TECH TALK Presenters

  • Rizwan Anwer
    Pre-sales consultant – Portfolio and Project Management
    Micro Focus
    Date: 3 October 2019
    Time: 1505 - 1525 hrs

    Rizwan has got 18+ years of experience in the area of Project and Program Management domain. He has extensive experience of working with large projects in banking, telecommunications and public sector organisations in various key roles. He worked with leading IT companies like SAS, Oracle and Hewlett Packard Enterprise. He was previously engaged with a leading bank in Singapore and also worked with one of the largest countrywide roll-out of complex public sector projects. In his current role with Micro Focus he is leading the Portfolio and Project Management across SEA region.


    Data Privacy: The Journey to Maturity and Monetisation

    Data is increasingly becoming the lifeblood of the enterprise. More organisations, both public and private, in more locations worldwide are starting to tackle the challenge of identifying the personal and business data that is critical to their organisations and that now must be protected by law.

    Understanding the data ecosystem and how personal data moves around the various internal/external applications/systems are the key steps in protecting the data and moving towards mature data governance.

    Aside from possible punitive repercussions and reputational damage that arise from a data breach, there are very positive business drivers to data privacy programmes. Organisations can gain greater insight into customer needs, enhance overall productivity, and create value from the data they govern.

    Join us at this session where we cover privacy legislation and its impact on businesses, how privacy is central to digital transformation, and best practices to data discovery, protection and records management.

  • Zong Fu Chua
    Director, Forensic
    Date: 3 October 2019
    Time: 1445 - 1505 hrs

    Zong Fu is a Director with the Forensic practice at KPMG in Singapore and has more than a decade of hands-on experience in cyber incident response and forensics investigations. He has more than 22 cyber security certificates and is one of the first in Singapore to attain the GIAC Security Expert certification. Prior to joining KPMG in 2015, Zong Fu was the R&D lead at an Israeli defence subsidiary, specialising in zero-day malware detection and cyber-attack attribution technologies. Zong Fu has also served as an officer in the Ministry of Defence for five years and was instrumental in the setup of the first few cyber ranges in Singapore.


    Cyber Threat Hunting

    Cyber threat hunting is performed by security practitioners as a means to actively detect and deter ongoing cyber-attacks, before severe losses are incurred. At this talk, KPMG will share on the threat hunting best practices, including how to perform simple correlation to reduce false positives, and relevant case studies.

  • Nathan Hartzell
    Senior Lead Technologist
    Booz Allen Hamilton
    Date: 3 October 2019
    Time: 1205 - 1225 hrs

    Nathan Hartzell is a Senior Lead Technologist for Booz Allen Singapore with over 15 years of experience in intelligence, analysis, and cyber operations. He is a lead developer of Booz Allen’s Advanced Threat Hunting (ATH) platform and leads Booz Allen’s ATH capability in Singapore.

    Prior to working for Booz Allen, Nathan worked in intelligence analysis and cyber operations for the U.S. Army and Department of Defense. During this time, Nathan served as an operator, trainer, analyst, capability lead, and developer for a variety of intelligence and cyber-specific programs


    I Hypothesise You Have Been Compromised: The Whys and Hows of Threat Hunting

    Today’s threat landscape is diverse and overwhelming. Odds are, your organisation’s data or networks are worth enough to somebody that they will target you. You will be targeted enough that at some point, one of these adversaries will get past your perimeter. Typical perimeter defenses such as AV, firewalls, and IDS are alert-driven and outward-facing, which means that once an adversary is inside, they can often move around at will.

    Detecting these adversaries once they are “inside the hive” requires a consistent, proactive, and focused effort. Threat hunting is a broad term that describes the methods used to detect adversaries operating within your network. This can range from the simple (retrospective IOC sweeps in your SIEM) to the advanced (AI-assisted, automated, hypothesis-driven analytics designed to surface anomalous adversary activity). In this session, we will discuss what it takes to build and run an advanced threat hunting program that complements traditional defenses and enables you to detect adversaries who would otherwise hide within the noise of everyday network activity. Detecting and defeating advanced persistent threats requires advanced analytic techniques and persistent, repeated effort. Whether or not an adversary gets into your network is up to them. How long they remain, and the damage they can cause, is up to you.

  • Bryan Koh
    Senior Consultant – Advanced Cyber Defense Practice Global Professional Services
    Date: 3 October 2019
    Time: 1245 - 1305 hrs

    Bryan is a consultant for the Advanced Cyber Defense Services Practice – APJ. In this capacity Bryan is responsible for professional services engagement for Global Incident Response/Discovery (IR/D), breach readiness, remediation, SOC/CIRC redesign and proactive computer network defense.

    Prior to RSA, Bryan held several positions in the area of cybersecurity, with his last appointment as a Senior Manager, who was responsible for the cybersecurity protection of Critical Information Infrastructure (CII) in Singapore’sAviation Sector.

    Bryan has more than 7 years of experience in information technology focusing on cybersecurity, such as cyber defense architecture, SOC design and operation, Incident Response and Exercise. Bryan’s contribution to his profession has been affirmed with several recognitions, including the Certificate of Appreciation conferred by Minister for Transport in 2018 (Singapore), Minister’s Innovation Award in 2017 (Singapore) and the Director-General (Aviation) Project-of-the-Year Innovation Award in 2016 (Singapore).

    Bryan holds a Honours Degree with the National University of Singapore (NUS), Department of Electrical and Computer Engineering, as well as industry certifications, including the Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Certified in Risk and Information Systems Control (CRISC) and SABSA Chartered Architect (SCF).


    Changing Landscape of Cyber Defence

    In today’s IoT world, almost all businesses make use of IT/OT systems which are connected to external networks in one way or another. This widens the attack surface of their assets & the traditional way of protecting them are no longer effective. Understand the changing landscape in Cyber Defence today and what are most Organisations missing out to effectively defend against emerging threats.

  • Florence Lau
    Enterprise Sales Engineer and Solution Architect
    Date: 3 October 2019
    Time: 1125 - 1145 hrs

    Florence Lau is LogRhythm’s Enterprise Sales Engineer and Solution Architect in the ASEAN region, has over 16 years of experience in the network & security industry and has in-depth experience with Firewall, Network Monitoring and SIEM solutions such as Risk Management.


    Building MITRE ATT&CK Technique Detection into Your Security Monitoring

    MITRE ATT&CK is a knowledge base and framework that lists and details adversary tactics and techniques within a common taxonomy. Having a taxonomy by itself has many valuable uses, such as providing a common vocabulary for exchanging information with others in the security community. But it also serves as a real technical framework for classifying your current detection efforts and identifying gaps where you are blind to certain types of attack behaviours.

    In this presentation, Florence will:

    • Share various ways to use ATT&CK, specifically in relation to designing, enhancing, assessing, and maintaining your security monitoring efforts.
    • Demonstrate a real case study on how the ATT&CK matrix is aligned with log sources.
    • Walk through an example of the MITRE attack process from start to finish.

  • Hywel Morgan
    Director, Systems Engineering, ASEAN.
    Date: 3 October 2019
    Time: 1225 - 1245 hrs

    Hywel has a career of over 25 years within Product Development, Product Management and Systems Engineering. During this time, he has helped some of the world’s largest and most regulated organisations successfully address their cyber security challenges.

    He holds a Bachelor of Scicence in Computing from Coventry University in the UK and is both a Certified Information Systems Security Professional (CISSP) and Certified Cloud Security Professional (CCSP).

    His career has included the leading vendors in cyber security, Symantec, Blue Coat and McAfee.


    Top Considerations for Zero Trust Implementation

    Cloud transformation is planned or underway at almost every organisation throughout the world. Governments and companies of all size wish to benefit from the flexibility and agility cloud provides.

    The move to cloud results in applications, confidential data and users no longer protected behind the corporate perimeter but spread throughout the internet. Protecting these precious assets needs a different approach, Zero Trust, or to put it simply, do not automatically trust anything inside or outside your organisation.   Forrester’s Zero Trust eXtended Ecosystem asks us to apply zero trust principles to how our Data is accessed by inherently untrusted Networks, Workforce, Workloads and Devices with visibility across all these interactions and Automated Orchestration through integrated solutions.

    Successful implementation of Zero Trust depends upon a well-defined strategy focused on a holistic approach towards protecting your data wherever it resides.  This talk distils zero trust into applicable guidelines for rapid deployment so organisations can focus on delivering on business objectives securely.

  • Tristan Morris
    Security Strategist
    Carbon Black
    Date: 3 October 2019
    Time: 1145 - 1205 hrs

    Tristan began his cybersecurity career in the Marine Corps as a cryptologic linguist, exploiting enemy systems to gain and translate intelligence. After leaving the Marines, he moved into the private sector as a solutions engineer and now builds and operates cyber-simulation environments for detecting, preventing, and remediating different styles of advanced malware and fileless attacks.


    The Cognitive Attack Loop - Think Like Your Enemy to Win.

    As the cyber defender landscape continues to evolve and the consequences of security incidents become more dire, attackers are evolving their methodologies and fighting back against our defenses. For years, the defender community has relied on increasingly outdated attack models that give a false sense of security during investigations and leave us open to hidden backdoors and persistent attacker access. The Cognitive Attack Loop presents a new way to think about investigations and attack remediation, moving our defenses to think about our breaches the way an attacker thinks about their attacks.

  • Nishant Ranjan
    Regional Sales Manager, Cloud Security Business
    McAfee SEA
    Date: 3 October 2019
    Time: 1425 - 1445 hrs

    Nishant Ranjan, has over 18 years of experience in Information Security & Technology across multiple countries of APAC such as Australia, India & Singapore. Currently he is Regional Sales Manager for McAfee’s Cloud Security Business covering South East Asia where he is responsible for working closely with customers and assist them in their strategic initiatives for Cloud technologies and how to handle Cyber Security challenges on this Cloud journey.

    He has worked closely with different vertical customers such as Governments, Banks, Financial Institutions, Telcos, and MSSP Service Providers of different countries across APAC and has communicated McAfee Device-to-Cloud strategy on effective handling of emerging security threats by using McAfee Security Connected platform. Some of his work with different agencies includes – Singapore Government, Australian Government, Indian Government, Thailand Government, Cenitex in Victorian Government, Multiple Agencies in Canberra including CSIRO, NIC & Reliance India, CSA Singapore, Defense Agencies etc.

    He is certified Enterprise Security Architect from SABSA UK, SEC511 GMON from SANS and have also participated as speaker in multiple ISC2 events.


    How to Make Cloud Trusted by Aligning with Industry’s Best Practices?

    Cloud services are the modern toolbox to accelerate digital transformation, powering organisational agility, better customer service, and big data processing solutions. But moving to the cloud without a Security Strategy tailored to cloud environments creates new data risks.

    While cloud providers are more secure than ever before but with roughly 95 percent of businesses reporting that they are using different types of Cloud services such as SaaS, IaaS or PaaS, there are still risks that needs to be mitigated.

    Following the strategy of Prevention being the best cure, join this special executive presentation to learn how you can use some of the industry best practices to ensure your digital transformation securely while partnering with your business users and ensuring higher confidence for the cloud adoption that the business demands with a Cloud-Native security.

  • Josiah Winston
    Solutions Engineer, ASEAN
    Date: 3 October 2019
    Time: 1405 - 1425 hrs

    Josiah Winston has over 10 years in the IT Industry, specialising in Infrastructure and Security Domains. He was instrumental in several critical national and large scale projects, covering both design and implementation across Singapore and Malaysia. Currently holding a position as Sales Engineer at CyberArk, he assists Singapore Government bodies in addressing their Privilege Access Security concerns to protect against targeted cyber threats and insider attacks.


    Privileged Access; Can You Trust Remote Vendors with it?

    Many businesses today rely on remote vendors to manage portions of their IT infrastructure. To successfully carry out their tasks these external service organisations require inherent privileged access to corporate IT systems. However, extending enterprise privileged access security solutions and practices to remote vendors can be challenging when using conventional user authentication and authorisation approaches.

    Traditional enterprise identity management systems and access control solutions, designed to authenticate company employees and corporate-owned devices, aren’t well suited for securing third-party staff and outside devices in today’s modern world. Most businesses have little-to-no visibility or control over remote access to the enterprise network.

    With a dissolved perimeter and a growing reliance on outsourced operations, enterprise IT operations and security teams alike must find innovative ways to grant external remote vendors secure access to privileged accounts without disrupting operations.