
Aiden Alp
Aiden Alp is a cyber security and AI governance professional with over 25 years of experience spanning healthcare, manufacturing, finance, higher education, and the public sector. He holds an MBA (Executive) from the Australian Graduate School of Management (AGSM) at UNSW, a Master of Information Security from Royal Holloway, University of London, and a Bachelor of Computer Engineering (Software). He is a Certified Information Systems Security Professional (CISSP), an ISO 27001 Lead Auditor, an ISO 42001 Lead Implementer for AI management systems, a PECB Certified AI Professional, and a Lead SOC 2 Analyst.
For seven years, Aiden served as Cyber Security Manager for NSW Health at the Sydney Local Health District, one of Australia’s largest public health organisations. He designed and maintained the security architecture protecting more than 14,000 staff and over seven million patient records, working across the SOCI Act, DISP, Essential Eight, NIST, and ISO 27001. A significant part of that role involved evaluating and governing AI-enabled clinical technologies — assessing how machine learning models were being embedded into patient care systems, what risks they introduced around data quality and decision accountability, and how to build management systems that kept pace with rapid adoption. He chaired board-level security committees and led incident response planning to ISO 27035 and NIST standards. During the same period, he served as Advisor and Cyber Security Program Board Member for the Parliament of New South Wales, advising on public-sector cyber and AI risk strategy across multiple jurisdictions.
Before joining the health sector, Aiden spent four years at Sasol Polymers, a $2 billion global polymer manufacturer, where he managed manufacturing execution systems (MES), ERP integrations, and OT/SCADA security across Emerson DeltaV and Yokogawa platforms. He led the organisation’s operational response to the Stuxnet incident — an experience that influenced his understanding of what happens when automated systems operating inside safety-critical environments are compromised, and one that directly informs his current thinking about how autonomous AI agents need to be governed with the same rigour we apply to industrial control systems.
Aiden’s research sits at the intersection of AI security and explainability, along with regulatory compliance. His master’s thesis at Royal Holloway examined privacy, transparency, and anonymity models in Australian public-sector data sharing. He is now developing a research programme focused on audit-grade explainability for agentic AI in regulated industries. His approach draws on ISO 42001, ISO 27001, SOC 2, NIST AI RMF, and ACSC ISM to map regulatory expectations onto measurable AI lifecycle checkpoints.
Aiden is a Partner of the Australian Cyber Security Centre and a member of ISACA. In February 2024, he was a panellist at CISO Sydney, presenting on evaluating AI for defender advantage and governing its use within enterprise security. His current professional focus brings together 21 CFR Part 11 compliance, computerised system validation under GAMP 5, together with the broader question of how cyber security governance frameworks need to evolve as AI agents become embedded in the regulated systems that manage our electronic records, quality processes, and patient safety controls.
World-Class Speakers
Hear from the most influential leaders and experts who will discuss pressing issues and emerging trends in cyber security.







