.

Keith D. Holtham, Emerging Technologies Lead, A/NZ, Check Point Technologies



Bill Taylor, General Manager and Vice President – Asia Pacific and Japan, LogRhythm
 

 
Bruce Haefele, General Manager, Technology, Health Direct



Bruce is the Technology executive for Healthdirect Australia where he leads and executes the vision and strategy for technology innovation, platform service, directory services and security across all of Healthdirect Australia’s services. His teams face today's challenges of agility and speed in a high-risk, high-compliance environment which can only be addressed by integrating security into everything they do.
 
Prior to joining Healthdirect Australia Bruce held technical leadership roles around the world, primarily in government, healthcare and financial services. He has extensive experience across a broad range of information technology domains with a track record of successful delivery. Bruce is passionate about applying technology to make a difference improving social outcomes, particularly for health, and loves being an agitator for change.

Telecom Panel

Moderator: Gareth Willis



Gareth has been engaged with the IT Industry for over 20 years, primarily within Mining and Oil & Gas. His professional interests include predictive technologies for addressing insider threats, the evolution and erosion of Privacy, and the cultural implementation of risk management. Gareth is a SANS Certified GIAC and holds an MBA from the University of Western Australia.

Brian Williams

Brian has worked in a number of Information Security roles over the last 31 years including Federal Government agencies, Large Corporates and Private Consulting. He is currently one of Optus’s senior Technical Product Managers in our Cyber Security Centre of Excellence working on a number of security initiatives to protect our customer’s corporate reputations and brand assets. Brian holds a Masters of Business Administration majoring in Enterprise Security Management along with a Graduate Certificate in Business Administration and an Associate Diploma in Electronic Engineering.

Jon Piercey, Vice President, APAC, 



Jon has more than 20 years sales experience with leading software vendors and specialist knowledge in enterprise risk management. Currently Jon is responsible for sales and developing new customers for Cognevo in the Asia Pacific region. He was previously VP Sales for Wynyard Group’s risk management (Methodware) and investigations business units. Prior to joining Methodware Jon was Business Development Manager for Cura Risk Management Software, and Australian Country Manager for Information Builders, a global business intelligence software provider.

Elrich Engel - Vodafone



Elrich Engel is the Head of Technology Security at Vodafone Hutchison Australia, where his responsibilities include all aspects of cyber security, spanning across the IT and Engineering domains. A seasoned security professional with a passion for cyber security governance, performance-based security management and threat intelligence. He has over 12 years of IT and network security engineering experience with certifications in the areas of Security Leadership, Security Architecture, IT Service Management (ITIL) and IT Governance (COBIT), amongst others. Prior to joining Vodafone Hutchison Australia, Elrich has held leadership positions at Vodacom South Africa, where we was responsible for building the security capability across a number of Vodafone markets in the region, as well as roles with Sensis, the South African Government, and various system integrators.
 
Elrich was instrumental in building the Vodafone regional Security Operations Centre, which currently services 17 markets in Africa. More recently, he has built the newly established Cyber Defence & Response Centre at Vodafone Hutchison Australia. He is also currently working with the Australian Cyber Security Centre (ACSC) as part of the Communication Services Provider (CSP) Programme, to support the goal of protecting Australia’s national security and economic prosperity from cyber threat.

John Cunningham, Vice President of Sales - APAC, Cloud Security




As Vice President for Cloud, Asia-Pacific at Blue Coat, John is responsible driving the company's Cloud Security business in the region. John was previously the APAC Managing Director for Elastica, recently acquired by Blue Coat. 

Prior to joining Elastica, John served as Managing Director at Qualys, where he led built and then led the APAC sales team. In his 3 years at Qualys, John was instrumental in developing a number of strategic regional partnerships and growing the APAC customers and revenue over 300% by developing new markets.

John has had over 34 years’ experience in technology and has also held roles as VP of Product Management and Program Management. Previous to Qualys John was the Managing Director at iPass and prior to this served 20 years with the Royal Australian Navy working with Combat Systems, Simulation Platforms and High Security Networks.

Critical Infrastructure Panel


Ross Lettau - Head of Security & Risk (NGIS) at Transport



Ross Lettau is the Head of Security & Risk (NGIS Program) at Transport for NSW. He has over 15 years of experience across Business and Information Technology (IT) related disciplines within all major market sectors. He enjoys leading business and teams through complex organisational change and transformation in business related (Legal, Compliance, Corporate Risk Management, Information Security and Corporate Infrastructure) and Information Technology related disciplines. Ross has a passion for translating the complexities of business to executives and operational staff, ensuring that they are left informed and empowered to make better business decisions.

Stephen Frede - Systems Security Operations Manager at Ausgrid



Stephen has been working in Information Security for over 20 years (he is proud of his 2-digit AISA member number). He has been an information security manager for Optus, AMP, JP Morgan, Sydney Water and Ausgrid. Over the years, Stephen has spoken at over 60 information security events and been published in a range of magazines. He is optimistic about Information security (we have come amazingly far in the last 20 years), but the biggest single initial compromise vector is still an end user opening a dodgy attachment or clicking a link and as an industry believes we need to fix that.

Sean Duca, Regional Chief Security Officer, Asia Pacific, Palo Alto Networks 



Sean is the Regional Chief Security Officer for Asia Pacific at Palo Alto Networks where he works on the development of thought leadership, threat intelligence and security best practices for the cyber security community and business executives. 
With more than 17 years of experience in the IT security industry, he acts as a trusted advisor to organisations across the region and helping them improve their security postures and align security strategically with business initiatives.

Prior to joining Palo Alto Networks, he spent 15 years in a variety of roles at Intel Security, with his last position as the Chief Technology Officer for Asia Pacific. Before this, Sean was involved in software development, technical support and consulting services for a range of Internet security solutions.

Sean actively discusses security issues in mainstream media, including television, radio, print and security related broadcasts. He regularly participates in forums, conferences and panels, and provides intelligence on cyber security matters to the public and private sector.

Jason Legge, Head of Security Consulting APAC



Jason is a senior security operations specialist with extensive experience in the areas of security threat analytics and incident response. He joined Huntsman Security having previously headed up the Security Operations Centre for a sensitive UK government agency for many years. As such, he is very familiar with the demands faced by analysts to resolve threats to the enterprise quickly and accurately.

Jason has advised business leaders, security accreditors, IT operations managers and analysts on threat investigation, response and mitigation strategies. He works closely with Huntsman Security’s engineers and partners in the design and development of the Huntsman Defence Grade Security Platform™.

Alex Nehmy, SA Power Networks



Alex is the Enterprise Information Security Manager at SA Power Networks, which is the Electricity Distributor for South Australia. In his role, Alex has provided leadership in the development of a foundational cyber security capability bridging Information Technology and Operational Technology. 
 
With 15 years’ experience in dedicated cyber security roles, Alex brings a passionate and dynamic approach to ensuring a cyber security program prudently addresses business risk. Prior to joining SA Power Networks, Alex built the University of Adelaide’s cyber security group, consulted nationally and internationally for KPMG and worked for a global telecommunications organisation in London.

Retail Panel

Pieter van der Merwe – Woolworths



Pieter is an experienced information security professional currently fulfilling the role of Chief Information Security Officer for Woolworths Limited.  Pieter has over 15 years’ experience in Information Security across a number of geographies and in various capacities and disciplines including cryptography, network security, security architecture, information risk management, security consulting and operations.  Pieter is able to engage stakeholders across the corporate spectrum and articulate the need for information security clearly.
 
Pieter prides himself in taking a practical approach to information security, and is constantly searching for ways to derive the most value out of his current investment in security processes and technologies.  This philosophy has enabled Pieter to successfully lead the deployment of a number of security practices and projects throughout his career. 

Richard Heron – Myer



Richard Heron has worked in Information Security and related fields for over 20 years at a number of large organisations. Currently he manages Information Security and Risk at Myer. His job involves all facets of security; strategy, roadmap creation, security policy, security awareness, implementing security controls and PCI-DSS. His MBA and CISSP qualifications support his experience. Richard is also a marriage celebrant which he enjoys very much. 


Endre Bihari

Endre is an information security professional with over 20 year’s progressive experience across a broad range of functional areas and varied industry segments. He held senior information security positions in a number of Australian household name corporates. He also provided consulting to several overseas governments in his field of expertise. Endre’s academic background includes teaching critical thinking in the context of information security and risk management at Swinburne University. His research area is corporate governance and information security with strong focus on board of directors.

David Meltzer, Chief Research Officer, VP, Corporate Development



David Meltzer is a security industry pioneer bringing a unique blend of technical expertise, entrepreneurial skill and market vision to his current position as Tripwire's Chief Technology Officer. David joined Tripwire through its acquisition of nCircle, where he served as CTO and Vice President of Engineering. Immediately prior to joining nCircle, David was Founder and CTO at Cambia Security, where he pioneered the industry’s first agentless configuration compliance auditing solution. A respected security researcher who founded the industry’s first security vulnerability research group, the ISS X-Force, David is credited with the discovery of numerous security vulnerabilities. He holds a B.S. in Computer Science from Carnegie Mellon University.

Education Panel

Moderator: Dr Jodie Siganto PhD CISSP



Jodie graduated as a lawyer and after 8 years in private practice took the position of in-house counsel for Tandem Computers followed by roles with Unisys Asia and Dell based in Singapore. She returned to Australia in 2000, establishing Bridge Point Communications (specialists in data networking and security) with two other colleagues. She is currently a director of IT Security Training Australia, an (ISC)2 educational affiliate, specializing in the delivery and development of both privacy and IT security and network related training courses and consultancy services around Australia. Jodie holds a PhD from QUT looking at the Privacy Commissioner’s enforcement of NPP 4 (the predecessor to APP 11).  In addition to her other roles, Jodie is collaborating on the Cyber Security Cartographies project, led by researchers from Royal Holloway, University of London, and is Director of AISA’s Cyber Security Academy.

Lynn Batten, Deakin University


 
Professor Lynn Batten holds the Deakin Research Chair in Mathematics and is Director of Information Security Research at Deakin University at its Melbourne campus. She is a Fellow of the Australian Computer Society, a Graduate of the Australian institute of Company Directors and a Senior Member of the IEEE. Her research interests cover a broad set of areas in information security from cryptography to malicious software and digital forensics. She helped develop an undergraduate three year course in information technology security at Deakin University which now graduates over 50 people every year. 
 
Fred Fattal (prev. TAFE NSW)



Fred Fattal (PhD Cybernetics, UNSW), has over 30 years experience lecturing in Electrical Engineering and Information Technology at NSW TAFE, including preparing students for qualifications in the CCNA. He is the author of courses in Control Systems, Data Communications (ICT) and Information Security for both TAFE and Industry. Fred has also run his own successful consulting firm, established in 1984, which provides networking and cyber security training for various industries.

Dr Malcolm Pattinson
 

Dr Malcolm Pattinson is a Senior Research Fellow at the Adelaide Business School of The University of Adelaide and an Information Security Consultant.  He is a founding member of the Human Aspects of Cyber Security (HACS) research team, which is a collaboration between the University of Adelaide and the Defence Science and Technology Group. He is currently a Board Member of ISACA (Adelaide) and has the certifications CISA, CISM, CGEIT and CRISC. He has been lecturing and researching cyber and information security for more than 20 years and has published numerous journal and conference papers on this topic.

Nalin Asanka

Dr Nalin Asanka Gamagedara Arachchilage currently works as a Lecturer in Cyber Security in the Australian Centre for Cyber Security (ACCS) at the University of New South Wales (UNSW Canberra at the Australian Defence Force Academy). He holds a PhD in Usable Security entitled “Security Awareness of Computer Users: A Game Based Learning Approach” from Brunel University London, UK where he developed  a game design framework to protect computer users against "phishing attacks” (i.e. serious games for protecting people from cyber crime).  He obtained a BSc (MIS) Hons from University College Dublin, National University of Ireland and have completed a master's degree, MSc in Information Management and Security at the University of Bedfordshire, UK.

He has also presented his research at Facebook Headquarters, Menlo Park, California, USA and collaborated with HP in a research capacity at the HP Lab, Bristol, UK. Before, he served as Technical Chair | Webmaster for the 27th BCS Human Computer Interaction Conference: The Internet of things, which was held in London, UK. Apart from his academic career, Nalin also worked on a number of software engineering roles ranging from Programmer, Software Engineer to IT Manager. 

Zika Milenkovic, ALC Group



Zika is Director of ALC Group and of ALC Cyber Security. He has a long background in IT, technology and security training. He co-founded MTE Management Technology Education, Australia's leading technology training company during the 80s. MTE was renowned for its series of leading-edge seminars with international presenters on IT and Networking technology and for its comprehensive hands-on training in the use of PCs in business and government. MTE was acquired by the Computer Power Group in 1987. Zika led the way on internet awareness in the 90s bringing in US experts to present latest information and developments on topics such as Connecting to the Internet (as early as 1994) and Ecommerce Strategies in 1998.