IT Brief Australia - Technology news for CIOs & IT decision-makers
Australia
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things
Search
#
Digital Transformation
#
Phishing
#
Advanced Persistent Threat Protection

Exclusive: Qualys MD discusses cybersecurity in ANZ region

Yesterday
Author image
By Melania Watson, Interview Editor

The Managing Director for Qualys in the Australia and New Zealand (ANZ) region, Sam Salehi, has shared his perspective on the challenges and opportunities in the field during an exclusive interview.

Reflecting on the past six months in his role, he described the journey as both "amazing" and "eye-opening." 

"Qualys is widely recognised for vulnerability scanning, but there's so much more to what we do," he said.

The company, which recently celebrated its 25th anniversary, has expanded into providing a comprehensive platform-based approach. This evolution enables businesses to integrate cybersecurity solutions natively, addressing risks efficiently while reducing costs.

A Shifting Cybersecurity Landscape
Salehi noted that the cybersecurity landscape in ANZ, like much of the world, is "constantly evolving."

"Threat actors are becoming increasingly sophisticated, leveraging tools and techniques like ransomware-as-a-service to target organisations," he explained.

Despite this sophistication, phishing remains the most common attack vector.

"With AI-generated emails becoming more convincing and less error-prone, it's increasingly difficult to differentiate between legitimate and malicious communications," he added.

Salehi emphasised the importance of maintaining basic cybersecurity hygiene, which many organisations are still struggling to achieve.

Citing a recent report from the Australian Signals Directorate (ASD), he said, "Companies are still finding it hard to identify assets, locate vulnerabilities, and patch them. These are fundamental issues."

The Rise of Cloud Computing and Associated Risks
The growing adoption of cloud computing has introduced new challenges.

"Digital transformation means a larger attack surface, and misconfigurations in the cloud remain a leading cause of breaches," Salehi said. He pointed out that access management and a misunderstanding of shared responsibilities between organisations and cloud providers compound the problem.

Qualys addresses these challenges by offering a unified platform that consolidates asset management, vulnerability prioritisation, and remediation. "We call it 'one agent, one platform, one view,'" he explained.

AI: A Double-Edged Sword
When asked about the role of artificial intelligence (AI) in cybersecurity, Salehi described it as a "double-edged sword." While AI empowers defenders with advanced analytics, predictive capabilities, and automation, it also enhances the tools available to attackers.

"AI is revolutionising cyber defence, but bad actors are using it too," he said.

Qualys leverages AI within its platform to optimise security measures and supports organisations in building secure AI systems. "

We recently introduced TotalAI to help customers ensure their AI tools are secure by design," Salehi noted.

Regulatory Shifts and Risk Management
With the introduction of stricter cybersecurity regulations in Australia, including mandatory risk audits for critical infrastructure, businesses are reevaluating their approach to risk management. Salehi observed that risk quantification is increasingly important.

"Cybersecurity has traditionally been viewed as a technical issue, but businesses need to understand it in financial terms," he said. "Risk management provides a common language for stakeholders, whether they're CFOs, CIOs, or board members."

Qualys recently launched the world's first cloud-based Risk Operations Center to help organisations manage risks holistically. "It brings all assets, threats, and business context into a single platform, enabling businesses to prioritise and remediate risks effectively," he explained.

Emphasising Fundamentals and Collaboration
When asked for advice to Australian businesses preparing for the future of cybersecurity, Salehi stressed the importance of fundamentals. "Know your assets, know your data, and know who has access to it. Focus on your people—they are often the weakest link in cybersecurity," he said.

He also highlighted the need for industry-wide collaboration.

"We need to share knowledge and learn from each other's experiences to avoid repeating the same mistakes," he added.

Why Choose Qualys?
According to Salehi, Qualys stands out in the market for its seamless integration, risk management capabilities, and remediation solutions.

"Our platform doesn't just identify vulnerabilities—it helps customers take action. Remediation is crucial because vulnerabilities left unpatched will inevitably be exploited," he said.

Salehi concluded with a call for empathy and awareness in the industry.

"Cybersecurity is a high-pressure field, and we must support the people working tirelessly to protect organisations. A little understanding can go a long way."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Cybersecurity in 2025: AI threats & zero trust focus
Fortinet unveils FortiAppSec Cloud for enhanced web security
New Relic partners with AWS to integrate AI for businesses
Don't let your company make headlines for all the wrong reasons
TeamViewer unveils Smart Service to aid manufacturers
Top stories
Cyber Monday 2024 online sales surge to USD $13.3 billion
Stretching the SOC’s ability to cover more threats
Australian SMEs tackle skill shortages with new strategies
Sage unveils AI-driven Copilot tool for finance teams
Australian retail growth modest as sector faces challenges