Agenda

Presentations already confirmed include:


►There Ain't No Party Like a Compromised Third Party

Steve Brown, Director, Cybersecurity, MasterCard 

  • Safeguarding an evolving ecosystem goes way beyond protecting the transaction
  • Identification, automation, prioritisation, mitigation
  • Cyber resilience superseding cyber security 

 


►Managing an OT Security Operations Centre

Dr Yask Sharma, CISO, Indian Oil Corp

  • Cybersecurity and OT security are different: policies are not the same; conversations with vendors are not the same
  • Pulling together a holistic picture of your OT environment
  • How 'resilience' has changed everything

► Security in the Midst of IT/OT Convergence. 

Mel Migriño, Group CISO, Meralco

  • Understanding the road blocks in integrating IT & OT
  • Application of AI in strengthening IT & OT convergence
  • Continuous assurance to better identify and mitigate risks 

►Protecting Healthcare: Cyber Safety not Cyber Security

Bhaskar Chattoraj, Manager, Cyber Risk and Resilience, National Healthcare Group Singapore

  • In 2020, a hospital in Dusseldorf was hit with ransomware, leading to a patients death. Around the world, security leaders in the healthcare space have doubled down on their resilience frameworks
  • A hospital is a nexus of chaotic end-user: how can you create a robust cybersecurity culture?
  • Cyber safety - an easy to understand awareness strategy. 

►Good Instinct, Plain English: The New Paradigm for the CISO

Jane Corr, CISO, Great West Life Europe

  • How do you communicate in plain English to people with little understanding of cyber-risk?
  • It's not about communicating zero risk; it's about being realistic with risk.
  • Reorienting security - communication and collaboration. 

►Operational Resilience in the Financial Services 

The Financial Services have a more sophisticated attitude towards cyber risk given the level of regulation that binds the sector and the relentless level of attacks they face from criminals. Security leaders from banks, insurers, fintechs and investment managers understand that resilience is the key to a strong security posture. Join this executive panel discussion to find out how leaders in APAC financial institutions are addressing resilience

  • Frankie Shuai, Director of Cyber Technology and Risk at UBS
  • Kok Yew Toh, Director and Business Information Security Officer, FWD Insurance
  • Billy Chu, Head of Technology and Operational Risk

► How to Disrupt Adversaries With Security Intelligence

Yeo Chien Jen, Director Systems Engineering, Asia Pacific, Recorded Future

  • How organisations can detect and mitigate cyberattacks at scale
  • How to stay ahead of adversaries who are constantly improving their techniques and evading defences
  • How access to security intelligence empowers organisations to learn about attacks proactively and take action

► Lock Your Doors First: Prioritizing a Zero Trust Approach 

Andrew Kay, Regional Sales Engineer, Illumio 

  • Why end-to-end segmentation as a base for Zero Trust is the easiest win for security teams
  • Proactively prevent any malicious attack from spreading across endpoint or datacenter without network architecture change
  • How to gain real-time visibility across environments and create policies to stop unauthorized traffic 

► An Overdue Shift to People-Centric Security

Adrian Covich, Senior Director, Systems Engineering, Proofpoint APJ

  • Why is a new people-based threat intelligence model needed for cybersecurity strategy to evolve.
  • How do you identify and protect your most attacked people
  • How can you mitigate behavioural vulnerabilities and problems with access privileges
  • How can you get more information from threat-intel data

► Stories from the Front lines: Negotiating with a Ransomware Criminal 

Moty Cristal, CEO, NEST, and Gal Messinger, Global Head of Security, Signify

  • Mistakes are an essential element in managing any human crisis, let alone in ransomware and cyber extortion incidents.
  • Based on years of operational experience in cyber crises, and using a variety of real life examples, this session will present the common mistakes made during ransomware crises and how to prevent them. 
  • Hear first hand experiences in successfully negotiating with ransomware criminals. 

 

Education seminars


Warning: Cyber Attacks Ahead, What's Your Cybersecurity Strategy?


Harish Sekar, Senior Technical Evangelist, ManageEngine

The job of IT admins and IT security analysts are, some of the most important jobs in any company. They are expected to know everything; get little praise when things run well and are first in the firing line when things go wrong. Most of them are self-taught and have learned on-the-job. Experience has battle-hardened them but the pressure to ensure the security of a rapidly evolving IT and OT infrastructure remains high. In this session you will learn tips and tricks on how to bolster your cybersecurity and how to enable virtual cameras through effective log management techniques

  • Understanding the attack surface – how ML and AI can detect internal and external attacks
  • How to secure your infrastructure and the need for SOAR
  • Importance of data security and the need for DLP​ 

Preventing the Next SolarWinds Breach: What *You*Need to Know About SASE


Jonathan Andresen, Senior Director, Marketing & Products, Asia Pacific & Japan, Bitglass

Cyberattacks such as the recent SolarWinds breach demonstrate how cybercrime is shifting focus to cloud services. At the same time, Gartner predicts that almost half of companies will shift their cloud and network security to a SASE architecture (Secure Access Service Edge) in the next few years.  But is this the right approach? How does it improve privacy, compliance and data protection?

While there is no single industry standard view on SASE or how to protect sensitive data, there are foundational elements that every security leader should consider when planning for 2H 2021 and beyond. 

Join this exclusive talk to learn how you can get started with SASE, including: 

  • The three major pillars of SASE architecture and why they matter
  • The economics of data breaches vs. SASE
  • Common SASE industry use cases
  • Practical advice for implementing SASE in your organization.

Threat intelligence without context is just noise


Presentation by Google 

Threat intelligence is widely adopted as part of any security strategy. Unfortunately, many times it does not provide the expected results. Join this session to learn from VirusTotal experts about common use cases, mistakes to avoid, and important factors to consider when building out your threat intelligence capabilities.  

  • Alert prioritization and addressing alert fatigue
  • Incident response and forensic analysis
  • APT investigation and research

Supercharge your security telemetry with Chronicle


Presentation by Google 

Organizations are rapidly shifting their business models and corresponding technology environments to quickly respond to this new digital transformation era. Some of these challenges include data collection, analysis, and decisioning, all while the attack surface continues to grow. With an expanding attack surface, a shortage of security talent, and an overwhelming amount of  alerts, security teams need tools and strategies to modernize their SOC. Chronicle helps make enterprise security data - like EDR, firewall, VPN, DNS, and web proxy telemetry - useful right away for threat detection, response, and hunting. Join this session to learn about the unique components of the Chronicle security analytics platform that enable security teams to supercharge their security telemetry.

  • Retain all your security telemetry at Google scale, and interrogate it at Google speed.
  • Enhance your detection & response techniques with global visibility and automated best in class ML/AI.
  • Quickly adapt to major emerging threats