ISMG Events
  • Summits
  • Roundtables
  • Faculty
  • About ISMG Events
  • Contact us

Virtual Cybersecurity Summit: South East Asia

February 23-24, 2021

Register Now

WELCOME / Summit Overview

Geetha Nandikotkur

Managing Editor, Asia & the Middle East, ISMG

ISMG, a global industry leader in information security news will host the first edition of 2021 South East Asia virtual summit series on February 23-24, 2021. With the ongoing pandemic, cybersecurity professionals have been stretched plenty, for enhancing corporate agility and also reduce risk, to ensure resilience. As the region witnessed a meteoric rise in online fraud, phishing scams in 2020, CISOs are expected to rethink security and risk strategies in 2021.

Join our summit to gain insight from the Cybersecurity Thought Leaders on the myths and realities about deploying new frameworks, applying lessons learned, and think strategically, moving beyond the assumption that a bigger team is the best way to respond to increased risk.

Details

Free Registration

23 and 24 February at 9 am SGT

Register Now
For queries, contact:
email at priti.dutta@ismg-summits.com / mahesh.verma@ismg-summits.com

Speakers Associated with ISMG

  • Event Gallery

Lt. Gen Rajesh Pant (Retd.), PVSM, AVSM, VSM, PhD

National Cybersecurity Coordinator - PMO, Govt. Of India

Ron Ross

Fellow, National Institute of Standards and Technology (NIST)

Rohit Ghai

President, RSA

Randy Trzeciak

Director, CERT Insider Threat Center, CMU

Sridhar Sidhu

EVP-Enterprise Information Security, Wells Fargo

Ashutosh Jain

CISO, Axis Bank

Sameer Ratolikar

CISO, HDFC Bank

Brijesh Singh

Inspector General of Police-Training, Govt. of Maharashtra

FEATURED SPEAKERS

Suparna Goswami

Associate Editor, ISMG

Varun Haran

Managing Director, Asia & Middle East, ISMG

Geetha Nandikotkur

Managing Editor, Asia & the Middle East, ISMG

Dr. Amirudin Wahab

Chief Executive Officer, CyberSecurity Malaysia

Steven SIM Kok Leong

President, ISACA Singapore Chapter

Micky Lo

MD, Chief Information Risk Officer, BNY Mellon, HongKong

AJ Eserjose

Regional Director, OT-ISAC (Operational Technology Information Sharing and Analysis Center)

Abid Adam

Group Chief Information Security Officer & Group Head of Privacy, Axiata, Malaysia

Surachai Chatchalermpun

CISO, Krungthai Bank, Thailand

Mark Johnston

Head of Security, Customer Engineering, Google Cloud APAC, Google

Yuko Miyahara

Commercial Team Lead, Darktrace

Jonathan Andresen

Senior Director, Marketing & Products, Asia Pacific & Japan, Bitglass

Joshua Foo

Regional Director, South Asia, Hong Kong and Taiwan, Chainalysis

Kunal Jha

Senior Director Application Delivery and Security, APJ, Citrix

Neil Campbell

Vice President, APJ, Rapid 7

Phoram Mehta

Senior Director, APAC CISO, PayPal, Singapore

Mario Demarillas

CISO and Head of IT Consulting and Software Engineering, Exceture, Philippines

Venkatesh Subramaniam

Global CISO & Privacy Head, Olam International, Singapore

Karunanand Menon

Senior Sales Engineer, APAC - Sales Engineering, Okta

Hywel Morgan

Manager, System Engineering, ASEAN & Korea, Sophos

Clive Finlay

Chief Technology Officer, APJ & EMEA, Symantec Enterprise Division, Broadcom

Eric Lam

Director for Security Solutions, Microsoft Asia Pacific

Nathanael Iversen

Chief Evangelist, Illumio

Shane Read

Group CISO, Noble Group (Hong Kong)

Lee Dolsen

Chief Architect, Asia Pacific & Japan, Zscaler

Rich Thompson

VP, Global Sales Engineering, BlackBerry

Gary Gardiner

Head of Security Engineering, APAC, Check Point

Draft Agenda / Session Date & Time (SGT)



  • Tuesday, February 23rd

  • Wednesday, February 24th

  • Hall A
  • Hall B
  • Hall C
  • Hall D
8:15 am -
8:45 am
8:15 am - 8:45 am

Registration & Exhibit Browsing

8:45 am -
9:00 am
8:45 am - 9:00 am

Opening Remarks

9:00 am -
9:30 am
9:00 am - 9:30 am

Cybersecurity 2021: Enterprise Security Game Plan for CISOs in Fighting Threats

Speaker:
Shane Read, Group CISO, Noble Group (Hong Kong)

COVID-19 has resulted in increased digitization across sectors, with the enterprise cybersecurity leaders suddenly finding themselves tasked with securing a new hybrid workforce and defending their largest-ever attack surface. The trend has led to data proliferation, and organizations struggle to handle the sheer volume of data in this new regime. What are the threats to watch and technologies to embrace during the pandemic and beyond, particularly when the abundance of valuable information has captured subversive elements' attention? At the same time, cybercriminals have breached networks and compromised millions of records, not only causing revenue losses but impacting brand reputation?

Enterprises consider 2021 to be the decade of digital trust as the CISOs expect cybersecurity to have a tremendous impact on the nation's critical infrastructure.

This exclusive keynote session describes:

  • Changing threat landscape and lessons from the pandemic;
  • Key priorities for CISOs 2021 - identity and access management, cloud, data protection, and regulations;
  • A collaborative approach to building skills and techniques to achieve "future-proof" enterprise security.
9:30 am -
10:00 am
9:30 am - 10:00 am

Plenary Session: Protecting Malaysia's Critical Information Infrastructure From Rising Threats: A Cybersecurity Master Plan

Speaker:
Dr. Amirudin Wahab, Chief Executive Officer, CyberSecurity Malaysia

The year 2021 will see an increase in organized cybercrime activities, APTs, and ransomware attacks targeted at the critical infrastructure organizations across South East Asia. Also, the remote workforce. Economic stress. Pandemic fatigue has made created a "perfect storm" for an increase in security breach risks. What can you do to improve monitoring, detection, and mitigation of the risks in these unique conditions?

This exclusive session details:

  • Insight into Malaysia's Cybersecurity Master Plan for 2020-24 for tackling new threats;
  • Enhancing predictive, preventive, and response capabilities using AI & ML techniques;
  • How enterprises can use SASE and 'zero trust' models to fight new threats.
10:00 am -
10:15 am
10:00 am - 10:15 am Track A

Tech Spotlight: Still, playing Whack-a-mole with Cyber Threats? A ‘Zero Trust’ Approach to Securing the Remote Workplace

Speaker:
Kunal Jha, Senior Director Application Delivery and Security, APJ, Citrix

For years, playing whack-a-mole with security threats has been the only way to keep attackers at bay. With specialized solutions suited to every flavor of attack out there, cybersecurity has become capital intensive and increasingly complex. But what if, instead of ‘mole-whacking’ vector-based defense, IT could cover up the holes from which they tend to pop up? Why not use precious resources, protecting only the assets that need to be protected and cast aside what doesn’t?

The ‘zero trust’ approach can help you deliver the security promise.

The session will discuss:

  • How to achieve ‘invisible security’ with an intelligent experience built on analytics and automation using ‘zero trust.’
  • Delivering a better user experience and better ROI, while providing granular and consistent security policies for getting an outcome based on ‘zero trust.’
10:00 am - 10:15 am Track B

Tech Spotlight: Journey Through the IoT to the Cloud: Finding the ‘Zero-day’ Vulnerabilities

Speaker:
Gary Gardiner, Head of Security Engineering, APAC, Check Point

Check Point’s white hat research team which has discovered the existing malware out in the wild and also the’zero-day vulnerabilities discusses use cases around how organizations with responsible disclosure can further secure networks and devices.

It is imperative for organizations to under what the threat actors are doing in real-time.

The session discusses:

  • Findings around the ‘zero-day’ vulnerabilities;
  • Detecting threat actors movements in the networks, IoT devices, mobile and on the cloud in real-time;
  • Securing the networks and devices
10:15 am -
10:45 am
10:15 am - 10:45 am Track A

Securing the Future of Work with Cyber AI

Speaker:
Yuko Miyahara, Commercial Team Lead, Darktrace

The future of work remains unpredictable. More than ever before, business leaders need to remain confident that their operations can continue securely in the face of regional or even global crises, and while sections of the economy remain more uncertain and fragile than ever, cyber-attackers are ramping up their campaigns. Organizations must rethink their approach to security, and rely on new technologies like AI to achieve much-needed adaptability and resilience.

The session discusses:

  • Emerging threats from the transition to remote work
  • How AI has adapted to new patterns of work
  • Darktrace's use of Cyber AI to protect the dynamic workforce
  • Defensive Autonomous Response capabilities
10:15 am - 10:45 am Track B

EDR or XDR or MDR: Which is right for your organisation?

Speaker:
Hywel Morgan, Manager, System Engineering, ASEAN & Korea, Sophos

Historically, cybersecurity has focused on protection, preventing threats exploiting weaknesses within an organization. This is changing as organisations accept that due to gaps in defences allied with the attack's sophistication, threats will enter your organization and often remain undetected for weeks or months, exfiltrating data and moving across your assets. Businesses are increasingly focusing on threat detection and response to address this risk.

In this ever-evolving landscape, it is imperative to understand the right threat detection and response approach for your organisation; is it the Endpoint Detection and Response (EDR), or Extended Detection and Response (XDR) or Managed Detection and Response (MDR), and what are next-generation defences required.

The session will discuss:

  • The need and benefits of threat detection and response
  • Factors to consider and evaluate an appropriate approach to threat detection and response
  • Achieving operational efficiency while raising your security posture
10:15 am - 10:45 am Track C

How Blockchain Analysis Can Help Prevent Ransomware and Cryptocurrency Crime

Speaker:
Joshua Foo, Regional Director, South Asia, Hong Kong and Taiwan, Chainalysis

Covid-19 had a major impact on cryptocurrency activity, both legal and illegal, resulting in record breaking ransomware attacks seen around the world. As the pandemic raged, cybercriminals took advantage of new extortion tactics, with victim payments rising over 500% compared to 2019. Join us as we break down the ransomware ecosystem and show how surprisingly few cybercriminals enable such massive destruction.

What are the main components of the ransomware ecosystem? Is there a way to mitigate the risks posed by these attacks?

This session discusses how blockchain analysis can help your organization:

  • Profile criminals and track them down;
  • Identify emerging and dominant variants;
  • Pinpoint possible RaaS developers;
  • Track affiliates testing RaaS providers.
10:45 am -
11:00 am
10:45 am - 11:00 am

Expo Hall & Networking Break

11:00 am -
11:30 am
11:00 am - 11:30 am Track A

Building Trust in a Digital Transformation Journey: The Role of a CISO

Speaker:
Abid Adam, Group Chief Information Security Officer & Group Head of Privacy, Axiata, Malaysia

While corporate strategies around digital transformation drive good business outcomes, cybersecurity threats are amplified by the ongoing pandemic and the emergence of new technologies such as IoT and cloud momentum. How can security leaders avoid obstacles and become catalysts for change and deliver business value and mitigate risks arising from this digital transformation? How can they ensure security and privacy in their digital transformation journey, and what are the various aspects that need to be kept in mind to ensure business continuity.

This session discusses CISOs role:

  • In protecting the identity in the digital transformation journey;
  • How to begin the journey of digital trust;
  • Using right technologies to ensure security and ease of doing business.
11:00 am - 11:30 am Track B

Cloud IAM: An Effective Strategy to Solve the Integration Puzzle

Speaker:
Mark Johnston, Head of Security, Customer Engineering, Google Cloud APAC, Google

Enterprises traditionally used on-premises IAM software to manage identity and access policies. With companies adopting cloud services, the process of managing identities is getting more complicated. Therefore, adopting cloud IAM solutions becomes a logical step. However, mapping single sign-on users and IAM roles can become challenging as users can have multiple functions that span several cloud accounts.

The session will discuss:

  • How best to manage IAM roles in the cloud;
  • What does cloud IAM include;
  • On-prem IAM Vs. Cloud IAM.
11:00 am - 11:30 am Track C

Improving ICS Cyber Resilience in a connected world

Speaker:
AJ Eserjose, Regional Director, OT-ISAC (Operational Technology Information Sharing and Analysis Center)

Asset owners and operators are experiencing a convergence of IT and OT in this era of digital transformation, which is resulting in increased cyber risk to industrial control systems. Legacy ICS components are not designed to embrace this digital transformation and the heightened liability that accompanies it.

It has become imperative to redefine security architecture to build and improve the cyber resiliency of ICS in this connected world, and equip teams and systems to prevent or respond to sophisticated threats and actors now taking advantage of this new environment.

The session discusses:

  • Security threats posed by connected systems;
  • Making security part of the design from the beginning and implementing micro-segmentation strategy to build cyber resilience;
  • Maximizing the value of information and threat intelligence sharing in addressing ICS risk.
11:30 am -
12:00 pm
11:30 am - 12:00 pm Track A

How Micro-segmentation Helps Secure Apps in an SDN and a Hybrid Cloud Environment

Speaker:
Nathanael Iversen, Chief Evangelist, Illumio

As organizations pursue a new generation of infrastructure with SDN and cloud, business is primed to move and shift faster than ever, but speed without security is simply a risk multiplier. It is vital to learn how global organizations have operationalized a simple, fast, and safe segmentation strategy to secure agile, dynamic, and complex environments and stop the lateral movement of threats. What would be the security and risk outcomes and the role of micro-segmentation in building the ‘zero trust’ framework? An insight into the lessons learned from segmenting over 1 million workloads.

The session will discuss:

  • The movement toward segmentation & Zero Trust for enhanced security;
  • Why the traditional network-based segmentation approaches fall short of security;
  • How to apply micro-segmentation to any greenfield and brownfield environment.
11:30 am - 12:00 pm Track B

2021 and Beyond: A platform approach to Zero Trust

Speaker:
Clive Finlay, Chief Technology Officer, APJ & EMEA, Symantec Enterprise Division, Broadcom

Throughout 2020 organizations widely adopted a zero trust architecture in response to the pandemic and it is now fast replacing traditional VPN approaches. As the zero trust approach continues to evolve, the challenge for organizations in 2021 and beyond lies in how to implement this approach across environments, both in the cloud and on-premise.

This session will discuss:

  • The evolution of zero trust in a pandemic world
  • The next chapter in the zero trust framework and new technologies to consider
  • How to overcome implementation challenges and the benefits of a platform approach
11:30 am - 12:00 pm Track C

An Effective Approach to Respond to Security Incidents

Speaker:
Neil Campbell, Vice President, APJ, Rapid 7

Fixing a breach is far more costly than prevention. Organizations are under pressure to respond to it faster. More often than not, though, it can be weeks or months before you’ve even realized that you’ve suffered one.

The session will discuss:

  • Understanding the legal implications of the incident and plan a response mechanism;
  • Evolving a crisis management plan to prevent any reputational loss;
  • Required skills to remediate, respond and mitigate the risks and establish a smooth recovery process.
12:00 pm -
12:15 pm
12:00 pm - 12:15 pm

Networking break

12:15 pm -
12:45 pm
12:15 pm - 12:45 pm Track A

Passwordless Authentication: Enhanced Visibility and User Access and Control

Speaker:
Karunanand Menon, Senior Sales Engineer, APAC - Sales Engineering, Okta

Passwords have been a constant throughout the internet era. As we’ve moved from desktops to smartphones, from on-premises infrastructure to cloud services, we’ve all relied on passwords to access and safeguard our data and resources across the applications we use daily.

But in this new digital age where data breaches are rampant, passwords are no longer good enough. Not only are they insecure, but they are also expensive and offer a poor user experience. Is there a better way to protect your applications and prevent account takeover incidents?

The session will discuss:

  • Enhancing user experience and access control with passwordless authentication;
  • How passwordless authentication helps in curbing identity theft;
  • Critical considerations for practitioners as they embark on a passwordless journey.
12:15 pm - 12:45 pm Track B

Starting with Zero...Trust

Speaker:
Rich Thompson, VP, Global Sales Engineering, BlackBerry

When it comes to enterprise security, Zero Trust is a concept that is becoming popular. More of a philosophy than a set of procedures, Zero Trust requires a deeper discussion and look at security. Is it practical for every one? Should Zero Trust be a priority? Why does it matter? What are the challenges? What is important? What about IoT? What role does our current security program play?

This session will explore the important questions about whether Zero Trust should be a priority for your organization and touches on the role of users and devices, environment and network. We will discuss the approaches and challenges with Zero Trust, addressing business drivers such as cloud environments and business continuity needs.

12:15 pm - 12:45 pm Track C

Network & Security Transformation in a Cloud-Ready World

Speaker:
Lee Dolsen, Chief Architect, Asia Pacific & Japan, Zscaler

The IT and security heads are challenged from time to time about keeping the systems up and running, with availability and cyber resilience paramount. Breaking the kill chain is critical to understand in securing the environment. How can a ‘zero trust’ architecture be used in building this network and security transformation in a cloud-ready environment?

The session discusses:

  • Bridging the network and security gaps with the right technologies and tools;
  • Enhancing user access control mechanism with IAM and PAM;
  • Prevent data leaks with an appropriate protection plan.
12:45 pm -
1:00 pm
12:45 pm - 1:00 pm Track A

Tech Spotlight: Demystifying Zero Trust & SASE: Practical Steps to Better Security

Speaker:
Jonathan Andresen, Senior Director, Marketing & Products, Asia Pacific & Japan, Bitglass

Network security architectural best practices are undergoing a dramatic shift. Two prominent IT security trends have dominated InfoSec discussions during this ongoing pandemic: Zero Trust Network Access (ZTNA) and Secure Access Service Edge (SASE). In practical terms, which is more important, what is the relationship between them, and how will they improve cybersecurity effectiveness?

As security teams prepare for either a return to the office or a more distributed workforce and as cyber threats continue to proliferate, IT teams must understand the differences between these two essential security paradigms.

The session will discuss:

  • Key difference between ‘zero trust’ and SASE and what it means to CISOs;
  • How to improve security by leveraging ZTNA within a SASE architecture;
  • Common SASE and ZTNA use cases and tactical and strategic approach to implementing the frameworks.
12:45 pm - 1:00 pm Track B

Tech Spotlight: Applying the ‘Zero Trust’ Principles to Protect Your Enterprises Against Sophisticated Attacks

Speaker:
Eric Lam, Director for Security Solutions, Microsoft Asia Pacific

The recent cyberattacks have shown increased sophistication in the breadth of tactics used to penetrate, expand across, and persist in affected infrastructure. They have posed a serious threat to every organization. While the tactics, techniques, and procedures (TTPs) that the bad actors utilized are not new to defenders, we have also come to realize that many organizations have once again been caught unprepared.

Companies should start or continue to adopt a ‘zero trust’ mentality across their environment to defend against such attacks. A ‘zero trust’ mindset creates a more resilient, consistent, and responsive posture to new incidents. It helps address gaps in unprotected devices, weak passwords, and gaps in multi-factor authentication (MFA) coverage that attackers can exploit.

The session will discuss:

  • How a ‘zero trust’ framework will help build cyber resiliency across the environment;
  • Factors that need evaluation before implementing a ‘zero trust’ framework;
  • Improving user authentication and control using ‘zero trust’ principles.
1:00 pm -
1:30 pm
1:00 pm - 1:30 pm Track A

Panel Discussion: Adapt and Secure in 2021: A CISO's Perspective

Speakers:
Steven SIM Kok Leong, President, ISACA Singapore Chapter
Micky Lo, MD, Chief Information Risk Officer, BNY Mellon, HongKong
Surachai Chatchalermpun, CISO, Krungthai Bank, Thailand

How to strategize and see security in a new light amidst new challenges. The emergence of technologies such as IoT, skill shortage, insider threats, and cloud movement has posed the most significant risks for enterprises in the current times, which are amplified by increasing phishing attacks, targeted attacks, disruption, distortion, and deterioration.

A panel of experts discuss:

  • Risks posed by increased digitization and cloud disruption;
  • Use of right technologies in the adaptive era
  • Use of predictive analytics and active defense in detecting threats;
  • Cybersecurity investments in 2021
1:00 pm - 1:30 pm Track B

Panel Discussion: Lessons from the SolarWinds Hack: A CISOs Approach

Speakers:
Phoram Mehta, Senior Director, APAC CISO, PayPal, Singapore
Mario Demarillas, CISO and Head of IT Consulting and Software Engineering, Exceture, Philippines
Venkatesh Subramaniam, Global CISO & Privacy Head, Olam International, Singapore

The popular SolarWinds hack, the supply chain attack that implanted a backdoor in the Orion network monitoring software pushed to 18,000 of the firm's customers, is considered to be potentially the most significant intrusion in our history.

The campaign's full scale, including all of the tactics, techniques and procedures being used by attackers remaining unknown, has left most enterprises across the regions in a state of shock.

What are the lessons the CISOs need to learn from this attack? Do you have a process to evaluate your vendor's security policies and frameworks?

The panel will discuss:

  • How should the risk framework of supply chain vendors evolve;
  • The risks posed by different kinds of vendors;
  • Defining security by design approach while evaluating the third party products.
1:30 pm -
2:30 pm
1:30 pm - 2:30 pm

Expo Hall and Networking

View Schedule
  • Hall A
  • Hall B
  • Hall C
  • Hall D
8:15 am -
8:45 am
8:15 am - 8:45 am

Registration & Exhibit Browsing

8:45 am -
9:00 am
8:45 am - 9:00 am

Opening Remarks

9:00 am -
9:30 am
9:00 am - 9:30 am

Cybersecurity 2021: Enterprise Security Game Plan for CISOs in Fighting Threats

Speaker:
Shane Read, Group CISO, Noble Group (Hong Kong)

COVID-19 has resulted in increased digitization across sectors, with the enterprise cybersecurity leaders suddenly finding themselves tasked with securing a new hybrid workforce and defending their largest-ever attack surface. The trend has led to data proliferation, and organizations struggle to handle the sheer volume of data in this new regime. What are the threats to watch and technologies to embrace during the pandemic and beyond, particularly when the abundance of valuable information has captured subversive elements' attention? At the same time, cybercriminals have breached networks and compromised millions of records, not only causing revenue losses but impacting brand reputation?

Enterprises consider 2021 to be the decade of digital trust as the CISOs expect cybersecurity to have a tremendous impact on the nation's critical infrastructure.

This exclusive keynote session describes:

  • Changing threat landscape and lessons from the pandemic;
  • Key priorities for CISOs 2021 - identity and access management, cloud, data protection, and regulations;
  • A collaborative approach to building skills and techniques to achieve "future-proof" enterprise security.
9:30 am -
10:00 am
9:30 am - 10:00 am

Plenary Session: Protecting Malaysia's Critical Information Infrastructure From Rising Threats: A Cybersecurity Master Plan

Speaker:
Dr. Amirudin Wahab, Chief Executive Officer, CyberSecurity Malaysia

The year 2021 will see an increase in organized cybercrime activities, APTs, and ransomware attacks targeted at the critical infrastructure organizations across South East Asia. Also, the remote workforce. Economic stress. Pandemic fatigue has made created a "perfect storm" for an increase in security breach risks. What can you do to improve monitoring, detection, and mitigation of the risks in these unique conditions?

This exclusive session details:

  • Insight into Malaysia's Cybersecurity Master Plan for 2020-24 for tackling new threats;
  • Enhancing predictive, preventive, and response capabilities using AI & ML techniques;
  • How enterprises can use SASE and 'zero trust' models to fight new threats.
10:00 am -
10:15 am
10:00 am - 10:15 am Track A

Tech Spotlight: Still, playing Whack-a-mole with Cyber Threats? A ‘Zero Trust’ Approach to Securing the Remote Workplace

Speaker:
Kunal Jha, Senior Director Application Delivery and Security, APJ, Citrix

For years, playing whack-a-mole with security threats has been the only way to keep attackers at bay. With specialized solutions suited to every flavor of attack out there, cybersecurity has become capital intensive and increasingly complex. But what if, instead of ‘mole-whacking’ vector-based defense, IT could cover up the holes from which they tend to pop up? Why not use precious resources, protecting only the assets that need to be protected and cast aside what doesn’t?

The ‘zero trust’ approach can help you deliver the security promise.

The session will discuss:

  • How to achieve ‘invisible security’ with an intelligent experience built on analytics and automation using ‘zero trust.’
  • Delivering a better user experience and better ROI, while providing granular and consistent security policies for getting an outcome based on ‘zero trust.’
10:00 am - 10:15 am Track B

Tech Spotlight: Journey Through the IoT to the Cloud: Finding the ‘Zero-day’ Vulnerabilities

Speaker:
Gary Gardiner, Head of Security Engineering, APAC, Check Point

Check Point’s white hat research team which has discovered the existing malware out in the wild and also the’zero-day vulnerabilities discusses use cases around how organizations with responsible disclosure can further secure networks and devices.

It is imperative for organizations to under what the threat actors are doing in real-time.

The session discusses:

  • Findings around the ‘zero-day’ vulnerabilities;
  • Detecting threat actors movements in the networks, IoT devices, mobile and on the cloud in real-time;
  • Securing the networks and devices
10:15 am -
10:45 am
10:15 am - 10:45 am Track A

Securing the Future of Work with Cyber AI

Speaker:
Yuko Miyahara, Commercial Team Lead, Darktrace

The future of work remains unpredictable. More than ever before, business leaders need to remain confident that their operations can continue securely in the face of regional or even global crises, and while sections of the economy remain more uncertain and fragile than ever, cyber-attackers are ramping up their campaigns. Organizations must rethink their approach to security, and rely on new technologies like AI to achieve much-needed adaptability and resilience.

The session discusses:

  • Emerging threats from the transition to remote work
  • How AI has adapted to new patterns of work
  • Darktrace's use of Cyber AI to protect the dynamic workforce
  • Defensive Autonomous Response capabilities
10:15 am - 10:45 am Track B

EDR or XDR or MDR: Which is right for your organisation?

Speaker:
Hywel Morgan, Manager, System Engineering, ASEAN & Korea, Sophos

Historically, cybersecurity has focused on protection, preventing threats exploiting weaknesses within an organization. This is changing as organisations accept that due to gaps in defences allied with the attack's sophistication, threats will enter your organization and often remain undetected for weeks or months, exfiltrating data and moving across your assets. Businesses are increasingly focusing on threat detection and response to address this risk.

In this ever-evolving landscape, it is imperative to understand the right threat detection and response approach for your organisation; is it the Endpoint Detection and Response (EDR), or Extended Detection and Response (XDR) or Managed Detection and Response (MDR), and what are next-generation defences required.

The session will discuss:

  • The need and benefits of threat detection and response
  • Factors to consider and evaluate an appropriate approach to threat detection and response
  • Achieving operational efficiency while raising your security posture
10:15 am - 10:45 am Track C

How Blockchain Analysis Can Help Prevent Ransomware and Cryptocurrency Crime

Speaker:
Joshua Foo, Regional Director, South Asia, Hong Kong and Taiwan, Chainalysis

Covid-19 had a major impact on cryptocurrency activity, both legal and illegal, resulting in record breaking ransomware attacks seen around the world. As the pandemic raged, cybercriminals took advantage of new extortion tactics, with victim payments rising over 500% compared to 2019. Join us as we break down the ransomware ecosystem and show how surprisingly few cybercriminals enable such massive destruction.

What are the main components of the ransomware ecosystem? Is there a way to mitigate the risks posed by these attacks?

This session discusses how blockchain analysis can help your organization:

  • Profile criminals and track them down;
  • Identify emerging and dominant variants;
  • Pinpoint possible RaaS developers;
  • Track affiliates testing RaaS providers.
10:45 am -
11:00 am
10:45 am - 11:00 am

Expo Hall & Networking Break

11:00 am -
11:30 am
11:00 am - 11:30 am Track A

Building Trust in a Digital Transformation Journey: The Role of a CISO

Speaker:
Abid Adam, Group Chief Information Security Officer & Group Head of Privacy, Axiata, Malaysia

While corporate strategies around digital transformation drive good business outcomes, cybersecurity threats are amplified by the ongoing pandemic and the emergence of new technologies such as IoT and cloud momentum. How can security leaders avoid obstacles and become catalysts for change and deliver business value and mitigate risks arising from this digital transformation? How can they ensure security and privacy in their digital transformation journey, and what are the various aspects that need to be kept in mind to ensure business continuity.

This session discusses CISOs role:

  • In protecting the identity in the digital transformation journey;
  • How to begin the journey of digital trust;
  • Using right technologies to ensure security and ease of doing business.
11:00 am - 11:30 am Track B

Cloud IAM: An Effective Strategy to Solve the Integration Puzzle

Speaker:
Mark Johnston, Head of Security, Customer Engineering, Google Cloud APAC, Google

Enterprises traditionally used on-premises IAM software to manage identity and access policies. With companies adopting cloud services, the process of managing identities is getting more complicated. Therefore, adopting cloud IAM solutions becomes a logical step. However, mapping single sign-on users and IAM roles can become challenging as users can have multiple functions that span several cloud accounts.

The session will discuss:

  • How best to manage IAM roles in the cloud;
  • What does cloud IAM include;
  • On-prem IAM Vs. Cloud IAM.
11:00 am - 11:30 am Track C

Improving ICS Cyber Resilience in a connected world

Speaker:
AJ Eserjose, Regional Director, OT-ISAC (Operational Technology Information Sharing and Analysis Center)

Asset owners and operators are experiencing a convergence of IT and OT in this era of digital transformation, which is resulting in increased cyber risk to industrial control systems. Legacy ICS components are not designed to embrace this digital transformation and the heightened liability that accompanies it.

It has become imperative to redefine security architecture to build and improve the cyber resiliency of ICS in this connected world, and equip teams and systems to prevent or respond to sophisticated threats and actors now taking advantage of this new environment.

The session discusses:

  • Security threats posed by connected systems;
  • Making security part of the design from the beginning and implementing micro-segmentation strategy to build cyber resilience;
  • Maximizing the value of information and threat intelligence sharing in addressing ICS risk.
11:30 am -
12:00 pm
11:30 am - 12:00 pm Track A

How Micro-segmentation Helps Secure Apps in an SDN and a Hybrid Cloud Environment

Speaker:
Nathanael Iversen, Chief Evangelist, Illumio

As organizations pursue a new generation of infrastructure with SDN and cloud, business is primed to move and shift faster than ever, but speed without security is simply a risk multiplier. It is vital to learn how global organizations have operationalized a simple, fast, and safe segmentation strategy to secure agile, dynamic, and complex environments and stop the lateral movement of threats. What would be the security and risk outcomes and the role of micro-segmentation in building the ‘zero trust’ framework? An insight into the lessons learned from segmenting over 1 million workloads.

The session will discuss:

  • The movement toward segmentation & Zero Trust for enhanced security;
  • Why the traditional network-based segmentation approaches fall short of security;
  • How to apply micro-segmentation to any greenfield and brownfield environment.
11:30 am - 12:00 pm Track B

2021 and Beyond: A platform approach to Zero Trust

Speaker:
Clive Finlay, Chief Technology Officer, APJ & EMEA, Symantec Enterprise Division, Broadcom

Throughout 2020 organizations widely adopted a zero trust architecture in response to the pandemic and it is now fast replacing traditional VPN approaches. As the zero trust approach continues to evolve, the challenge for organizations in 2021 and beyond lies in how to implement this approach across environments, both in the cloud and on-premise.

This session will discuss:

  • The evolution of zero trust in a pandemic world
  • The next chapter in the zero trust framework and new technologies to consider
  • How to overcome implementation challenges and the benefits of a platform approach
11:30 am - 12:00 pm Track C

An Effective Approach to Respond to Security Incidents

Speaker:
Neil Campbell, Vice President, APJ, Rapid 7

Fixing a breach is far more costly than prevention. Organizations are under pressure to respond to it faster. More often than not, though, it can be weeks or months before you’ve even realized that you’ve suffered one.

The session will discuss:

  • Understanding the legal implications of the incident and plan a response mechanism;
  • Evolving a crisis management plan to prevent any reputational loss;
  • Required skills to remediate, respond and mitigate the risks and establish a smooth recovery process.
12:00 pm -
12:15 pm
12:00 pm - 12:15 pm

Networking break

12:15 pm -
12:45 pm
12:15 pm - 12:45 pm Track A

Passwordless Authentication: Enhanced Visibility and User Access and Control

Speaker:
Karunanand Menon, Senior Sales Engineer, APAC - Sales Engineering, Okta

Passwords have been a constant throughout the internet era. As we’ve moved from desktops to smartphones, from on-premises infrastructure to cloud services, we’ve all relied on passwords to access and safeguard our data and resources across the applications we use daily.

But in this new digital age where data breaches are rampant, passwords are no longer good enough. Not only are they insecure, but they are also expensive and offer a poor user experience. Is there a better way to protect your applications and prevent account takeover incidents?

The session will discuss:

  • Enhancing user experience and access control with passwordless authentication;
  • How passwordless authentication helps in curbing identity theft;
  • Critical considerations for practitioners as they embark on a passwordless journey.
12:15 pm - 12:45 pm Track B

Starting with Zero...Trust

Speaker:
Rich Thompson, VP, Global Sales Engineering, BlackBerry

When it comes to enterprise security, Zero Trust is a concept that is becoming popular. More of a philosophy than a set of procedures, Zero Trust requires a deeper discussion and look at security. Is it practical for every one? Should Zero Trust be a priority? Why does it matter? What are the challenges? What is important? What about IoT? What role does our current security program play?

This session will explore the important questions about whether Zero Trust should be a priority for your organization and touches on the role of users and devices, environment and network. We will discuss the approaches and challenges with Zero Trust, addressing business drivers such as cloud environments and business continuity needs.

12:15 pm - 12:45 pm Track C

Network & Security Transformation in a Cloud-Ready World

Speaker:
Lee Dolsen, Chief Architect, Asia Pacific & Japan, Zscaler

The IT and security heads are challenged from time to time about keeping the systems up and running, with availability and cyber resilience paramount. Breaking the kill chain is critical to understand in securing the environment. How can a ‘zero trust’ architecture be used in building this network and security transformation in a cloud-ready environment?

The session discusses:

  • Bridging the network and security gaps with the right technologies and tools;
  • Enhancing user access control mechanism with IAM and PAM;
  • Prevent data leaks with an appropriate protection plan.
12:45 pm -
1:00 pm
12:45 pm - 1:00 pm Track A

Tech Spotlight: Demystifying Zero Trust & SASE: Practical Steps to Better Security

Speaker:
Jonathan Andresen, Senior Director, Marketing & Products, Asia Pacific & Japan, Bitglass

Network security architectural best practices are undergoing a dramatic shift. Two prominent IT security trends have dominated InfoSec discussions during this ongoing pandemic: Zero Trust Network Access (ZTNA) and Secure Access Service Edge (SASE). In practical terms, which is more important, what is the relationship between them, and how will they improve cybersecurity effectiveness?

As security teams prepare for either a return to the office or a more distributed workforce and as cyber threats continue to proliferate, IT teams must understand the differences between these two essential security paradigms.

The session will discuss:

  • Key difference between ‘zero trust’ and SASE and what it means to CISOs;
  • How to improve security by leveraging ZTNA within a SASE architecture;
  • Common SASE and ZTNA use cases and tactical and strategic approach to implementing the frameworks.
12:45 pm - 1:00 pm Track B

Tech Spotlight: Applying the ‘Zero Trust’ Principles to Protect Your Enterprises Against Sophisticated Attacks

Speaker:
Eric Lam, Director for Security Solutions, Microsoft Asia Pacific

The recent cyberattacks have shown increased sophistication in the breadth of tactics used to penetrate, expand across, and persist in affected infrastructure. They have posed a serious threat to every organization. While the tactics, techniques, and procedures (TTPs) that the bad actors utilized are not new to defenders, we have also come to realize that many organizations have once again been caught unprepared.

Companies should start or continue to adopt a ‘zero trust’ mentality across their environment to defend against such attacks. A ‘zero trust’ mindset creates a more resilient, consistent, and responsive posture to new incidents. It helps address gaps in unprotected devices, weak passwords, and gaps in multi-factor authentication (MFA) coverage that attackers can exploit.

The session will discuss:

  • How a ‘zero trust’ framework will help build cyber resiliency across the environment;
  • Factors that need evaluation before implementing a ‘zero trust’ framework;
  • Improving user authentication and control using ‘zero trust’ principles.
1:00 pm -
1:30 pm
1:00 pm - 1:30 pm Track A

Panel Discussion: Adapt and Secure in 2021: A CISO's Perspective

Speakers:
Steven SIM Kok Leong, President, ISACA Singapore Chapter
Micky Lo, MD, Chief Information Risk Officer, BNY Mellon, HongKong
Surachai Chatchalermpun, CISO, Krungthai Bank, Thailand

How to strategize and see security in a new light amidst new challenges. The emergence of technologies such as IoT, skill shortage, insider threats, and cloud movement has posed the most significant risks for enterprises in the current times, which are amplified by increasing phishing attacks, targeted attacks, disruption, distortion, and deterioration.

A panel of experts discuss:

  • Risks posed by increased digitization and cloud disruption;
  • Use of right technologies in the adaptive era
  • Use of predictive analytics and active defense in detecting threats;
  • Cybersecurity investments in 2021
1:00 pm - 1:30 pm Track B

Panel Discussion: Lessons from the SolarWinds Hack: A CISOs Approach

Speakers:
Phoram Mehta, Senior Director, APAC CISO, PayPal, Singapore
Mario Demarillas, CISO and Head of IT Consulting and Software Engineering, Exceture, Philippines
Venkatesh Subramaniam, Global CISO & Privacy Head, Olam International, Singapore

The popular SolarWinds hack, the supply chain attack that implanted a backdoor in the Orion network monitoring software pushed to 18,000 of the firm's customers, is considered to be potentially the most significant intrusion in our history.

The campaign's full scale, including all of the tactics, techniques and procedures being used by attackers remaining unknown, has left most enterprises across the regions in a state of shock.

What are the lessons the CISOs need to learn from this attack? Do you have a process to evaluate your vendor's security policies and frameworks?

The panel will discuss:

  • How should the risk framework of supply chain vendors evolve;
  • The risks posed by different kinds of vendors;
  • Defining security by design approach while evaluating the third party products.
1:30 pm -
2:30 pm
1:30 pm - 2:30 pm

Expo Hall and Networking

View Schedule

SPONSORS / This Summit's Sponsors

Darktrace
Chainalysis
bitglass
Citrix New
Symantec
Sophos
Rapid7
Ilumio
Microsoft
Check Point 2
Okta 2
BlackBerry 2
Zscaler

Meet Our Speakers

ISMG Global Events: 2020 and Beyond

ISMG's SVP of Editorial, VP of Global Events, and Group Director of Custom Events discuss the state of events.

The Critical Importance of Data Integrity

Microsoft's Diana Kelley on How to Keep Data Untampered

Steve Katz on Cybersecurity’s State of the Union

World's First CISO Weighs in on the Technologies and Trends Shaping 2019

The Challenge of Fighting Identity Fraud

IBM's Shaked Vax on Emerging Technologies to Assure Digital IDs

A Common Sense Guide to Mitigating Insider Threats

Randy Trzeciak of CERT Reviews the Latest Research

VIRTUAL SUMMIT DETAILS / what to expect at our virtual event

View sessions, chat with speakers and technology experts in our Interactive Exhibit & Networking Experience, and browse our Resource Center to download educational assets to review post-summit.

If you miss any live sessions, feel free to log in and view on demand at your own pace. Session recordings will be available in our virtual environment after the agenda has ended.

ISMG Virtual Summit Attendee Guide
For more information please download our ISMG Virtual Summit Attendee Guide.

Register Today

To earn CPE credits, hear from industry influencers, join ISMG’s global community and meet with leaders of technology register today.

Register Now
For queries, contact:
email at priti.dutta@ismg-summits.com / mahesh.verma@ismg-summits.com

Contact Us

Reach us: Reserve your attendance today to ensure you don’t miss the opportunity to meet, network and learn from the foremost experts in information security and risk management in this interactive environment.

+1 (609) 356-1499
events@ismg.io

Join the Community

Subscribe to get the latest happenings on our Roundtables, Summits, and other Events!

    • BankInfoSecurity
    • CUInfoSecurity
    • GovInfoSecurity
    • HealthcareInfoSecurity
    • InfoRiskToday
    • CareersInfoSecurity
    • DataBreachToday
    • CyberEd
    Home | Summits | Press Releases | Sponsorship
    © 2021 Information Security Media Group, Corp. |
    Privacy & GDPR Statement | CCPA: Do Not Sell My Personal Data