
Strengthening Cybersecurity Resilience and Citizen Protection within the Public Sector in 2025 and Beyond
The 2025 CyberGov Leaders Summit will unpack how Government and public sector cybersecurity leaders, and their teams are facing a growing list of complex challenges and demanding responsibilities. With the acceleration of digital transformation and AI, it is no longer a question of ‘if’ but instead a question of ‘when’ data breaches and cyberattacks will occur. More than ever, security teams need innovative and proactive strategies to ensure organisational security.
The summit will delve into innovative approaches for safeguarding systems, fostering rapid incident response and building a culture of collaboration between security teams and the organisation to protect against digital vulnerabilities and ensure business continuity.
2025 Sponsors
Explore the Summit
Key Speakers

Michael Webster
Commissioner
Office of the Privacy Commissioner, New Zealand

Catherine Cooper
Group Manager Security Incident Management, National Security Incident Response, Data & Digital
Te Whatu Ora

Derek Robson
CISO
New Zealand Parliament

Peter Benson
Governance Advisor
NZ Post

Paul Macpherson
Director of Information Security (CISO)
Reserve Bank of New Zealand – Te Pūtea Matua

Taryn Murphy
Cyber Security Manager
Worksafe NZ

Danielle Vandendungen
Strategic Advisor - Digital Security
Ministry of Education

Grace Campbell-Macdonald
Director Regulatory Advisory
National Cyber Security Centre
Why Attend

Hear from the National Cyber Security Centre, to stay up to date with the latest cybersecurity updates and the unique challenges faced by public sector and government organisations

Understand the obligations faced by organisations under the Privacy Act 2020 in a talk presented by Michael Webster, Commissioner, Office of the Privacy Commissioner, New Zealand and why it’s not a ‘one size fits all’ approach.

Learn from Catherine Cooper, Group Manager Security Incident Management, National Security Incident Response, Data & Digital, Te Whatu Ora as Catherine shares insights into the ‘1st 72 hours of Incident Response’ and how insider threat is managed in such a large organisation.

Unpack the impact that GenAI is having and could have on the public sector in future, as Peter Benson, Governance Advisor, NZ Post shares how GenAI is being leveraged for cyberattacks and strategies to mitigate risks associated with this.

Who Should Attend
Network and engage with Chiefs, Secretaries/Deputy Secretaries, Heads, Directors, General Managers across the public sector, with responsibilities including:
-
Information and IT Security
-
Cloud Security and Infrastructure
-
Identity and Access Management (IAM)
-
Data Security, Protection and Privacy
-
Network Security and Secure Architecture
-
Security Intelligence and Threat Intelligence
-
Zero Trust Frameworks and Strategies
-
Application and Endpoint Security
-
Security Operations Centre (SOC) Management
-
Governance, Risk Management and Compliance (GRC)
-
Incident Detection and Response
-
Risk Assessment and Risk Management
-
Forensic Analysis and Cyber Investigations
-
Penetration Testing and Vulnerability Management
Agenda
Access either Summit at any point across the 2 days, all included in your ticket.
To help us allocate the ideal space for engaging discussions and connections, please indicate your preferred stream at the time of registration. You’ll still have the flexibility to explore other stream sessions throughout the day.
Day One | Tuesday 20th May 2025
8:10
Registration & Morning Refreshments
8:30
Opening Karakia
8:45
Chairperson’s Opening Address
Taryn Murphy, Cyber security manager, Worksafe NZ
Resilience & Strategy in Cybersecurity
9:00
Opening Keynote: Building a Cyber Resilient New Zealand
Aligning public sector security practices with the national cybersecurity strategy
The latest updates in cybersecurity
A look into the IPAC review and the unique challenges faced by public sector and government organisations
Grace Campbell-Macdonald, Director Regulatory Advisory, National Cyber Security Centre
9:30
Panel: Cyber Resilience as a Strategic Enabler: Aligning Security with Public Sector Priorities
The role of public sector leaders in driving a coordinated cybersecurity approach
Ensuring security decisions are aligned with business goals, risk appetite, and service delivery expectations
Building a resilient cyber culture across departments, agencies, and leadership teams
Moderator: Taryn Murphy, Cyber security manager, Worksafe NZ
Sonny Taite, National Chief Information Security Officer, Te Whatu Ora – Health New Zealand
Jay Nowitz, Senior Information Security Advisor, Oranga Tamariki – Ministry for Children
Jonathan Wilkins, Chief Security Officer / Chief Privacy Officer, Ministry for Primary Industries
10:15
Morning Tea & Networking
Threat Detection & Prevention
10:45
Presentation hosted by Proofpoint
Navigating Privacy Obligations
11:15
Presentation: Obligations Under the Privacy Act – Not a ‘One Size Fits All’ Approach
What are the obligations faced by organisations under the Privacy Act 2020.
Why your security strategy needs to be based on the data the organisation holds and the type of organisation you are.
Michael Webster, Commissioner, Office of the Privacy Commissioner, New Zealand
Navigating the Evolving Threat Landscape
11:45
Interactive Breakout Sessions
During this session, attendees will have the opportunity to attend 2 x 30-minute interactive breakout sessions of their choice.
Breakout A:
Enhanced API Security
Breakout B:
Vulnerability Management & Penetration Testing
Breakout C:
SaaS
12:15
Networking Lunch
AI Risk Strategies
1:15
Presentation: Preparing for the Future of GenAI in the Public Sector
How AI cyberattacks have revealed gaps in the talent availability within New Zealand
What impact has GenAI had or could have on citizens privacy going forward?
How GenAI is being leveraged for cyberattacks and strategies to mitigate risks associated with this
Peter Benson, Governance Advisor, NZ Post
Data Management, Governance & Security
1:45
Presentation: Promoting a Culture of Data Security by Defining Policies and Procedures
Why data governance should be central to your data security strategy
Overcoming trust & confidence issues that follow damaging breaches and attacks
Understanding how data breaches affect citizen trust and the organisations reputation in the long run
Danielle Vandendungen, Strategic Advisor - Digital Security Engagement, Ministry of Education
2:30
Afternoon Tea & Networking
Cybersecurity Awareness & Workforce Development
3:00
Reflect & Collaborate: Prioritising People & Training to Empower your Employees as the First Line of Defence
This interactive Think Tank session invites attendees to collaborate on strategies for equipping government cybersecurity teams with the skills, culture, and tools necessary to enable teams and keep New Zealand’s organisations and citizens secure.
Should organisations focus on hiring new talent or prioritise training and educating existing employees within security teams
How to demonstrate ROI on security investments to increase support for your team
How do security teams continue to retain talent whilst managing increasing stress and workloads
Yolanda Wilke, Domain Lead CISO Office, Inland Revenue NZ
4:30
Chairperson’s Closing Address
4:40
Networking Drinks & End of Summit Day One
Day Two | Wednesday 21st May 2025
8:20
Registration and Morning Refreshments
8:50
Chairperson’s Opening Address
Taryn Murphy, Cyber security manager, Worksafe NZ
Future-Ready Public Services
9:00
Opening Keynote: Building a Future-Ready Public Service through Delivering User-Centric, Innovative and Trusted Digital Government Services
In this keynote presentation, Paul will be outlining the ambitious work programme he is leading to modernise digital government services. Paul will talk about all-of-government service modernisation to accelerate the digitising of government services. He will also talk about his leadership role in key areas of Digitising Government, including Artificial Intelligence (AI) and Digital Identity. Paul works with his colleagues across the public service to encourage safe uptake of emerging technologies
The audience will now split between the DigiGov and CyberGov leaders summit depending on their preference of sessions.
Next-Gen Threat Intelligence & Monitoring
9:40
Presentation: The 1st 72 hours of Incident Response
Building innovative practices into cyber response
Human error as the biggest threat
How is insider threat managed in such a large organisation
Translating security into a language that the organisation can understand
Catherine Cooper, Group Manager Security Incident Management, National Security Incident Response, Data & Digital,Te Whatu Ora
10:10
Panel: Future-Proofing: Anticipating the Next Wave of Cyber Threats in Public Services
How can security leaders proactively prepare for the next wave of cyber risks?
Understanding the challenges faced by public services; Resource limitations, data sensitivity and evolving regulations
How to recognize, mitigate, and adapt to emerging cybersecurity challenges
A look into real-life incidents impacting the public sector in New Zealand and the importance of resiliency
Moderator: Taryn Murphy, Cyber security manager, Worksafe NZ
Paul Macpherson, CISO, Reserve Bank of New Zealand – Te Pūtea Matua
Jared Licht, CISO, New Zealand Defence Force
10:40
Morning Tea & Networking
The upcoming sessions are shared plenary sessions across the DigiGov Leaders and CyberGov Leaders Summit.
Collaboration in Digital and Cyber
11:00
Presentation: How Non-Governmental Organisations are Growing and Maturing their Digital Transformation Strategy
Why the government sector wants Non-Governmental Organisations to take on more services
Strategies to scale and mature the digital strategy in the 3rd sector
Tamati Shepherd –Wipiiti, Chief Executive Officer, Ngāti Hine Health Trust
11:30
Presentation: A Path to Cyber for Anyone.
Why cybersecurity should be a priority for the business under the increasing threat landscape
Implementing a coordinated and efficient response strategy between IT and security teams
Defining clear roles and responsibilities to reduce overlap and confusion
What skills are needed in cyber?
Derek Robson, CISO, New Zealand Parliament
12:00
Networking Lunch
Balancing Innovation, People & Risk
1:00
Unconference Sessions: Peer-Peer Roundtable Discussions
Delegates will split into peer-led groups to discuss key challenges within the digital and security world under Chatham House rules.
Topic A:
How to encourage tech adoption across different generations and improve digital accessibility for diverse user groups
Aimee Riddell, Digital Lead, Ministry for Women
Topic B:
Strategies for securing funding and justifying digital investments
Christine Hudson, Programme Director - Digital Planning & Performance / Digital Service & Planning Manager, Ministry of Education
Topic C: How to build a security-first culture
Cassandra Mesa, Cyber Security Analyst, MBIE
Other possible areas of discussion:
How to encourage IT teams to move beyond operational support to strategic leadership in technology decisions
How to modernise data & analytics to help overcome market challenges
How to prepare for the worst scenario: Crisis simulation
How to build public trust through robust privacy and security measures
The Road Ahead: Vision for 2030
2:00
Panel: The Road Ahead: Shaping a Secure Digital Future for New Zealand
New Zealand's commitment to becoming a digitally secure and resilient nation.
Strengthening public sector leadership, driving collaboration and accountability
How New Zealand can integrate cybersecurity into long-term strategies for resilience and adaptability
Moderator: Prashant Bakshi, Deputy Chief Executive Strategic and Corporate Services, New Zealand Qualifications Authority, Mana Tohu Mātauranga o Aotearoa
Catherine Cooper, Group Manager Security Incident Management, National Security Incident Response, Data & Digital, Te Whatu Ora
Carmel Ali, Information Technology Security Manager, CSS Treasury
Nitin Puri, Programme Manager/ Strategic Security Lead, Waka Kotahi NZ Transport Agency