Chirag Joshi

Chirag Joshi is a globally recognised leader in cyber security and Artificial Intelligence (AI) governance with extensive experience delivering security, risk, and assurance outcomes across multiple countries and industries including government, financial services, energy, higher education, and critical infrastructure.

He has been at the forefront of AI governance in Australia, helping organisations design and implement governance frameworks, acceptable use policies, and risk-based guardrails that align with leading global standards such as the EU AI Act, ISO/IEC 42001, and NIST AI RMF

Chirag co-founded Critical Front to enable AI governance at scale through adaptable technology and evidence-based guardrails. The platform reflects his extensive experience advising major organisations including Australian Payments Plus, AMP, Origin Energy, University of Sydney, and the NSW Government.

He also served as an independent expert advisor to a Minister-led review into cyber governance and risk management across NSW Government, helping shape practical, scalable governance and investment prioritisation models.

As President of ISACA Sydney, Fellow of the Australian Information Security Association (FAISA), and Member of the Australian Institute of Company Directors (AICD), Chirag is an active voice in shaping the future of AI and cyber governance.

He launched and leads ISACA Sydney’s Special Interest Groups on AI Safety by Design and AI Governance, producing practical tools to enable secure and ethical AI adoption. He also contributes globally through ISACA’s Emerging Trends Working Group, helping develop thought leadership on AI, quantum risk, and digital trust.

Chirag is the author of two bestselling books — 7 Rules to Become Exceptional at Cyber Security and 7 Rules to Influence Behaviour and Win at Cyber Security Awareness — which are widely used by cyber leaders and boards.

A three-time CSO30 award winner and recipient of the Cyber Security Consultant of the Year (2025, 2024) and Excellence Award, his insights are regularly featured in respected governance and security publications and on premier conference stages across Oceania and Asia.

As Founder of global strategic consulting firm 7 Rules Cyber, he works with boards and executives of some of Australia’s most prominent organisations on defensible and business-aligned cyber security and technology strategies. He serves as the National Ambassador for Critical Infrastructure ISAC Australia promoting resilience across nation’s essential services.