Australia’s banking and financial services sector has long been a bellwether for cyber resilience, especially as institutions face escalating AI-driven threats, complex regulatory demands, and rapidly evolving customer expectations. In 2026, the role of the CISO is no longer just “security leadership,” but rather, a boardroom function, a growth enabler, and a strategic force shaping the future of financial trust. The CISOs and security leaders on this list are defending systems and helping institutions move faster, safer, and smarter.
This list includes a mix of established CISOs at Australia’s largest banks, rising leaders in fintech and financial services, and senior security executives whose influence extends across the broader ecosystem. Some have moved roles or don’t hold the “CISO” title officially, but they remain vital voices in Australia’s financial security landscape.
Maria Milosavljevic — Group CISO, ANZ
A pioneer in AI and cybersecurity, Maria’s career began with groundbreaking work in AI and digital twins in the early 1990s. She invented the first AI-generated adaptive website and has since applied AI to security challenges across government, national security, law enforcement, and financial systems. Now leading ANZ’s security program, she is driving transformation at the intersection of AI, data, and risk.
Richard Johnson — CISO, Westpac
A veteran of Australia’s banking cybersecurity landscape, Richard has led Westpac’s security function since 2009. His deep expertise in enterprise risk management, PCI DSS, ISO 27001, and enterprise architecture makes him a foundational figure in shaping Australia’s banking security posture over the past decade.
Sandro Bucchianeri — Group Chief Security Officer, NAB
An award-winning security executive with over 25 years of experience, Sandro is known for leading large, globally distributed teams and delivering strategic transformation programs. A recognized thought leader, he has worked with the World Economic Forum’s Centre for Cybersecurity and the PCI Board of Advisors, bringing global insights into NAB’s security strategy.
Mikhail Lopushanski — GM, Technology Governance, Risk, InfoSec & Compliance (GRISC), Auto & General
Previously recognized among the Top Global CISOs (Cyber Defense Magazine) and Top APAC CISOs, Mikhail is a cybersecurity leader known for building collaboration across financial institutions. He established Australia’s operational cyber threat intelligence group for the financial sector and continues to drive governance and risk maturity at scale.
Dave Cowan — Chief Information Security Officer, First Sentier Group
A security executive with 25 years of experience, Dave is known for building resilient cyber programs across complex control environments. His strengths include governance, crisis management, fraud prevention, and global team leadership, making him one of the most influential security leaders in investment management.
Katie Payten — CISO, Challenger Limited
A seasoned cybersecurity executive with 25+ years across public and private sectors, Katie is known for delivering global transformation projects, driving secure business outcomes, and leading large operational teams. Her leadership style blends resilience, strategic clarity, and strong stakeholder collaboration.
Venkat Balakrishnan — Chief Information Security Officer, Allianz Australia
A respected security leader in financial services, Venkat has taken the helm at Allianz Australia, shaping security strategy and resilience for a major insurer. His role is especially relevant as insurance becomes a critical battleground for cyber risk and regulatory compliance.
Susie Costa — SVP, Head of Security Management, SMBC
Susie has led regional security programs across APAC, including major compliance and security transformations. Her experience in payments and cross-border governance makes her a key security figure in the financial services ecosystem, even if her role is not always labeled “CISO.”
Jimmy Wong — GM, Information Security, Technology Controls & Governance (AU CISO), AIA Australia
Jimmy leads information security and technology governance for AIA Australia, balancing security transformation with operational controls. His role is especially important as insurers modernize platforms and expand digital services across the region.
Sandeep Taileng — Information Security Officer, State Trustees
A rising leader in risk and security governance, Sandeep is known for driving risk maturity through data-driven controls and stakeholder engagement. While not a traditional CISO, his role is increasingly influential in a regulated financial services environment.
Nicholas Harman — CISO, Eightcap
A fintech security leader focused on AI-powered automation and autonomous defense, Nicholas has become a prominent voice in modern security operations. His work in building SOC automation, secure cloud architecture, and AI governance is shaping the future of fintech security in Australia.
Bianca Wirth — CISO, Australian Prudential Regulation Authority (APRA)
As the CISO of APRA, Bianca plays a unique and influential role, protecting the regulator that sets security standards across the entire financial sector. Her leadership impacts not just one company, but the resilience of Australia’s financial system as a whole.
Why These Leaders Matter
The future of banking and financial services security is being shaped by leaders who understand that cybersecurity is no longer a cost center; it’s a strategic advantage. The CISOs and security executives above represent the most important voices in Australia’s financial sector, driving innovation, resilience, and trust in an era of accelerating cyber risk.
Whether they hold the formal title of CISO or operate in an equally influential security leadership role, these professionals are defining what modern financial security looks like and why it matters more than ever.