Close Menu
    CybersecCon logo
    RETURN TO MAIN EVENT PAGE

    Explore the CybersecCon 2025 Workshops

    Kick off your CybersecCon 2025 Workshop experience with a powerhouse morning of hands-on learning, hot-topic discussions, and practical takeaways. Our workshop sessions begin at 9:30am sharp, so we recommend arriving by 9:00am to breeze through registration, grab a coffee, and settle in.

    Each 90-minute workshop delivers deep dives into today’s most urgent security challenges.

    The morning workshops are brough to you by ESET, ExaBeam, Mimecast, Qualys and WatchGuard. You’ll find each workshop tailored to presenting digestible detailed guides of top rated solutions, sharing unique insights and revealing threat intelligence data unique to NZ. Whether it’s AI in the SOC, transforming human risk, or mastering threat response with the latest tools.

    Designed for practitioners, leaders, and curious minds alike, these sessions are your chance to engage directly with some of the sharpest security experts in the game. After the workshops, fuel up and mingle during our lunch and networking hour from 11am–12pm, before we officially kick off the main stage event. Whether you’re here to sharpen your stack, challenge your thinking, or get hands-on with new tech, this is your morning to get stuck in.

    For session details, please select from the CybersecCon 2025 Workshops listed below.

    Sharpen your Security Stack

    Respond smarter, and stay ahead of today’s threats

    Whether you’re an MSP, IT manager, or security specialist, this workshop will equip you with practical knowledge and tools to better protect your organization in an ever-evolving threat landscape.

    WORKSHOP AGENDA

    9:30 – 9:40am
    Welcome and Intro

    9:40 – 10:00am
    Kiwi Treat Intelligence
    ft. Peter Stančík, Senior Security Research and Awareness Manager

    10:00 – 10:20am
    ESET feature updates and performance
    Ft. Brad Collins, Chillisoft – ESET Enterprise and MSP Business Manager

    10:20 – 10:40am
    ESET Cybersecurity Awareness Training (ECAT) Demo
    Ft. Lukesh Sad – Senior Security Consultant

    10:40 – 11:00am
    Fireside Chat
    Ft Tony Johnson, Outsource IT Solutions Architect 

    Kiwi Threat Intelligence

    The session will begin Peter Stančík, Senior Security Research and Awareness Manager at ESET who will be discussing the latest in Threat Trends, with a special New Zealand focus. Peter will cover both the most prevalent current threats along with the emerging threat types we are seeing locally. We’ll be showcasing the telemetry ESET gets from its 110+ million endpoints around the globe with focuses on state-sponsored Advanced Persistent Threats and the unique attack types we are discovering.

    ESET Feature Updates & Performance

    Peter’s Kiwi Threat Data presentation will be followed with an ESET update, showcasing what we’ve found over the last year and also giving you an insider look at what’s coming next. 

    This session will fire through: 
    • ESET Cloud and ESET Inspect (IDR)
    Threat hunting, incident analysis, and real-time visibility, enhancing capability to contain attacks quickly and effectively.

    • ESET Cybersecurity Awareness Training(ECAT)
    Assess your security posture and uncover hidden vulnerabilities within your environment.

    • MDR & IDR Services
    Explore how ESET’s Managed Detection & Response services combine with Inspect to deliver 24/7 threat monitoring, response, and expert-led investigation.

    • AI Advisor 
    Get an early look at ESET’s AI-powered security advisor, designed to assist security teams in interpreting threats and taking the right actions faster.

    • Vulnerability & Patch Management Updates
    See what’s new in ESET’s management platform and how improvements in vulnerability and patch management simplify compliance and reduce attack surfaces.

    • Integrations & Ecosystem Expansion
    Understand how ESET integrates with third-party tools, including Stellar Cyber, to create a unified, efficient security operations experience.

    • Ransomware Remediation
    Practical insights into ESET’s layered approach to detecting, stopping, and recovering from ransomware attacks.

    ESET Cyber Security Awareness Training

    We’ll take a special look at the recently launched ESET Cybersecurity Awareness Training.
    As we face never-ending threats, the training will equip your employees with the knowledge to safeguard your business and data. ESET’s innovative approach features real-life scenarios and gamification to educate your employees. With 30+ years of research and in-house training experience, ESET delivers a top-tier experience suitable for workers at all levels of your organization.

    What you’ll love seeing is how customizable the phishing simulations are. From looking like a big Kiwi lottery win, to mock road tolling and social media notices, you’ll have localized assets to test and train your staff with. The ESET Training platform also enables unique customization, meaning you’ll be able to tailor your training to not only look realistic and local, but also relevant and highly targeted.

    ECAT is also a great tool for helping assess your security posture and uncovering hidden vulnerabilities within your environment.

    Fireside Chat

    Hear from a leading Solutions Architect, Tony Johnson (Outsource IT), who will be discussing how our 24/7 MDR service allowed them to take on support for a business with over 120 seats. This business was unique due to their industry as well as the company falling victim to a past cyber incident. This lead to their high priority need for 24/7 MDR security. Since they won the support contract with the customer, Outsource IT have been purchased by Kinetics Group, and due to the excellent service, Kinetics are now looking at expanding ESET with Chillisoft’s 24/7 MDR footprint across all their customers.

    Workshop Speakers

    Tony Johnson Profile-WEB

    Tony Johnson

    Outsource IT
    Solutions Architect​

    Peter Stančík - WEB

    Peter Stančík

    ESET
    Security Research and Awareness Manager

    Brad Collins-2.0-web

    Brad Collins

    Chillisoft
    ESET Enterprise & MSP Business Manager

    Lukesh Headshot

    Lukesh Sadh

    Chillisoft
    Senior Security Consultant

    See Why the Smartest SOCs Think Agentically

    A decade of UEBA innovation. A new era of AI-driven defence. Start your journey with Exabeam.

    As attackers grow more sophisticated, reactive security is no longer enough. This workshop dives into how Exabeam leverages machine learning behaviour analytics and Agentic AI to proactively detect, investigate, and respond to suspicious activity before damage is done. Learn how security teams can identify hidden threats, reduce alert fatigue, and automate threat hunting using advanced analytics that go beyond rules and signatures. This session will showcase real-world use cases and provide actionable insights into modernizing your SOC with AI.

    9:30 – 10:30am
    Main Session: Insider Threats, AI and the Smarter SOC

    The Evolvoing Threat Landscape
    Why insider threats are entering a new era shaped by behavioural blind spots

    Use Case Deep Dive:
    Compromised Credential Attack
    Examples of modern attacks where rules/signatures fell short
    What traditional tools missed

    AI Redefining the Insider
    How GenAI and autonomous agents are reshaping insider risk
    • The line between human and machine-driven threats

     Closing the Visibility Gaps
    Why insider threats are entering a new era shaped by behavioural blind spots

    Use Case Deep Dive: Compromised Credential Attack
    Examples of modern attacks where rules/signatures fell short
    What traditional tools missed

    AI Redefining the Insider
    How GenAI and autonomous agents are reshaping insider risk
    The line between human and machine-driven threats

    Closing the Visibility Gaps
    Where detection typically breaks down in the SOC
    How machine learning behaviour analytics + Agentic AI enable proactive detection, investigation, and response
    SOC modernisation journey: moving from reactive to proactive using UEBA + Agentic AI to reveal hidden signals

    10:30 – 10:55am
    Fireside Chat: AI in Regulated Enviroments (eg. Banking)
    Balancing innovation with compliance and governance
    Lessons learned from early adopters of AI in the SOC
    Audience Q&A

    10:55 – 11:00am 
    Closing Comments

    Fireside chat - Approval of AI use within a banking environment

    The second part of the workshop will feature a fireside chat with a very special guest soon to be announced! The discussion will focus on the real-world process of how AI can be implemented and approved for use in a major banks cybersecurity tooling. 

    Workshop Speakers

    Paul-Prokop-web25

    Paul Prokop

    Exabeam
    Senior Solutions Architect

    Jin Yea Tan

    Jin YeaTan

    Exabeam
    Senior Solutions Engineer

    Steve Moore-web_SSP4471T

    Steve Moore

    SPEAKER
     Chief Security Strategist

    Transforming Human Risk

    Human risk now outranks technology gaps as the #1 cybersecurity challenge.

    Join Mimecast’s team of security experts to:​
    • Explore diagnostic tools and predictive models to quantify human risk. ​
    • Discover actionable metrics to drive better strategic, operational, and tactical decisions. ​
    • Take a proactive approach to bridging the gap between technical security controls and the human factors that often undermine them. ​
     
    Mimecast has surveyed 1,100 IT Pro’s from across the world to determine how security leaders are evolving to meet today’s challenges. We’ll be sharing the key highlights, quickfire style – boiling down the main pain-points and response strategies.

    WORKSHOP AGENDA

    9:30 – 9:40am
    Welcome, quick introduction & overview
    ft. Lizelle Hughes, Channel Director Australia & NZ, and Scott Jenner, Senior Channel Sales Engineer

    9:40 – 10:00am
    Redefining Human Risk Management and the impact on New Zealand businesses 
    ft. – Lizelle Hughes, Channel Director Australia & NZ

    10:00 – 10:20am
    Turning on the Lights:
    Illuminating Employee Risk with Real-Time Data Visibility
    ft. Scott Jenner, Senior Channel Sales Engineer

    Key topics include:
     ○ Risk and data loss from Gen AI usage
     ○ Identifying malicious insider threat activity
    Managing insider risks from negligence

    10:20 – 10:30am 
    Market Intelligence Sesson 
    Customer insights on insider risk management
    ft. Garikai Jani, Enterprise Account Executive

    10:30 – 10:45am
    Take the fast-lane with AI-driven investigation support
    across your digital estate
    ft. Scott Jenner, Senior Channel Sales Engineer

    10:45 – 10:55am
    Industry Spotlight:     
    Customer insights on AI-drive governance and compliance
    ft. Garikai Jani, Enterprise Account Executive

    10:55 – 11:00am
    Closing Comments
    ft. Lizelle Hughes & Scott Jenner

    Workshop Speakers

    Lizelle Hughes-Web

    Lizelle Hughes

    Mimecast
    Director of ANZ Channel

    Scott Jenner - Mimecast

    Scott Jenner

    Mimecast
    Senior Chan Sales Engineer

    Garikai Jani

    Garikai Jani

    Mimecast
    Enterprise Account manager

    See IT. Know IT. Eliminate IT. ROC IT.

    Unifying Cyber Risk with Qualys CSAM, VMDR, Eliminate & ROC

    Join Qualys experts for a guided technical workshop on turning fragmented cyber defense into unified, actionable risk management that covers asset discovery, vulnerability prioritization, rapid remediation, and measurable business outcomes.

    Key Topics Include:
    • Real-world threat intelligence and risk context for vulnerabilities
    • Practical demonstrations: asset sprawl, remediation acceleration, risk reduction metrics
    • Customer spotlights and solution success stories from New Zealand organizations
    • Blueprint for unifying cyber defense across cloud and on-prem environments

    WORKSHOP AGENDA

    9:30 – 9:40
    Welcome, Introduction & Overview 

    9:40 – 10:00
    See IT: The New Asset Inventory Standard
    Uncover blind spots and shadow IT with CSAM’s real-time risk-aware asset mapping
    ft. Himanshu Kathpal, VP Product Management, Qualys 

    10:00 – 10:20
    Know IT: Prioritizing Real-World Risk
    Identify and contextualize vulnerabilities with VMDR—fix what matters first, for critical impact
    ft. Himanshu Kathpal, VP Product Management, Qualys 

    10:20 – 10:30
    Eliminate IT: Remediation at Cloud Speed
    Automated patching, mitigation, and asset isolation—close gaps in minutes, not months
    ft. Himanshu Kathpal, VP Product Management, Qualys 

    10:30 – 10:45
    ROC IT: Operations, Compliance & Business Value
    Leverage the Risk Operations Center (ROC) to unify risk, compliance, and reporting for board-level decisions
    ft. Himanshu Kathpal, VP Product Management, Qualys 

    10:45 – 11:00   
    Fireside chat
    ft. Darren Beattie, Tower Insurance, Head of Information Security 

    Overview
    70% of successful breaches exploit known vulnerabilities that were never remediated, but what if you could close those gaps in minutes, not months? In this technical deep dive session, discover how the Qualys Enterprise TruRisk Platform turns fragmented security into unified risk control Whether you’re struggling with asset sprawl, slow remediation, or proving risk reduction—this session is your blueprint for action.

     

    Workshop Speakers

    Junaid Siddiqui

    Junaid Siddiqui

    Qualys
    Security Solutions Architect

    Darren-Beattie_web.jpg

    Darren Beattie

    Tower Insurance
    Head of Information Security

    Himanshu Kathpa

    Himanshu Kathpal

    Qualys
    Vice President of Product Management

    Real Security for the Real World: Protecting People, Networks, and Data

    Sharpen your threat detection skills and see how we streamline incident response

    In today’s hybrid work environment, protecting people, networks, and data has never been more critical. This interactive workshop will explore the latest threats, provide practical security insights, and showcase how a unified approach can help businesses stay secure without adding complexity. Join us for a hands-on workshop that shows how WatchGuard helps keep your business safe, no matter where your people work.

    WORKSHOP AGENDA

    9:30 –  9:40am 
    Workshop Introduction 
    Welcome and overview of the day.
    Framing the challenge: how evolving attacks are reshaping security design across network, endpoint, identity, and cloud.

    9:40-10:00am 
    Threat Landscape: Agentic AI and the Latest Attacks
    Examine how agentic AI attacks are collapsing timelines and automating full attack chains. Review trends in ransomware, identity compromise, and cloud exploitation. Understand why siloed defenses are no longer enough.

    10:00 – 10:30am 
    Platform Architecture: Unified Defense by Design
    Position security between adversaries and applications wherever they reside. Endpoint and network services protecting cloud, data center, and internal networks. How a unified platform simplifies operations while closing exploitable gaps. Architectural principles for consistent protection across users, devices, and workloads.

    10:30 – 11:00am 
    Live Demo + Q&A: FireCloud & WatchGuard Cloud
    FireCloud Total Access: secure, seamless access to apps and data anywhere. WatchGuard Cloud: manage security, monitor threats, and gain insights from one platform. Interactive walkthrough with real-world scenarios and audience Q&A.

     

    Workshop Speakers

    Andrew Younger -web

    Andrew Younger

    WatchGuard
    Senior Sales Engineer

    Adam Winston

    Adam Winston

    WatchGuard
    Field CTO

    RETURN TO MAIN EVENT PAGE

    Tony Johnson

    Solutions Architect

    Outsource IT

    Tony Johnson has over two decades of experience in the IT industry, with the past 10 years spent as a Systems Engineer at Outsource IT and now operating as a Solutions Architect. Known within his company as the go-to expert when something needs to be hacked into, critical data recovered, or security vulnerabilities identified, Tony has developed a deep, practical understanding of cyber threats. His hands-on experience in uncovering weaknesses has fostered a strong commitment to building secure, resilient systems, making him a passionate advocate for robust cyber security practices.

    Peter Stančík

    Security Research and Awareness Manager

    ESET

    Working at ESET for over a decade, Peter grew through the ranks and bolstered his leadership skills. Since 2017, he has been the Security Research and Awareness Manager for ESET. Now, based in Christchurch, New Zealand, Peter leads a multinational team of cybersecurity researchers, awareness specialists and editors. His team is responsible for experimental research, awareness and research publication process, and for a threat telemetry framework. Peter oversees the creation of the bi-annual ESET Threat Reports, as well as the production of the ESET research podcast. When not sitting at his computer, he enjoys the outdoors and everything to do with coffee, both factoring in his decision to call Christchurch home.

     

    Brad Collins

    Chillisoft

    ESET Enterprise & MSP Business Manager

    Brad Collins is the Enterprise and MSP Business Manager for ESET, focusing on our MSP partners and customers with our Complete, Enterprise and Elite products with the goal of allowing our MSPs to increase the security of their customers in an easy and cost effective manner. Brad has worked in IT Companies and MSPs for just over 20 years including growing one of those companies from 6 to 55 staff and is applying his wealth of real world experience in customer expectations and security solutions in this role to discuss the wider ESET product stack with MSPs.

    Lukesh Sadh

    Senior Security Consultant (Technical)

    Chillisoft

    Lukesh is a Certified Cybersecurity Expert with 8+ Years of IT Industry Experience. He has a proven track record in solution building, particularly in prioritizing and developing the EDR security platform at Chillisoft. Lukesh holds certifications as a Netskope, ESET, and LogRhythm Certified Engineer, as well as being a certified ESET and LogRhythm Trainer. Notably, Lukesh has conducted 43 successful trainings across New Zealand!

    Stephen Moore

    Exabeam

    Vice President and
    Chief Security Strategist

    Exabeam Chief Security Strategist, Host of The New CISO Podcast, and Co-Founder TEN18 

    Stephen Moore is the Chief Security Strategist at Exabeam, a co-founder of TEN18, and the host of The New CISO podcast. He has over 20 years of experience in information security, including intrusion analysis, threat intelligence, and security architecture. Before joining Exabeam, Stephen spent seven years at Elevance, a Fortune 20 company, where he held various leadership roles in cybersecurity. During his tenure, he notably established their Cybersecurity Analytics capability and Security Operations Center (SOC), eventually advancing to an officer-level position. Stephen has extensive experience in identifying, responding to, and remediating nation-state espionage, insider threats, and criminal adversaries. He also serves as an advisor to several cybersecurity companies and often works as an executive breach response coach. 

    Paul Prokop

    Exabeam

    Senior Solutions Architect

    Paul Prokop, Senior Solutions Architect for Exabeam, has been dedicated to IT Security. With 25 years of dual experience as both a client and provider, Paul is fueled with a drive to surpass performance objectives, thriving amidst dynamic business landscapes, and rapidly adapting to evolving technological challenges. Paul works closely with customers to reduce risk with Exabeam’s award-winning platform and readily adapt to evolving business and technology challenges. Prior to LogRhythm, Paul held various roles within IT security at Check Point, CyberArk and Fairfax Media, where he deepened his technical expertise in IT security, architecture and operations.

    Jin Yea Tan

    Exabeam

    Senior Solutions Engineer

    Jin Yean Tan brings deep expertise in cybersecurity and a strong track record in helping organizations enhance their threat detection and response capabilities. As a Senior Solutions Engineer at Exabeam, he enables security teams to leverage user and entity behavior analytics (UEBA), automation, and modern SIEM solutions to stay ahead of evolving threats. Known for his ability to translate complex security challenges into clear solutions, Jin Yean is a trusted partner to both technical teams and executive stakeholders across the APAC region.

    Scott Jenner

    Mimecast

    Senior Channel Sales
    Engineer - APAC

    With over 8 years of cybersecurity presales experience, Scott Jenner specialises in helping organisations of all sizes navigate today’s complex threat landscape. As a trusted advisor to resellers and MSPs across the APAC region, Scott excels at translating technical security concepts into clear, actionable insights for both technical and non-technical audiences. His collaborative approach and deep industry knowledge enable him to tailor effective solutions that meet the unique needs of businesses—from small enterprises to large multinationals.

    Junaid Siddiqui

    Qualys

    Security Solutions Architect

    Junaid is a Security Solutions Architect at Qualys, with over 20 years of experience in cybersecurity, technical pre-sales, and enterprise risk management across APAC. He works closely with CISOs, IT leaders, and partners to design scalable, outcome-driven security solutions—spanning VMDR, asset visibility, threat response, and compliance. Junaid is known for aligning cybersecurity initiatives with business goals, helping organisations reduce risk, accelerate remediation, and maximise value from the Qualys TruRisk Platform.

    Darren Beattie

    Tower Insurance

    Head of Info Security

    Darren is a seasoned security professional with over 30 years’ experience, starting with 12 years in the UK military dealing with crypto and communications security. Head hunted in 2007, took the step and became a senior firewall specialist for Telecom NZ (now Spark NZ). Darren has been with Tower Insurance for 6 years and has spent the past couple of years as the Head of Information Security, being responsible for all aspects of cyber security across the NZ and Pacific Islands operations. Being a thought leader in cyber, Darren encourages businesses to take leading edge approaches in cyber technology and processes, whilst instilling good governance across the business.

    Himanshu Kathpa

    Vice President of Product Management

    Qualys

    Himanshu Kathpa

    Himanshu Kathpal is Vice President of Product Management, Platform and Technologies at Qualys. With 15+ years’ experience, he leads teams delivering solutions for Continuous Threat Exposure Management, Risk-Based Vulnerability Management, Cloud-Native Application Protection Platform, Artificial Intelligence Security Posture Management, Application Security, and Development Security Operations. Himanshu specializes in product strategy, go-to-market, and innovation to strengthen customer security and drive business growth

    Andrew
    Younger

    WatchGuard

    Senior Sales Engineer

    With over two decades in cybersecurity, Andrew Younger is a seasoned Senior Sales Engineer at WatchGuard Technologies, bringing deep expertise in secure network architecture, cloud protection, and threat detection and response. Based in Melbourne, Andrew Younger has held senior technical and leadership roles across industry leaders including Thales, Gemalto, Senetas, and SafeNet. He is known for bridging technical depth with commercial insight to deliver practical, outcome-driven solutions for customers across A/NZ.

    Adam Winston

    Field CTO

    WatchGuard

    Adam Winston

    Adam has over two decades of hands-on and leadership experience architecting, operating, automating, and testing Security Operations Centers for Detection and Response. As a Chief Technology Officer (CTO) and Chief Security Officer (CSO), Adam offers expertise in securing and monitoring AWS, Azure, Windows, Mac, and Linux with cutting-edge tools such as Firewalls, Email Gateways, EDR, SIEM, and SOAR, having developed a market leading Managed Detection and Response (MDR) vendor named ActZero to manage hundreds of customer SOCs globally. Adam also lead an in-house consulting service called the VCISO program at ActZero, which offers vertical-specific expertise in compliance and hardening for Healthcare, Manufacturing, Consumer Privacy, and Financial regulations and best practices.

    Adam has worked in 24/7 mission-critical war rooms to actively respond to fast-moving adversaries from BlackCat/AlphaV, Maze, Royal, and DarkSide ransomware actors. He has successfully protected customer bases across many different environments from the endpoint, network, cloud, and mobile security events, with 10ms system response times, 16-minute MTTRs, and 1-hour remediations while scaling to meet new customer and security demands.

    Adam brings the architecture for threat intelligence, red-team testing, and MITRE mapping to various vulnerability, compliance, and monitoring tools. This approach helps demonstrate our current state to senior leadership in daily, weekly, and monthly briefings with other teams such as DevOps, SRE, Customer Experience, Management, and the board of directors. Adam also brings a strategic approach to help the teams around him build world-class products to flourish by seamlessly enabling security in the software development lifecycle and operation. He has also run security awareness programs and compliance/infosec for SOC2, PCI, CMMC, and FEDRAMP programs to ensure products meet the highest standards to service financial, automotive, department of Defense, and healthcare standards.

    WordPress Appliance - Powered by TurnKey Linux