After almost two decades of working globally, consulting on risk and cybersecurity, I have a keen insight into what makes an organisation both protected and resilient from cyber threats.

I focus on cyber risk governance and provide strategic advice to executive leadership and boards on this evolving area.

I work with my clients in government and private industry to develop solutions incorporating cyber risk into their overall business strategy. I help my clients meet risk-reduction and compliance objectives and advise on implementing new and evolving technologies by ensuring they are secure, fit-for-purpose, scalable, and continually driving efficiencies.

I collaborate with private equity and venture capital organisations to conduct pre-and post-acquisition technology and cyber risk-specific due diligence. By employing my unique blend of experience in finance and cybersecurity, I assist in uplifting their internal due diligence capabilities, focused on reducing risks and increasing return on investment.

As a Chair and Non-Executive Director on various boards, I am passionate about initiatives that tackle issues affecting the disabled, indigenous, and veteran communities.

Career highlights

Prior to joining MinterEllison, I advised clients on the following:

• M&A due diligence and project leadership of multiple $100m+ deals and capital raises.
• Led the multi-stage delivery of cybersecurity in a $100m+ technology transformation project for Defence.
• Developed and delivered a first-of-its-kind whole-of-government cyber security assessment framework for Australia's Federal, State, and Territory electoral systems.
• Developed and delivered a cybersecurity risk assessment and remediation program for a major international Defence contractor, gaining them the necessary certifications to deliver to Australian Defence.
• Delivering cybersecurity vendor replacement analysis and cost optimisation projects to major blue chip clients, resulting in an average 15% reduction in cybersecurity expenditure while enhancing cybersecurity maturity.
• Development of a private equity and venture capital-specific internal due diligence program for several major international private equity firms.
• Delivery of data governance assessments for government agencies vetting investment in Australian assets by foreign organisations.

• Perspectives on Cyber Risk 2024
  

  Our cyber survey findings illustrate a marked shift in how organisations are adapting their cyber risk posture to navigate a rapidly evolving digital landscape. In this report, we explore the impact of AI on cyber security; discuss recent regulatory developments, regulator action, and impending Australian privacy and other reforms; discuss the need for organisations to focus on data governance; review major Australian and international data breaches; and identify 10 lessons for best practice cyber incident response.

• Point of View: Shannon Sedgwick on cyber risk
  

  Shannon covers the increasing cyber security threats faced by organisations in Australia and the best practices for managing these threats. He also highlights the need for proactive and empathetic ership in addressing these challenges.

• Managing space risks for celestial cyber security
  

  The space age presents opportunities and risks in equal measure. Ensuring this domain remains sustainable will require a security-first orientation.

• Not-For-Profit cyber security best practice guide
  

  A guide for the Not-For-Profit sector on how to secure their IT environment against cyber threats.

• To the stars: international space law current & future states
  

  Space is not a legal 'Wild West', though evolving geopolitics and technology are rapidly requiring new laws and norms.

• Continuing the conversation: top cyber and privacy questions answered
  

  Your top questions from our fireside discussion between Paul Kallenbach and Australian Privacy Commissioner Carly Kind about privacy, cyber risk, artificial intelligence and data governance.

• A decade of Perspectives on Cyber Risk
  

  Our Perspectives on Cyber Risk 2025 report explores changes in privacy, data protection and cyber security laws over the last 10 years.

• MinterEllison Consulting expands cyber security practice
  

  MinterEllison Consulting, the consulting business of MinterEllison, is pleased to announce the addition of four experienced consultants to its national cyber security practice.

• Organisations must adopt a 'cyber security culture' to combat threats
  

  In the past year, cyber attacks have become more sophisticated, and Australian organisations face a complex regulatory environment. MinterEllison's 2023 Cyber Risk Report shows that 78% of organisations have a cyber security plan, but only half test it annually. Continuous improvement and a culture of cyber security are crucial. The financial services sector s in preparedness, but all businesses must prioritise cyber risk. A culture-focused strategy and regular plan reviews are vital to mitigate cyber risk.

• Perspectives on Cyber Risk 2023: the real cost of a data breach
  

  Our recent survey findings indicate that organisations may be getting complacent with their cyber risk management. However, regulators are upping the ante. Our report explores some new data around cyber risk, and how organisations must take a proactive approach to combat it.

• MinterEllison appoints Shannon Sedgwick as Partner in Cyber Risk Consulting
  

  Shannon Sedgwick joins MinterEllison's Consulting as a partner, leveraging his expertise in cyber governance, risk, compliance, and security to help clients align their cyber security investment with their business strategy.