Ashley D 25 June 2026 · 4 min read

As Australia's financial sector continues to digitise, cyber security has evolved from a technology function into a strategic business priority. Banks are defending against increasingly sophisticated cyber threats while balancing regulatory obligations, operational resilience, and customer expectations. The challenge is no longer simply preventing attacks—it is building organisations that can anticipate, withstand, and recover from them without compromising trust or service delivery.

This growing reality provides the backdrop for Westpac's Approach to Cyber, a featured session at the Government Cyber Security Showcase New South Wales 2026. Presented by Richard Johnson, Group Chief Information Security Officer at Westpac, the session will explore how one of Australia's largest financial institutions is embedding cyber security across the organisation to strengthen resilience in an increasingly complex threat landscape.

Cyber Security Showcase | Agenda | Register for Free

Banking remains one of Australia's most targeted sectors

Australia's banking and financial services industry continues to be a high-value target for cyber criminals due to the volume of sensitive customer information and financial transactions it manages.

Today's threat landscape extends well beyond traditional phishing attacks. Financial institutions must contend with ransomware, credential theft, supply chain compromises, insider risks, and AI-assisted cyber attacks. At the same time, the rapid adoption of cloud platforms, digital banking services, and artificial intelligence has expanded the attack surface that organisations must protect.

As cyber threats evolve, banks are shifting their focus from simply defending networks to building cyber resilience across the entire organisation.

Cyber security is no longer just an IT responsibility

One of the most significant changes across the financial sector is the elevation of cyber security into the boardroom.

Executive leadership and boards are increasingly treating cyber risk as an enterprise-wide business issue alongside financial, operational, and regulatory risk. Security decisions now influence investment priorities, customer experience, technology strategy, and organisational resilience.

This shift recognises that cyber incidents can affect far more than technology systems—they can disrupt operations, impact customer confidence, and expose organisations to significant regulatory and reputational consequences.

Detection and response are becoming strategic capabilities

As attacks become more sophisticated, organisations are recognising that prevention alone is no longer enough.

Modern cyber strategies increasingly focus on three critical capabilities:

Continuous monitoring to improve visibility across increasingly complex digital environments
Faster detection and coordinated incident response to minimise operational disruption
Ongoing security uplift through governance, threat intelligence, and capability improvement

Rather than assuming breaches can always be prevented, leading organisations are investing in their ability to identify threats early and respond effectively when incidents occur.

Balancing security with customer experience

Banks face a unique challenge: customers expect seamless digital experiences while demanding the highest levels of security.

Every additional security control has the potential to introduce friction into the customer journey. Conversely, prioritising convenience without adequate safeguards can increase organisational risk.

Finding the right balance requires security to be embedded into products, services, and business processes from the outset—not added as an afterthought. Increasingly, security is becoming an enabler of trusted digital banking rather than a barrier to innovation.

Why this matters now

Australia's financial institutions are navigating a period of unprecedented change.

Several trends are converging:

Increasing sophistication of cyber threats
Continued digital transformation across banking services
Growing regulatory expectations around operational resilience and governance
Rising customer expectations for secure, seamless digital experiences

Together, these factors are changing how organisations approach cyber security. Success is no longer measured solely by preventing attacks but by building resilient organisations capable of adapting to an evolving threat landscape.

Cyber Security Showcase | Agenda | Register for Free

Learn from one of Australia's leading financial institutions

These themes will be explored in greater depth during Westpac's Approach to Cyber at the Government Cyber Security Showcase NSW.

Richard Johnson, Group Chief Information Security Officer at Westpac, will share how the bank is:

Embedding cyber security across the organisation to support resilience and long-term risk management
Strengthening detection, response, and visibility in an increasingly complex threat landscape
Balancing security, regulatory requirements, and customer experience while enabling business outcomes

For public sector leaders, security professionals, and executives responsible for governance and risk, the session offers an opportunity to learn how one of Australia's most highly targeted and regulated organisations is approaching cyber resilience at an enterprise level.

Final insight

Cyber security in Australia's banking sector has moved beyond defending technology—it is now about protecting trust, ensuring business continuity, and enabling confident digital transformation.

The organisations leading the way are those that:

Embed cyber security into enterprise strategy rather than limiting it to IT
Build resilience through governance, intelligence, and continuous improvement
Invest equally in people, processes, and technology
Balance regulatory compliance with customer-centric digital experiences

As cyber threats continue to evolve, the lessons emerging from Australia's banking sector have relevance far beyond finance, offering valuable insights for any organisation seeking to strengthen resilience in an increasingly connected world.