Devesh Maheshwari is the Chief Technology Officer of Lendi Group, one of Australia’s fastest-growing fintech companies and the parent of the Aussie and Lendi home loan brands. An experienced technology executive, Devesh brings a career spanning IBM, ThoughtWorks, Pitney Bowes, Tyro, DataMesh Group, and Tabcorp, with a consistent focus on technology-led transformation in highly regulated industries. He was named Cyber Thought Leader of the Year at the 2026 Australian Cyber Awards and is a recognised voice on AI adoption, cybersecurity, and technology leadership. He holds a Bachelor of Engineering in Information Science from Bangalore and is based in Sydney.
Recently, in an exclusive interview with CIO Magazine, Devesh shared insights into his journey from Quality Assurance Engineer and Technical Writer to Chief Technology Officer, explaining how that first role taught him that technology risk is never purely technical because every defect can become a compliance breach, customer failure, or reputational event. Reflecting on being named Cyber Thought Leader of the Year at the 2026 Australian Cyber Awards, he said the recognition belongs to his team and carries an obligation to share learnings, mentor practitioners, and advocate for security as a strategic enabler, not a bolt-on. And if he could put one sentence on every IT and security war room wall, it would be that AI amplifies what already exists, so data quality, clarity of purpose, and integrity of controls will determine whether it becomes your greatest asset or greatest liability, because disciplined foundations must come before intelligent systems. The following excerpts are taken from the interview.
Your career path spans strategy, technology, and transformation in extremely regulated industries. What was your very first role in tech, and what did it teach you about the link between technology and business risk?
My first role in technology was as a Quality Assurance Engineer and Technical Writer at IBM, early in my career after completing my Bachelor of Engineering in Information Science in Bangalore. It was a formative experience in ways I did not fully appreciate at the time. Quality assurance, at its core, is the discipline of asking what could go wrong, and what is the cost if it does. That framing — understanding failure modes before they materialise — turned out to be one of the most transferable lenses I have ever developed as a technologist. What that role taught me was that technology risk is never purely technical. The systems we build sit inside business processes, regulatory environments, and human workflows. A defect in code is not just a bug — it is a potential compliance breach, a customer experience failure, a reputational event. At IBM, working across enterprise environments, I saw first-hand how the quality of a technology decision reverberated through an entire organisation. That connection between technical rigour and business consequence has stayed with me through every role since — from Senior QA Consultant at ThoughtWorks, to leading engineering at Tyro in payments, through to the work we are doing today at Lendi Group transforming home lending through AI.
What do you love the most about your current role?
What I love most with Lendi Group is the rare privilege of building something genuinely new, at a moment in history when the technology available to us can fundamentally reshape how an industry operates — not just incrementally improve it. At Lendi Group, we are not simply modernising the home loan process. We are reimagining it from the ground up — building an intelligent platform that anticipates needs, streamlines complexity, and empowers every broker, partner and customer who touches it. We have an ambition to become an AI-native business. That’s not just spin, for usit’s a structural commitment backed by real architectural work, from the operational data layer we have built on MongoDB through to the AI agents we are embedding across decision-making workflows. What makes this particular moment so energising is the intersection of meaningful social impact and technological ambition. Buying a home is one of the most significant financial decisions most Australians will ever make. The fact that our technology can make that journey clearer, faster, and less stressful for over a thousand brokers and their clients — that is a purpose worth showing up for every day. I am also deeply proud of the team we have built and the culture we have created: one that prizes engineering excellence, moves quickly, and takes its responsibilities seriously in a regulated environment. That combination of pace and rigour is genuinely hard to achieve, and being part of it is what I find most fulfilling.
Cyber threats are evolving from ransomware to AI-powered social engineering. Which emerging threat vector worries you most heading into 2030, and why?
The threat vector that concerns me most heading into 2030 is AI-augmented identity deception — the combination of large language models, synthetic voice and video, and real-time data harvesting to impersonate trusted individuals at scale and with unprecedented plausibility. We are already seeing the early form of this with deepfake audio used in business email compromise attacks and synthetic video deployed in executive impersonation fraud. But what makes the 2030 version of this threat categorically different is the degree of personalisation that becomes available when these capabilities are powered by models trained on — or in real time accessing — a target’s digital footprint: their communication style, their professional relationships, their calendar patterns, their known concerns. An attacker who can synthesise a convincing version of your CFO, referencing a real conversation from last Thursday and displaying knowledge of an internal project, has a very high probability of bypassing even a security-aware human. For an organisation operating in financial services, where trust and identity are the bedrock of every transaction, this is not an abstract scenario — it is a near-term operational risk. My response has been to invest in zero-trust architectures that do not rely solely on identity claims, to build security awareness cultures that treat scepticism as a professional virtue, and to ensure that our AI systems are themselves hardened against prompt injection and adversarial manipulation. The arms race between AI-powered attack and AI-powered defence will define the cybersecurity landscape of the next decade.
Quantum computing and post-quantum cryptography are on the horizon. How should CIOs be preparing today for a post-quantum threat landscape?
The most important thing CIOs need to understand about quantum risk is that it is not a future problem — it is a present one, because of what the security community calls harvest now, decrypt later. Adversaries with sufficient motivation are already capturing and storing encrypted communications and data today, on the assumption that quantum decryption capability will become available within a decade. This means that data with long-term sensitivity — financial records, legal agreements, identity credentials, health information — is already at risk from a threat that has not yet materialised in its most powerful form. The preparation strategy has several practical dimensions. First, CIOs need to conduct a cryptographic inventory: understand what encryption algorithms are deployed across their estate, where they are embedded in third-party products and supply chains, and which data assets have long-term sensitivity. Most organisations have very poor visibility into this. Second, they should begin transitioning to post-quantum cryptographic algorithms — NIST has now finalised its post-quantum standards, and the migration roadmap should be part of every security architecture review. Third, cryptographic agility must be built into the architecture from this point forward — the ability to swap out algorithms without full system re-engineering is no longer a nice-to-have. Finally, this cannot be treated as a pure IT issue. Boards and executive leadership teams need to understand the risk and be willing to fund the migration, which is non-trivial. Those organisations that treat this as urgent today will be in a materially better position than those that wait for a clear and present danger — by which point the remediation cost will be far higher.
You were named Cyber Thought Leader of the Year at the Australian Cyber Awards recently. What does this recognition mean to you, and what responsibility comes with it?
Being recognised as Cyber Thought Leader of the Year at the Australian Cyber Awards is genuinely humbling, not least because the quality of the other finalists reflects the breadth and depth of talent in this community. It is a recognition I hold on behalf of every team member who has contributed to the security posture and the culture we have built at Lendi Group — this kind of award is never the work of one person. What it means to me personally is validation that the approach we have taken — integrating security into the architecture and culture of the organisation rather than treating it as a bolt-on compliance function — resonates with the broader practitioner community. We have made deliberate choices at Lendi Group to invest in security as an enabler of business confidence, not just a cost of doing business. When that approach earns recognition, it reinforces the conviction that it is the right way to lead. The responsibility that comes with it is significant and I take it seriously. Thought leadership in cybersecurity is not a title — it is an obligation to share what you have learned, to contribute to public discourse on threats and responses, to mentor the next generation of practitioners, and to advocate at the executive and board level for security being treated as a strategic priority. Australia’s financial services sector, and the broader technology ecosystem, is stronger when its leaders invest in raising the collective capability of the community. That is what I intend to continue doing.
Great technology leaders often have influences outside the server room. What book, biography, or philosophy outside tech has most shaped how you lead?
The work that has most profoundly shaped how I think about leadership is Viktor Frankl’s Man’s Search for Meaning. It is not a business book or a leadership manual — it is an account of finding purpose and agency under the most extreme conditions imaginable. The central insight, that we cannot always choose our circumstances but we retain the freedom to choose our response to them, is something I return to constantly in the context of leading through transformation and uncertainty. Technology leadership at the executive level involves navigating a near-continuous stream of ambiguity — strategic pivots, competitive disruptions, organisational complexity, and the human dimension of leading teams through significant change. What Frankl’s philosophy gives me is a framework for maintaining clarity of purpose in those moments. If the organisation knows why it exists and what it is trying to build, then the how becomes far more tractable, even when circumstances change. A secondary influence has been the Stoic tradition — particularly Marcus Aurelius’ Meditations. The Stoic discipline of separating what is within your control from what is not, and directing your energy accordingly, is profoundly practical for a CTO. There is an enormous amount in enterprise technology that you cannot directly control: vendor roadmaps, regulatory change, macroeconomic conditions, talent market dynamics. What you can control is the rigour of your thinking, the quality of your decisions, and the culture and standards you model for your team. That is where I choose to place my energy.
What are some of your passions outside of work? What do you like to do in your time off?
Outside of work, I am genuinely passionate about cricket — it has been a constant thread through my life, from growing up in India to living in Sydney, and there is something about the strategy, patience, and team dynamics of the game that I find deeply resonant with how I think about building organisations. I am also an avid reader — history, philosophy and biographies of people who have navigated complexity and adversity keep me grounded and curious in equal measure. There is rarely a time when I am not working through a book. Family is the true anchor. Spending time with my family — being present and genuinely off the clock — is something I have learned to protect with intention, because it is easy in an executive role to let the boundaries dissolve. That deliberate separation actually makes me a better leader: it restores perspective, it reminds me of the human stakes behind what we build, and it gives me the kind of energy that no productivity hack can replicate. I also try to stay physically active — it is non-negotiable for sustained cognitive performance, and I have come to appreciate exercise less as a fitness practice and more as a discipline of consistency.
What is your biggest goal? Where do you see yourself in 5 years from now?
My biggest goal, in the near term, is to complete what we have started at Lendi Group — to build a genuinely AI-native financial services platform that changes the experience of buying and owning property in Australia in ways that are felt by real people making real decisions. We are targeting June 2026 for full AI-native operation, and the ambition beyond that is to scale what we are building into something that defines the standard for intelligent financial services in this market and potentially beyond. In five years, I see myself continuing to operate at the intersection of technology strategy, business transformation, and people leadership — whether that is continuing to grow within Lendi Group as it scales, or taking those capabilities into a broader context. I am deeply committed to the Australian technology ecosystem, and I believe there is a generational opportunity right now for Australian organisations to compete globally on the strength of their AI capabilities, not just their market access. On a personal level, I want to continue investing in the next generation of technology leaders — mentoring, contributing to the dialogue on responsible AI and cybersecurity, and helping to raise the standard of technology leadership in Australia. The recognition I have received through forums like the Australian Cyber Awards reinforces my conviction that leadership in this domain carries an obligation to give back, and that is something I intend to do with increasing commitment over the next five years.
If you could put one sentence about AI on the wall of every IT and security war room, what would it say, and why is that message critical for leaders today?
The sentence I would put on every wall is this: AI amplifies what already exists — so the quality of your data, the clarity of your purpose, and the integrity of your controls will determine whether it becomes your greatest asset or your greatest liability. The reason this message is critical is that there is an enormous amount of noise in the current conversation about AI — excitement, fear, hype, and genuine uncertainty — and very little of it is grounded in first principles. Organisations are deploying AI into contexts they do not fully understand, on data foundations they have not adequately cleaned or governed, without clear accountability structures for the decisions those systems make. The result is not neutral: it is actively dangerous, because AI operating on flawed inputs or within weak governance frameworks does not fail quietly — it scales its failures. The antidote is not caution for its own sake. It is disciplined foundational work: investing in data quality, building explainability into AI-powered decisions, embedding security and privacy into the AI architecture from the start, and ensuring that every AI deployment has a clear owner and a clear accountability framework. At Lendi Group, this is exactly the philosophy we have applied — building the operational data layer before deploying the intelligence layer, so that the speed and quality of what we build is grounded in a solid foundation. That sequence matters enormously, and it is a lesson I would share with any leader navigating this terrain.