Speaking

KSA — The Unfair Advantage

Kestral Software Academy 2026

• • Positioned AI as a structural competitive shift, not simply a productivity tool.
• • Covered the CSI AI accelerator programme running across hundreds of teams globally in 2026, with Jonas specifically included.
• • Explained what AI means for every role: the bottleneck shifts from execution to ideas, domain expertise, and customer knowledge.
• • Covered AI's impact on M&A: acquisition targets will increasingly be assessed for AI disruption risk and upside.
• • Addressed practical implications for Kestral including faster delivery cycles, higher quality as the default, and a shift in the ROI conversation toward labour cost savings.

Copilot 101 — Your AI Toolkit

Kestral Software Academy 2026

• • Practical M365 Copilot session covering Copilot Chat, approved Jonas use cases, and data privacy assurances.
• • Demonstrated Copilot capabilities across PowerPoint, Word, Excel, Outlook, and Teams.
• • Covered building and using Copilot agents, the Copilot Control System, and governance and security controls relevant to the Kestral environment.
• • Focused on practical AI adoption and helping attendees immediately apply Copilot to their daily work.

Automating Trust — AI Use Case Risk Assessment at Scale

CSI IT Security Summit 2025

Plenary session for a global Constellation Software audience on Jonas Software ANZ's journey from a restrictive, manual AI governance model to a streamlined, automated, standards-aligned approval process across 30+ decentralised business units.

• • Covered the challenges of a restrictive AI policy: inconsistent decisions, approval delays, shadow AI, and manual processes unable to keep pace with fast-evolving tools.
• • Presented the updated Jonas AI policy framework, aligned with OECD, ISO/IEC 42001, the EU AI Act, and NIST standards, with simplified tool categories and a pre-approved tool registry.
• • Demonstrated an automated intake and record-keeping workflow built on Microsoft Forms, Power Automate, and SharePoint, with human reviewers retaining all approval authority.
• • Covered an AI-assisted review process using a Copilot reasoning agent to draft structured vendor assessments, with Security and Legal making all final decisions.
• • Closed with practical guidance on responsible AI adoption and an open discussion encouraging participants to share experiences across the Constellation portfolio.

Security in 12 Mins — Everything You Need to Know

Happen Team Event

A fast-paced 12-minute security awareness session designed for a non-technical business audience.

• • Opened with the current threat landscape and why every person in the organisation plays a role in defence.
• • Delivered two top tips for work and two for home: the highest-impact actions every person can take immediately.
• • Work focus: AI-powered phishing awareness, how to spot it, and what to do.
• • Home focus: practical personal security hygiene applicable beyond the workplace.
• • Framed the session around the idea that security is everyone's responsibility, not just IT.

Working Smarter with Microsoft Copilot and Automation in M365

Jonas GROW's Conference 2025

• • Delivered an overview of Microsoft 365 Copilot and Copilot Chat, including Jonas-approved use and data privacy assurances.
• • Covered prompt engineering techniques and live demonstrations.
• • Demonstrated building and using Copilot agents to automate business processes.
• • Addressed governance, security controls, SharePoint data access, and enterprise data protection considerations.

M&A Best Practices — Tech and Cyber Due Diligence

Jonas GROW's Conference 2025

• • Made the case for a lightweight, repeatable, risk-informed M&A tech and cyber due diligence process across the Jonas ANZ portfolio.
• • Presented a five-step process: Scope, Questionnaire, Interview, Analysis, and Report, built on the NIST CSF Small Business Framework and the Jonas cyber maturity model.
• • Covered ten due diligence areas including Governance, Infrastructure, Application Security, Privacy and Compliance, AI, IP, and Third-Party Risk.
• • Called for volunteers to join a working group to pilot and formalise the checklist on upcoming acquisitions.

Cyber Update and Readiness

Constellation Software Australia 2025

Co-presented with CFO, Constellation portfolio company

• • Presented cyber incidents through a dual lens: the CISO's technical and operational response, and the CFO's financial oversight and governance role across each phase of an incident.
• • Covered incident identification, containment, remediation, and recovery, drawing on real experience to illustrate the financial, operational, and people cost of a significant ransomware event.
• • Addressed the role of cyber insurance, liquidity management, cost tracking, and long-term IRR impact.
• • Presented post-incident remediations including updated incident response policy, mock drills, technical training, enhanced M&A due diligence, and endpoint security uplift.
• • Closed with a practical readiness checklist prompting attendees to assess their own crisis management frameworks, regulatory obligations, and incident response preparedness.

Triad Tactics — Outsmarting Threat Actors with the C.I.A.

Jonas Software Academy 2025

• • Applied the CIA Triad (Confidentiality, Integrity, Availability) to the Jonas threat landscape.
• • Covered the evolution of technology and the threat landscape, including AI-assisted attacks and the changing risk profile for every business unit.
• • Used a live anonymous audience poll to baseline the room and drive interactive engagement.
• • Presented real-world breach case studies to illustrate the operational, legal, and regulatory consequences of cyber incidents.
• • Drew out four key post-incident review findings covering business continuity planning, customer communication strategy, data governance, and regulatory compliance obligations.
• • Used a "vibe coded" app to allow the audience to apply the lessons learned and perform a simple risk assessment.

Working Smarter with Microsoft Copilot and Automation in M365

Jonas Software Academy 2025

• • Delivered an M365 Copilot overview covering Copilot Chat, prompt engineering, live demonstrations, and building agents.
• • Covered governance options across foundational and optimised security tiers for enterprise Copilot deployment.
• • Session was widely shared post-event across multiple business units.

M&A Best Practices — Tech and Cyber Due Diligence

Jonas Software Academy 2025

• • Made the case for a lightweight, repeatable, risk-informed M&A tech and cyber due diligence process across the Jonas ANZ portfolio.
• • Presented a five-step process: Scope, Questionnaire, Interview, Analysis, and Report, built on the NIST CSF Small Business Framework and the Jonas cyber maturity model.
• • Covered ten due diligence areas including Governance, Infrastructure, Application Security, Privacy and Compliance, AI, IP, and Third-Party Risk.

Cyber Security — Live Incident Response Exercise

Kestral Software Academy 2024

Co-presented with General Counsel, Jonas ANZ

• • Opened with key security concepts and the principle that prevention is better than cure.
• • Ran a structured, live incident response scenario where each table was assigned a functional group and worked through a simulated breach, mirroring real-world conditions including unavailable leadership and time pressure.
• • Tables worked through the scenario independently before presenting their responses and participating in a full group debrief.
• • Key discussion themes: at what point does an event become a cyber incident, who do you notify, and what does effective team response look like under pressure.
• • Closed with practical guidance on data classification, backup discipline, endpoint protection, and what the Incident Management Team will need in the first minutes of a breach.

AI Security — Best Practices in Adopting and Using COTS AI

Jonas Software Academy 2024

• • Covered the risks and governance requirements for adopting commercial off-the-shelf generative AI tools within Jonas.
• • Addressed Jonas AI policy, the internal risk assessment and legal review process, data protection controls, and responsible use obligations.
• • Guided business unit leaders on how to bring forward AI use cases through the correct approval pathway.

Cyber Security — Real World Breach: Timeline, Response and Lessons Learned

Jonas Software Academy 2024

Co-presented with Legal Counsel, Jonas Software

• • Presented a real-world cyber breach case study covering the full incident timeline, operational and legal impact, regulatory notifications, and post-incident findings.
• • Delivered practical lessons learned and recommendations for Jonas business unit and IT leaders on what to do differently.

Cyber Security: Events and Lessons Learned

Constellation Software Australia 2024

Co-presented with Senior business leaders, Constellation Software ANZ

• • Walked a Constellation Software Australia audience through two real-world ransomware attacks experienced by ANZ portfolio companies, covering breach timelines, immediate impact, and multi-jurisdictional regulatory obligations.
• • Covered incident response team formation, the role of forensics, negotiations, communications, and restoration across both events.
• • Highlighted the human and operational cost of incidents, including the scale of management time, legal engagement, and customer impact.
• • Delivered CISO recommendations and practical takeaways covering incident playbooks, data classification, backup discipline, supply chain risk, insurance limitations, and the importance of a security-conscious culture.
• • Closed with Q&A encouraging open discussion across the Constellation portfolio.