 |
|
 |
|
|
|
|
Agenda |
| |
|
08:30 - 09:00 |
Registration & Showcase Visit |
|
|
09:00 - 09:15 |
Opening Remarks
Jenny Fong, Regional Director, Greater China, Singtel Group Enterprise |
|
|
09:15 - 09:45 |
Opening Keynote
The State of Cyber Security: Where are we in 2016?
Jeremy Pizzala, Partner, Asia Pacific Cyber Security Leader, Ernst & Young
Digital connectedness is now firmly embedded in our societies and in the fabric of every organization. Public and private data travels rapidly across internal and external networks and hops seamlessly between ever-increasing numbers of devices. Cyber security requires leaders to ensure the appropriate confidentiality, integrity, and availability of this data and the safety, stability, and resilience of the infrastructure. With massive volumes of data, more connected devices, and greater dependency on this digital ecosystem, the challenges have also increased. However our available approaches and tools have also evolved.
This keynote address will help the audience understand, in plain terms, the current state of cyber security threats and some of the emerging innovative solutions available to leaders.
|
|
|
09:45 - 10:30 |
Keynote One
Redifining Cyber Security in the Age of Insecurity
Bill Chang, CEO, Singtel Group Enterprise
We all live in an age where the pace of digitization and mobilization is fast accelerating. As governments and enterprises find new ways to serve their citizens and customers, they are transforming their business models for greater efficiency and customer experience. This not only creates new and exciting business opportunities, but also spawns new threat landscapes in the cyber security space.
Recent study indicated that over 95% of enterprises and government agencies are compromised and don't know it. As new technologies are developed and implemented, they also present new attack vectors that evil doers can take advantage of to attack your IT security systems and processes. And often, enterprises and governments are compromised without even knowing. Not only do they need to be able to protect, respond and recover from these acts, they must be able to pre-empt such attacks.
In this session, the speaker will share cyber security war stories and strategies to protect, respond and recover from these sophisticated advanced threats.
|
|
|
10:30 - 11:00 |
Keynote Two
Best Practices for Breach Preparedness - Case Study on Operation Clandestine Wolf
Wias Issa, Senior Director, FaaS, Asia Pacific & Japan, FireEye
With the new threat landscape, what are the odds your organization is breached? How soon will you find out when there's a breach? According to our research, 96 percent of systems were breached on average. And, for every attacks that get through, you need to detect, analyze, and respond before they cause irreversible damage, which can happen in minutes.
When it comes to preventing an attack, no organisation has the perfect strategy.
However, organizations can solidify their security best practices involving technology, intelligence and expertise, and hone its ability to detect and contain advanced attacks before they do any damage.
In this session, the speaker will discuss the challenges of breach preparedness and share the best practices to avoid impacts from advanced attack. Using the recent Operation Clandestine Wolf, a phishing campaign that exploits an Adobe Flash zero-day, he will also share how FireEye identify and remediate this zero day attack from the threat group APT3.
|
|
|
11:00 - 11:20 |
Networking Coffee Break / Showcase Visit |
|
|
11:20 - 11:50 |
Keynote Three
Secure Your IT Infrastructure in the Era of ABC - Analytics, BYOD and Cloud
John Ellis, Chief Strategist, Cyber Security, Asia Pacific & Japan, Akamai Technologies
The pace of IT evolution is not slowing, particularly with the trends of big data, BYOD and Cloud. With this progress we also see the growth of the security threat landscape gaining momentum. Being the double-edge sword, they enable strategic advantage to businesses while contributing to the complexity of security vulnerability. How can we secure IT infrastructure from App to Network, and down to internal users themselves?
|
|
|
11:50 - 12:20 |
Keynote Four
When Things of the Internet Attack
Charles Henderson, VP of Managed Security Testing, Trustwave
As the number of smart devices on our networks increases exponentially, so too does the risk these things of the internet pose. The rush to market can often take priority over sound security posture. While the technology is exciting, failures in the security of automation technology can have real world impact. All of this begs the question: "How should these technologies be tested?" This session will focus on strategies and actions that are critical to a successfully secure design and deployment of Internet of Things (IoT) technology. The IoT market may seem to be unpredictable and overly exciting but, with attention to fundamentals, your security does not have to be.
|
|
|
12:20 - 13:00 |
Panel Discussion
Vulnerabilities, Risks And Threats: Actionable Intelligence for Robust Cyber Defence
Moderator:
Geoff McClelland, Programme Director, CIO Connect
Panelists:
Anna Gamvros, Partner IT / Communications & Commercial, Baker & McKenzie
Lim Shih Hsien, Head, Information Security, Hong Kong Jockey Club
With new vulnerabilities and exploits constantly emerging and high-profile breaches highlighting just how exposed organisations are, keeping up with the dynamic threat landscape and sophisticated cybercriminal is undoubtedly a challenge.
So how is the threat landscape evolving and what are the threats that organisations should be most concerned about? What can information security professionals learn from some of the high profile breaches of 2015? More importantly how can they apply those lessons better protect their organisations and what are the resources available to help them do so?
This session will provide actionable threat intelligence, highlighting new risks and emerging threats. Speakers will share effective defensive and containment strategies.
- Review high profile hacks of 2015, how they happened and what you can do to make sure it doesn't happen to your organisation
- Evaluate the threat landscape and analyse the latest malware, APTs, DDoS and phishing attacks
- Determine how to align defences to the threat profile of your organisation
- Discover how to design effective defensive approaches for newly defined threats
- Assess different sources of threat intelligence and discover how to build a threat intelligence capability
|
|
Move to top  |
|
|
|
|
|
Speaker's Profile |
| |
|
 |
Jeremy Pizzala
Partner, Asia Pacific Cyber Security Leader
Ernst & Young
Jeremy Pizzala is currently the lead Partner for EY's Financial Services Cyber Risk practice in Asia Pacific. Over the past 20 years, Jeremy has worked with clients in multiple industries, in particular Financial Services, Communications and Government, with a deep understanding and experience across consulting, systems integration and business transformation.
In the past 14 years Jeremy has focused on Information Security and Technology Risk Management - ensuring that clients have appropriate actionable strategies in place to protect their organizational assets from both internal and external risk, while ensuring compliance with regulations and industry standards. In doing this, Jeremy has established consulting led organizations across the Asia Pacific region, developed market offerings and led and motivated teams to ensure clients achieve tangible and sustainable business outcomes from their technology investments.
In addition to his client serving work, Jeremy has also held various roles in the banking industry, focusing on: the transformation of payment channels within the business markets segment to reduce processing costs and increase customer experience and satisfaction; development and launch of the first mobile payment platform into the home market; and implementation of stored value payment schemes in the consumer segment.
Jeremy is also a certified Quality Assurance Director, providing coaching to client delivery teams engaged in complex transformation projects.
|
|
|
 |
Geoff McClelland
Programme Director
CIO Connect
Geoff has over 25 years' experience in Information Technology and Telecommunications (IT&T), having held senior roles or consulting extensively in a number of industry sectors; notably in Telecommunications, Petroleum, IT, Finance, Defence, Retail and Hospitality. Always having a strong technology focus, Geoff has held traditional IT&T staff roles as well as broader R&D, strategic marketing and corporate planning positions.
From 2000, Geoff was the Group Enterprise Architect for Dairy Farm International (DFI); then the VP Technology - Hotel Development for Mandarin Oriental Hotel Group (MOHG) until mid-2010; he continues to provide IT governance services to DFI's and MOHG's parent company, Jardine Matheson Limited.
Professionally Geoff's very strong background in Enterprise Architecture led naturally to IT strategy, governance and risk management. His successful transition into broader management roles outside of IT as a Business-Technology professional has heightened his understanding of the challenges faced by organisations in achieving convergence, not just alignment, of IT with the business.
Geoff is a well-respected technology commentator in the Asia Pacific region especially in the areas of IT strategy, security and governance. Geoff is an Australian, married with two children and lives in Hong Kong. He holds a MBA in Finance from the University of Technology Sydney and is a Member of the IEEE (Institute of Electrical and Electronic Engineers), ISACA (Information Systems Audit and Control Association), a Senior Member of the Australian Computer Society (ACS); and a Fellow of the Australian Institute of Company Directors (AICD).
|
|
|
 |
Anna Gamvros
Partner IT / Communications & Commercial
Baker & McKenzie
Anna Gamvros is a member of the Firm's Asia Pacific IT & Communications steering committee. She advises clients on privacy and data protection, IT contracts and outsourcing, telecommunications and Internet regulatory issues. Ms. Gamvros is co-author to Internet Law in Hong Kong published by Sweet & Maxwell and is recognised in Legal 500 and Chambers Asia for her expertise in the area of technology and data protection. She sits on the Hong Kong Government Working Group on the Provision and Use of Cloud Services and is admitted as solicitor in Queensland, Australia and Hong Kong.
Ms. Gamvros' practice focuses on issues in the IT and communications sectors. She advises on licensing and technology agreements, outsourcing, privacy and data protection, and telecommunications and Internet regulatory issues.
|
|
|
 |
Lim Shih Hsien
Head, Information Security
Hong Kong Jockey Club
Mr. Lim Shih Hsien is currently heading the information security function of the Hong Kong Jockey Club (HKJC). He is responsible for the development and implementation of its information security roadmap, and for ensuring the HKJC's information security polices, standards, guidelines and processes are appropriately enhanced, communicated, and applied. He is also tasked to identify new technology risks and ensure that effective mitigation measures are implemented.
Shih Hsien started his professional career in the public IT sector in the 1990's and moved into information security in 2002. He has held positions in IT, information security and strategic information security planning with the Infocomm Development Authority of Singapore, Singapore Airlines and Singaporeˇ¦s Ministry of Health (MOH).
Prior to joining the HKJC, Shih Hsien was the Director, Identity & Security Services of the MOH Holdings P/L. He was responsible for developing the security technical architecture, policies and processes for public healthcare programs, in particular Singapore'ss National Electronic Health Record (NEHR).
|
|
|
 |
Bill Chang
CEO
Singtel Group Enterprise
Mr Bill Chang was appointed Country Chief Officer, Singapore on 12 September 2014. He is concurrently the Chief Executive Officer of Group Enterprise, which provides innovative and comprehensive Information and Communications Technology solutions to the Group's enterprise customers across multiple geographies. Prior to assuming this position on 16 July 2012, he was the Managing Director, Business Group, SingTel. He joined SingTel in 2005 as Executive Vice President of Corporate Business.
Mr Chang is the Chairman of the Singapore Polytechnic Board of Governors and a Board Member of SingPost. He was on the Board of Workforce Development Agency for six years until 2011. For his contributions to Singapore's workforce development, Mr Chang received the National Day Public Service Medal in 2007.
In 2014, Mr Chang was conferred the honorary Fellow of the Singapore Computer Society in recognition of his pivotal role in advancing the infocomm industry in Singapore.
Mr Chang has served on the boards of SingTel's associate companies. He was a board member of Bharti Airtel from March 2006 to April 2007 and Co-Vice Chairman of Globe Telecom from November 2007 to October 2009.
Before joining SingTel, Mr Chang was the Managing Director of CISCO Systems' Advanced Services Group, where he was responsible for the company's operations in Asia Pacific.
Mr Chang holds a Bachelor of Engineering (Honours) degree in Electrical and Computer Systems Engineering from Monash University.
|
|
|
 |
John Ellis
Chief Strategist, Cyber Security, Asia Pacific & Japan
Akamai Technologies
John Ellis is Director of Enterprise Security, Asia Pacific & Japan (APJ) for Akamai Technologies. He is responsible for driving Akamai's Enterprise Security program to help meet the security needs of its customers in the region.
With over eighteen years of IT Security experience, John has developed an innate understanding of the complex challenges that face today's hyper connected world. John's career initially started in the military and has transitioned through several major industries such as financial services and telecommunications. John's exposure to multiple industry verticals has allowed him to hone his skills to better understand how organizations can balance their IT security investments to minimize risk yet maximize their opportunities.
Hailing from New Zealand, John relocated to Singapore in 2006, and now calls it home. Prior to Singapore, John had lived in Australia in addition to his homeland of New Zealand. Now that he's based in Asia, John has taken the opportunity to "try" and learn to speak, read, and write conversational Mandarin, and is continuing to improve his understanding of Asian culture.
|
|
|
 |
Wias Issa
Senior Director, Asia Pacific Japan
FireEye
Wias Issa is Senior Director of FireEye as a Service (FaaS) for Asia Pacific Japan. Mr. Issa has over sixteen years of experience in security operations and response and is currently responsible for FireEye's industry leading advanced threat detection and response as a service business in the region.
In 2013, Mandiant, which was later acquired by FireEye, recruited Mr. Issa to lead its FaaS organization in the Americas. In that role he helped ensure customers had the world's most effective, commercially available advanced threat detection and response service.
Prior to joining Mandiant, Mr. Issa led Symantec's worldwide security management services, protecting many of the most recognized brands in the world. Early in his career Mr. Issa held roles at UBS, Wells Fargo and a technology start-up in Washington, D.C.
Mr. Issa holds a Bachelors of Science degree in Finance from George Mason University and speaks four languages fluently.
|
|
|
 |
Charles Henderson
VP, Managed Security Testing
Trustwave
Charles Henderson is the Vice President of Managed Security Testing at Trustwave. He has been in the information security industry for over twenty years. Over that time, he and his teams have specialized in network penetration testing, application penetration testing, physical security testing, and incident response. His team's clients range from the largest on the Fortune lists to small and midsized companies interested in improving their security posture. Henderson routinely speaks at various conferences (including Black Hat, DEF CON, RSA, SOURCE, OWASP AppSec USA and Europe, FROC, and Merchant Risk Council) around the world on various subject matters relating to security testing and incident response.
|
|
| Move to top |
|
|
 |
|