The Winning Formula: Leading with Innovation and Collaboration | Sekuro

The Winning Formula: Leading with Innovation and Collaboration

At Sekurokon 2024, Sekuro Director of TPE and Client Solutions, Sam Sutcliffe led an insightful panel featuring:

Fabio Fratucello | Sekuro

Fabio Fratucello
International Field CTO, CrowdStrike

Mario Puras | Sekuro

Mario Puras
SVP Head of Global Solutions Engineering, Netskope

David Cottingham | Sekuro

David Cottingham
CEO, Airlock Digital

The discussion revolves around leadership, innovation, and collaboration in the cyber security industry. Watch the full discussion below or read on for the insights shared by these industry leaders.

Airlock Digital's approach to market positioning and innovation

Sam: As the co-founder and CEO of a leading Australian tech organisation, in an industry where trends change on an almost daily basis, how do you position Airlock to not just follow those trends but really lead them?

David: Airlock’s approach is a bit of an anti-play on the market. The whole company was born out of a lack of any solution in the space, so I feel as though if there was one, we wouldn’t exist today. I’m quite surprised that, especially in the application control area, not much has changed over the last 10 or 11 years. While everyone knows it’s an effective control, we saw a need to build something from the ground up to make it truly work.

We don’t aim to follow security trends; instead, we forge our own path. Drawing on my practitioner background, the focus is on foundational security, specifically on preventing code execution, which is often overlooked. Trends can be distracting, though we still monitor industry developments and acknowledge the fantastic innovation that’s out there.

Generally, where we look is guided by attention to compliance and regulation – understanding what organisations are required to do ensures that what we are developing is effective.

Most importantly, we carve out space and time within the company to explore what’s next, focusing on areas others may have overlooked and carving out a unique niche in the market. We leave other market leaders to their expertise, focusing instead on excelling in our own lane.

CrowdStrike's methods for tracking emerging threats

Sam: How do you stay ahead of new and emerging threats and how can customers and clients do the same, particularly when they’re focused on maintaining day-to-day operations?

Fabio: At CrowdStrike, we’re uniquely positioned as a global threat intelligence provider to monitor the threat landscape through several key avenues:

  1. Power of the crowd: When a defender is attacked, we harness the telemetry from sensors and runtime, process the data, and share with the rest of the crowd.
  2. Threat intelligence practice: Our 24/7 threat intelligence operations constantly monitor adversary activity, process the data, and ensure actionable insights are disseminated to clients.
  3. Incident response practice: When customers are most vulnerable, we respond quickly with incident response services. The data and telemetry collected during these high-stress situations provide invaluable insights for future prevention and defence.

Similarly, we help partners and customers by sharing threat intelligence through various channels. Beyond our products, we offer webinars, discussions, and events like this one, where we can have informal conversations about the threat intelligence and landscape.

Trends and technologies in the Secure Access Service Edge (SASE) space

Sam: Mario, what industry trends and technologies do you foresee having the greatest impact over the next one to two years?

Mario: Security Service Edge (SSE), which represents half of the broader SASE framework, is transformational technology that Netskope is deeply involved in. If you look at any recent Gartner Hype Cycle report over the last two, three years, they all emphasise SSE’s role as the security backbone within SASE.

The three foundational technologies that make up SSE are:

  1. Cloud Access Security Broker (CASB),
  2. Zero Trust Network Access (ZTNA), and
  3. Secure Web Gateway (SWG).

These three have to be delivered from a cloud native platform as converged services.

When we start talking about emerging technologies, it’s really about the combination of SSE, and Software-Defined Wide Area Network (SD-WAN), which many refer to as the “WAN Edge.” Together, the security side and access side respectively form what the industry calls SASE. Right now, we’re in the early stages of this technology, but over the next three to five years, it’s expected to make a significant impact as it matures.

Looking ahead, five major trends stand out:

  1. Digital transformation: Hybrid work and cloud migration are becoming the norm, meaning organisations must migrate their architecture, apps and data to cloud. Securing these elements is vital for long-term success.
  2. Generative AI: While still developing, its long-term potential hinges on protecting both the data that feeds the engines and inputs, and the outputs they generate.
  3. Consolidation and platforms: The enterprise has an average 76 tools to maintain their applications, taking up 50% or more of their security teams time. Customers are looking for simplified operational models for their security and networking operations. For industry leaders, we are looking out for the ecosystem of partners and how we integrate into each other.
  4. Resilience and performance: At the board level, these are the two words that are constantly coming up. For CIOs, these concepts encompass stability, business continuity, and the ability to safeguard revenue.
  5. Data: Data is the new oil, as we say. But without robust protection and a clear understanding of where it resides, who has access, and what types of data are being stored, organisations face serious disadvantages. Netskope’s recent acquisition to expand the leadership and data protection into data security posture management highlights this need.

At Sekuro, we're constantly telling our customers that the future of security has to involve not just integrations, but true collaboration.

Sam highlighted the need for deep collaboration among technology providers, particularly through Sekuro’s approach.

Collaboration between technology providers

Sam: Could you share any examples of where the collaboration, particularly between the partners on the panel, have helped your organisation improve?

Fabio: Collaboration between partners like us thrives on two major themes: platform consolidation and seamless integration.

Integration is a key customer demand in turn requiring our platforms to have a level of integration and openness for us to coexist and work together. As such, there is a need for systems like SASE to communicate with endpoints and application stacks to ensure data flows freely between them. By adopting a common data taxonomy, we can leverage technologies like machine learning and generative AI effectively.

At the same time, this integration needs to be done in a way that delivers outcomes while minimising the burden of customers to be “data plumbers.”

Mario: In one instance, a global manufacturer worked with five key vendors – CrowdStrike, Netskope, Okta, Mimecast, and ServiceNow. Each vendor had its own approach to defining and addressing risk, whether focused on user behaviour, cloud applications, or data activity. However, the lack of a unified definition of risk across platforms created significant challenges for the customer.

Apart from the issue of normalising information from the various platforms, customers also need the platforms to highlight problems and provide clear steps for resolution. This is where AI can come in.

As vendors, we came together and created a unified approach by consolidating risk indicators into a single, normalised variable. This attribute signalled significant issues, clearly indicating what it meant and how to respond. This collaborative approach provided customers with a clearer, more practical view of identifying and understanding risk.

David: In recent years, there has been a shift in how willing vendors are to collaborate with each other. A decade ago, vendors were often guarded, interacting minimally, whereas today, the landscape has evolved significantly, driven by a mutual recognition of shared customers and the need to provide value collectively. Vendors now work together, prioritising seamless integrations to avoid disrupting customer experiences in increasingly complex ecosystems.

It would be remiss of us as vendors not to also look at what's happened in the ecosystem and the space over the past five years. This shift underscores the need for collaboration, ensuring our solutions align seamlessly with customer stacks to deliver a seamless approach.

The Winning Formula: Leading with Innovation and Collaboration | Sekuro

Balancing innovation with established practices

Sam: How does CrowdStrike strike the right balance between driving forward-thinking innovation while upholding trust in established practices, ensuring customers maintain confidence in new solutions?

Fabio: CrowdStrike is established in threat intelligence and Endpoint Detection & Response (EDR), but staying ahead of evolving adversaries requires constant innovation. Adversaries continuously refine their tradecraft, becoming faster and more sophisticated, necessitating proactive advancements in defense strategies.

Recently, CrowdStrike has focused on enhancing the analyst experience by improving how data is integrated into their platform – making it faster, more efficient, and cost-effective. This includes refining detection capabilities using statistical and mathematical models and leveraging cutting-edge technologies for orchestration and response facilitation. These innovations aim to optimise overall security posture.

The Winning Formula: Leading with Innovation and Collaboration | Sekuro

The emphasis lies on acquiring the right intelligence, embracing change, and matching adversaries' rapid adoption of emerging technologies. Unlike defenders who must navigate security architectures and change management processes, adversaries operate with agility, adapting technologies swiftly. CrowdStrike’s approach underscores the need to adopt similar agility and innovation from a defensive standpoint.

Sam: How do you balance addressing real-time changes with forward-looking innovation? Specifically, when developing your roadmap, do you focus on the near term (2 years), the mid-term (5 years), or envisioning the long term (10 years), especially while supporting customers managing evolving challenges daily? How far in the future do you think they should be looking?

David: Our innovation roadmap currently looks about three years ahead, but flexibility and agility are essential. It’s nearly impossible to define exactly what will be delivered in three years and stick to it.

We frequently shuffle our product roadmap, even within six months, due to shifting requirements or unexpected ecosystem changes that demand a pivot.

In the case of software it is more unique. On an organisational level, planning is deeply tied to the foundational technology roadmap. For example, if an organisation transitions to Chromebooks, its security stack will look entirely different from today’s setup.

Ultimately, it’s about aligning security strategies with the broader business trajectory to ensure they support organisational goals effectively.

Qualities sought in team members

Sam: When it comes to what you ask of your team, how do you balance the importance of planning versus maintaining agility?

David: I have different teams with varying skill levels and tenure, and this influences their focus.

For instance, the office of the CTO and architects, being more technologists, tend to concentrate on long-term goals and help shape the roadmap for the future. On the other hand, architects and solutions engineers are more agile, focusing on addressing immediate customer needs and market demands. They work closely with the product and engineering teams to quickly deliver new features and capabilities.

While we still aim for long-term value, customers expect short-term returns on their investment and solutions to pressing challenges. In this fast-evolving environment, adaptability is crucial. The ability to pivot quickly is one of the most important leadership qualities, as innovation happens rapidly, and those who don’t adapt risk being disrupted or left behind. So, I balance short-term and long-term focus within my team.

Sam: When you’re looking at the people in your team, do you look for people with different attributes in terms of short-term and long-term thinking?

Mario: I look for different qualities depending on whether I’m hiring for an engineer or a leader. For engineers, a strong foundational technical skillset is paramount, but it’s not enough on its own. Beyond technical expertise, I look for grit, passion, and perseverance. We won’t see overnight success, and setbacks are inevitable, so I need people who can push through challenges. Curiosity is also key for engineers – being curious beyond the immediate task is what distinguishes truly strong engineers.

Additionally, empathy is crucial in both roles. Understanding and relating to customers’ challenges is key to solving their problems effectively. Finally, cultural fit is non-negotiable. The team’s magic comes to life when you have alignment and you have a common goal and a mission that a team shares.

When it comes to leadership, adaptability is critical. I call it AQ. It’s as important as IQ and EQ, because disruption is constant in our industry. You have to be adaptable, seeking out opportunities to disrupt rather than be disrupted.

The Winning Formula: Leading with Innovation and Collaboration | Sekuro

David: I would say do not create a team that has exactly the same type of people in it and that’s it because you will end up in tunnel vision to a particular point. The concept of “healthy tension” across departments is especially important because it encourages productive conflict and ensures that all angles of an issue are considered. For example, in business functions, a strong sales team should be complemented by a finance team to maintain a balanced approach to growth – too much focus on one without the other can lead to oversights.

It’s been interesting watching the evolution of Airlock as a company. When technical teams lose sight of the broader direction, bringing in someone with a non-technical background can help steer the ship without getting bogged down in details. This shows that leadership isn’t always about technical expertise; sometimes, it’s about having the vision and strategic thinking to guide the team.

Fabio: Technical proficiency is just the foundation. Qualities like adaptability, curiosity, and collaboration are essential for success. At CrowdStrike, these traits are crucial in driving both internal and customer-facing efforts. The mission to stop breaches informs every aspect of the organisation, from software engineering to customer interactions, ensuring that all teams are aligned to deliver the right outcomes globally.
The Winning Formula: Leading with Innovation and Collaboration | Sekuro
Pictured from left to right: Sam Sutcliffe, Fabio Fratucello, David Cottingham, Mario Puras

Stay tuned for more excerpts from Sekurokon 2024.

Scroll to Top

Aidan Tudehope

Co-Founder of Macquarie Technology

Aidan Tudehope, Co-Founder of Macquarie Technology

Aidan is co-founder of Macquarie Telecom and has been a director since 1992. He is the Managing Director of Macquarie Government & Hosting Group with a focus on business growth, cyber security and customer satisfaction. 

Aidan has been responsible for the strategy and execution of the investment in Intellicentre 4 & 5 Bunkers, Macquarie Government’s own purpose-built Canberra data centre campus. This facility is leveraged to deliver Secure Cloud Services and Secure Internet Gateway.

With a unique pan-government view on the cyber security landscape, we are invested in leading the contribution from the Australian industry on all matters Cyber policy related.

Aidan holds a Bachelor of Commerce Degree.

James Ng

CISO, Insignia Financial

James Ng, CISO, Insignia Financial

James is a leader with a range of experience across various cyber security, technology risk and audit domains, bringing a global lens across a diverse background in financial services, telecommunications, entertainment, consulting and FMCG (Fast Moving Consumer Goods). He is currently the General Manager – Cyber Security at Insignia Financial and most recently was at AARNet (Australia’s Academic and Research Network) where he oversaw a managed Security Operations Centre (SOC) capability for Australian universities. Prior to this James was the acting Chief Information Security Officer for Belong and led the cyber governance and risk team at Telstra.

Noel Allnutt

CEO, Sekuro

Noel Allnutt CEO | Sekuro

Noel is a driven and award-winning IT leader. He has a passion for developing great teams and accelerating client innovation, and in enabling organisations to create a secure and sustainable competitive advantage in the digital economy. Noel also hosts the ‘Building Resilience Podcast,’ which explores the world of sport and deconstructs the tools and ethos of world-class athletes that can help create growth and optimise business and life.

Audrey Jacquemart

Bid Manager, Sekuro

Audrey Jacquemart, Bid Manager, Sekuro

Audrey is an innovative cybersecurity professional with a versatile profile spanning across Product Management, Presales and Delivery. She has worked within organisations from start-ups to large international organisations in Europe and APAC before joining Sekuro.

Nicolas Brahim

Principal Consultant, CRP and OT

Nicolas Brahim, Principal Consultant, CRP and OT

Nico leads Sekuro’s Cyber Resilience Program and OT Cybersecurity, ensuring continuous support and effective program execution for our clients. With over a decade in the security industry, including the creation and leadership of several Security Programs for IT and OT across Australia, New Zealand, Argentina, Chile and the US, his core philosophy emphasises an equal balance of people, process, and technology in delivering actionable and simple solutions.

Trent Jerome

Chief Financial Officer, Sekuro

Trent Jerome

Trent is a seasoned CFO with over 30 years’ experience in Finance. Trent has broad experiences across Capital raises, debt financing, M&A and business transformation. He is a CPA and member of AICD. Trent works with Boards around risk and risk mitigation plans and assists Boards in navigating the risk mitigation versus cost conversation.

Ada Guan

CEO and Board Director, Rich Data Co

Ada Guan, CEO and Board Director, Rich Data Co

Ada is the CEO and Co-founder of Rich Data Co (RDC). RDC AI Decisioning platform provides banks the ability to make high-quality business and commercial lending decisions efficiently and safely. With over 20 years of global experience in financial services, software, and retail industries, Ada is passionate about driving financial inclusion at a global scale.

Before launching RDC in 2016, Ada led a Global Client Advisor team at Oracle Corporation, where she advised Board and C-level executives in some of the largest banks globally on digital disruption and fintech strategy. She also drove Oracle’s thought leadership in banking digital transformation for Global Key Accounts. Previously, Ada implemented a multi-million dollar program to deliver a mission-critical services layer for Westpac Bank in Australia and formulated the IT strategy that was the basis of an $800m investment program to transform Westpac’s Product and Operation division and complete the merger with St. George Bank. Ada is an INSEAD certified international director and holds an EMBA from the Australia Graduate School of Management, and a Master of Computer Engineering from the University of New South Wales, Australia. She also graduated from the Executive Insight Program at Michigan University Ross Business School and IESE Business School.

Megan Motto

Chief Executive Officer, Governance Institute of Australia

Megan Motto, CEO, Governance Institute of Australia

Megan Motto is Chief Executive Officer of Governance Institute of Australia, a national education provider, professional association and leading authority on governance and risk management. The Institute advocates on behalf of professionals from the listed, unlisted, public and not-for profit sectors.

Megan has over 25 years of experience with large associations, as a former CEO of Consult Australia, as well as holding significant positions in Australia’s built environment sector and business chambers.

She is currently a director of Standards Australia, a member of the ASIC Corporate Governance Consultative Panel and a councillor of the Australian Chamber of Commerce and Industry (ACCI) where she chairs the Data, Digital and Cyber Security Forum.

Megan’s expertise spans governance, risk management, public policy and education. She holds a Bachelor of Arts/Bachelor of Education, a Masters of Communication Management and a Graduate Diploma of Corporate Governance and Risk Management. She is a Fellow of the Governance Institute of Australia, the Chartered Governance Institute and the Australian Institute of Company Directors and is also a member of Chief Executive Women. Megan is also an Honorary Life Trustee of the Committee for Economic Development of Australia (CEDA) and was a 2014 recipient of the AFR/Westpac 100 Women of Influence.

Shamane Tan

Chief Growth Officer, Sekuro

Shamane Tan, Chief Growth Officer, Sekuro

Sekuro’s Chief Growth Officer, Shamane Tan, is passionate about uniting minds and experiences, excelling in aligning C-Suite and Board members with cyber security imperatives. As the author of “Cyber Risk Leaders,” she unravels executive communication nuances and distils C-Suite expectations. 

Her work extends to “Cyber Mayday and the Day After,” a roadmap for navigating crises by mining the wisdom of C-level executives from around the globe. It’s filled with interviews with managers and leaders who’ve braved the crucible and lived to tell the tale. Her most recent book, “Building a Cyber Resilience: A Cyber Handbook for Executives and Boards,” was featured on Forbes Australia’s top list of books for CEOs. 

Shamane has also founded a transcontinental cyber risk and executive meetup spanning Sydney, Melbourne, Adelaide, Perth, Singapore, the Philippines, and Tokyo, fostering mentorship, women’s empowerment and thought leadership. As a strong advocate for the importance of having a voice and helping others use theirs, Shamane Tan has spoken at TEDx and global conferences, including FS-ISAC, RSA, Silicon Valley, Fortune 500 and ASX companies. 

Recipient of the IFSEC Global Top 20 Cybersecurity Influencer award and named among the 40 under 40 Most Influential Asian-Australians, Shamane leverages her unique fusion of technical prowess and business acumen to help organisations progress on their security maturity journey.

David Gee

David Gee, CIO, CISO, NED, Board Advisor & Author

 

David Gee, CIO, CISO, NED, Board Advisor & Author

David has just retired in July 2024 and is building out his portfolio. He is an Advisor with Bain Advisory Network and also an Advisor to JS Careers (Cyber Recruitment) and Emertel (Software Commercialisation).

He is a seasoned technology executive with significant experience and has over 25 years’ experience in CIO and CISO roles across different industries and countries. At Macquarie Group David served as Global Head Technology, Cyber and Data Risk. Previously was CISO for HSBC Asia Pacific. His career as a CIO spans across multiple industries and geographies including – Metlife, Eli Lilly and Credit Union Australia. He was winner CIO of the Year 2014, at CUA where he successfully completed a significant Transformation of Core Banking, Online and Mobile Banking systems.

David is past Chairman for the FS-ISAC Strategy Committee and awarded Global Leaders Award in 2023 for his contributions to the cyber security industry. A regular conference keynote speaker and 150+ published articles for CIO Australia, Computerworld, iTnews and CSO (Cyber Security), David now writes for Foundry CIO.com and AICD.

His most recent book – the Aspiring CIO & CISO was published in June 2024 and David is writing his second – A Day in the Life of a CISO with a number of CISOs from around the world for 2025.

Naomi Simson

Co-founder, Big Red Group and Former Shark Tank Judge

Naomi Simson, Co-founder, Big Red Group

INTRODUCTION

For 25 years as an entrepreneur, Naomi Simson has been bringing people together whether it’s with her business experience, her speaking or writing. Passionate about small business and local community, Naomi is considered a home grown success story.

Naomi had a corporate career with Apple, KPMG, IBM and Ansett Australia prior to becoming an entrepreneur. She is a prolific blogger, podcaster and business commentator, and appeared as the #RedShark in four seasons of Shark Tank Australia and she appears regularly on ABC The Drum. She is a non-executive director at Big Red Group, Australian Payments Plus, Colonial First State and Weebit Nano, as well as the Cerebral Palsy Research Foundation and the University of Melbourne Business and Economics Faculty.

A true business leader and influencer, with more than 2.7 million LinkedIn followers, Naomi is Australia’s most followed person on the business networking platform. She has four seasons of her podcast ‘Handpicked’, and she has authored two best-selling books Live What You Love, and Ready to Soar, and is sought after speaker.

FULL BIO

For 25 years Naomi has been bringing people together whether it’s with her business experience, her speaking or writing. She is a strong advocate of business owners.

Known as an entrepreneur and business leader; following the growth of RedBalloon which she founded in 2001, Naomi co-founded the Big Red Group (BRG) in 2017.

Naomi had a corporate career with Apple, KPMG, IBM and Ansett Australia prior to becoming an entrepreneur. She is a prolific blogger, podcaster and business commentator, and appeared as the #RedShark in four seasons of Shark Tank Australia. She is a non-executive director at Big Red Group, Australian Payments Plus, Colonial First State and Weebit Nano. As well as the Cerebral Palsy Research Foundation and the University of Melbourne Business and Economics Faculty.

A true business leader and influencer, with more than 2.7 million LinkedIn followers, Naomi is Australia’s most followed person on the business networking platform. She has authored two best-selling books Live What You Love, and Ready to Soar, and is an engaging, humorous and insightful speaker. She has four seasons of her Podcast – Handpicked.

Naomi is relatable across a broad variety of audiences and topics, often drawing on her personal experiences to provide thoughtful and valuable views into topics; including the customer obsession, intentional leadership, growth mindset, personal development. She is a regular panellist on ABC The Drum.

Peter Ngo

Product Line Manager, Global Certifications, Palo Alto Networks

Peter Ngo | Sekuro

Peter leads the Commercial Cloud, Global Certifications organisation at Palo Alto Networks which oversees global cloud security compliance efforts to various frameworks and standards including IRAP, SOC 2, ISO, PCI, C5, ISMAP, and IRAP and more for 25+ cloud products.

He has held many roles over the years covering areas of IT Operations, and Governance, Risk, & Compliance (GRC) for a wide range of industries including technology, insurance, and manufacturing.

Peter holds various security and professional certifications, including the CCSP, CISSP, PCI ISA, CISA, CISM, CDPSE & ISO Lead Auditor, in addition to a Master of Science degree in Information Assurance. 

Jack Cross

CISO, QUT

Jack Cross | Sekuro

Jack Cross is an experienced business leader with expertise in digital technologies and risk management. Through a steadfast commitment to integrating people, processes, and technology, he champions the fight against cyber threats while mitigating organisational risks. 

Over the past 15 years, Jack has navigated diverse leadership roles within the Defence and Education sectors, honing his skills in steering multidisciplinary teams through intricate and sensitive technical landscapes. In addition to this experience, he holds numerous formal qualifications such as: a Master of Systems Engineering (Electronic Warfare); CISSP; and CISM certifications.

Nadene Serman

Global CTO, Infotrack

Nadene Serman | Sekuro

Nadene Serman is a leading IT executive with a proven track record spearheading first-of-its-kind technology and business transformation for some of the most prominent organisations globally and in Australia. As the Global Chief Technology Officer of InfoTrack, she is a key protagonist of innovation as an enabler of InfoTrack’s next stage growth. Her energy, commercial acuity and strategic capability have fueled her success.

Nadene leads with clarity, transparency and urgency, uniting people in complex, multi-layered technology and business execution, and go-to-market transformation and innovation. She tackles and resolves complex and seemingly intractable challenges while building support and collaboration – even in times of crisis. Her people-first, ‘think straight, talk straight’ approach makes her a formidable force.

John Doe

President Great Technology

Cyber Resilience Program | Sekuro

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.