Escolar Documentos
Profissional Documentos
Cultura Documentos
Each day, cyber threats become increasingly intricate and difficult to detect. The toll from attacks in Asia exceeded those
in North America and the EU by about $20bn each and accounted for more than a quarter of the $315bn cost of attacks
globally. Over the past year, we saw that with the rise of device connectivity came boundless opportunities for malicious
hackers to attack device vulnerabilities. With the support of forward-thinking security strategies and technology solutions
to match, the modern business can minimize potential risk and step confidently into a digital future.
Angel T. Redoble
Choong - Fook Fong Chairman and Founding President
CEO PHILIPPINE INSTITUTE OF CYBER
LE GLOBAL SERVICES SECURITY PROFESSIONAL
Cyber security received heightened interest in 2016 due to a spate of cyber attacks in the region. These included
cyber attacks on the database of 55 million voters at the Philippines Commission on Elections (COMELEC), the
National Payment Corporation of India (NPCI), US$81 million cyber heist at the Bangladesh Central Bank and the
massive data leaks as shown by the Yahoo data incidents. Large-scale ATM heists have taken place in Taiwan,
Malaysia and Thailand.
As evidenced by the above, cyber attacks can impact any industry at any time. In fact, as more industries become
increasingly connected to the Internet due to the Internet of Things, it is more essential than ever to consider if your
organisation is cyber ready for 2017 and beyond.
We look forward to welcoming you and your peers as we discuss topics ranging from incident response to applica-
tion security to business skills for the information security professional and top Management.
Join us at Cyber Security Asia 2017 Conference & we will help you navigate the Digital Danger Zone.
Asia Pacific Companies have been hit by some form of Cyber Attack
Delegates are attending to actively find solutions to revolutionize their security strategy in order to stay competitive.
Make sure that your company is there in front of them as they are assessing the best possible solutions to these issues.
For more details of sponsorship and exhibition packages, call us on +603 22606500 or email: tcharles@thomvell.com
DAY 1
7 AUGUST 2017 l MONDAY
Panelist:
Dato Dr. Haji Amirudin Abdul Wahab, CEO, CYBERSECURITY MALAYSIA
Dani Michaux, Executive Director, KPMG MANAGEMENT & RISK CONSULTING
Chalee Vorakulpipat, Head of Cyber Security Laboratory, NECTEC THAILAND
Angel T. Redoble, Chairman & Founding President, PHILLIPINE INSTITUTE OF CYBER
SECURITY PROFESSIONALS
9:35-10:15am Practical Analytics: A Hands-on Approach to Detecting Cloud-and IoT- based Cyber
Threats
Our job as network and security professionals is to monitor and analyze systems for the unexpected.
Cloud and IoT-based networking solutions and devices are now part of the infrastructure we secure.
Lets take a deep dive into some of the tools, tips, tricks and traps that can help us identify how
todays hackers exploit our systems. In this presentation, Jorge will provide insights and stories
gathered throughout the world. He will discuss ways to identify and combat covert channels in
todays networks, as well as ways to analyze and report these issues to your boss.
Jorge Sebastiao, ICT Expert & Cloud Practice Leader, HUAWEI TECHNOLOGIES
11:40-12:10pm Incident Response - Threats and Malware EverywhereNows the Time to ACT!
Security incidents are on the rise, both in volume and sophistication. Brett Williams has assisted
many organizations around the world that were victims of advanced, targeted attacks. Experience
has shown that organizations can detect and halt advanced attacks if they understand the threat and
prepare in advance. In incident response, the investigative team must understand digital evidence
collection, forensic analysis and how formulate a course of action to effectively bring the event to
closure. Gaps in investigative skills will delay the response and provide the attacker an opportunity
to steal data and further embed themselves in the network. This presentation is based on Bretts
extensive experience in investigating and remediating advanced attacks, and outlines key skills a
response team requires to quickly respond to and stop advanced attacks
Brett Williams, Sales Engineering Head, Asia Pacific & Japan, CARBON BLACK
12:10-12:35pm Strategies of Effective Advanced Threat Detection
The industry is beginning to move from a focus on prevention to detection of advanced threats, but
at this early stage, extravagant vendor marketing claims are obfuscating the path forward. This
session will lay out strategies and principles of an effective threat detection program that will help
organizations achieve success, regardless of the technologies they choose to achieve that success
The threat is clear. The security sector needs to immediately mobilize resources for bridging the gap
in numbers without compromising the quality in talent. Improvements in security technology may
offer a partial solution, but ultimately, its the people on the frontlinesand in the back officewho
are responsible for building and protecting information technology systems. Unfortunately, there just
arent enough qualified cybersecurity professionals. The only way for companies and government
organizations to fill this talent gap is to comprehensively groom and nourish future cyber warriors.
Hear from technologist expert how to unlock the next generation of cyber security talent.
Niklas Kjellin, Mobile System Architect & Security Expert, SIGMA SWEDEN
Panel
2:40-3:10pm Building a Secure & Modern Enterprise in a World of Growing Cyber Threats
It is well known that the Cyber world has been plagued by an increasing number and complexity of
threats in recent years. The commoditization of attack tools and methods have made securing the
journey into the Digital World one which is full of risks. So how do organizations create and execute
on their Digital Transformation Strategies, while at the same time ensuring the security and privacy
of their information assets? This presentation looks at some important areas of focus which will help
organizations build a secure and modern enterprise, and take the safer and more Cyber resilient
path to their new Digital Future.
Blockchain technologies have caught the attention of the financial, supply chain, and IOT sectors
because of their hyped robustness, verification and authenticity properties, and decentralized
computer/storage.
Do these same qualities offer better security, authentication and penetration controls? To be
sure, blockchains transactions are secure in that they are processed at every node, but does
that raise new security concerns in storing all the data every node-and transmitting all the data
to and from them?
What about privacy and data sovereignty? And are these things truly new: Sharding, state
channels, ring signatures, additively homomorphic encryption, and zero-knowledge?
How do they apply here?
What are Smart Contracts and do they enhance security?
Do these qualities offer new paradigms of how we think about security, authentication and
penetration?
Finally, are blockchains a net plus or minus for cyber security?
Panelist:
Dr. Gajendran Kandasamy, SVP, Information Security, MATCHMOVE PAY INDONESIA
Mustafa Al Bassam, Information Security Advisor, SECURE TRADING UNITED KINGDOM
Neeraj Murarka, Chief Technology Officer, BLUZELLE SINGAPORE
3:45-4:10pm Tea Break
Panel
4:10-5:00pm Inside The Mind of The Hacker
In order to better anticipate how to protect our networks, we need to start thinking like a typical
hacker. In these hands-on sessions, well see how these top hackers breach databases, use the
dark web and penetrate our networks. This interactive and engaging session shares insights on the
Clear & Present danger enterprises face plus where they went wrong. Think like a hacker to prevent
the hack!
Panelist:
Dan Tentler, Founder, PHOBOS GROUP
Choong-Fook Fong, CEO, LE GLOBAL SERVICES
Paul Craig, Head Offensive Security, VANTAGE POINT
Mustafa Al Bassam, Information Security Advisor, SECURE TRADING UNITED KINGDOM
DAY 2
8 AUGUST 2017 l TUESDAY
9:00-9:35am Cyber Security Readiness Forget the Hype, Get Back to the Basics
The frequency of cybercrime news stories and successful cyber-attacks has resulted in a seemingly
continuous hype cycle around cyber security. Security vendors are riding the hype cycle to sell more
products in more categories that you can poke a stick at. Threat intelligence, log management, cloud
based security, Next Gen Firewall, APT detection are all touted as the must have products, without
which an organization is exposed. Ashutosh talks about getting back to the basics to effectively
tackle cyber threats. Presentation will be based on his real world experience in enhancing security
in a complex organization. He will show how increased security leadership, visibility of information
assets, data-centric approach and people centric maturity model of security helped him increase
security maturity in his organisation.
10:25-11:00am Understanding the Current Cyber Threat Landscape and Next Generation
Adversaries in Financial Services: What Do You Need To Be Prepared For?
Crucial insights: how cyber criminals conduct their business:
Facts and figures on current attacks against financial institutions
What are the new vulnerabilities that attract hackers?
How collaboration and Public Private Partnerships play a vital role in protecting every
organization
Moderated by:
KC Wong, CEO, CREDIT BUREAU MALAYSIA
In this keynote, Ali Rebaie will introduce the audience on Big Data and how it is being used in several
industries. Being able to capture streaming data in real-time and detect attacks became a core need
for organizations within this data deluge. New technologies enable them to take proactive decisions
and also to understand the networks of fraud and influential attackers using big data. Also, with the
emergence of IoT architectures across smart cities and companies, fog computing will play a
massive role in securing these IoT
Ali Rebaie, President & Data Science Anthropologist, Rebaie Analytics Group
The session will showcase how a modern day organization can utilize the talent of White Hat
Security researchers to secure their infrastructure by means of its own Bug Bounty program. It will
be focused on the explanation of the crowd sourced model of cyber security services to the
attendees and identifying key benefits as to how this model can help prevent greater threats for an
organization and or a national infrastructure. The examples Hack the Army Bug Bounty Program
by the US Dept of Defense will be used as a benchmark to highlight the process of securing a
national infrastructure by means of a Bug Bounty Program
Shahmeer Amir, Information Security Analyst & Bug Bounty Hunter, VEILIUX PAKISTAN
In todays world, consumer-grade, professional and even police-grade Wi-Fi-operated drones offer
threats in terms of security and safety. Drones are sensitive to hijacking attacks, but on the other
hand, can be used to hijack other drones, for spying, or even as attack platforms to critical
infrastructures. The presentation, with the aid of the drone "Atropos", will address state-of-the-art
Wi-Fi-drone security with specific Wi-Fi based solutions designed for the drone world. It will review
how drones can be protected against hijacking and radio jamming attacks, and how this technology
can be used as attacking platforms against wireless networks
David Melndez, R&D Embedded Software Engineer , ALBALA INGENIEROS, S.A.
4:55-5:45pm CLOSING KEYNOTE: Blurred Lines: Hardware, Software & the Internet of Things
Our societies are primed to take modern luxuries for granted. We flip a switch and expect the instant
glow of the electric flame. We open the refrigerator expecting food & drinks to be waiting for us at
just the right temperature. We walk into our homes and expect the air conditioning to continuously
and automatically maintain a comfortable equilibrium between hot and cold temperatures. It is only
in moments when our luxuries are taken away from us that we truly reflect on how much we have
come to depend on them. The Northeast blackout of 2003 not only affected 45 million people but
also caused deaths from misplaced candles. Its only been about 100 years since weve figured out
how to create electricity, yet we cant imagine living in a world without our electrical infrastructure.
Traditionally, the attack vectors to our fundamental luxuries have required physical tampering,
mostly because access to the infrastructure has been isolated from the internet. This is about to
change, with the upcoming onslaught and disruption that will be caused as we look to a future of 40
billion things connected to the internet. In this talk, we will take a fascinating look into abusing the
most popular IoT based devices already available in the market. We will take a look at how a simple
attack can cause a perpetual blackout targeting LED lightbulbs, how bad security decisions have
grossly violated the privacy of families, and how the insecurity of powerful electric cars can put you
at risk. The upcoming IoT age will blur the line between our physical and online lives. Attacks
targeting our online spaces will put our physical security at risk and that of our loved ones. The goal
of this talk is to demonstrate the tangible risk in IoT devices that we are only going to depend on
more as time progresses - it is through these discussions that we can begin to formulate our strategy
for securely enabling our sensor-based future.
Nitesh Dhanjani, Author & Global Head Information Security Researcher, United States of America
Dato Dr Haji Amirudin Abdul Wahab is currently the Mustafa Al Bassam currently is the Information
Chief Executive Officer of Cyber Security Malaysia, a Security Advisor for Secure Trading in London. The
strategic agency under the Ministry of Science, reformed hacker who reportedly hacked fox.com, FBI
Technology and Innovation. He has more than 20 years affiliate Infragard, and Sony - acts as a security advisor
of ICT working experience in the telecom and IT sector on Secure Tradings technology and services, including
in the Government as well as in the semi-government a blockchain research project called Trustery which
and private sectors. Through his leadership at Cyber has been established in a bid to help commercialise
Security Malaysia, Dr Amir managed to contribute to blockchain technologies and improve the visibility and
Malaysias achievement in attaining number #3 rank in security of online payments.Secure Trading has been
the world, in the 2014 International Telecom Union (ITU) named winner of the Best Customer Focus Category at
Global Cyber Security Index and becoming the first the 2016 Best Business Awards, following its work with
World Trustmark Alliance Chairman to be reappointed London School of Economics to help the world-class
to a second term, was selected to receive an ASEAN university increase the rate of its online payments. In
Award as the Outstanding Chief Information/Security 2016, Mustafa was listed by Forbes as one of the 30
Officer Award. Under 30 in the Technology section.
Casey Fleming serves as Chief Executive Officer of Paul Craig leads the offensive security Tiger Team
BLACKOPS Partners Corporation, the leading at Vantage Point, here in Singapore. Paul originally
intelligence, think tank, strategy, and cyber security hails from New Zealand and is an avid hacker with a
advisors to senior leadership of the worlds largest passion for the dark art of exploitation. Paul has been
organizations. Mr. Fleming is widely recognized as a hacking professionally for the past 13 years and
top thought-leader, leading expert and speaker on considers nothing impossible. Paul Craig works with
intelligence, strategy, national security, asymmetrical Asia's strongest and largest banks to help raise their
hybrid warfare, and cyber security. The Cyber security bar and keep Singapore safe. He
security Excellence Awards recently named him developmed techniques and tools that are taught in
Cyber security Professional of the Year. Mr. Fleming the SANS Advanced Penetration Testing (SEC660)
led global organizations for IBM Corporation, Deloitte course and he has spoken at over 50 international
Consulting, and Good Technology. He served as the security conferences world-wide.
founding managing director of IBMs highly
successful Cyber division, now IBM Security. Mr.
Fleming earned his Bachelor of Science degree from Angel Redoble is currently the Chief Information
Texas A&M University and has participated in Security Officer (CISO) of ePLDT, Inc and the
executive programs with Harvard Business School Founding President of Philippine Institute of Cyber
and The Wharton School. Security Professionals (PICSPro). He was Formerly a
Senior Consultant of the Homeland Security
Department of Indra Sistemas, during his 5 year stay
Dani Michaux is the Executive Director of KPMG in Madrid, Spain. In 2013 he was an honoree of the
Management & Risk Consulting based in Malaysia. 2013 Asia Pacific Information Security Leadership
She is currently the Cyber Security Lead for ASEAN, Achievement (ISLA) Award, given by the International
and Cyber Strategic Growth Initiatives (SGI) Lead in Information System Security Certification
ASPAC. She has over 15 years of experience where Consortium, Inc or ISC2. Due to his passion and
she has had the opportunity to consult multiple clients contribution in combating cyber crime in the
on Unified Compliance and Risk Management, Philippines, Angel was a 2013 and 2016 Awardee of
Business Continuity Planning, Information the Philippine National Police Anti Cybercrime Group.
Governance, IT GRC, Information Security He is a Graduate of the Senior Executive Course on
Management Systems, Architecture, Remediation National Security program of the National Defense
Programs, Security Assessment especially to the College of the Philippines, completed his Masters in
Financial, Telecommunications, Energy, and Information Security Management in Universidad
Government sectors. She has also performed a Pontificia de Salamanca campus de Madrid,
number of information security engagement within successfully Completed the program "Cyber Warfare:
Energy and Telecommunication Companies covering Weaponry and Strategies of Digital Conflict",
Process Control Domain Systems and critical Technolytics Institute, USA and a well experienced
infrastructure for Telecommunications Company. She ISO27001 Certified Lead Auditor."
is currently the Chief Information Security Officer
(CISO) of a telecommunications company in
Ashutosh Kapse is currently Head of Information
Malaysia, and she was the acting Chief Information
security, technology risk and audit at IOOF Holdings
Security Officer (CISO) for large vertically integrated
Ltd., one of Australias largest financial services
energy player in Malaysia in 2015, and for a
companies. He is a senior-level professional
Telecommunication player in 2013. She is also part
experienced in security, risk management and audit
of the Cloud Computing Group in KPMG MY and
leadership for over 20 years. His subject matter
leading the Cloud Security initiatives.
expertise is independently validated through industry
certifications including CISM, CRISC, CISA, IRAP,
Krishna Rajagopal is the Group CEO of Akati CCSK and ISO27001 Lead Auditor. He has worked
Malaysia where he develops, maintains and publishes as a consultant in Australia and has provided
information security standards, policies, procedures and advisory to numerous organizations in developing
guidelines for the companys key clients. He is also an and implementing Governance, Information Security
expert witness assisting various enforcement bodies Management Systems, and Risk Management
across the globe. Krishna conducts trainings and Frameworks. He has a proven track record in being
provides services as a consultant globally. Krishna is able to present and influence at the board and
often invited to speak in conferences, forums & C-suite level. His thought leadership is evidenced
television interviews related to Infosec which also through speaking invitations to various international
includes development of secure practises . Moreover, security & GRC conferences including Ignite2015 in
Krishna has trained several international Police forces Las Vegas, North America CACS in Dallas,
on security measures and he is accredited as a International Security conference in Mexico and Asia
specialist in forensic investigation and prosecution of Pacific.
hackers and fraudsters.
BIOGRAPHY
Manish Bahl leads Cognizants Center for the Future Jorge Sebastiao is a seasoned cloud, managed
of Work in Asia Pacific. A respected speaker and services & security professional focused on business
thinker,Manish has guided many Fortune 500 value; Hebrings experience, creativity, structure and
companies into the future of work with his innovation to the solutions he architects ICT
thought-provoking research and advisory skills. he infrastructure. With over 28 years of ICT experience,
helps ensure that the units original research and covering, C level on Cloud Computing, Cyber
analysis jibes with emerging business-technology Security, Physical Security, Managed Services,
trends and dynamics in Asia, and collaborates with a managed security services, business continuity, and
wide range of leading thinkers to understand how the disaster recovery as well as governance, risk
future of business will look. His professional expertise management, compliance, auditing, certification.
spans business technology strategy and planning, Served sectors include oil & gas, banking, financial,
C-level thought leadership, innovation, and sales & telecom, government, defence, healthcare, and
marketing. He most recently served as Vice education. Jorge created the process A6 of security:
President, Country Manager with Forrester Research Assess, Architect, Apply, Administer, Awareness &
India where he provided strategic guidance to Agility. He architects practical & business focused
Forrester clients and drove Forresters growth in the Cloud and Security solutions using standards &
Asia Pacific region. His research covered IT strategy, industry best practices.
strengthening the linkage between business and
technology, disruptive start-ups, and the overall
technology services market in Asia Pacific.
Choong-Fook Fong has had considerable Sumit Puri is an experienced IT Leader with over 23
experience in the IT industry and is a 15 year veteran years of work experience in conceptualizing digital
in the specialized and highly-demanding arena of enterprise strategy and enabling operational process
information security; his special focus is undertaking transformation in leading organizations in Asia. He
IT security trainings and consultations to match has carried out IOT led digital innovation besides
strategic business objectives. He has consulted with, facilitating several new digital business models as
and trained multiple government and multinational CIO, Max Healthcare. Prior to his stint as CIO, Max
clients in the Asia Pacific, Eastern Europe and Africa Healthcare, he has played diverse senior roles in
regions on information system security, enterprise Prudential Corporation Asia as VP- Regional
risk matrix design, policy review, policy Operations, CIO Prudential Indonesia, Senior Vice
implementation assurance, penetration testing, President at ICICI Prudential, Global Digitization
technical configuration evaluation, security Leader at GENPACT and Senior management
procedures and disaster recovery/business continuity consultant at PricewaterhouseCoopers(India). He is
planning. Also as guest speaker for Federal Bureau LEAN, Six Sigma and PMP certified, has strong
of Investigation (FBI)s INFRAGARD event, Mr. Fong leadership skills and a passion for innovation.
is imminently qualified in his field in that he holds
both academic and professional qualifications.
Authorisation
3. Name:..............................................................................
.... THOMVELL INTERNATIONAL shall assume no liability whatsoever in
the event this conference is cancelled, rescheduled or postponed due
Job title:........................................................................... to a fortuitous event, Act of God and unforeseen occurrence.
Email:................................................................................
Invoice
3 EASY WAYS TO REGISTER
The Invoice should be directed to Mr / Ms / Dept: +603 2260 6500 +603 2260 7500
Name:.................................................................................... 8-1, Jalan Tun Sambanthan 3, 50470 Kuala Lumpur
.................................................................................. maz@thomvell.com
Dept:......................................................................................
Tel:......................................................................................... For official use only
.............
Email:..................................................................................... Received: Date Code: TV4837