In this episode, we sit down with Mike Worth, Founder of Indi-tech Consultancy, as he unpacks the unique cybersecurity challenges facing small and medium-sized legal firms. Mike highlights a major misconception in the industry—treating cybersecurity solely as an IT problem rather than a broader business risk—and explains why investing in the human aspect of cybersecurity is more effective than relying on tools alone. He discusses the billable hours mindset prevalent in professional services, the opportunity cost of security training, and the importance of creating a positive, engaging, and competitive security culture tailored to staff demographics. Mike also shares insights into common pitfalls SMBs face, such as overspending on ineffective security tools, gaps in cyber insurance coverage, and the pitfalls of generic training programs. He closes with actionable advice on building a resilient cybersecurity culture, measuring progress through behaviour-based metrics, and fostering open, honest risk discussions within the organisation. Mike is a proud Londoner now living in Hampshire, UK. He has worked across various industries covering local and central Government, manufacturing and more recently 11 years of Legal professional services as an IT professional. Mike’s passion has recently seen him start his own IT consultancy targeting support for SMB’s on Cyber security & virtual IT management.

In this episode, we sit down with Alex Tilley, Global Threat Research Coordinator at Okta, as he unpacks the evolving threat landscape posed by North Korean IT workers infiltrating global organizations. Alex shares insights from his recent research, emphasizing that this is not just a US big tech problem but a widespread issue affecting various industries—including healthcare, automotive, and construction—across multiple countries. He highlights the sophistication of fake applicants, their use of advanced techniques to bypass hiring filters, and the alarming success rate, even if only for short periods. The conversation explores the challenges companies face in verifying remote candidates, the necessity for ongoing identification checks, and the implementation of least privilege access for new hires. Alex Tilley is a Cyber Intelligence and investigation guy with over 25 years of experience spanning the private sector and federal law enforcement. As the Australian Federal Police’s first Senior Cybercrime Senior Technical Analyst, he specialised in unmasking and prosecuting sophisticated threat actors in global cybercrime and child protection. In his current role as Global Threat Research Coordinator at Okta, he leads law enforcement liaison efforts and drives critical threat research for the world’s leading identity company.

In this episode, we sit down with Rajesh Ganesan, CEO of ManageEngine, as he explores the complexities of AI anxiety within organisations and the global challenges of balancing cybersecurity, privacy, and rapid technological change. Rajesh discusses the uneven pace of AI adoption among businesses of different sizes, the critical role of regulation and capital investment by region, and the growing necessity for upskilling in an evolving digital environment. He highlights the persistent anxiety surrounding job displacement, the shift in workforce requirements, and emphasises the importance of resilience and adaptability. Rajesh concludes by stressing the need for businesses to keep customer needs at the centre and to use technology as an enabler to solve real problems in an age defined by both opportunity and uncertainty. Rajesh Ganesan is the CEO of ManageEngine, a division of Zoho Corp. and a leading provider of enterprise IT management solutions. With over two decades of experience at the company, he plays a pivotal role in shaping ManageEngine’s strategy, direction, and product management while also serving as a key evangelist for the brand. Beyond strategy, his day-to-day work involves being a mentor and coach to teams across various business functions. With deep institutional knowledge and market insight, he helps them navigate decisions with clarity and perspective, ensuring they are equipped to handle the challenges of today’s IT market.

In this bonus episode, KB sits down with CJ Moses, CISO at Amazon, Hart Rossman, VP of Global Security Services at AWS, and Mark Ryland, Director, AWS Security. Together they discuss the realities of “planetary scale security,” AI-powered defenses, and the shifting mindset that’s driving organizations to adopt automation and agentic technologies faster than ever before. CJ Moses, CISO, Amazon CJ Moses, CISO at Amazon, leads security engineering and operations across the company. His mission is to enable Amazon businesses by making the benefits of security the path of least resistance. CJ joined Amazon in December 2007, holding various roles including Consumer CISO and AWS CISO, before becoming CISO of Amazon in September 2023. Before Amazon, CJ led the technical analysis of computer and network intrusion efforts at the Federal Bureau of Investigation’s Cyber Division and served as a Special Agent with the Air Force Office of Special Investigations (AFOSI). CJ led several computer intrusion investigations seen as foundational to the security industry today. CJ holds degrees in Computer Science and Criminal Justice and is an active SRO GT America GT2 Race car driver. Hart Rossman, VP of Global Security Services, AWS Hart Rossman is the VP of Global Security Services at AWS. He leads a team of geographically distributed AWS builders who help customers realise the benefits of planetary-scale security solutions in the cloud, with a focus on innovating with internal teams and partners. Prior to AWS, he was VP & CTO of Cyber Security Services & Solutions at SAIC. Mark Ryland, Director, AWS Security Mark Ryland is a Director, AWS Security, reporting to the CISO of AWS, and engaging with a variety of external and internal stakeholders on behalf of the AWS Security leadership team. Externally, he focuses on public policy initiatives and public sector regulators and customers on issues related to cloud and AI security. Internally, he works with AWS service teams by channelling the perspectives of external stakeholders to influence their plans and priorities. In addition, Ryland works with industry partners to enhance the security of the broader information technology ecosystem as Amazon’s representative on the governing board of the Open Source Security Foundation (OpenSSF), as well as in industry groups focusing on the security and reliability of cutting-edge artificial intelligence systems such as the Frontier Model Forum (FMF) and the Coalition for Secure AI (CoSAI).Ryland has more than 34 years of experience in the technology industry across a wide range of leadership roles in information security, software engineering, distributed systems, technical standardisation, and public policy. Most recently he founded and ran AWS’s Office of the CISO from 2018 to 2023, a team with which he still collaborates closely on a variety of matters. Prior to that, he was the Director of Solutions Architecture and Professional Services for the AWS Worldwide Public Sector team, founding the team in 2011 and growing it to a large global organisation through early 2018. Before joining AWS, Ryland worked for Microsoft for 13 years in two different stints (1991-2000 and 2008-2011) in multiple roles including Lead Program Manager for COM/DCOM, and founder and Director, Standards Strategy Group. In between work at Microsoft, he was co-founder and CTO of two start-ups, and served as vice president and director of the Washington DC office of a public policy think tank.

In this episode, we sit down with Amberley Brady, founder at Realfoodprice, as she explores the urgent issue of food security as a national security crisis in Australia. Amberley discusses the four pillars of food security—availability, access, utilization, and stability—emphasising how fragile supply chains, economic shocks, climate events, and cyber incidents threaten the nation’s access to safe and affordable food. She recounts the disruptions experienced during COVID-19 and highlights the risks of over-reliance on large supermarket conglomerates and lack of support for local farmers. The conversation covers the need for greater policy coordination, strategic food reserves, improved data transparency, and the integration of technology to strengthen domestic resilience. Amberley urges for accountability, innovation, and collaboration between government, industry, and the tech community to ensure that access to nutritious food remains a right, not a privilege, for all Australians. Amberley, an astute industry professional with extensive experience in public policy, founded Realfoodprice in 2024 in response to identified structural inefficiencies within Australia’s food supply chain. Recognizing the critical need for market transparency, she established this data-driven platform to address the competitive imbalance affecting both producers and consumers. Through rigorous market analysis and comparative price assessment, Amberley developed a methodology to clearly communicate authentic food value throughout the supply chain. Her strategic initiative to “un-supermarket” represents a paradigm shift in how agricultural commodities are valued and traded within the Australian market. Realfoodprice exemplifies Amberley’s innovative approach to economic challenges, leveraging data analytics to foster equitable commercial relationships between farming communities and end consumers. The platform serves as both an advocacy tool and a practical market mechanism designed to ensure the long-term sustainability of Australia’s agricultural sector and strengthen national economic resilience. Under Amberley’s leadership, Realfoodprice continues to advance data transparency as an essential component in creating a more competitive and balanced food system for all stakeholders.

In this bonus episode, KB sits down with Jenny Tsai-Smith, SVP, Overall Database Product Management at Oracle, Rand Waldron, VP at Oracle, and Arman Ashouriha, Head of Oracle Cloud Infrastructure Modernisation Programme at Vodafone. Together they discuss Oracle’s move towards supporting modern workloads and their AI play, Oracle’s position in the public and private sector, and Vodafone’s journey to modernisation on Oracle Cloud. Jenny Tsai-Smith, SVP, Overall Database Product Management, Oracle Since joining Oracle in 1993, Jenny Tsai-Smith has held leadership roles spanning technical support, content development, education delivery, plus Oracle Cloud acceleration of startups and scientific research. As the leader for database product management, Jenny works with release and development management to take products and services from design through development to production. Her team runs the customer advisory board, drives technology adoption partners, performs field enablement, assists with migrations to Oracle Database, and works directly with a wide range of customers. She meets regularly with customers, partners, press, and analysts to better understand existing and emerging data management requirements, and to discuss how database innovations can be applied to solve real-world challenges. Rand Waldron, VP at Oracle Rand Waldron is vice president of Oracle Cloud Infrastructure product development, responsible for the Global Government Sector team and leading the strategy, development and deployment of Oracle’s National Security Region product line. Prior to joining Oracle in 2018, he was Deputy Assistant Director at the Federal Bureau of Investigation, responsible for the FBI’s enterprise software and data—including investigative and intelligence analytics, records and evidence management, large scale custom software development and business operations systems. Prior to the FBI, Waldron served at the U.S. Department of Justice. Arman Ashouriha, Head of Oracle Cloud Infrastructure Modernisation Programme at Vodafone As the Head of the Oracle Cloud Infrastructure Modernisation Programme at Vodafone, Arman Ashouriha leads the strategic effort to modernize and migrate thousands of key systems to a dedicated region within the Oracle Cloud Infrastructure (OCI). Arman is continually driving towards platform support, system modernization, and scaling crucial operations across complex, high-stakes infrastructure environments.

In this episode, we sit down with David Bloxham, CEO of GCS Recruitment Specialist, as he unpacks the impact of AI on the changing face of work and the tech talent landscape. David shares his perspective on how AI-driven disruption differs from previous waves like cloud and mobile transformations, highlighting the rapid decline in traditional software engineering and process-driven roles as automation takes hold. He explores the challenges and opportunities for jobseekers at all levels, emphasizing the need to specialize within industry verticals, build adaptable skill sets, and nurture strong professional networks. David also provides valuable insights into the evolving nature of technical and functional roles, the linkage between AI and cybersecurity investment, and the importance of human connection in recruitment practices as organisations and candidates adapt to a more automated future. David Bloxham is the CEO of GCS Recruitment Specialists, where he has been a key player since 1996, with a brief hiatus from 2004 to 2008. Starting as a fresh graduate, he quickly rose through the ranks, becoming a manager in 1999, a director in 2004, and the MD in 2008. In 2017, he led a management buyout with nGAGE. David is passionate about recruitment, strategic leadership, and making a positive impact. He is also the host of the GCS Leaders Series Podcast, where he engages with industry thought leaders to share insights and drive conversations around innovation and excellence.

In this episode, we sit down with Steven Grossman, CISO / CIO at Standard & Preferred Insurance, as he talks about the challenges small and medium-sized businesses face in securing their environment, especially in view of growing regulatory requirements, and how he brings his enterprise consulting experience to bear in driving change. Steven discusses the unique challenges faced by SMBs—such as limited budgets, smaller IT teams, and a general lack of prioritization around cyber risk—while emphasizing the importance of leadership, education, and investing in the right resources like MSPs and fractional CISOs. The conversation covers the regulatory pressures driving security improvements, the pitfalls of treating cybersecurity as a box-ticking exercise, and strategies for building a resilient risk management culture. Steven also shares his perspective on balancing regulatory burden and genuine security, the dangers of under-resourcing IT, and the reasons why proactive approaches to cyber risk are essential for business continuity and consumer trust. Steven is a cross-functional cybersecurity and information technology leader with experience working in startup to large enterprise environments. After 2 decades of management consulting with international firms like PwC, smaller boutiques and independently on his own, Steven jumped into the cyber and tech startup ecosystem, bringing to bear his knowledge and experience in cybersecurity, risk management, regulatory regimes, data analytics and business process management. Throughout his career, Steven has also held numerous industry executive positions, including his current role as CISO/CIO of Standard & Preferred and the Graph Group, a Workers Comp insurance carrier based in the NY/NJ tri state area.

In this bonus episode, KB sits down with Danielle Sheer, Chief Trust Officer at Commvault, and Avi Boru, Senior Director, Cloud Engineering, Network & Telecom at Lennar. Together they discuss building trust by design and how AI, transparency, and authentic relationships are shaping the future of business continuity and cyber recovery. Danielle Sheer, Chief Trust Officer, Commvault Modern compliance, legal and security teams need to be predictive, proactive, and data-driven to meet the speed, agility, and growth of global business in a world of constant cyberattacks. Danielle Sheer, Chief Trust Officer, enables Commvault to do just that. Danielle Sheer is a strategic leader with deep expertise managing complex global privacy systems. She has repeatedly scaled Corporate Trust operations for public technology companies, led IPOs and other transformative strategic transactions, and counselled leaders and boards on significant governance and activist shareholder matters. Prior to joining Commvault, Danielle served as General Counsel at financial technology services company Bottomline (NASDAQ:EPAY) and at cloud-backup SaaS solutions provider Carbonite (NASDAQ:CARB). She currently serves as Global Chair of The L Suite; as well as a director on the Boards of LinkSquares; BreachRx; Formally; and the NetZero Institute; and the Board of Trustees at Beth Israel Deaconess Medical Center. Avi Boru, Senior Director, Cloud Engineering, Network & Telecom at Lennar Corp. As Senior Director of Cloud Engineering at Lennar, Avi leads Lennar’s enterprise cloud vision and strategy to drive the company’s digital transformation. With expertise spanning Strategic Planning, & Integration, Digital Transformation, Cloud Computing, and more, Avi is continually driving towards excellence, scalability, and reliability, especially in fast- paced settings.

In this episode, we sit down with Rajesh Khazanchi, CEO and co-founder of ColorTokens, as he explores what it truly means to be “breach ready” in today’s cybersecurity landscape. Rajesh emphasises the shift from perimeter-based defences to a proactive containment strategy, highlighting the importance of assuming breaches are inevitable and minimising damage through micro segmentation and Zero Trust principles. He discusses how evolving business pressures and sophisticated AI-driven attacks are raising expectations for swift decision-making and rapid recovery from disruptions. The conversation covers practical approaches for bridging knowledge gaps, the role of continuous compliance and visibility, and how organisations can leverage existing EDR technologies to achieve stronger resilience without increasing tool sprawl. Rajesh also shares insights on building customer trust through quicker recovery times, the impact of business continuity on competitive advantage, and the importance of design thinking for both organisational and personal cyber safety. Rajesh Khazanchi is the CEO and Co-Founder of ColorTokens, a company that provides a zero-trust segmentation SaaS platform that spans across IT, OT, Industrial Control Systems (ICS), Devices and Users. Under Rajesh’s leadership company has accelerated to grown over 300% annual in last 3 years deployed over 100+ large enterprise customers in Insurance, Healthcare, Retail, Manufacturing, Oil & Gas and Pharma. Rajesh leads a team of 400+ people worldwide and drives the vision, strategy, and execution of the company’s products and services. As an accomplished technology leader, Rajesh has led product teams at VMware, BMC, HP, and Oracle, and has been on the front lines of the battle against cyberattacks for more than two decades. He has been awarded six patents for his innovations in cloud automation and cybersecurity, and is a member of YPO and TiE, two global networks of entrepreneurs and executives. Rajesh is passionate about solving complex problems, creating value for customers, and building a culture of excellence and innovation at ColorTokens.

In this episode, we sit down with Daniel Churches, Director in Sydney at ColorTokens, as he explores the sweeping impact of new Australian legislation imposing personal liability on company directors for cybersecurity breaches. Daniel breaks down the shifting landscape for CISOs and senior security leaders, the end of self-regulation, and how shared risk at the board and executive levels is altering market behaviour. He discusses the challenges around resource constraints in security teams, the crucial role of business continuity planning, and the importance of articulating measurable value to organisational leadership. We also examine how the legislation is driving changes in funding priorities, motivating cross-functional engagement, and preparing organisations to better withstand breaches in an evolving threat environment. Daniel shares his optimism about the future, emphasising both the increased pressure and potential for positive, industry-wide change. Dan is an Australian and Asia Pacific Sales Leader with over 25 years’ IT experience in Hardware and Software Solutions and Services, Business Development, GTM planning and implementation, Large Complex Negotiations and Executive Relationships. He has worked for IBM, NTT Global and Verizon Enterprise Solutions driving business and building teams in Hardware, Software, Professional Services, Managed Services, Hybrid Cloud, PaaS, SaaS, Data Analytics, Security and Digital Transformation solution sales. As a Sales Director with ColorTokens, Dan is driving market penetration, brand development, partner engagement and client services and support. He is responsible for industry and buyer alignment and understanding of the ColorTokens “Breach Ready” messaging focusing on halting the spread of ransomware and malware attacks across IT/OT, IoT and Legacy environments providing customers a viable Cyber Resilience ‘Uptime’ compliance capability they can report to market.

Anshuman Sharma is the Director of Verizon Threat Research Advisory Centre (VTRAC), Cybersecurity Consulting Services at Verizon Business. Anshuman has more than 17 years’ experience as a well-rounded and seasoned Cyber Security Professional. VTRAC is a specialized division within Verizon’s Cyber Security Consulting organisation, helping customers regain control and mitigate cyber threats from their networks, applications and devices. VTRAC team members are located across the globe, bringing together professionals with military, law enforcement and IT expertise who are well-versed in criminal and civil investigative requirements.  The organisation is a globally-approved PCI Forensic Investigator (PFI). As a regional leader for the investigative response team and a global capability lead for VTRAC, Anshuman is responsible for business portfolio management for professional services, especially focused on digital forensics, incident response, and threat intelligence in the APJ region while working for several top global enterprises and government organisations.

In this episode, we sit down with Paul Davis, Field CISO at JFrog, as he explores JFrog’s approach to building trust in software development pipelines and the evolution towards DevGovOps. Paul shares his perspective on elevating trust from the granular level of software releases to the broader application layer, emphasising the need for consistent, automated, and reliable methodologies in development. He discusses the critical role of automation in balancing speed and security, tackling tool sprawl, and mitigating risks posed by open source dependencies. The conversation touches on the realities of legacy tech debt, the challenges of integrating and consolidating security tooling, and the importance of having a single source of truth. Paul is an experienced IT Security Executive who, as Field CISO at JFrog, works to help CISOs, IT execs and security teams, enhance protection of their software supply chain. Additionally, he advises IT security startups, mentors security leaders, and provides guidance on various IT security trends.

In this episode, we sit down with M.K. Palmore, Chief Executive Officer at Apogee Global RMS, as he explores strategies for leading through uncertainty with a focus on security, safety, and cyber awareness in times of crisis. M.K. emphasises the critical importance of practicing security response scenarios, noting that organisations truly respond better in real-world incidents when they’ve regularly rehearsed decision-making with their teams. He discusses the value of people-centric leadership, the need for strong relationships with both internal stakeholders and external partners, and the dangers of letting practice fall to the bottom of the priority list. As security concerns grow globally—particularly for government officials and public leaders—M.K. reflects on the heightened threat landscape, the impact of political divisiveness, and the role of leadership in lowering tensions. He concludes by highlighting the enduring need for leaders to maintain humanity and remain diligent, ensuring decisions are always made with people at the centre. M.K. Palmore is an award-winning cybersecurity executive, military veteran, public speaker, and leadership advisor with more than 30 years of combined public- and private-sector experience. He is the Founder and CEO of Apogee Global RMS, a veteran-owned enterprise risk management advisory firm delivering solutions across cyber and physical risk landscapes. Through Apogee, he also leads the Apogee Speakers Bureau, a premier platform showcasing more than 40 diverse experts at the intersection of technology, leadership, and security. Palmore’s distinguished career includes service as a commissioned officer in the U.S. Marine Corps, leadership as head of the Cyber Security Branch at the FBI’s San Francisco Field Office, and senior executive roles in the private sector, including VP/Field CSO at Palo Alto Networks and Director in Google Cloud’s Office of the CISO. A graduate of the U.S. Naval Academy, Palmore also holds an MBA from Pepperdine University. His expertise spans cybersecurity strategy, executive risk management, leadership, digital transformation, cloud security, and national security. He is widely sought after as a keynote speaker and advisor to boards and senior executives navigating today’s complex threat landscape. Through Apogee Global RMS and its Speakers Bureau, Palmore is advancing his mission to amplify diverse voices and perspectives shaping the future of technology, leadership, and security.

In this episode, we sit down with Eric Stride, Chief Security Officer at Huntress, to discuss the escalating cybersecurity challenges facing the aviation industry. Eric highlights the alarming 600% year-over-year surge in cyberattacks targeting the sector, emphasising how attackers are exploiting the interconnected and fragile aviation supply chain—most notably seen in recent incidents like the ransomware strike on Collins Aerospace. He explores the growing risk posed by both IT and OT system convergence, the shift in regulation tying cybersecurity readiness directly to airworthiness, and the increasing adoption of robust frameworks to mitigate operational disruptions and data breaches. Eric also highlights the critical need for holistic supply chain security, the importance of regulatory enforcement, and a cultural shift in the industry toward prioritising safety and cyber resilience to restore public trust in air travel. Eric Stride is the Chief Security Officer at Huntress, where he oversees the company’s 24/7 Global Security Operations Center, Detection Engineering, Adversary Tactics, IT Operations, and Internal Security. A 20+ year cybersecurity leader, Eric has held senior roles spanning the U.S. Air Force, NSA, and private sector.  During his 12 years on active duty, Eric helped architect the Air Force’s first cyber combat mission team, co-authored its first offensive cyber operations manual, and rose to Deputy Chief for Cyber Operations at NSA Georgia. He continues to serve as a Colonel in the Air Force Reserve, where he established its first cyber range squadron.  In the private sector, Eric co-founded Atlas Cybersecurity, advised defense and enterprise clients as an independent consultant, and led Deloitte’s Advanced Cyber Training portfolio, generating $135M+ in new business. He holds an M.S. in Information Technology Management, a B.S. in Computer Science, and multiple cybersecurity certifications (CISSP, GCIH, CEH). 

In this episode, we sit down with Christine Gadsby, Chief Security Advisor at BlackBerry, as she explores why mobile espionage has become a critical national security threat in Australia and globally. Christine unpacks the mounting risks posed by outdated telco infrastructure, the vulnerability of mobile communications, and the rapid evolution of attacker tactics—fueled by AI, automation, and the expansive attack surface created by free messaging apps. She highlights the real-world impact of scams, cultural differences in social engineering, and the challenges faced by both consumers and organizations in protecting sensitive information. Christine Gadsby is the Vice President and Chief Information Security Officer for BlackBerry Secure Communications. With over 20 years of experience in mobile and information security, Christine is known for her strategic vision and leadership skills, with a proven track record of developing and implementing robust strategies that protect organizations from evolving risks and digital threats – particularly in the areas of communications security and critical event management. Gadsby is a visionary who helped pioneer secure software supply chain efforts and SDLC capabilities influencing industry and government-driven security frameworks in use by the world’s most security-conscious industries. She is a sought-after panelist, moderator, and keynote speaker with several awards for challenging security mindsets and leading Diversity efforts, including Cybersecurity Woman of the Year, Power 100 Women in Security, and Top 10 Women Leading Cybersecurity. She is a well-known contributor, including RSA, CES, Black Hat and has been quoted in notable media outlets Fox News, CBS, Yahoo, MSN, CSO Magazine, CyberScoop, and Dark Reading.

Joe Cozzupoli is a Principal Security Advisor / Field CISO at Cosive with a focus on helping clients operationalise Cyber Threat Intelligence and Security Operations to reduce risk and deliver measurable business outcomes. With over 20 years in cyber security, Joe has led strategy and delivery for enterprises and government, translating board priorities into executable security programs and aligning identity, data protection, and cloud controls with organisational goals. Equally comfortable in the boardroom and at the whiteboard, he bridges business, architecture, and operations across Australia and internationally. Prior to joining Cosive, Joe held senior roles at Microsoft, Citrix, Palo Alto Networks, and Cisco where he focused on AI and Data Security, cloud security, risk management, and executive engagement. He has served as a Virtual CISO and Security Architecture Advisor for complex transformations, including industrial and mining clients undergoing separation programs and Azure cloud migrations. Joe works extensively with Australian frameworks and regulations including the ACSC Essential Eight, APRA CPS 234, the SOCI Act, the PSPF, and ISO/IEC 27001, and partners with boards, CISOs, and delivery teams to operationalise pragmatic controls. A committed mentor to the next generation of practitioners, Joe has also completed ISACA training in AI Governance, AI Risk, and Auditing AI.

In this episode, we sit down with Anne-Marie Paterson, a profound risk executive, to explore the evolving role of the Chief Risk Officer and the changing face of risk management. Anne-Marie shares her perspective on how risk now has a real seat at the C-suite table, emphasising the shift from being a business roadblock to serving as an enabler of strategy. She addresses the traditional stereotypes of risk professionals, contrasts conservative legacy approaches with the need for creativity and relevance, and highlights the increasing focus on non-financial risks such as conduct, reputation, and operational challenges—especially in light of rapidly advancing technologies like AI. Anne-Marie also provides insights into Australia’s regulatory landscape, discusses the balance between regulation and innovation, and underscores the importance of fostering a proactive risk culture throughout organisations. Blending legal expertise with executive leadership to deliver risk transformation and regulatory uplift at scale. Anne-Marie Paterson is a risk executive and former legal partner with more than two decades of experience spanning risk management, governance, and legal services. Beginning her career in top-tier law firms before founding and leading her own practice, Anne-Marie has gone on to hold senior executive roles across ASX-listed companies and the financial services sector. Recognised as both a strategist and a problem-solver, she has built and led teams that deliver lasting impact in risk management, compliance, legal services, and organisational integrity. Anne-Marie has shaped enterprise-wide risk culture strategies recognised by APRA, designed whistleblowing and investigation frameworks for ASX-listed companies, and steered some of the largest regulatory uplift programs in the financial services sector. Her career highlights include establishing AMP’s inaugural Group Integrity Office, uplifting governance for Colonial First State post-demerger, and most recently leading Bendigo and Adelaide Bank’s largest multi-stream risk transformation program. Equally comfortable in the boardroom and at the front line of crisis management, Anne-Marie is known for her values-based leadership, her ability to influence stakeholders from directors to regulators, and her focus on embedding sustainable change. A qualified lawyer, and graduate of the Australian Institute of Company Directors, she is also a regular keynote speaker on risk, governance, and whistleblowing.

In this episode, we sit down with Brad Jones, CISO at Snowflake, as he unpacks the evolving challenges of securing AI deployments and defending against large language model (LLM) powered attacks. Brad explores the complexities enterprises face in keeping up with the rapid pace of AI innovation, especially as traditional policy frameworks struggle to adapt. He outlines the growing use of LLMs in both consumer and enterprise environments, the unique risks of agentic workflows, and the blurred boundaries between public and private AI deployments. He also highlights the increased sophistication of social engineering threats fueled by LLMs and discusses strategies for observability, governance, and keeping security teams ahead of the curve in a fast-changing landscape.   Brad serves as the Chief Information Security Officer and has been with the company since 2023. Prior to joining Snowflake, Brad was the CISO and VP of Information Security at Seagate for over six years. Before his tenure at Seagate, Brad oversaw Information Security at Synopsys and SanDisk. Additionally, he has actively participated in a number of customer advisory boards and is currently part of the CISO Advisor Council at NightDragon. Brad earned his Bachelor of Science in Mechanical Engineering from the University of California, Davis.

In this episode, we sit down with Prashant Vadlamudi, Senior Vice President of Product Security at Salesforce, as he explores how organisations can build secure foundations for agentic AI. Prashant offers a holistic view of agentic AI, highlighting its shift from simple generative models to autonomous agents capable of reasoning, sequencing complex tasks, and performing actions—while emphasising the productivity benefits and the imperative for strong trust and security principles. The conversation covers the balance between fostering innovation and maintaining robust governance and security, the evolving nature of guardrails as AI models mature, and the importance of ongoing policy updates to keep pace with rapid technological changes. Prashant also discusses Salesforce’s approach to deploying AI responsibly, the role of trust metrics such as bias and hallucination scores, the necessity for data governance as the backbone of AI strategies, and the shared responsibility between providers and customers to ensure that agentic AI operates securely and transparently. Prashant Vadlamudi is a strategic leader with two decades of experience driving transformative information security and compliance initiatives. As Senior Vice President of Product Security at Salesforce, he is responsible for safeguarding the company’s products and ensuring adherence to global standards. His career is marked by pivotal leadership roles, including Vice President of Information Security and Cloud Compliance at Cisco, where he established robust security baselines for SaaS offerings, and Director of Technology GRC at Adobe, where he architected the Adobe Common Controls Framework (CCF), a cornerstone of their global trust strategy. Prashant’s expertise spans cloud security, global certifications, and data-driven risk management, allowing him to navigate and mitigate complex security challenges in today’s dynamic landscape. He utilises a risk-based approach to decision-making and focuses on operational efficiency. He has experience in team development and mentoring, with individuals he has mentored holding security leadership positions across the industry. His professional experience includes strategic planning, technical implementation, and team management within the field of information security.