The Cyber Brief

As AI drives an escalation in cyber threats, ASIC is sharpening its focus on how organisations manage cyber risk. Valeska and co-host Kate Austin are joined by ASIC Commissioner Simone Constant, author of an open letter issued by ASIC calling for urgent cyber uplift across industry. Simone shares what’s driving the regulator’s heightened concern, what 'reasonable' and 'proportionate' cyber measures look like in practice, and ASIC’s expectations for meaningful board engagement. She also reflects on proposed changes to continuous disclosure and discusses the challenges facing multinational organisations with offshore cyber functions. If you’re navigating cyber risk in an AI-driven environment, this episode offers practical insights for boards and management alike.

Resources from this episode:

Board and management briefing: preparing for Mythos-class threats

ASIC's open letter to AFS licensees and market participants

Simone's series recommendation: Peaky Blinders

In part two of our conversation, former Prime Minister Malcolm Turnbull joins Valeska and Dominic to discuss the state of Australia's cyber startup landscape, the role of private capital and the policy settings needed to support high-growth cyber businesses. Is Australia doing enough to support its cybersecurity startup ecosystem? How can we translate innovation into genuine sovereign capability? What will it take to keep Australia's best talent and most promising companies onshore?

Resources from this episode:

Part one of our conversation with Malcolm Turnbull

Allens Accelerate, our legal practice dedicated to supporting the Australian startup and emerging companies community.

Former Prime Minister Malcolm Turnbull joins Valeska and co-host Dominic Anderson for the first of a two-part discussion about cybersecurity as national security in Australia. As the 29th Prime Minister of Australia, a former lawyer, technologist, and now backer of some of the most interesting cyber companies worldwide, Malcolm brings a perspective on cybersecurity shaped by experience on every side of the problem. In this episode, Malcolm shares his views on Australia's cyber strategy, offensive cyber capabilities, escalation risk in cyber conflict, the future of Five Eyes cooperation, and whether Australia can build a genuinely sovereign cyber capability.

Resources from this episode:

National security at Allens

Bank-grade cybersecurity is considered the gold standard of cyber best practice, but what does it look like in reality, and what can other organisations learn from it? Valeska and co-host Isabelle Guyot are joined by Martijn Verbree, Chief Information Risk Officer at The Commonwealth Bank. Martijn shares his approach to balancing innovation with security, staying ahead of the curve in a constantly evolving threat environment, and managing cyber risk at Australia's largest bank. He also shares practical insights on working with boards, the importance of multi-layered security testing, and the risks and opportunities posed by AI. If you've ever wondered what's keeping our protectors up at night, this conversation is for you.

Resources from this episode:

Martijn's podcast recommendation: Risky Business

Valeska and co-host David Rountree speak with Lieutenant General Michelle McGuinness CSC, Australia's National Cyber Security Coordinator and leader of the National Office of Cyber Security (NOCS). Michelle dives in regarding the role of NOCS, and how it approaches government coordination and consequence management during major incidents. When and how should organisations engage with government during an incident? What's best practice for incident communications? How does NOCS work with industry, regulators and other government agencies? How are organisations engaging with Australia's limited use and ransomware payment reporting regimes? Michelle also shares her approach to leadership, the importance of empathy when working with organisations under pressure, and how her military background has shaped her leadership approach.

Resources from this episode:

For more on the limited use and ransomware payment reporting regimes, see New cyber incident response obligations for Australian organisations.

National Office of Cyber Security resources, including the Australian Cyber Response Plan and 12 sector playbooks

Cyber Health Check Tool | Cyber.gov.au

Homepage | Cyber.gov.au—to report cybercrimes and security incidents

Michelle's podcast recommendation: Risky Business