Cyber uplift is often described in terms of frameworks, tooling and maturity models — but the real story is far more human. Over the past four years, QUT has navigated one of the most significant security transformations in its history, shaped not only by a major ransomware incident but by a rapidly evolving threat landscape that now includes growing espionage pressures.

This presentation explores the journey through the lens of the “Five Ps”:

•     People — why executive support was the easy part, and how the real challenge lay in helping overloaded IT teams and business units change how they work.
•     Performance — how grounding every decision in risk reduction (not maturity for maturity’s sake) kept the program focused and credible.
•     Projects — the contrast between a complex, debt laden IAM uplift and a clean slate SOC build, and what they taught us about choosing the right delivery approach.
•     Pirates — how real world adversaries accelerated our delivery tempo and reshaped our priorities.
•     Patience — the quiet discipline of staying the course, celebrating progress, and recognising that cultural change moves at the speed of people, not technology.

Key takeaways: Attendees will walk away with a hopeful, experience driven perspective on what it truly takes to uplift cyber security in a complex organisation — and why the most important capabilities aren’t found in tools or frameworks, but in how people learn to move together at the speed of threat.