Cyber Voices

The Problem of Trust: Identity Fraud, Deepfakes & APAC Threat Trends with Anastasia TikhonovaWhat happens when cybercriminals stop attacking your CEO and start targeting your developers instead? In this episode of Cyber Voices, host David Savva-Willett sits down with Anastasia Tikhonova, Global Threat Research Lead at Group-IB, joining live from Phuket, Thailand, to unpack the threat trends defining 2026 — and why Australia remains squarely in the crosshairs. Anastasia shares how her team connects threat intelligence dots across APAC, EMEA, and Latin America, and explains why she calls 2026 the year of "the problem of trust" — where attackers no longer need just your email and password. They want your voice, your face, your LinkedIn, and your professional connections to impersonate you convincingly enough to compromise the organisations you work with. In this episode, you'll hear about:The rise of identity fraud, deepfakes, and AI-powered social engineeringWhy Scattered Spider, Lazarus Group and others are shifting from mass campaigns to highly targeted persona attacksThe Axios NPM supply chain compromise (80 million weekly downloads) and what it means for every organisationHow dark web marketplaces, arbitration "courts," and Telegram-based criminal communities operate todayWhy Australia is the #2 ransomware target in APAC — and the lessons from the April 2025 super fund attacksThe role of hacktivism, geopolitical conflict, and national state actors in Australian threat activityPractical advice on managing your digital footprint when you, your family, or your executives have a public profileWhether you're a CISO, security analyst, developer, or simply curious about how cybercrime is evolving, this conversation delivers global perspective with sharp Australian relevance. Cyber Voices is the official podcast of the Australian Information Security Association (AISA) — bringing you the voices shaping cybersecurity in Australia and beyond. 🎧 Subscribe wherever you get your podcasts and follow AISA for more.

In a groundbreaking move, Igor Gjorgjioski from VicRoads embarked on a digital transformation journey to enhance security and user experience by eliminating traditional passwords. Collaborating with Vincent Delitz from Corbado, a passkeys-as-a-service provider, they successfully implemented one of the largest public sector deployments of passkeys. This initiative aimed to address user friction and bolster security against phishing, with a keen focus on mobile-friendly, phishing-resistant logins. The project's success rested on a phased rollout, careful selection of partners, and strategic nudging of users towards adopting passkeys, setting a new standard for digital authentication in the public sector.

At CyberCon Australia 2025, Emily Woodhams shared her experience as the Cybersecurity Engagement Manager at Melbourne University. Her role involves enhancing communication and culture around cybersecurity by using innovative branding strategies, including Australian animal imagery linked with cyber behaviors. This approach moves away from clichéd cyber imagery like hackers in hoodies, aiming to demystify and humanize the field. Woodhams' journey from a communications background to a cyber role highlights the demand for storytelling skills in cybersecurity, a theme echoed throughout the conference. University branding changes prompted a larger initiative to create relatable and engaging cybersecurity messaging.

In this episode, cybersecurity expert Gaurav Vikash discusses the privacy risks associated with smart cars and connected vehicles. As vehicles become more technologically advanced, they are equipped with features that collect and transmit user data, ranging from voice recordings to health information. Gaurav emphasises that many consumers remain unaware of the extent of data collection in modern vehicles, falsely assuming their privacy is protected like in traditional cars. He discusses industry practices, including Tesla's case where their app was used for stalking, and highlights the lack of comprehensive regulations, urging for better awareness and legal protections.

In this episode of Cyber Voices, host David Willett discusses the critical issue of children's online safety with Bailey Marshall, co-founder of Future Proof Security. Bailey shares insights on common online threats facing children today, ranging from cyber scams to issues of privacy and data misuse. Emphasising the importance of communication, she advocates for a balanced approach where parents and educators are equipped to have non-judgmental, trust-building conversations with kids. This empowers them to navigate the digital world safely, reducing the fear and embarrassment that often keep kids from reporting online issues.Find more info HERE

At the 2025 CyberCon in Melbourne, Tony Nicholls from CGI Australia introduced a new concept - a cyber escape room housed in a shipping container. Originally developed in the UK to raise cyber awareness, the escape room gamifies cybersecurity education, targeting both novices and professionals. It offers a hands-on approach to learning about phishing, social engineering, and malware, promoting a no-shame, team-based environment ideal for schools and businesses alike. With the ability to adjust difficulty on the fly, participants of all ages leave with a better understanding of cybersecurity threats and defenses, with a smile on their face.

In this episode of Cyber Voices, Kari Byron, known for her role on MythBusters, discusses her evolution from television host to STEM advocate. She is spearheading a global mission to promote STEM through a reimagined version of the White House Science Fair, now a national festival that transcends politics by involving industry sponsors. Byron explains how this initiative not only highlights young talent but also creates vital connections between students and industry leaders. The end goal is to empower the next generation of innovators, making STEM careers more accessible and fostering a worldwide community of future leaders.Make sure you check out Kari's podcast, Mythfits!

In an engaging session at CyberCon Melbourne 2025, Theresa Payton shared insights from her pivotal career spanning from her role as the first female White House CIO to becoming the CEO of Fortalice. Payton captivated the audience by discussing her innovative approaches to cybersecurity, emphasising the importance of understanding human factors. She shares the success of her 'White House Happy Meal' initiative, a creative strategy to enhance cybersecurity training participation at the White House. Her keynote not only highlighted the serious cybersecurity work happening in Australia but also offered inventive solutions to global challenges.

In this episode of Cyber Voices, David Willett chats with former participants of the Australian Women in Security Network (AWSN) and Retrospect Labs Incident Response Competition. The panelists, including competition winners and runners-up, share their transformative experiences in this hands-on, teamwork-based event. The competition, which simulates real-world cybersecurity incidents, highlights the importance of both technical and non-technical skills. Participants discuss how this immersive experience has propelled their careers in cybersecurity and fostered personal growth, while offering networking opportunities. The episode captures the competition's potential to redefine career paths and nurture talent in Australia’s cybersecurity landscape.Register for this years competition here: https://events.humanitix.com/2025-awsn-incident-response-competition Get more detailed information here: https://www.retrospectlabs.com/events/awsn-2025-incident-response-competition Or, Chek out the AWSN Events Page: https://www.awsn.org.au/initiatives/incident-response-competition/

In this episode of Cyber Voices, cybersecurity expert Abbas Kudrati discusses the emerging challenge of non-human identities in the digital landscape. These identities, which include API keys, machine identities, and AI agents, are becoming crucial security concerns as technological advancements accelerate. Abbas shares insights into how non-human identities are defined, their inherent risks, and the shift towards them as major targets for cyber attackers. He explains the necessity of visibility and governance over these identities. He offers some strategies for securing them, emphasising the need for a proactive approach in an increasingly complex cyber environment.

In this episode of Cyber Voices, host David Willett sits down with Karl Sellmann, Chief Information Security Officer at Flinders University, to discuss the ongoing challenges in cybersecurity. Sellmann emphasises the importance of moving away from a reactive, 'whack-a-mole' approach to a more strategic, long-term plan that incorporates quick wins as building blocks.By focusing on broader strategies and risk management, organisations can better align their efforts with emerging threats and maintain resilience. This involves leadership engagement, understanding organisational complexities, and ensuring ongoing adaptability and transparency in cybersecurity operations.

In this enlightening episode of Cyber Voices, host David Willett talks with Dr. Susan McGinty, a leader in the realm of cybersecurity and STEM leadership. Dr. McGinty shares her journey from being a scientist to a passionate advocate for diversity and inclusion in cybersecurity. The discussion highlights her initiatives aimed at fostering leadership skills among women and promoting inclusive cultures within organisations.Her work through AYA Leadership and The Asstembly emphasises the need for female representation at all levels, urging companies to embrace inclusivity as a driving force for innovation and effective decision-making.The Asstembly website: https://theasstembly.com/ Susan's white paper Advancing the Cyber Security Sector: Pathway to a Diverse and Inclusive Cyber Security Workforce, https://ayaleadership.com/advancing-the-cyber-security-sector-white-paper/ The Asstembly Women's Leadership Programs: https://theasstembly.com/womens-leadership-programs/

In this episode of CyberVoices, David sits down with Rudy Haruta, a passionate advocate for disability inclusion and program lead at the Australian Disability Network. Rudy shares his personal journey and struggles with dyslexia, anxiety, and depression, and how these experiences shape his work today. They discuss the importance of organisations becoming disability confident, highlighting the need for tailored support and the challenges posed by traditional recruitment methods. The conversation aims to inspire listeners in the tech and cyber industries to consider more inclusive hiring practices and to better understand the unique perspectives of individuals with disabilities.