CRESTCon Australia 2025

That’s a wrap on CRESTCon Australia 2025!

This event brought together Members, students, government officials, practitioners, and cyber leaders from across Australia and the wider Asia–Pacific region for a day of knowledge sharing, technical insight, and collaboration.

Our thanks to Lukasz Gogolkiewicz for expertly hosting as Master of Ceremonies, to our speakers for their valuable contributions, and to our delegates for their active participation. We are especially grateful to our Australasia Council, the driving force behind CRESTCon’s growth, along with our Asia Pacific Director, Nigel Phair, and Australasia Council Chair, Chathura Abeydeera GAICD, for their dedicated leadership. A special thank you also goes to our sponsors, McGrathNicol, Triskele Labs, and OffSec, for their support.

Our mission is to lead the cybersecurity community in raising standards across service providers and professionals, ensuring quality assurance in the sector, and providing confidence to the buying community, government, and regulators. CRESTCon Australia is a clear reflection of this mission in action.

Thank you to everyone who attended #CCAU25. We look forward to building on this momentum into 2026.

Post-event resources

Attacking SAML in 2025: Louis Nyffenegger, CEO, PentesterLab. Watch the presentation here.
Beyond the Breach: Uncovering the Untold Lessons from Australia’s Cyber Crises: John Karabin and Jesse Pearce, McGrathNicol
Read the presentation here.
Evolution of Red Teaming Windows Domains to the Cloud: Lloyd Simon, Co-Founder, Tanto Security. Watch the presentation here.
 Flowcharts of doom: Mapping adversary behaviour like a threat artist: Jayant Kripalani, Senior Security Solution Architect, Cisco
Read the presentation here.
Security threats from quantum computing – a realistic assessment of the threat, lessons from real-life experience and practical advice: Rajiv Shah, Managing Director, MDR Security. Read the presentation here – this post is based on an article originally published by the author in InnovationAus.
The Rise and Fall of RansomHub: Lessons from the FY25 Frontline: Nick Thanos, Senior DFIR Analyst & Craig Martin, Head of Incident Response, Triskele Labs. Read the presentation here.

2025 Agenda

08:00 – 09:00    Registration and Coffee

09:00 – 09:10    Introduction and Welcome: Lukasz Gogolkiewicz, Master of Ceremonies, Accent Group

09:10 – 09:20    An update on CREST activities: Nigel Phair, Director Asia Pacific, CREST

09:20 – 10:00    Beyond the Breach: Uncovering the Untold Lessons from Australia’s Cyber Crises: John Karabin and Jesse Pearce, McGrathNicol.

10:00 – 10:30    Flowcharts of doom: Mapping adversary behaviour like a threat artist: Jayant Kripalani, Senior Security Solution Architect, Cisco.

10:30 – 11:00    Morning tea

11:00 – 11:30    Security threats from quantum computing – a realistic assessment of the threat, lessons from real-life experience and practical advice: Rajiv Shah, Managing Director, MDR Security

11:30 – 12:00    Attacking SAML in 2025: Louis Nyffenegger, CEO, PentesterLab

12:00 – 12:30    From Alarm to Authority: Restoring Integrity in “Cybersecurity Research”: Edward Farrell, CEO, Mercury Information Security Services

12:30 – 13:30    Lunch

13:30 – 14:00    Echoes of Deception: War Stories from the Red Teaming Deepfake Attacks: Tim Dillon, APAC Market Leader, NCC Group

14:00 – 14:30    The Rise and Fall of RansomHub: Lessons from the FY25 Frontline: Nick Thanos, Senior DFIR Analyst & Craig Martin, Head of Incident Response, Triskele Labs.

14:30 – 15:00    Afternoon tea

15:00 – 15:30    Evolution of Red Teaming Windows Domains to the Cloud: Lloyd Simon, Co-Founder, Tanto Security

15:30 – 16:00  Pig Butchering Scams: A Personal Story and Global Threat: Daisy Wong, Head of Security Awareness, Medibank

16:00 – 16:20    Closing remarks: Lukasz Gogolkiewicz

16:20 Networking drinks

CRESTCon Australia 2025

> Get involved in CRESTCon Australia