Government Cyber Security Showcase Victoria 2026

• Understand how generative AI is changing the landscape
• Explore AI-specific risks in public sector contexts and adhere to regulations.
• Learn how to build security guardrails for AI use in government

• Discussion on past incidents, both internal and 3rd party, that VLA have had to manage
• Key lessons learnt from an organisation that supports some of Victoria's most vulnerable people
• Some advice on key areas of prior planning to have in place to help manage this type of event
• And most importantly in the words of Douglas Adams - Don’t Panic.

• Addressing cyber fatigue
• Applying behavioural science to build secure habits
• Empowering employees to act as the first line of defence

• Reducing time-to-response across large agency environments
• Leveraging simulation, threat modelling, and tabletop exercises
• Aligning IR with ASD guidance and state recovery priorities

Maxine Harrison

Chief Information Security Officer, Department of Energy, Environment and Climate Action

Carsten Boeving

Chief Information Security Officer, Cenitex

Julie Chivers

Chief Information Officer, Country Fire Authority Victoria

• How Victorian agencies can move beyond ticking regulatory boxes to building a proactive, organisation - wide security culture.
• Integrating cyber risk considerations into policy, procurement, and strategic planning.
• Ensuring governance frameworks are agile enough to respond to emerging threats and evolving regulations

Managing digital identities in complex health environments is critical to protecting sensitive information and ensuring frontline staff have fast, secure access to the tools they need. This session explores Alfred Health’s approach to strengthening cyber resilience through modern Identity and Access Management (IAM).

Key Takeaways:

• Strengthening Zero Trust foundations to protect sensitive data.
• Balancing clinician usability with compliance requirements.
• Integrating IAM across systems to boost resilience and response.

The public sector faces both opportunity and risk with generative AI. This session explores how to set guardrails, audit AI models, and align with Australia’s emerging critical infrastructure legislation.

Data is government’s most sensitive asset. This session explores advanced approaches to encryption, classification, and data sovereignty that protect citizen trust while enabling safe data use.

Meeting Compliance and Agility Goals: Government is under pressure to innovate quickly while maintaining strict compliance. This session demonstrates how cloud security can enable speed and resilience without creating policy or compliance gaps.

Safeguarding Victoria’s Digital Future: Explore how zero trust frameworks can be practically implemented across departments, from legacy systems to modern cloud platforms. The session highlights lessons learned from government rollouts and vendor expertise in enabling secure, identity-first operations.

With adversaries weaponising AI, agencies must evolve their defences. This session examines how AI/ML can detect, predict, and counter novel threats faster than human-only teams.

Bridging IT–OT Risk Gaps: Victorian utilities and transport networks increasingly rely on connected OT. This session shows how security frameworks can protect critical infrastructure from AI-enabled attacks without disrupting essential services.

How Victorian agencies can strengthen identity and access management to prevent breaches, enforce zero trust, and balance compliance with seamless citizen and workforce access.