AISA NSW Branch Event - Feb 2026

This year I decided to attend more cyber security events, make connections and see whats happening in the community.

Last week I attended a Offsec meetup in the Microsoft HQ in Sydney and yesterday I attended my first AISA Branch event.

The talk that most interested me was from Harsh Rasik, CISO for Avant Mutual.

He talked about his journey after 3 years in the CISO role and some tips.

He talked about what he calls the "Southern Cross" for Cyber decisions:

- Risk aligned business enablement
My understanding: Security enables the business. Its not about blocking everything and saying NO to everything. Its about "Is this risk acceptable for this business decision"?

- Secure by design
Pretty straight forward. Making sure products, projects, etc are designed and secured from the beginning.

- Proactive detection and response
Know your assets and your crown jewels (obviously). Detect and respond proactively. If you dont know your environment, you cant proactively defend it.

- Security culture & governance
Board alignment and support and strong culture with people, its essential.

In the second part of the presentation, he talked about the dreadful INCIDENT that can happen any time of the day or night.

Be ready for that and :
- KNOW WHO TO CALL - Who can help me resolve this issue? My team? Maybe some external company? Maybe someone from my close contacts?

- KNOW WHERE TO LOOK - Know your environment enough to know where to look. Have physical copies of plans stored somewhere.

- KNOW WHAT CAN HAPPEN - From the previous point, what are the consequences for the business and what else can happen within the environment?

- KNOW WHAT WELLNESS IS LIKE - Wellness definition :" The state of being in good health, specially as an actively pursued goal".
Incidents are high-adrenaline events - thats not a technical situation anymore (sort of), but thats psychological pressure.

The best security teams don’t stop the business. They protect its momentum.