SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Img 1873
#
Firewalls
#
Network Security
#
Advanced Persistent Threat Protection

Australian cyber leaders shift to breach containment focus

Wed, 17th Sep 2025
Author image
By Melvin Hipolito, Editor

Cybersecurity experts and senior industry leaders have emphasised the shift towards an "assume breach" approach at the annual Illumio World Tour in Sydney.

This year's event attracted nearly 200 senior delegates and CISOs from the Australian cybersecurity sector, reflecting growing industry engagement with breach containment strategies.

Key themes

A key focus throughout discussions was the acceptance that no system is completely invulnerable. Instead, attention is increasingly directed at rapidly detecting, containing, and recovering from breaches after they occur.

One theme that echoed across both the stage and the audience was that we are firmly in an "assume breach" era. This mindset acknowledges that no system is impenetrable and shifts our focus from solely preventing attacks to rapidly detecting, containing, and recovering from them.

Delegates discussed how, although the primary objective remains the prevention of breaches, it is broadly understood that no perimeter defence is infallible. Speakers called for business leaders to ensure their organisations can quickly recognise and restrict the movement of attackers within corporate networks. By doing so, they can contain the impact of incidents and prevent more significant harm.

Changing network patterns

Illumio's Chief Revenue Officer, John Lens, addressed this evolution in focus. He explained how strategies have changed from the early days of network security through to the present.

John Lens, Illumio's Chief Revenue Officer, spoke of the evolution of cyber security from being about prevention in the 2000s, to detection in the 2010s, to now being about containment. The reason prevention and firewalls worked in the past is because roughly 80% of network traffic was running north to south. Today, with most companies on flat networks, roughly 80% of network traffic is running east to west – meaning that lateral movement inside IT networks is now a much bigger issue and one that companies struggle to contend with.

This change in network architecture results in increased east-west traffic within organisations, making it harder to prevent attackers who have bypassed perimeter defences from moving freely. Efforts are now shifting to ensure that, even if attackers penetrate one area, they can be quickly contained before causing widespread damage.

Visibility and control

Throughout the discussions, the concept that adversaries may spend extended periods undetected, or 'living off the land', was repeatedly emphasised. This underlines the need for organisations to develop stronger visibility across their entire IT environments, not only at entry and exit points, to detect active threats.

In support of this, Illumio's Chief Product Officer, Mario Espinoza, provided a demonstration of Illumio Insights. The product's AI Security Graph delivers visibility across environments, supports policy development to reduce risk, uses AI and machine learning to decrease complexity and improve observability, and supplies contextual information to aid decision-making regarding network activity and resource relationships.

Resilience and regulatory priorities

Industry leaders agreed that business executives, including boards and C-suite teams, have shifted their perspective on security breaches. In the past, breaches were often seen solely as organisational failures. Companies are now prioritising resilience, seeking to maintain critical functions, minimise data loss, and protect reputation, with a focus on managing risk rather than pursuing total prevention.

Regulatory compliance was also a prominent topic. Panelists highlighted that compliance should not be treated as a "box-ticking" exercise but as part of a broader security strategy. The consensus noted that while achieving compliance is not synonymous with being secure, effective security should lead to compliance.

There was also conversation around the mindset shift that's occurred amongst cybersecurity professionals, and how breaches are now perceived by the Board or C-Suite. While in the past a breach may have been considered a failure in itself, now business leaders are more concerned with risk management - keeping critical systems running, minimising data loss, protecting reputation and avoiding share price fluctuations. The goal is no longer breach prevention, but rather long-term organisation resiliency.

The event included speakers from Illumio, as well as guest representatives from CyberCX, Insignia Financial, NBN, Sekuro, and DT DataServices. The day's agenda was supported by Telstra, Netskope, Sekuro, NextGen, Northbridge, and Matrium.

The Illumio World Tour is expected to return for a third year in 2026.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Boomi recognises APAC innovation with awards for digital impact
Rising cyber threats drive businesses to adopt MSSP solutions
Phishing kits & steganography drive new wave of email threats
Milestone reveals city AI model as hackathon prize hits EUR €5,000
Workplace tech issues cost Aussie firms time, money & talent

Top stories

Microsoft to enable in-country Copilot data processing by 2026
Anthropic identifies AI-driven cyber-espionage campaign
Experts reveal why traditional accounts payable is dead
Samsung’s Knox Security framework - Smart, secure and scalable
Why Australian organisations must automate accounts payable now