Agenda

Day One | Wednesday 20th May 2026

8.00 Registration and morning refreshments 

8.20 Opening Karakia

8.40 Chairperson’s opening address  

Yolanda Wilke, Domain Lead - CISO Office, Inland Revenue NZ

8.50 International virtual keynote: Lessons from the European Cybersecurity Competence Centre on building collective cyber defence

Luca Tagliaretti shares Europe’s coordinated approach to cybersecurity through the European Cybersecurity Competence Centre (ECCC). He will discuss how the ECCC is aligning civil and defence innovation under Horizon Europe and Digital Europe, following its landmark partnership with the European Defence Agency. Highlighting Europe’s integrated model for research, capability development, and dual-use innovation, Luca will offer insights on balancing sovereignty, collaboration, and interoperability, and what New Zealand can learn as it advances whole-of-nation resilience across government, industry, and defence.

Luca Tagliaretti, Executive Director, European Cybersecurity Competence Centre (European Union)

10.00 Fireside chat: Understanding and countering increasingly intelligent threats

How can we move from cybersecurity to true information protection?
How is AI amplifying risk through phishing, misinformation, and human error?
Why are internal mistakes now our biggest security threat?
How can collaboration and shared intelligence outpace AI-driven attacks?

Moderator:

Yolanda Wilke, Domain Lead - CISO Office, Inland Revenue NZ

Panellists:

Andrew Hood, Senior Product Manager, Cyber Safety and Security, Network 4 Learning

Kelly Blackwell, National Security Capability Manager, Health New Zealand Te Whatu Ora

11.00 Morning tea

11.30 Presentation: Where automation helps, and where it hurts: AI’s role in Public-Sector cyber defence

The “perfect storm”: if AI replaces entry-level cyber roles, we lose the people who would have grown into tomorrow’s experts
Why we still need humans learning on the job, even as automation handles the repetitive work
How to use AI to support teams without hollowing out skills, judgement, and real-world experience
Early lessons from government: where automation helps, and where over-reliance creates new gaps

Jonathan Wilkins, Chief Information Security Officer, Ministry for Primary Industries

12.20 Presentation: Trusted digital identity for Aotearoa building the ecosystem for 2026

How New Zealand can develop a citizen business and machine-ready digital identity ecosystem
The core pillars needed to build trust including capability connectedness confidence and community
The role of digital identity as part of future digital public infrastructure for payments open data and service access
What government and industry must co-create by 2026 to ensure a secure interoperable and scalable identity framework

Andy Higgs, Executive Director, Digital Identity NZ

12.50 Networking Lunch

1.50 Interactive breakouts

During this session, attendees will have the opportunity to attend 2 x 30-minute interactive breakout sessions of their choice

Breakout A: Strengthening software and vendor supply chain

Breakout B: Identity security and adaptive access

Breakout C: AI and automation in cyber defence

Breakout D: Human-centred cybersecurity

2.50 Panel: Making incident response a whole-of-business capability

Who truly owns an incident response, and why must accountability extend beyond the IT or security team to include business leaders and executives?
How can agencies make incident response and maintaining continuity a whole-of-business capability rather than an IT responsibility?
How can government departments coordinate effectively across agencies during interconnected disruptions?
What can digital and security leaders learn from emergency management when responding to large-scale cyber incidents?
What does real preparedness look like in the public sector today?

Moderator:

Yolanda Wilke, Domain Lead - CISO Office Inland Revenue NZ

Panellists:

Vicki Scott, Deputy Chief Executive, People Services and Delivery, Parliamentary Counsel Office

Matthew Shaw, Head of Emergency Management and Business Continuity, Ministry of Business, Innovation and Employment

Marika Hughes, Director of Strategic Crisis Management, Department of the Prime Minister and Cabinet New Zealand

Emma Bickerstaffe, Director, Cyber Defence Operations, National Cyber Security Centre

3.30 Afternoon tea and networking

4.00 Case study: Cross-training and upskilling for an AI-ready cyber workforce

How WorkSafe NZ is building cyber capability through practical cross-training and shared knowledge
Empowering small teams to deliver large-scale uplift through collaboration and documentation
Integrating AI and automation tools to strengthen efficiency, not replace human judgment
Developing resilient, well-supported teams ready to adapt to evolving technologies and threats

Taryn Murphy, Cyber Security Manager, WorkSafe NZ

Julie Watson, Chief Information Officer and Chief Information Security Officer, WorkSafe NZ

4.30 Presentation: From mainframes to the cloud, rethinking supply chain resilience in a connected world

Define your full supply chain scope, a chain has more links than you might expect
Acknowledge how cloud reliance creates new single points of failure across global digital ecosystems
Map hidden dependencies across platforms and providers to strengthen continuity and resilience
Enforce shared accountability through procurement and governance, ensuring all partners meet consistent security and privacy standards

Derek Robson, Chief Information Security Officer, New Zealand Parliament

5.00 Chairperson’s closing address

5.10 Networking drinks and end of summit day one

Day 2

Day Two | Thursday 21st May 2026

8.20 Registration and morning refreshments   

8.50 Chairperson’s opening address 

Yolanda Wilke, Domain Lead – CISO Office, Inland Revenue NZ

9.00 Opening keynote: Emerging technologies, new threats and the next wave of government cyber challenges

How rapid innovation in AI, deepfakes, quantum computing, and synthetic identities will redefine both opportunity and threat
What’s coming with IoT in public infrastructure, smart cities, and digital identity ecosystems, and how to build resilience by design
Steps agencies can take now to prepare for a fast-changing risk landscape

Sarah Penman, Director of Enterprise Security (CISO), National Cyber Security Centre

9.50 Case study: Best practice in data access and security through assurance accountability and certification at the DIA

How agencies can verify who accesses their data, from where, and under what conditions
Practical checks, standards, and evaluations that ensure vendors and subcontractors meet government expectations
Ensuring responsibility for data security is transparent, traceable, and retained by the agency, even when services are outsourced
Insights from CISO engagement and cross-agency forums to shape consistent expectations and improve national data governance

Matt Oliver, Operational Security Specialist, Digital Services Branch, Department of Internal Affairs

10.40 Morning tea and networking

The upcoming sessions are shared plenary sessions across the DigiGov Leaders and CyberGov Leaders Summit.

11.10 Ministerial mandate: Accelerating public service digital transformation

11.30 Keynote: Biometrics as both an enabler and a safeguard for innovation

How biometrics simultaneously strengthen security and unlock innovative uses of digital identity, AI, and modern public services
Why organisations must define mission and outcomes before selecting or deploying biometric systems
The privacy, proportionality, and transparency requirements necessary for safe, ethical biometric use
How biometrics can support AI, automation, and digital transformation when implemented with strong foundations and governance

Liz MacPherson, Deputy Privacy Commissioner, Office of the Privacy Commissioner

12.20 Peer-to-peer roundtable discussions

Delegates will split into peer-led groups to discuss key challenges within the digital and security world under Chatham-House rules. Attendees will have the opportunity to attend 2 x 30-minute interactive sessions of their choice

A: Assuring digital service providers: Implementing security baselines, metrics and onboarding frameworks

Adwin Singh, Cybersecurity Domain Lead – CISO Office, Inland Revenue NZ

B: Building security understanding and culture across the organisation and the executive team

Denis McGrath, Cyber Security Specialist (Awareness and Education Lead), New Zealand Ministry of Foreign Affairs & Trade

C: Reimagining the role of AI, from personal productivity to organisation-wide transformation

Milica Zivanovic, Chief Information Officer, Te Kawa Mataaho Public Service Commission

D: Making change management work for digital transformation leadership

Anne Columbus, Chief People Officer, General Manager Corporate Services, Christchurch City Council

1.20 Lunch

2.20 Fireside Chat: Speaking the same language through the CIO and CISO partnership

What were some of the early challenges in aligning your teams, and how did you overcome them?
How do you translate technical or security priorities into business outcomes that resonate with executives and the board?
What advice would you give to CIOs and CISOs who struggle to get leadership buy-in for resilience and risk investment?
How do you foster a culture where technology and security teams trust each other rather than compete for influence?
If there’s one mindset shift the public sector needs to make around resilience, what would it be?

John Baddiley, Chief Information Officer, Reserve Bank of New Zealand

Paul Macpherson, Chief Information Security Officer, Reserve Bank of New Zealand

2.50 The path to 2030: Essential frameworks and collaborative commitments for digital leaders

An interactive workshop where digital leaders collaborate to turn summit insights into actionable roadmaps for trust, resilience, and interoperability by 2030. Participants will share priorities, forge partnerships, and commit to practical next steps for collective digital progress

3.20 Afternoon tea

3.40 Case Study: How CIO, CPO and risk leadership are modernising Crown Law together

Empathy-driven, shared leadership as the catalyst for modernising government. Aligning people and technology to break silos, build trust, and turn strategy into sustainable outcomes

Modernising Together: A Unified Leadership Approach: How empathy and shared purpose are helping to align technology, people, security, and information strategies to transform a core government agency
Breaking Barriers: Cross-Functional Leadership in Action: Why trust and human connection matter more than structure when removing silos and accelerating change
From Strategy to Delivery: Driving Modernisation Across Three Domains: How leading with humanity turned complex strategies into practical outcomes across digital, cultural, and security domains
Leading Change in Government: Collaboration as the Catalyst: Lessons on building momentum through empathy-driven leadership and shared accountability
Beyond Titles: Shared Leadership for Sustainable Modernisation: How three leaders shaped a single narrative for transformation by prioritising people over process

Kirsty Donbavand, Chief People Officer, Crown Law

Mike Mulvaney, Chief Technology Officer, Crown Law

Julia Smith, Chief Risk Advisor, Crown Law

4.20 Panel: Making change management the engine of transformation

Why do so many technology projects fail at the adoption stage, and how can early investment in change management prevent that?
What does effective leadership buy-in look like in practice, and how can senior executives model the change they expect?
How can organisations engage users meaningfully to reduce resistance and turn employees into champions of new systems?

Paula Knaap, Deputy Chief Executive, Organisational Enablement, Ministry of Regulation

Andrea Conlan, Chief Operating Officer, NZ Police

Milica Zivanovic, Chief Information Officer, Te Kawa Mataaho Public Service Commission

Anne Columbus, Chief People Officer, General Manager Corporate Services, Christchurch City Council

5.00 Chairperson’s closing address

5.10 Closing Karakia and end of summit

Day 1

Agenda

Day One | Wednesday 20th May 2026

​

​

​

8.00

Registration and morning refreshments

​

8.20

Opening Karakia

​

8.40

Chairperson’s opening address

​

8.50

International virtual keynote: Lessons from the European Cybersecurity Competence Centre on building collective cyber defence

​

10.00

Fireside chat: Understanding and countering increasingly intelligent threats

​

11.00

Morning tea

​

11.30

Presentation: Where automation helps, and where it hurts: AI’s role in Public-Sector cyber defence

​

12.20

Presentation: Trusted digital identity for Aotearoa building the ecosystem for 2026

​

12.50

Networking Lunch

​

1.50

Interactive breakouts

​

2.50

Panel: Making incident response a whole-of-business capability

​

3.30

Afternoon tea and networking

​

4.00

Case study: Cross-training and upskilling for an AI-ready cyber workforce

​

4.30

Presentation: From mainframes to the cloud, rethinking supply chain resilience in a connected world

​

5.00

Chairperson’s closing address

​

5.10

Networking drinks and end of summit day one

Registration and morning refreshments 

Chairperson’s opening address  