Agenda

Risk is undeniably a vital component for understanding our level of resilience and capability to fend off on-coming threats. It is vital that those at the top of our organisation are in full understanding of our risk level in order to make an informed decision on resource allocation, strategy, and prioritisation, among other important matters. To help with this, our expert panellists discuss their methods for presenting risk to the board.
.
• How do we maintain focus on exactly what the board needs to know?
• How can IT professionals improve their communication skills?
• What are the common pitfalls when presenting risk to the board?
• How do we shift the perception of risk management to create understanding of the value added?
.
– Moderator: Hwee Cher Tan, Group Head, Information Security & Data Governance, GGS International
– Manjunath Pasupuleti, CISO, ENNOVI
– Justin Nga, Cyber Security Manager, CitiPower/Powercor/United Energy
– Farly Halim, Regional CISO, Pluxee
– Timothy Snow, Architect, Cybersecurity, Cisco
– Tim Fleming, Strategic Advisor, Silverfort
.

Attackers love targeting users. Traditional endpoint security solutions claim to stop breaches, but the reality is that devices still get breached. Vendors are playing cat and mouse to prevent exploitation of new zero-days to no avail. Endpoint security solutions need time to adapt to new attack vectors, time you don’t have. In this session, we present a solution to support your defence-in-depth strategy: Stop ransomware from spreading by dynamically limiting what ports are open and what servers the endpoint can communicate with.
.
• Proactively minimise the attack surface by deploying zero trust across your system
• Gain visibility into all traffic within hybrid work environments with users working from home
• Stop attacks in their tracks after a breach occurs and contain the spread of the attack
.
– Timothy Snow, Architect, Cybersecurity, Cisco
.

Join us for an insightful fireside chat session where we delve into the scenario of a cyber security breach and how we can successfully weather the storm while keeping operations secure and resilient. Our speaker, together with the moderator, will explore the critical steps needed to maintain operational resilience throughout an incident.
.
• How do we measure which systems are critical for operational resilience?
• What measures should we adopt to ensure the ongoing functionality and security of critical systems and operations?
• What recommendations and best practices are there to enhance resilience in the face of potential breaches?
.
– Moderator: Barry Anderson, Security Solution Architect (OT), AGL Energy
– Shishir Singh, Group Head of Information Security, Advance Intelligence Group
.

With ransomware attacks booming in 2023, your endpoints are more vulnerable than ever – and those with privileged access are the prime target. We’ve identified 5 common ‘Personas’ in every enterprise that requires privileged access. Come and hear how addressing the needs of each one will drastically lower the likelihood of falling victim to a ransomware attack.
.
– Jeff Jones, Territory Directory EMEA, Asia and Far East, Admin by Request
.

In the fast-paced landscape of modern business, cyber security is not merely a defensive measure—it’s a potent catalyst for strategic growth and innovation. In this session, we explore how organisations can transform security initiatives from a necessity into a dynamic force that drives business success.
.
• Instil confidence among stakeholders, fostering an environment where innovation can flourish without compromising data integrity or customer trust
• Learn how a proactive security approach can enhance organisational flexibility, allowing for rapid adaptation to changing market conditions
• From risk management to investment strategies, discover how a well-integrated security approach contributes to informed, resilient decision-making at all levels of the organisation
.
–Alexander Antukh , CISO, AboitizPower
.

Organisations are under attack. As organisations have become digital, cyber attackers have found opportunity in digitisation. Their prize? Your data. With increased vulnerabilities in existing infrastructure and threats penetrating infrastructure security defences, organisations remain highly vulnerable to cyberattacks. With the rise of the ransomware economy, cyber warfare, and software supply chain attacks, organisations face a growing gap in their ability to secure data and ensure business continuity. Cyber attackers know when they take out your data, they take down your business. In this session we’ll look at three pillars to strengthen your security posture and protect your data and your business:
.
• Data Resilience
• Data Observability
• Data Recovery
.
– Soh Kiat Hiong, Head of Sales Engineering, Rubrik
.

In our interconnected world, the landscape of cyber threats continues to evolve, presenting new challenges for businesses, organisations, and individuals alike. To successfully navigate this digital frontier, it is crucial to understand how to measure, communicate, and tackle cyber security risks effectively to those in your organisation who need to grasp this concept. With a look into a special case study, this presentation delves into the core aspects of cyber security risk management.
.
• Explore the tools and metrics that provide a comprehensive understanding of your risk level
• Learn how to convey complex threats and mitigation strategies to those outside the IT team
• Discover how organisations can continuously improve their security posture by learning from past incidents
.
–Sapan Talwar , Global CISO, Perfetti Van Melle
.

Cyberattacks against industrial plants are a real threat and their frequency is constantly increasing. The provision of multiple layers of protection against internal and external cyberattacks, with a focus on prevention, detection, and response to threats to critical assets of industrial plants, requires a holistic approach that integrates IT and OT simultaneously – from the operational to the field level as well as data protection and secure communication.
Siemens demonstrates a comprehensive framework for enhancing the resilience of critical infrastructure against sophisticated cyber threats. Using the concept of Defense in Depth, a holistic multilayered approach to cyber security provides protection for the entire infrastructure. Learn about strategies that cover Plant Security, Network Security, and Data Integrity that are tailored to the needs of industrial sectors such as energy, industry, transportation, and oil & gas.
.
– Phillip Taylor, Head of Cybersecurity, ASEAN, Siemens Digital Industries
.

T1: Build Resilience. Prevent Disruption. How to Anticipate, Withstand, and Recover from the Most Sophisticated Cyber Threats
– Sandeep Peshkar, Senior Vice President and DFIR Operations, Arete Advisor
.
T2: How to Modernise your Cyber Security Approach
– Hwee Cher Tan, Group Head, Information Security & Data Governance, GGS International
.
T3: How do We Simplify Security and Compliance in the Cloud?
– Yu Long Tang, GRC – Cyber Security AVP, State Street
.
T4: What are the Uses and Applications of Artificial Intelligence in Industrial Cyber Security?
– Rene Modequillo, Data Integration Platform – Operations Specialist, Tetra Pak
.
T5: What are the First Steps to Building a Security Culture in the Factory?
– Simon Tan, Regional Security Manager, Shell
.

Regulation and the role of the state is becoming increasingly important for our collective cyber future. With massive strides being made to transform economies, it’s clear that regulation will play a role in keeping us secure during this transition. But critics argue that we need to go far beyond the proscriptions of these regulations. Join our experts as they discuss this thought-provoking issue.
.
• What is the role of regulation in our collective cyber defence?
• Do current regulations go far enough?
• What Unified Security Standards Should the APAC Region be Using?
.
– Moderator: Wickrama Vishwanath, Information Security Manager, Anglo-Eastern
– Chelsea Kiew, VP, CISO , Etiqa Insurance and Takaful
– Nan Maguire, Head of Technology, Security Resilience & Third Party Governance APAC, abdrn
– Simon Tan, Regional Security Manager APAC, Shell
.

This presentation explores the transformative power of artificial intelligence (AI) in fortifying digital landscapes against evolving threats. Discover how cutting-edge AI technologies are reshaping the security paradigm, ushering in a new era of proactive defence and robust protection.
.
• Explore how AI algorithms revolutionise threat detection by identifying patterns, anomalies, and potential risks in real-time
• Understand how AI-driven tools automate incident response, enabling organisations to react swiftly and effectively to security incidents
• Gain crucial insights into how you can integrate AI into your existing security framework
.
– Kelum Wickramasinghe, Group Head of IT and Information Security, Silvermill Group
.

This fireside chat session will delve into the critical role a strong security culture plays in safeguarding your organisation’s valuable assets from cyber attacks. We’ll explore how shared values, behaviours, and awareness can create a human firewall that complements technical security measures.
.
• How does a security culture empower employees to become active participants in cyber defence?
• What are the key elements of building and fostering a robust security culture within your organisation?
• What practical strategies can we use for promoting security awareness and best practices among staff?
.
– Moderator: Tarun Samtani, DPO & Privacy Director, International SOS
– Varun Srivastava, APAC Head – CSOC, UBS
.

In this dive into the rapidly evolving world of cyber security, we will shed light on the contagious nature of cyber threats and how they can spread like wildfire across organisations or even entire industries.
As technology continues to advance, so too do the methods and tactics employed by cybercriminals. From ransomware attacks that cripple critical infrastructure to social engineering schemes that exploit human vulnerabilities, the contagious nature of these threats poses a significant challenge to our digital security. The question is, what solutions can we employ to maintain our cyber health?
.
– Evenjonly Ng, Head IT Risk & Security, AIA
.

IT compliance is essential to making sure your organisation’s security posture falls in line with the established standards and regulations. Governance ensures consistency across your systems and organisation. In this fireside chat session, we hear our speaker’s perspective on IT compliance and governance, how it can be implemented, and helpful tips that everyone can adopt.
.
• What are the challenges that compliance brings and how can we overcome them?
• What basic controls need to be implemented to ensure proper governance across a large organisation?
• How can we effectively manage risk through compliance?
.
– Moderator: John Ellis, CISO (APAC), Bupa
– Speaker: Jenny Tan, Global Internal Audit Leader | Transformational Leadership, CapitaLand
.