In this episode, we sit down with Alex Loizou, Managing Director at Intrinsic Security and former CISO of Medibank, as he shares firsthand insights into the human impact of navigating a major cyber breach. Alex walks us through the initial moments of discovery, the emotional and psychological toll on teams, and the importance of staying calm under pressure. He dives into Medibank’s approach to incident response, including the use of multiple IR partners for comprehensive investigations and the challenges of coordinating large incident teams in real time. The conversation highlights the value of practical, repeated exposure to incident scenarios, the pitfalls of “ambulance chasing” in the security industry, and the vital role of transparent, evidence-based communication during sensitive events. Alex emphasizes lessons learned about organisational preparedness, collaboration across the cybersecurity community, and the importance of building strong relationships with external media and government agencies.

Alex Loizou is a seasoned cybersecurity leader with a proven track record of building and leading high-performing security teams. He has extensive experience as a Chief Information Security Officer (CISO) for major organisations such as Medibank, Flybuys, and Bupa. Notably, he served as the CISO at Medibank during their 2022 cyber incident, where he played a crucial role in leading the response and recovery efforts.