Great to speak on two panels yesterday at the Government Innovation Week NSW on Cyber Security and AI alongside some great panelists such as The Hon. Victor Dominello and the NSW Privacy Commissioner Sonia Minutillo.

Here are my four messages across the two panels:

🔹 Everyone has an opinion on AI performance and risk—but personal prompt anecdotes ≠ robust evaluation. We need rigorous methods to measure average-case and critical-case performance and risk. Continuous evaluation improves AI reliability over time, not hit-or-miss outcomes. We have been applying evaluation-driven AI adoption in many government use cases.

🔹 Real AI productivity gains come from redesigning workflows—not just optimising inefficient legacy ones. End-to-end automation creates meaningful gains when humans focus on scalable, selective, and high-value oversight, not the impossible job of rechecking every AI output. A quick plug for my keynote next week at the AI in Government Conference, where I’ll tackle one of the most difficult challenges: “Innovation in Automated and AI-driven Decision-Making”

🔹 Post-quantum isn’t “coming”—it’s already here. Your encrypted data may already be stored by adversaries, waiting to be decrypted in five years. The key is not just finding the right solution, but building the organisational meta-capability to transition now—and keep transitioning as quantum-resistant technology evolves.

🔹 AI can easily overstep access boundaries. A popular enterprise prompt to tools like Copilot involves asking for sensitive details such as everyone’s salary or their boss’s confidential restructuring plans. Can we trust that every document, email attachment, or hidden Excel row is permissioned correctly by end users? One eager AI + one misconfigured sharing setting = major exposure. Combine this with web-augmented retrieval and potential prompt injection, and we’re facing a new class of threats. CSIRO’s Data61 is actively tackling these risks with context-specific safeguards and agent security/identity solutions.