Cloud security success hinges on alignment between technology and security leadership—but what happens when both sit with the same person? In this fireside chat, we explore how dual-function roles can drive more effective decision-making, avoid finger-pointing, and accelerate secure transformation. We’ll also explore how those working in only one function can better collaborate with the other and where blind spots tend to emerge.

• How does having oversight of both tech and security improve decision-making speed and clarity?
• What unique benefits do dual roles offer when navigating trade-offs between risk, cost, and innovation?
• Where do traditional tech or security leaders typically have blind spots that a dual-function role helps eliminate?
• How does shared accountability reduce friction in cloud migration and tooling decisions?

As organisations expand across hybrid and multi-cloud infrastructures, the complexity of managing cyber risk intensifies. This keynote explores strategies to gain comprehensive visibility, prioritise vulnerabilities based on risk, and implement effective remediation across diverse environments.

• The evolving nature of Bot, DDoS, and Layer 7 application attacks — and why they continue to succeed
• Architecting a consistent security inspection and enforcement layer at the edge, independent of origin infrastructure
• Leveraging DevOps tools like Terraform and GitHub to automate the deployment of security controls as part of the CI/CD pipeline

From AI integration to multi-cloud sprawl and ephemeral workloads, Australian organisations are facing a new set of cloud security challenges. This panel brings together security leaders across industries to discuss how they’re adapting their strategies to stay ahead of emerging threats and evolving regulatory pressure.

• What cloud threats are gaining traction across Australia right now
• Why AI, serverless, and multi-cloud are exposing new security blind spots
• How local teams are balancing innovation with risk—without slowing down delivery
• What capabilities, tools, and talent Australian orgs are prioritising for the future

In this innovative session, attendees will be faced with a series of scenarios that they may face in their roles. Attendees will discuss the possible courses of action with their peers to consider the ramifications of each option before logging their own course of action. 

Results will be tallied and analysed by our session facilitator and results will impact the way the group moves through the activity.

Will we collectively choose the right course of action?

Whether you’re a small organisation moving to the cloud for the first time or a larger company under budget pressure, smart, cost-effective security decisions can make all the difference. This session shares practical ways to protect cloud environments without sacrificing effectiveness.

• Choosing the right mix of SaaS, PaaS, IaaS, and open-source for value and security
• Prioritising spend on controls that deliver the biggest risk reduction
• Stretching limited budgets with automation and built-in cloud security tools

In today’s dynamic cloud environments, maintaining security posture and meeting compliance requirements is a continuous challenge. In this session, we’ll explore how Vanta enables organisations to build a truly compliant cloud by providing real-time visibility into cloud security posture, automating preventive controls, and continuously collecting the evidence needed for audit readiness. Learn how Vanta simplifies frameworks like SOC 2, ISO 27001, Essential Eight, NIST and other security frameworks—turning posture into prevention, and prevention into proof.

One exposed Lambda shouldn’t lead to a full cloud breach. This panel shares how teams are enforcing tighter roles, networks, and service boundaries.

• What flat cloud environments look like (and why they’re dangerous)
• How attackers move laterally across over-permissioned roles
• Real-world examples of blast radius failures
• Segmentation strategies across IAM, VPCs, and accounts

Choose 1 topic to join on the day!

1. Enhanced Strategies for Monitoring and Remediation of Cloud Misconfigurations
2. Who's in Your Cloud and What Can They Do? 
3. Secure Your Identity Infrastructure from Insider Threats
4. Building Customer Trust Through Transparency
5. Practical solutions for managing your cloud security risk

Most cloud provider security certifications teach technology concepts, such as identity & access management, policy enforcement, and secrets management.But few cover cloud governance, threats, compliance frameworks, and stakeholder lingo well. CCSP rounds out your toolkit with more strategic pillars.

• Cloud provider certification versus provider-agnostic security concepts
• Understanding the broader picture of cloud security
• Improved stakeholder communication

• Is multi-cloud making security harder than it needs to be?
• Should we centralise controls or decentralise responsibility?
• What’s the right balance between developer freedom and guardrails?
• How leading orgs are designing for simplicity and security?