Cybersecurity Leader Louise Hanna Urges Organisations to Rethink Incident Response

Artificial Intelligence | Risk Management | Security Awareness

Posted: Tuesday, May 27

KBI.Media
$
Cybersecurity Leader Louise Hanna Urges Organisations to Rethink Incident Response

Karissa Breen, crowned a LinkedIn ‘Top Voice in Technology’, is more commonly known as KB. A serial Entrepreneur that Co-Founded the TMFE Group, a holding company and consortium of several businesses all relating to cybersecurity including, an industry-leading media platform, a marketing agency, a content production studio, and the executive headhunting firm, MercSec. KBI.Media is an independent and agnostic global cyber security media company led by KB at the helm of the journalism division. As a Cybersecurity Investigative Journalist, KB hosts her flagship podcast, KBKast, interviewing cybersecurity practitioners around the globe on security and the problems business executives face. It has been downloaded in 65 countries with more than 300K downloads globally, influencing billions in cyber budgets. KB asks hard questions and gets real answers from her guests, providing a unique, uncoloured position on the always evolving landscape of cybersecurity. As a Producer and Host of the streaming show, 2Fa.tv, she sits down with experts to demystify the world of cybersecurity and provide genuine insight to businesses executives on the downstream impacts cybersecurity advancement and events have on our wider world.

i 3 Table of Contents

Cybersecurity Leader Louise Hanna Urges Organisations to Rethink Incident Response

From Karissa Breen

Louise Hanna has witnessed and sailed many seas towards the evolution of cybersecurity from the inside out. Now General Manager at Excite Cyber, Hanna recently shared insights at AUSCERT’s conference on the Gold Coast with industry peers, reflecting on pivotal moments and offering fresh guidance for organisations.

Hanna’s journey began on the service desk at New South Wales Parliament in the early 1990s, a time before the advent of cloud computing and when the arrival of the Internet complete with dial-up sounds drew crowds around a single PC.

Carving out a space in a male dominated university program, Hanna eventually became the Head of IT for New South Wales Parliament, overseeing a team through changes. A transition to consultancy expanded her scope, introducing her to GRC (governance, risk, and compliance) which, she discovered, was already ingrained in her work at Parliament through constant audits and forever changing security requirements.

Her central message is clear… incident response is no longer the sole responsibility of IT departments, nor can it be an afterthought.

“Without a robust incident response plan, an organisation risks severe data breaches, financial losses, legal liability, and erosion of customer trust” Hanna warns.

Hanna recalls encountering one of Australia’s first ransomware attacks twenty years ago at Parliament House, predating widespread awareness of the malware now synonymous with major IT breaches.

“We started getting calls, files were locked, and to unlock them required payment. We’d never heard of it before,” Hanna said.

Thanks to segmented network architecture and continuous backups…a habit formed after regularly recovering deleted files for members of parliament – damage was minimal.

“Your network is only as good as your backup,” Hanna adds, recalling university lessons that proved prescient.

Other anecdotes range from ports paralysed by inventory system hacks, forcing months-long manual container counts and supply chain disruptions, to stories of threat actors infiltrating systems for years to orchestrate international drug shipments.

“The only reason they caught him was a malfunction,” Hanna explains, illustrating the sophistication and stealth of modern adversaries.

A specific event emerged eighteen years ago, when a power grid attack crippled Sydney’s CBD and some of Australia’s largest banks. The aftermath led authorities to discover it was the work of a terrorist cell, testing vulnerabilities in critical infrastructure.

Through it all, Hanna observes a recurring pattern, many organisations remain dangerously reactive. Traditional measures executive-led response teams, backups, patch management remain key, but ‘we need to become proactive.’

Modern incident response plans, she explains, involves constant threat hunting, real time monitoring, and intelligence sharing across legal, communications, and executive teams. The rise of ransomware, supply chain breaches, and AI driven threats has increased both the risks and the complexity of these threats.

Hanna cautions, “Threat actors are now using AI to get ahead of our technology… If you’re implementing AI, make sure it’s compliant and the risks are understood.”

She points to new ISO frameworks on AI risk, urging leaders to align or certify against standards like ISO 27001 and NIST, even if full compliance requires a roadmap spanning several years.

Central to Hanna’s philosophy is rigorous preparation that annual tabletop exercises for executive teams, regular penetration testing (especially after major changes), and ongoing staff training to resist the rise of sophisticated phishing attacks.

Hanna shares a recent success involving a Sydney private school. Having conducted a simulated incident response exercise with their executive, the team responded decisively to a real-life ransomware attack weeks later.

“It took the fear out of the process,” Hanna recounts. “Everyone knew what to do…it was contained quickly.”

For Hanna, the formula for resilience is familiar but critical.

“People, process, technology. That’s what risk is all about.”

Her advice for organisations is to conduct regular risk assessments, know where your data is, update policies, educate your staff, and ensure leadership is not only aware but actively engaged.

“Cyber attacks aren’t always about money,” Hanna concludes.

It’s a known fact that cyber criminals cause massive disruption to a company and their day to day operations, and the best plan is to be prepared – but be prepared with confidence.

“Sometimes it’s about disruption, theft, or just proving it can be done. But with proactive planning and a culture of readiness, organisations can face tomorrow’s challenges with confidence,” added Hanna.