Session 1 Title: In-depth Research on Cyber Security Board Reporting Covering 67 Major Organisations in Australia, Belgium and Switzerland
Our presentation will share insights from a major cyber security governance research project involving senior directors from 67 organisations across Australia, Belgium, and Switzerland. The aim was to develop a practical, internationally relevant framework to improve how Boards and management engage on cyber risk. The session will cover key observations, challenges, and emerging good practices in Cyber Security Board Governance, along with a proposed Cyber Security Board Reporting Framework. This is designed to help Boards treat cyber security as a strategic business risk. Differences between Australia and other countries are clearly evident given the major cyber events in this country.

Speaker 1: Tommy Viljoen, Viljoen Advisory - Cyber Security Consultant

Tommy is a Cyber Security Advisor and former Deloitte Partner with 40+ years’ experience helping boards and executives navigate risk, resilience, and strategy. He has worked with major ASX-listed companies, financial services, and governments to uplift cyber governance and regulatory compliance. Now focused on empowering boards to oversee cyber security as a strategic issue—through research, board education, and tailored reporting frameworks. Passionate about biodiversity, Tommy chairs a charity raising awareness of Australia’s threatened species. Always learning. Always connecting ideas to action.

Session 2 Title: Scars of a CISO - Things They Don't Tell You In The Manual 
Scars of a CISO – Untold Stories is a candid look at what cyber leadership really feels like when the pressure is on. Through real-world, behind-the-scenes moments—incidents, near-misses, tough calls, and uncomfortable trade-offs—Harsh will unpack the lessons that don’t appear in polished case studies. Expect practical takeaways on leading through uncertainty, influencing executives, building a resilient security culture, and making risk-based decisions with imperfect information—while staying calm, human, and accountable when it matters most.

Speaker 2: Harsh R. Busa, CISO - Avant Mutual Group Limited

Harsh is Group Chief Information Security Officer at Avant Mutual, where he leads cyber security strategy across medical indemnity, private health insurance, and other non-regulated businesses. With over 23 years of experience spanning banking, critical infrastructure, and financial services across Australia and Asia-Pacific, Harsh specialises in transforming compliance-driven security programs into risk and threat-based frameworks aligned with APRA CPS 234 and NIST CSF.

Previously a Director at EY and Deloitte, Harsh has advised major financial institutions, government agencies, and critical infrastructure organisations on cyber security strategy, identity management, and regulatory compliance. He is recognised for translating complex security concepts into business-aligned outcomes that drive measurable risk reduction and operational resilience.

Participants will have the opportunity to ask questions of the speaker and networking drinks with light refreshments will be served after the presentation.

Time: 5:30pm - 7:30pm(AEDT)

Agenda:
5:15pm - 5:30pm Registration
5:30pm - 6:30pm Presentation
6:30pm - 7:30pm Networking and light refreshments

Registrations close:  Wednesday 18 February or earlier if event is sold out prior

Cost to attend: 
Registration is free for AISA members
Non Members: $115.50 (incl GST)
Not an AISA member? Become a member today!

How to register:
   1. Members must be signed in to register
   2. To register for this event click on the Register Myself button
   3. Once you have confirmed your registration, this item will appear in your Shopping Cart
   4. Please proceed to the Submit Order button
   5. A confirmation of order will be emailed to you once your registration is confirmed OR payment has been made 

REMINDER: If you are unable to attend after registering, please follow the cancellation steps. Log into your member account, click on the event you wish to cancel, scroll to the bottom and click on the cancel registration button. This will release your place for another member to participate.

If you have any queries regarding this event, please contact AISA Events Team at [email protected] 

Disclaimer:
AISA presentations are intended for educational purposes only. Statements of fact and opinions expressed are those of the participants individually and, unless expressly stated to the contrary, are not the opinion or position of AISA, its sponsors, or its partners. AISA does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented. Attendees should note that sessions may be recorded and published in various media, including print, audio and video formats without further notice.