Australian businesses have spent the past two years bolting generative AI onto everything from customer service to code review, often faster than their security teams could keep pace. A local cyber security firm is now betting that the clean-up phase, in which someone has to actually secure and govern all that machinery, is where the next wave of demand sits.
Cyber security advisory and managed services provider Insicon Cyber has launched an expanded AI security and governance practice built around technology from application security vendor F5. According to reporting by ARN, the arrangement sees Insicon fold F5’s AI Guardrails and AI Red Team products into its own offering, giving it continuous runtime protection and adversarial testing capabilities across Australia and New Zealand.
The move is small in dollar terms, at least as disclosed, but it is a useful marker of where the market is heading. For most of the current AI cycle the conversation has been about adoption, about which model to use and which workflow to automate. The conversation Insicon is trying to sell into is the one that follows: once an organisation has AI agents talking to customers, querying databases and taking actions, how does it stop those systems from leaking data, being manipulated, or behaving in ways nobody signed off on.
What the partnership actually does
The two F5 products at the centre of the deal address different halves of the problem. AI Guardrails is pitched as runtime protection, meaning it sits between a live AI application and the outside world, watching prompts and responses as they happen and blocking the ones that cross a line. That covers the now-familiar catalogue of AI-specific risks: prompt injection, where an attacker hides instructions inside otherwise ordinary text to hijack a model, along with data leakage, toxic output and attempts to jailbreak a system past its intended limits.
AI Red Team is the offensive counterpart. Red teaming is a long-standing security discipline in which specialists attack a system on purpose to find the holes before a real adversary does, and the AI version automates a chunk of that work against language models and the applications wrapped around them. The idea is to probe a deployment continuously rather than signing off on it once and hoping it holds.
Bundling the two lets Insicon offer something closer to a full lifecycle service, testing an AI system for weaknesses and then guarding it in production, rather than selling a point tool and walking away. For a managed services firm, that recurring relationship is the commercially attractive part.
Two ways to read it
The optimistic reading is that this is exactly the kind of local capability the market has been missing. Plenty of Australian organisations have deployed AI with governance frameworks that exist mostly on paper, and a partner who can actually test and monitor those systems fills a real gap. The pessimistic reading is that vendors and advisories have a strong incentive to manufacture urgency, and that “AI security” risks becoming a label stuck on services that competent security teams should already be doing.
Both can be true at once. The genuinely new element is that AI systems fail in ways traditional application security tooling was not designed to catch. A firewall does not understand that a politely worded paragraph is really a set of smuggled instructions, and a conventional vulnerability scanner has nothing to say about a model that confidently invents a customer’s account balance. Whether that justifies a dedicated practice, or is simply an extension of existing red teaming and monitoring, is the question buyers will have to weigh.
It also lands against a backdrop of hard evidence that the governance gap is real. FluentSea has previously covered warnings that Australian firms are rushing AI adoption while leaving governance behind, and a services push like this one is, in effect, a bet that those warnings will translate into spending.
Why it matters for Australia
The Australian and New Zealand framing is the point rather than an afterthought. Data sovereignty, local support and familiarity with regional regulation are among the few genuine advantages a home-grown advisory has over a global consultancy, and they matter more in security than in almost any other category of IT. A financial institution or government agency running AI over sensitive records generally wants the people testing and monitoring that system to sit inside the same jurisdiction, subject to the same privacy laws.
That regulatory environment is tightening. The federal government has moved to stand up a national Office of AI, and the Privacy Act reforms working their way through Canberra put fresh obligations on how organisations handle personal information, including information fed into and generated by AI models. Boards are increasingly being asked to demonstrate that AI deployments are controlled, not just clever, and services that produce evidence of testing and monitoring speak directly to that pressure.
There is a broader industry stake too. If Australia wants a domestic AI economy rather than a market that simply consumes overseas products, the security and assurance layer is one of the more realistic places for local firms to build durable expertise. Model development is capital-intensive and dominated by a handful of global players, but the work of securing, governing and auditing AI in specific regulated industries is fragmented, relationship-driven and well suited to specialist local providers.
What’s next
The real test is uptake. A launch announcement establishes intent, not traction, and the figure worth watching is how many A/NZ organisations actually engage the practice over the coming year and in which sectors. Financial services, healthcare and government are the obvious early candidates, given both their exposure to AI and the regulatory scrutiny they already face.
Also worth watching is whether this remains a niche add-on or becomes a standard line item in enterprise security budgets. If AI red teaming and runtime guardrails follow the path of earlier security disciplines, from optional extra to expected baseline, then early movers like Insicon stand to benefit from having planted a flag while the category was still forming. If AI adoption stalls, or if the major cloud providers absorb this functionality into their platforms, a dedicated practice becomes harder to sustain. Either way, the partnership is a sign that the Australian AI story is shifting from what these systems can do to how they can be trusted, and that shift is where a lot of the near-term money is likely to be made.
Sources: ARN.

















































