Cyber futures in AI world-CyberCon 2025

Recently, one of our teammates began reading a book where the author described his life as a painting on a canvas. CyberCon Melbourne feels much the same — a shared canvas in the lives of countless cybersecurity professionals. It’s a space where practitioners showcase their experiences and insights, keynote speakers add depth and colour through expertise, and everyone contributes to tackling the evolving challenges of cybersecurity.

This year, Team Swans placed special focus on CyberCon Melbourne 2025. What follows is our own brushstroke on that collective canvas — a brief reflection that may echo your own observations and add perspective to sessions you might have missed from our team. contributed by Richard, Raja and Bill.

CyberCon Melbourne 2025 offered an incredible glimpse into the future of cybersecurity, from human-centred defences to the fast-evolving world of AI threats. The seminars ranged from intermediate to expert level across a variety of topics, so careful selection was important. What stood out to me this year was the number of sessions covering different aspects of AI.

Richard focussed on three particularly engaging talks:

• Cyber Security & Human Element” explored how everyday user behaviour and workplace culture can strengthen or undermine an organisation’s overall security posture, highlighting the critical role people play alongside technology in defending against threats.

• “Talk Nerdy to Me: Advanced LLM Prompt Injection Techniques” highlighted vulnerabilities in large language models, for example, how a malicious user can craft hidden instructions within text or documents that trick an AI into revealing sensitive data or bypassing its content filters.

• “Home-labs for Hackers: Breaking Things at Home So You Don’t Do It at Work,” which emphasised hands-on experimentation in personal labs to safely build technical skills, troubleshooting experience, and resilience before applying knowledge in professional environments.

Each session felt like another brushstroke on CyberCon’s canvas — blending technical mastery, creative thinking, and community spirit into a vivid picture of where cybersecurity is heading. Among those strokes, Raja Ravi added his own, reflecting on the growing intersection of AI with broader domains such as cyber law, insurance, and supply chain security.

Raja felt that AI seems to be embracing cross functional topics like cyber law and cyber insurance, not just as a technology item. Raja appreciates the topics covered in the Think Tank area and their level of depth.  Of all the sessions, Raja personally wants to mention two sessions

1)    Max Heinemeyer’s “Choosing a victim and harnessing an attack” with an example scenario on Critical Infrastructure Asset/Organisation. It seems harnessing a hack using AI is so easy. Raja feels he should incorporate this hacking approach and use of AI in his PhD research.

2)    Yi Wang’s Security by Demand – this topic make sense to me because we mostly focus on security by design. However, under budget constraints, it is hard for the organisations to meet all the security recommendations or requirements stated. Then the security priorities based on their risk ranking matrix play a key role in decision making and budget allocation. Knowing these security demands, we can use them during procurement of software products from vendors; it also sets right expectations across the organisation avoiding group silos. 

As the CyberCon canvas continued to take shape, our teammate, Bill added his own strokes — focused on the practical side of cybersecurity and the lessons learned from the field.

A few takeaways of Bill from CyberCon 2025 are

• For forensics purposes, Linux servers can benefit from additional logging

• Operational Technology security was a focus, and the importance of selecting supplies of OT devices who take security seriously

• Major penetration test findings found were in the areas of Development Security, IAM and Configuration and Patch Management

Different perspectives and varied canvas strokes leading to interesting and seems to be conflicting images of futures.