Aerospace and Defense
Automotive
Consumer and Retail
Energy
Financial Services
Healthcare
Insurance
Life sciences
Manufacturing
Public Sector
Technology, Media and Telecommunications
Travel and Transportation
AGIG's Customer Service Transformation
Agentic AI in Insurance
Addressing Technical Debt with DXC Assure Platform
The Hogan API Microservices solution
DXC launches AMBER platform at CES 2026
Build & Innovate
Manage & Optimize
Protect & Scale
AI & Data
DXC IoT & Digital Twin Services
Strategize and accelerate your AI agenda
Explore our tailored options to navigate change
Enhance operational effectiveness, maintain compliance and foster customer trust
Customer Stories
Knowledge Base
AI
Closing the AI execution gap
About DXC
Awards & Recognition
Careers
Partners
Events
Environmental, Social, Governance
Investor Relations
Newsroom
Leadership
Legal & Compliance
DXC leads in the age of AI
Partnership with Manchester United
Partnership with Scuderia Ferrari
February 10, 2026
By Kylie Watson, Head of Cybersecurity, Asia Pacific, Middle East and Africa, DXC Technology
The world’s rapid acceleration in digital transformation across multiple sectors has made cybersecurity not just an IT issue, but a leadership priority for government agencies.
Adversaries are using AI to outpace traditional defences, and cyber threats are escalating in scale and sophistication. The federal government’s Cyber Security Strategy 2030 outlines a clear direction for public service agencies to meet these growing threats.
Cybersecurity leaders know that adopting a Zero Trust model can help address the guidelines set out in the strategy, but the question arises; how can agencies rapidly introduce a Zero Trust approach that both integrates with existing infrastructure and evolves with ongoing technology modernisation?
Zero Trust is widely recognised as the gold standard for modern cybersecurity. It is a model that assumes breach as the default, enforcing verification for all users, ensuring they can only access the absolute necessities for their role and continuously monitoring activity.
It’s a simple enough model. You could liken it to securing a house. Traditional cybersecurity methods rely on locking the front door to keep intruders out. Zero Trust, on the other hand, assumes an intruder might still get in. Once inside, they encounter locked doors, drawers and cabinets at every turn, preventing them from easily accessing valuables in multiple locations.
Implementing this siloed protection model in complex technology environments, however, is far from straightforward.
DXC’s 2025 Trust Report reveals the scale of the challenge:
Adversaries are moving faster than ever, and organisations need to adapt to new and emerging threats.
Zero Trust offers a path forward but, to be practical for the public sector, it must work within existing infrastructure. This is where AI becomes a game-changer.
Rather than forcing agencies into rip-and-replace programs which require significant investment to implement and years to integrate, AI can be integrated as an intelligent layer over existing systems, enabling Zero Trust principles without disrupting critical operations. There are three key ways this can come to life.
1. Strengthening identity and access
In today’s borderless world, identity is the new perimeter. Zero Trust begins by ensuring that only authorised people and devices can access sensitive systems. Multi-factor authentication (MFA) is a fast, effective starting point, a point that is enshrined in guidance from the Australian Cyber Security Centre and the Australian Signals Directorate. Furthermore, 83% of organisations confirm MFA can be implemented without modifying legacy code. Role-based access control adds another layer of authenticated cybersecurity, with 60% validating its effectiveness for legacy integration.
AI can take this a step further by enabling adaptive authentication, with machine learning able to analyse user behaviour, detect anomalies and adjust access dynamically, reducing false positives and improving cybersecurity without adding friction.
2. Continuous monitoring and threat detection
Legacy systems can often struggle with real-time monitoring due to data volume and tool limitations. Agentic Security Operations Centre (SOC) capabilities solve this by processing vast datasets at speed, identifying patterns and flagging genuine threats in real-time. Automated remediation can even neutralise risks before they escalate, reducing reliance on overstretched cybersecurity teams and providing an additional layer of efficiency.
3. Microsegmentation for breach containment
Think, again, of Zero Trust as a house. If there is a break-in to the living room, microsegmentation prevents lateral movement into any other rooms, locking down access beyond the initial entry point. This principle is vital for complex environments, where lateral movement can turn a minor breach into a major incident. AI-driven segmentation simplifies this process, creating secure zones without manual intervention.
Australia’s Cyber Security Strategy emphasises resilience, collaboration and secure-by-design principles. Zero Trust is the perfect model to align with these goals, as it embeds cybersecurity into every layer of developmental modernisation rather than transposing it as an afterthought.
For agencies, this means:
Zero Trust is not a destination, it’s a journey. Transforming to align with Zero Trust principles doesn’t mean starting from scratch. DXC partners with organisations to maximise tech ambitions while working within the parameters of existing infrastructure.
By layering AI-driven visibility, analytics and adaptive controls into legacy systems, the government can prioritise cybersecurity throughout strategic modernisation programs.
DXC’s 3,200+ cybersecurity professionals expertly address these challenges with global experience enabling secure-by-design environments in critical infrastructure, together with industry-leading partners and best-of-breed technology. Our approach focuses on:
The benefits of Zero Trust are well-recorded. DXC’s Trust Report found that 83% of organisations adopting Zero Trust reduced cybersecurity incidents, cutting remediation and support costs. Beyond cybersecurity, agencies report improved user experience — a critical factor for citizen-facing services.
Additionally, Zero Trust simplifies compliance, streamlines operations and builds confidence in digital services. In an era of increasing cyberthreats and budgetary pressures these outcomes are not optional, they are essential.
Successfully embedding Zero Trust into government agencies will require more than technology. It will need cultural change, cross-agency collaboration, strong leadership and a commitment to secure-by-design principles at every level.
Zero Trust is an approach that doesn’t demand wholesale system overhauls — it can start with small steps. Begin with identity and gradually layer AI-driven controls before building in microsegmentation. Above all, agencies need to treat Zero Trust as a continuous journey that evolves with technology, threats and citizen expectations.
DXC stands ready to help. Together, we can build a safer, smarter and more trusted digital future for all Australians.