Cyber Security Committee
The Cybersecurity Committee within the Australian Computer Society (ACS) stands as a vanguard in safeguarding Australia's digital infrastructure and promoting cybersecurity excellence. Comprising a coalition of seasoned professionals, thought leaders, and experts from diverse sectors, this committee is dedicated to addressing the evolving threats and challenges in cyberspace.
In an era where cyber threats pose significant risks to individuals, businesses, and governments alike, the role of the ACS Cybersecurity Committee is paramount. Its primary mission is to advance cybersecurity awareness, education, and best practices across Australia, thereby fortifying the nation's resilience against cyber-attacks and ensuring the integrity and security of digital assets.
The primary mission of the Cybersecurity Committee is to promote cybersecurity awareness, education, and best practices across the nation. Through proactive engagement with stakeholders, policy advocacy, and the dissemination of cutting-edge research, the committee strives to foster a culture of cybersecurity excellence in Australia.
As trusted advisors to the ACS and other stakeholders, the Cybersecurity Committee plays a crucial role in shaping cybersecurity policies, standards, and practices in Australia. Its efforts are instrumental in promoting a culture of cybersecurity resilience, empowering individuals and organizations to safeguard their digital assets and protect against cyber threats in an increasingly interconnected world.
The ACS Cybersecurity Committee embodies a commitment to excellence, collaboration, and vigilance in safeguarding Australia's digital future. Through its leadership and initiatives, the committee helps ensure that Australia remains a leader in cybersecurity innovation and resilience, ready to confront the challenges of cyberspace with confidence and determination.
MACS Snr CP
David Norris
Vice Chair – Cyber Security Committee
David is an accomplished professional in information technology and passionate about cyber security. He has a bachelor's degree in computer science and a master’s degree in cyber security. He has qualifications from vendors, including Microsoft, Oracle, and Blackberry Cylance. He has recently completed the ACSC Essential Eight Assessors course. David started his career at Westpac as a programmer. He then moved to IBM as a programmer, finishing as a Team Leader. In 1992, he started his own technology business, Nortec IT, and has worked there since.
The Australian Computer Society has recognised him as a Senior Member. David has also participated as a mentor in the ACS mentoring program. He writes a weekly technology column for two Western Sydney Publishing Group newspapers.
David's commitment to nurturing the next generation of cybersecurity professionals is unwavering. He is a regular presence at industry conferences, seminars, and educational forums, where he generously shares his insights on cybersecurity trends and emerging technologies. His passion for mentoring has inspired many aspiring individuals to pursue careers in this critical field, demonstrating his dedication to fostering talent and supporting others in their professional journeys.
AACS
Kaustubh Vazalwar
Member
Kaustubh is a senior resilience practitioner and executive and helps his clients enhance their ICT resilience by understanding the root causes of disruptions, and developing strategic plans for improving data security, governance, and risk mitigation for critical systems. Being a seasoned and certified resiliency professional with experience in strategic and technological aspects of business, he has worked with prestigious customers across the globe and in various industry verticals. In his current role as the Principal with RSM Consulting, Kaustubh works as an executive advisor and drives critical initiatives for the cyber security and privacy risk services division.
Kaustubh’s previous roles include Head of Technology – Enterprise Resilience at Tabcorp Holdings Ltd., and A/NZ Practice Leader – Resiliency Services at IBM Australia. He is passionate about developing intellectual property material and has published multiple whitepapers and journal articles in the domain, as well as been a speaker at the prestigious AISA Cyber Conference in Melbourne and Canberra, Gartner Security & Risk Summit Australia and the BCM World Conference in London amongst others. Kaustubh was recognised as the Continuity and Resilience Consultant in the BCI India awards in 2015.
MACS - Snr
Kristof Kazmer
Member
As the Head of Solutions at ASE, Kristof has over 30 years of experience in the technology industry. His history in cybersecurity is both extensive and diverse, aided by 20 years of hands of experience from performing penetration tests, architecture consulting to infrastructure rollouts and general awareness training. Every year, he is supporting hundreds of organisations providing technology consulting and cybersecurity services. Kristof is as an evangelist in helping organisations adapt for the future of work and advising on tech trends and cybersecurity learnings.
MACS Snr CP
Richard Magalad
Member
Richard Magalad started his career at the Commonwealth bank as a cadet in the late 80s where he was trained in COBOL and IBM mainframes. This followed several years in the tax accountancy sector specialising in Novell Netware, which lead to starting his network consultancy firm that continues to operate today. He was also a 10-year IT director from 2010 working at a mining company with gold and diamond projects in Australia, Laos and Canada. His is currently in a multi-year systems integration project with two large telcos and several agencies in the Australian federal government.
He is a hands-on tech with a philosophy to never separate Cyber Security from Information Technology and is ISACA certified as a CISM and CRISC, and an ACS Certified Professional (Snr ) in Cyber Security.
Richard consulted and trained cyber security to SE Asia governments and critical infrastructure enterprises on missions for Dept of Foreign Affairs and Trade and with RMIT University, where he now teaches cyber security to professional students.
He was in the Branch Executive Committee and Secretary at the Victoria ACS until 2022 and the current chairperson of Cloud Branch for the Australian Information Security Association.
AACS
Adam Green
Member
Having worked with some of the world’s best forensic investigators and ethical hackers, Adam’s disruptive view of cybersecurity allows him to advise the industry’s most progressive CIO’s and CISO’s with a unique perspective of the cyber threat landscape and adversary behaviour. As the Founder and CISO of Cybersecurity advisory, Green Cyber Consulting, Adam uses his experience and exposure to some of the leading Higher Education, Critical Infrastructure, Airports, Airlines and Medical Service Providers across the Globe, to collaborating with our most vulnerable sectors to address complex cybersecurity challenges.
AACS
Benjamin DiMarco
Member
Ben has over 14 years of legal and advisory experience specialising in cyber risk, privacy, technology law, financial insurance and dispute resolution. He has acted in over 300 data breaches providing triage, privacy, strategic and claim support to companies.
Ben leads Willis Towers Watson's Australia and New Zealand cyber and technology risk team providing insurance, assessment and consulting services to domestic and international clients. Ben focuses on helping clients understand their exposure and developing responsive risk and resilience strategies matching business objectives and support needs.
He regularly conducts workshops for client covering topics such as scenario tabletops, executive awareness, data and privacy governance, breach quantification, applied case studies, consensus-based action plans, third party risk, supply chain due diligence and insurance alignment.
Ben is the National Cyber Risk and Governance stream leader for the Australian Society of Computers & Law and their Queensland Chair. He also sits on the Privacy and Data Law Committee for the Queensland Law Society, and is a regular guest lecturer at the Queensland University of Technology.
Ben is a leading privacy and technology risk speaker and has in recent years delivered papers and presentations to bodies including the Australian Institute of Company Directors, the Office of the Australian Information Commissioner's Asia Pacific Forum, the Association of Corporate Counsel, the AusCERT National Security Conference, the Australian Information Security Association National Conference and to the Association of Superannuation Funds of Australia.
His recent work includes drafting manuscript cyber insurance wordings, managing complex data breach liability claims, advising on cyber security policy and procedure documents, helping organisations strengthen approaches to data privacy, coordinating complex client insurance placements and delivering risk consulting projects.
Until late 2018 Ben's legal practice involved a broad range of litigated and non-litigated matters. Ben assisted in the drafting of numerous cyber wordings used in the Australian market and designed incident response and privacy frameworks used by Australian and International organisations.
From 2016 to 2018 Ben worked with a leading San Francisco legal team on international cyber and technology claims involving data breaches, malware, mandatory notification laws, class actions, regulatory actions and PCI assessments.
MACS Snr CP
Pat Gould
Member
Pat Gould is a seasoned technology executive with nearly two decades of senior ICT leadership experience, specialising in cybersecurity, digital transformation, and enterprise IT governance. As CIO and CISO at Charles Darwin University from 2014 to 2023, Pat led enterprise-wide security strategy, embedding robust information security practices across infrastructure, applications, and operational processes. He strengthened the university's cyber-resilience through proactive risk mitigation, advanced security protocols, and system-wide operational enhancements that improved service reliability and protected sensitive data. A strategic innovator, Pat continuously evaluated emerging technologies—including AI-driven solutions—to modernise operations and enhance threat detection capabilities. He championed agile delivery methods, digital uplift initiatives, and a culture of continuous improvement, positioning IT as a trusted strategic partner. Pat holds professional certifications including ITIL, COBIT, MACS CP, and MACS Snr, and recently completed a Masters-level Graduate Certificate in Cyber Security. He brings deep expertise in governance, compliance, risk management, and audit processes, along with a genuine commitment to advancing the ICT profession and contributing to best practice in cybersecurity.
MACS
Katie Lonergan
Member
Katie has a career in IT spanning 25 years in Australia and the UK across industries such as, banking, government, utilities and technology services. She has worked in security, IT governance, development, IT transformation, IT operations and is currently the Group Manager, Tech Services at Canstar. Katie has a Masters in IT, is a member of AISA, ACS and the Cyber Leaders Network, which is a group of Cyber Leaders in Brisbane aiming to publish artifacts to benefit the Cyber community in Australia.
AACS
Alex Duffy
Member
Alexander Duffy began his career in the Royal Australian Army, serving six years as a Telecommunication Technician. Since transitioning in 2016, he has led cyber security initiatives across state and federal government as well as the private sector. Prior to joining SA Power Networks, Alexander was a Cyber SME at Boeing Defence Australia, where he specialized in securing the P8-A Poseidon maritime patrol aircraft.
He currently serves as the Cyber Risk and IT Resilience Manager for SA Power Networks, overseeing awareness, architecture, and resilience capabilities. He is responsible for delivering a threat-informed cyber security program, ensuring strict alignment between security strategy, risk profile, and corporate appetite. Alexander is deeply passionate about mentoring others to grow their careers or successfully pivot into the cyber security field.
https://www.linkedin.com/in/alexander-duffy-01a849124/?originalSubdomain=au
MACS Snr CP
Abhishek Tiwari
Member
Abhishek has over 15 years of experience building planet-scale distributed systems, security, and privacy infrastructure. In his current role at Amazon, he operates one of the largest authentication and authorization systems on the planet, protecting quadrillions of requests every day across Amazon's vast technology ecosystem. Prior to Amazon, Abhishek was Senior Director of Engineering at HelloFresh and founded Axioms, a cloud IAM product. He is the sole maintainer of various open-source security software packages with close to a million downloads. Abhishek currently serves as Editor at the Journal of Open Source Software (JOSS) and the Journal of Open Research Software (JORS), bridging industry practice with academic research. His research interests include IAM, security, and privacy for humans, machines, and agents, with an emphasis on resilience.
https://www.abhishek-tiwari.com
MACS CP
Sheavy Kaur
Member
Sheavy Kaur is a cyber security and information risk leader with over 15 years of experience across governance, cyber risk, and digital resilience. She specialises in helping organisations translate complex cyber threats into strategic decisions through strong governance, risk management, and security frameworks aligned to international standards. She is passionate about advancing cyber capability, strengthening digital resilience, and supporting collaboration across Australia’s cyber ecosystem.
https://www.linkedin.com/in/sheavy/?originalSubdomain=au
FACS CP
David Rudduck
Member
Throughout his 25+ year career in the technology industry, David has a track record of challenging the status quo and disrupting legacy thinking and systems. A former Australian Computer Society “Digital Disruptor” awardee, he is always asking “Why?” and looking for more efficient ways to achieve desired outcomes, whilst also improving the impact on the communities served. After selling his business to a major cyber insurer, he stayed on and built out their Australian incident response practice, providing career pathways and opportunities for many amazing people – some not even from a tech background – before exiting after 25 years at the helm of a business he literally started in his mother’s basement. Beyond his professional endeavours, David is deeply passionate about mental health advocacy, drawing from his own journey and experiences. David is committed to fostering a supportive and inclusive environment within the cybersecurity industry, nurturing the next generation of talent and promoting mental wellness for all.
https://www.linkedin.com/in/davidrudduck/