No results found.
No results found.
No results found.

Podcasts

Episode 319 Deep Dive: Paul O’Rourke | The New Function Of A CRO And What This Actually Means
byKBI.Media

In this episode, we sit down with Paul O’Rourke, Chief Risk Officer at TabCorp, as he explores the evolving function of the Chief Risk Officer (CRO) and what it means for organizations today. Paul highlights the growing necessity for CROs to possess deep technology and cyber risk skills, emphasizing that these competencies are rapidly becoming non-negotiable in tech-reliant industries. He reflects on the historical divide between business and tech risk functions, the importance of alignment and integrated approaches such as fusion centers, and how risk professionals must now balance traditional domains with new challenges like cybercrime, AI, and rapidly emerging threats.

Paul O’Rourke commenced as Chief Risk Officer in June 2024.

Paul brings a great depth of experience in risk management, including with respect to cybersecurity and technology risk management.

Prior to joining Tabcorp, Paul was Managing Director and Partner of Boston Consulting Group where he led their Global Cyber and Digital Risk practice, and was also the Australian Risk Leader.

He was previously the Global and Asia Pacific Cybersecurity Leader at PwC, and was Chief Information Security Officer of ANZ Bank Limited.

Paul holds a Bachelor of Commerce (Economics) and is a Graduate Member of AICD.

No results found.
RedCurl’s Ransomware Debut

RedCurl’s Ransomware Debut

Introduction This research, conducted by Bitdefender Labs, presents the first documented analysis of a ransomware campaign attributed to the RedCurl group (also known as Earth Kapre or Red Wolf). RedCurl has historically maintained a low profile, relying heavily on Living-off-the-Land (LOTL) techniques for corporate cyberespionage and data exfiltration. This shift to ransomware marks a significant evolution in its tactics. This new ransomware, which we have named QWCrypt based on a self-reference ‘qwc’ found within the executable, is previously ...
No results found.

Business News ↓

The Blind Spot In Your Cyber Strategy cover

The Blind Spot In Your Cyber Strategy

 Recently on the DevSecOops podcast, Hosts Tom Walker, James Vincent, and Scott Fletcher unpacked the modern threats in the cybersecurity space. With years of experience in IT and cybersecurity, the hosts shared real world experiences, from everyday technical mishaps to nation sponsored cyberattacks, offering practical advice for staying secure amid the increasingly sophisticated threats. Start With The Basics A...
WTF is Happening in Tech? cover

WTF is Happening in Tech?

In the latest episode of the DevSecOops podcast, hosts Tom Walker and Scott Fletcher discussed three of the most talked about topics in enterprise IT including Kubernetes, the March 2025 Oracle Cloud security breach, and how AI is reshaping both productivity and cybersecurity. Kubernetes - Necessary Evolution or Needless Complexity? Tom did not hide his skepticism toward Kubernetes, the container orchestration tool...

Computer Emergency Response Teams and Their Critical Role in Protecting Australian Digital Assets

Introduction Computer Emergency Response Teams (CERTs) are the unsung heroes of cybersecurity. There are many myths about their role and function. Contrary to popular belief they don’t certify cybersecurity professionals, and many don’t do emergency response.   Operating in the background, CERTs provide vital functions in anticipating and reducing the impact of cyber-attacks. The first CERT, the CERT/CC, was...

Don’t Let Generative AI And LLMs Become A Third-Party Vulnerability

 Asadullah (Asad) Rathore, Head of Professional Services - cyber security and AI consulting, Excite Cyber (ASX:EXT)  As Large language models (LLMs) are increasingly being embedded into software development, organisations must ensure they understand the cyber security risks that come with it. Developer tools that have generative AI capability integrated to assist developers when writing code are on the rise. But...

How Unchecked Third-Party Access is Undermining Supply Chains

In the modern global economy, supply chains are no longer just physical networks but have become vast digital ecosystems. At the heart of these systems lies a challenge that is rapidly gaining prominence among cybersecurity professionals: third-party digital access. While companies have invested heavily in internal cybersecurity, the true vulnerability often lies just outside their walls, in the hands of partners,...

7 Reasons Certifications Are Critical to Secure Communications

Picture this scenario. You’re a government leader or a critical infrastructure operator. Suddenly, your communication systems go dark. The network has been breached, and sensitive information is exposed. Foreign adversaries are listening, decisions are delayed, and operations are paralyzed. Worse yet, you have no way of getting in touch with your employees to let them know what is going on. This is no hypothetical...

EOFY 2025: Australian Businesses Need To Mount Defences Against Rising Threat Of Cyberwarfare

With the new financial year approaching, Australian organisations face a pressing imperative to strengthen their cyber defences and heighten their vigilance against cyberwarfare. Modern cyberwarfare is marked by a surge in state-sponsored attacks, the weaponisation of artificial intelligence, and a growing emphasis on targeting critical infrastructure amid rising geopolitical tensions. Recent Armis research shows 9...

Insider Threats: The Silent Cybersecurity Crisis Facing Australian Businesses

In an increasingly digital world, Australian businesses are more vulnerable than ever to one of the most dangerous yet underestimated cybersecurity risks: insider threats. These threats, which originate from within an organisation, pose a unique challenge as they often fly under the radar due to the use of valid credentials and seemingly legitimate access.  However, they are potent and can result not just in loss...
Uncomfortable Truths Behind Cybersecurity Failures cover

Uncomfortable Truths Behind Cybersecurity Failures

In Episode 4 of the DevSecOops podcast, hosts Tom Walker and Scott Fletcher discussed what’s really dragging security down in modern organisations. And spoiler, it’s not the hackers. If you’re someone in tech, security, or just trying to make sense of how to run a safer, smarter organisation, this one is for you. No Longer A Departmental Concern Scott kicked things off by challenging the old school idea that...
When Priorities Collide, How Do You Make the Right Call? cover

When Priorities Collide, How Do You Make the Right Call?

In Episode 2 of the DevSecOops podcast, hosts Tom Walker, James Vincent, and Scott Fletcher explored one of the biggest yet most overlooked challenges in organisations today: how to make the right decisions, especially when business, technology, and security priorities clash or collide. So, how can organisations balance these three? Equal Understanding on All Fronts The conversation kicked off with a message that...

How a Veteran Project Manager Tames Cyber Chaos

Recently, on DevSecOops podcast; Hosts Tom Walker, James Vincent, and Scott Fletcher bring on a guest a special guest Natalie Haslam, an industry veteran with 25 years of project management experience within traditional IT, application development, and more recently, cybersecurity. Natalie’s reflection on the challenges of delivering cyber projects in the high-speed project delivery world. Despite investment in...

How Analysing 700,000 Security Incidents Helped Our Understanding of Living Off the Land Tactics

This article shares initial findings from internal Bitdefender Labs research into Living off the Land (LOTL) techniques. Our team at Bitdefender Labs, comprised of hundreds of security researchers with close ties to academia, conducted this analysis as foundational research during the development of our GravityZone Proactive Hardening and Attack Surface Reduction (PHASR) technology. techniques. Our team at...
What Makes You Board Ready? cover

What Makes You Board Ready?

Serving on a corporate board is often seen as the pinnacle of a professional career, the natural, coveted ‘next step’ after decades of climbing the corporate ladder. For many, it is the picture of executives in sharp suits, convening in a high-rise building, and making decisions that shape industries and economies. But beneath these ‘glamour’ and ‘prestige’ lies a more important question: Why do you want to be...

Why Australian Boards Need to Rethink Risk in the Age of AI

Introduction The nature of corporate risk in Australia is evolving rapidly at a strategic, reputational, and liability level. As the next five years shape up to be even more disruptive in the world of risk management, Australian boards need to begin paying swift attention not only to how artificial intelligence (AI) is going to reshape the risk environment itself, but also how AI can assist them in combatting and...

Shadow Data Is The New Insider Threat: What CISOs Overlook In SaaS Sprawl

Companies maintain internal databases for sensitive information. However, sometimes employees want to take work home or believe it is easier to save files on their systems. These seemingly minor and understandable oversights introduce a new and growing threat to all industries: Shadow Data. Typical security protocols do not address these scenarios, leading to unexpected gaps and increased risk of breach. A New Kind...

The New Priorities Driving Organisations To Uplift Web Application Security

While compliance ensures steady improvements to application security, the cadence of upgrades is not enough to meet best practice or evolving customer expectations. Internet-based applications might run the digital world, but their security is an ever-present concern, and the consensus is that more needs to be done, and fast, to build (or rebuild) a foundation of trust. Modern digital experiences are powered by...
No results found.
No results found.
No results found.
No results found.
No results found.

Markets & Trading

YOUR SECURITY NEWSFEED

The KBI Dossier

The Cybersecurity news feed delivered straight to your Inbox.

Technology News ↓

How Wiz Is Rewriting the Cloud Security Story cover

How Wiz Is Rewriting the Cloud Security Story

In Episode 7 of the DevSecOops podcast, hosts Tom Walker, Scott Fletcher, and James Vincent sat down with Matt Preswick, Principal Solutions Engineer at Wiz APJ, to unpack how Wiz has become an emerging favourite of both engineering teams and the executive suite. Beyond that, they also discussed the broader issue of the everyday realities of cloud security and why so many organisations are still struggling to get...
WTF is Happening in Tech? cover

WTF is Happening in Tech?

In the latest episode of the DevSecOops podcast, hosts Tom Walker and Scott Fletcher discussed three of the most talked about topics in enterprise IT including Kubernetes, the March 2025 Oracle Cloud security breach, and how AI is reshaping both productivity and cybersecurity. Kubernetes - Necessary Evolution or Needless Complexity? Tom did not hide his skepticism toward Kubernetes, the container orchestration tool...

Computer Emergency Response Teams and Their Critical Role in Protecting Australian Digital Assets

Introduction Computer Emergency Response Teams (CERTs) are the unsung heroes of cybersecurity. There are many myths about their role and function. Contrary to popular belief they don’t certify cybersecurity professionals, and many don’t do emergency response.   Operating in the background, CERTs provide vital functions in anticipating and reducing the impact of cyber-attacks. The first CERT, the CERT/CC, was...

Don’t Let Generative AI And LLMs Become A Third-Party Vulnerability

 Asadullah (Asad) Rathore, Head of Professional Services - cyber security and AI consulting, Excite Cyber (ASX:EXT)  As Large language models (LLMs) are increasingly being embedded into software development, organisations must ensure they understand the cyber security risks that come with it. Developer tools that have generative AI capability integrated to assist developers when writing code are on the rise. But...
No results found.
No results found.
No results found.
No results found.
No results found.
What in the Cloud?

What in the Cloud?

DevSecOops podcast hosts Tom Walker, James Vincent, and Scott Fletcher debate which cloud platform reigns supreme. ...
No results found.
No results found.
No results found.
No results found.