Cybersecurity & Breach Response Bootcamp 2026

Mastering AI-era crisis response:
From simulation to implementation

Thursday, 26 March 2026 |  8 am – 5 pm AEDT | Sydney CBD 
Thursday, 11 June 2026 | 8 am – 5 pm AEST | Brisbane CBD
CPD - up to 7 points

Overview What's new Why attend Agenda Speakers FAQs Sydney - 26 March Brisbane - 11 June

Why 2026 is different

The threat landscape has fundamentally shifted. AI-driven attacks now exploit vulnerabilities in minutes, not hours. Deepfakes complicate crisis communications. Social media amplifies breaches into viral disasters. Old playbooks no longer work.

This intensive one-day bootcamp equips senior executives, board members, communications professionals, and crisis response teams with the frameworks, simulations, and strategic tools needed to respond with speed, clarity, and confidence. 

Early Bird*

Individuals: $1,089 + GST
Team of 8: $6,969.60 + GST

Full Price

Individuals: $1,199 + GST
Team of 8: $7,673.60 + GST

*Early Bird offer is limited to the first 30 registrants and ends on 5 March 2026 for Sydney and 21 May 2026 for Brisbane.

Spaces are limited to 60 participants per location – don’t miss out! 
Secure your company’s table now for a team-building experience that has the potential to save your organisation millions!

What's new in 2026

Enhanced crisis scenarios –
Experience realistic simulations featuring real-world breach complications including media crisis injections, anonymous source leaks, and simultaneous technical and communications challenges

Digital crisis amplification lessons -
Covering social media crisis management, AI-generated disinformation detection, and dark web monitoring

 

Privacy law & regulatory update session
NEW standalone session covering latest privacy law changes, OAIC enforcement trends, and compliance implications for breach response

 

Strategic conflict resolution framework –
 Navigate competing stakeholder demands with proven decision-making tools when insurers, regulators, and business units want opposite things

 

Board reporting workshop –
NEW module on managing board expectations, reporting cadences, and communication strategies during active incidents

 

30-Day implementation roadmap
Leave with a personalized action plan, not just insights. Turn learning into immediate organizational improvements

 

What makes 2026 essential and who should join

C-Suite Executives – 
CEO, CFO, CIO, CISO, COO

Board Members –
Non-executive directors with governance oversight

  • Understand AI-era threats without technical jargon
  • Master first-hour decision-making that determines outcomes
  • Build board-ready business cases for cyber resilience investment
  • Network with 60 peer leaders facing similar challenges

IT & Security Leaders –
CISOs, IT Directors, Security Managers

  • Experience cross-functional crisis dynamics from non-technical perspectives 
  • Understand legal, regulatory, and communications constraints 
  • Build stronger relationships with Legal, PR, and HR counterparts 
  • Validate technical response plans against business priorities

Risk & Compliance Professionals –
Risk managers, compliance officers

  • Navigate OAIC, SOCI Act, and ASX disclosure obligations 
  • Balance regulatory requirements with investigation needs 
  • Manage cyber insurer relationships and coverage disputes 
  • Quantify cyber risk in business terms for leadership

Why teams outperform: Organisations sending cross-functional teams (IT + Legal + PR + HR) report 3x faster response times in real incidents. Secure your company's table for a team-building experience that could save millions.

2026 program highlights and learning journey

Strategic foundation

Opening keynote: Leading cyber risk in 2026

Cut through the hype with actionable intelligence from leading experts:

  • Strategic imperatives for Boards and CISOs in the AI era
  • Global threat trends and regulatory pressure landscape
  • How automated attacks exploit vulnerabilities in minutes
  • Lessons from 2025's major breaches: what worked and what failed

Privacy Law Update: Navigating compliance [NEW FOR 2026]

Stay ahead of evolving regulatory obligations:

  • Latest privacy law changes and enforcement trends 
  • OAIC compliance requirements and notification obligations 
  • Implications for breach response and stakeholder management 
  • Practical guidance for incident management under regulatory scrutiny

1 hr 15 mins

Crisis preparation

Crisis communications & stakeholder masterclass

Master the art of crisis messaging under pressure:

  • Crisis messaging fundamentals: what to say first, second, third, and why 
  • Stakeholder mapping during active incidents 
  • Real lessons from major breach case studies 
  • Managing competing demands and conflict under pressure 
  • Message architecture and spokesperson preparation
  • Framework for simulation success

45 mins

Live battle simulation

Immersive Breach Response Simulation (Two-Part Crisis Experience)

Part 1: Technical Breach Response
Experience the pressure. Master the response.

  • Split into Red Team vs. Blue Team 
  • Navigate a live, evolving cyber incident with real-time complications 
  • Balance technical priorities with communications strategy
  • Expert crisis communications advisor support

Part 2: Crisis Communications Challenge [NEW 2026 INJECT]
The stakes just escalated:

  • Media crisis injection: "Breaking news—anonymous source claims breach exposed health records. Reporters want statement in 15 minutes" 
  • Simultaneously contain the breach AND manage external communications 
  • Navigate transparency vs. investigation integrity
  • Multi-stakeholder decision-making under extreme time pressure

2 hrs 35 mins

Deep analysis

Comprehensive Debrief

Expert perspectives from all facilitators:

  • Red Team Lead: Attacker logic, technical vulnerabilities, and gaps in defense 
  • Blue Team Lead: Executive response, coordination challenges, and decision-making under uncertainty 
  • Legal Expert: Governance obligations, stakeholder duties, and regulatory requirements
  • Crisis Communications Expert: Media strategy, stakeholder management, brand impact, and reputation protection

55 mins

Live battle simulation

30-Day Action Plan + Board Reporting Workshop [NEW FOR 2026]

The difference between training and transformation.

Build your personalized roadmap with expert guidance:

  • Incident response decision tree – Navigate key decision points 
  • Legal reporting checklist & evidence chain management – Ensure compliance 
  • Stakeholder communication cadence – Who to tell, when, and how 
  • Technical remediation roadmap – Prioritize fixes and controls 
  • Board reporting framework – What boards need to know and when 
  • Managing board expectations during incidents – Communication strategies for leadership under pressure

55 mins

Takeaways: Action plan template, board presentation framework, legal compliance checklist

Total Program: 8:00 AM – 5:00PM (includes networking breaks for morning tea, lunch, and afternoon tea)

 

Speakers

2026 Faculty (Confirmed soon)

Building on our 2025 expert lineup including Simone Herbert-Lowe (Clyde & Co), Jordan Newnham (CyberCX), Daniel Tripovic (ASD) and Abbas Kudrati (Silverfort), our 2026 bootcamp will feature leading voices in AI-powered threat intelligence and crisis response. Speaker announcements coming January 2026.

Frequently asked questions

What's different in the 2026 bootcamp compared to 2025?

The 2026 bootcamp features four major enhancements:

  • AI-powered attack scenarios including deepfake complications and automated threat campaigns
  • Digital Crisis Amplification module (45 minutes) covering social media crisis management, AI-generated disinformation detection, and dark web monitoring
  • Strategic Conflict Resolution framework to navigate competing stakeholder demands
  • 30-Day Implementation Roadmap to ensure you translate learning into organizational action
Is this bootcamp suitable for non-technical executives?

Absolutely. The bootcamp is specifically designed for senior leaders without deep technical backgrounds. We translate cyber threats into business impact, focus on decision-making frameworks rather than technical implementation, and use real-world scenarios that emphasize leadership, communications, and stakeholder management. Technical concepts are explained in plain language with business context.
How is this different from other cybersecurity training?

Unlike technical certifications or compliance training, this bootcamp focuses on crisis leadership and decision-making under pressure. You'll experience immersive simulations with real-time complications, practice crisis communications with expert feedback, navigate competing stakeholder demands, and leave with a personalized 30-day implementation plan. It's experiential, strategic, and immediately applicable—not theoretical or technical.
What's the time commitment?

The bootcamp runs from 8:00 AM to 5:00 PM (9 hours including breaks).  

We recommend arriving by 8:15 AM for registration.

The 2026 program has been optimized for maximum engagement with strategic breaks  throughout the day.

Registration & pricing

What's included in the registration fee?

Your registration includes:

  • Full-day bootcamp access with all sessions 
  • Morning tea, lunch, and afternoon tea 
  • Comprehensive resource kit including templates, frameworks, and checklists 
  • 30-day action plan template 
  • Gap assessment and business case frameworks 
  • Board presentation template 
  • Certificate of attendance 
  • Up to 7 CPD points
How does team pricing work?

Team pricing is available for groups of 8 attendees from the same organisation:

  • Early Bird Team Rate:
    $6,976 excl. GST (saves $1,944 vs. 8 individual tickets) 
  • Full Price Team Rate:
    $7,744 excl. GST (saves $1,936 vs. 8 individual tickets)

Team pricing offers significant savings and ensures your organization has a cross-functional crisis response team trained on the same frameworks and ready to collaborate during real incidents.
Can I send different team members to Sydney vs. Brisbane?

Yes. If you purchase a team-of-8 package, you can split your attendees across both cities (e.g., 5 to Sydney, 3 to Brisbane).

Simply contact eventsanz@thomsonreuters.com to coordinate.
What's the early bird deadline?

Early bird pricing is limited to the first 30 registrants per city:

  • Sydney (26 March 2026):
    Early bird ends 5 March 2026 
  • Brisbane (11 June 2026):
    Early bird ends 21 May 2026

Once the first 30 spots are filled, pricing automatically moves to full price regardless of date.
Do you offer discounts for Not-for-Profit (NFP) organisations?

Yes! Eligible organisations can receive 10–20% off, depending on the size of their team and registration numbers. If you’re an NFP, please reach out to us directly so we can tailor the discount for you.

Content & format

Will the scenarios reflect my industry?

Yes. Our crisis simulation scenarios draw from a range of industries, which may include:

  • Financial Services
  • Healthcare
  • Government
  • Retail & E-commerce
  • Professional Services
  • Manufacturing & Supply Chain

You’ll collaborate within your group and across sectors to share insights and uncover best-practice solutions. Our facilitators are briefed on the roles and industries represented in the room and will tailor discussions to make them as relevant as possible. While the frameworks and decision-making principles apply universally, you’ll also gain valuable perspective from peers in different industries facing similar challenges.
How interactive is the bootcamp?

Highly interactive. Expect:

  • 90-minute immersive crisis simulation with your team responding to a live, evolving cyber incident
  • 30-minute strategic debrief where you present your decisions and receive expert feedback 
  • Hands-on crisis communications workshop where you craft and deliver statements 
  • Stakeholder mapping exercise with peer collaboration 
  • 30-day action plan development session

Lecture-style content represents less than 20% of the day. The rest is experiential learning.

Logistics

Where will the bootcamp be held?

Venues will be confirmed and communicated to registered attendees by:

  • Sydney: 1 March 2026 
  • Brisbane: 1 June 2026

Both venues will be centrally located with easy public transport access, on-site parking, and full catering facilities. Venue details will be included in your registration confirmation email once finalized.
Is catering provided?

Yes. Registration includes:

  • Morning tea 
  • Lunch 
  • Afternoon tea

Dietary requirements can be noted during registration.
What's the dress code?

Business casual. The bootcamp is interactive and includes group work, so prioritize comfort. You'll be moving between tables, participating in simulations, and presenting to peers.
Will the sessions be recorded?

No. The bootcamp follows Chatham House Rules to encourage open, honest discussion and sharing of real-world experiences. This creates a safe environment for participants to discuss sensitive incidents, ask candid questions, and share organizational challenges without attribution concerns.
Can I bring my laptop or tablet?

You're welcome to bring devices for note-taking, but they're not required. All materials will be provided digitally after the event, and we encourage active participation in simulations and discussions rather than screen time.
Can I request specific topics be covered?

The agenda is carefully designed to address the most critical aspects of cyber crisis response based on current threat intelligence and delegate feedback from 2025. However, we welcome your input. During registration, you can note specific areas of interest, and our speakers incorporate relevant questions into Q&A sessions throughout the day.

For organisations

Should I send a cross-functional team or just IT/security staff?

We strongly recommend cross-functional teams. Organisations that send diverse teams (IT + Legal + PR + HR + Executive leadership) report:

  • 3x faster response times during real incidents 
  • Better coordination across departments under pressure 
  • Reduced conflict when everyone understands competing priorities 
  • Stronger business cases for cyber resilience investment

The bootcamp is designed to break down silos and build shared understanding across functions.
Will I be able to network with peers?

Absolutely. Networking is built into the program:

  • Speed networking icebreaker (10 minutes)
  • Morning tea (30 minutes)
  • Lunch (45 minutes) 
  • Afternoon tea (30 minutes) 
  • Cross-industry team collaboration during simulations

Many 2025 attendees reported that peer connections were among the most valuable aspects of the bootcamp.

Post-event

What support is available after the bootcamp?

Your registration includes:

  • Template library including incident response plans, communication scripts, and stakeholder matrices 
  • Invitation to 2027 masterclass with alumni discount 
  • Optional 30-minute consultation with facilitators (available for team-of-8 registrations)
Can I access materials if I can't attend?

Unfortunately, no. The bootcamp is experiential and simulation-driven—materials alone don't capture the value of live crisis scenarios, expert feedback, and peer collaboration. However, if you register and can't attend, you may substitute another attendee from your organization free of charge.

Secure Your Spot

With only 60 seats available per city, early registration is essential. The 2025 Melbourne bootcamp sold out six weeks before the event—don’t miss your chance to master AI-era crisis response. Book your spot today and transform your organisation’s cyber resilience.

Please note: This event follows Chatham House Rules to encourage open and honest discussion

Contact us

Attendee inquiries: eventsanz@thomsonreuters.com

Sponsorship enquiries:
eventsanz@thomsonreuters.com