CONFERENCE SPEAKERS

  • Dan Sarel
    Vice President, Product Management
    Palo Alto Networks
    Date: 1 October 2019
    Time: 1340 – 1420 hrs
    Venue: MR311, Level 3
    Biography

    Dan Sarel has been a cyber security expert during the last 2 decades. Dan co-founded Demisto in 2015 where he served as the VP of Product. Together with his partners he sold Demisto to Palo Alto Network in 2019, after 3 1/2 years of successfully creating a new product, a new product category (SOAR) and revolutionizing the way SOCs work. Today Dan is VP Product Management at Palo Alto Networks. Dan spent the last 20 years building successful products in several cyber security domains including endpoint security, network security, database security and VPN in various companies including McAfee, Sentrigo and Check Point Software. Dan sees himself as a customer advocate and makes sure he spends at least half of his time meeting customers in all industries – financial, retail, government and others – to better understand what challenges they have to overcome.

    Track

    Cyber Operations & Response

    Presentation Title

    Using SOAR Technology to Enable Efficient Incident Response Collaboration

    Abstract

    Over the last few years some of us have become better at sharing information so we can combat cyber attacks together. But while we have made progress mostly in one area (IOC sharing), there is a lot more we need to do to truly face our adversaries together. The presentation discusses the potential that SOAR technology brings to the table – sharing not only small pieces of data, but striving to, and achieving what we believe is crucial to make collaboration a success – joint interactive investigations. What does SOAR have to offer? What challenges does it overcome? What will a future collaborative interactive investigation look like? The presentation will pose and answer these questions as well as show mockups of a future collaborative platform.

  • Dr Ori Sasson
    Director
    S2T
    Date: 2 October 2019
    Time: 1640 - 1720 hrs
    Venue: MR300 - 301, Level 3
    Biography

    Dr Ori Sasson is a director at S2T, a leading supplier of cyber intelligence solutions for Government customers.

    S2T's solutions enhance the capabilities of organisations and analysts in areas of web and cyber collection, collation, analysis and generating insights and reports. These solutions leverage powerful collection capabilities spanning web sites, social media networks, darknet, and end-user devices and harness big data analytics, machine learning, robotic process automation, and powerful visualisation tools.

    Ori holds a Ph.D. in Computer Science from the Hebrew University of Jerusalem, with specialisation in Machine Learning. He has over a quarter of century of experience in the domains of cyber intelligence including hands on development of a variety of cyber-collection tools using multiple attack vectors. Formerly he was an Assistant Professor at the Singapore Management University. He is also the author of numerous books and research papers.

    Track

    Darkweb, Cybercrime, Cyberwarfare.

    Presentation Title

    Automated Attribution of Cybercrime Using Bitcoin Distributed Ledgers

    Abstract

    Cyrptocurrencies are increasingly used as the payment method of choice for cyber-criminals collecting proceeds from ransomware or for sales of cyber-weapons. Cryptocurrencies such as Bitcoin are based on distributed ledgers. In other words, all Bitcoin transactions are stored publicly and permanently on the network, which means anyone can see both the balance and transactions of any Bitcoin address. Bitcoin addresses are often published online in Darknet forums or other platforms, or in ransom demands for ransomware.

    We present a methodology for automated attribution of cyber-criminals and ransomware campaigns to Bitcoin addresses and identifying clusters of collaborating Bitcoin addresses used as intermediaries.

    Through real-world examples, we demonstration how such automatic attribution methods can triangulate cybercrime actors and provide early warning on cybercriminal activity in distributed ledgers.

  • Nick Savvides
    Chief Technology Officer (Asia-Pacific)
    Symantec Asia Pacific
    Date: 2 October 2019
    Time: 1200 - 1240 hrs
    Venue: Auditorium, Hall 406, Level 4
    Biography

    Nick Savvides is responsible for Symantec’s Cyber Security Strategy across Asia Pacific and Japan. In this role, Savvides’ charter is to provide local market insights that influence global strategic planning and product development. Savvides works also with organisations and governments to develop their cyber security strategies and solve complex business problems. He has worked on some of the largest business information security projects in Australia, affecting the way many Australian’s interact with their employers, banks and governments.

    An information security expert, with more than 20 years’ experience, Savvides has spent the last 11 years at Symantec in various product and sales engineering roles. He has presented at more than 60 conferences, contributed to many high profile panel discussions and regularly appears in the media on cyber security related topics.

    Prior to joining Symantec, Savvides worked for The University of Melbourne in various IT related roles. Most notably, Savvides managed the computing technologies at the Centre of Excellence for Quantum Computing and was responsible for developing nuclear microprobe analysis and diagnostic tools.

    Savvides is an active member of the IT Security community and a member of a number of industry bodies. He is a Science graduate of The University of Melbourne majoring in Physics and Computer Science.

    Track

    Supply Chain Cyber Security

    Presentation Title

    DevOps and Supply Chain Security In The Modern World

    Abstract

    Supply chain attacks have always been a concern, and when combined with DevOps, that has transformed how we build and operate our applications an entire new threat surface has appeared.

    The use of cloud, complex 3rd party software-as-service widgets have all conspired to make our code bases more complex, less auditable, less understandable and less catalogable. With developers now needing to manage the lifecycle of these components, security has taken a secondary role.

    Regular GRC tools and processes have let organisations down, with many organisations falling victim to supply chain attacks, their systems and applications compromised via their trusted paths. A complex landscape has developed with the key concern of software supply chain related to cloud services, API services and others that are quickly adopted and consumed by developers.

    Many risk officers, CSOs and developers are unable to accurately assess, quantify and remediate their supply chain and DevOps risks.

    This talk examines the complexities, commercial aspects and the practicality conducting and detecting of DevOps risks and supply chain attacks in the modern enterprise.

  • Dr Alexander Schellong
    Vice President Global Business, Head of Munich Office
    Infodas
    Date: 2 October 2019
    Time: 1600 - 1640 hrs
    Venue: MR303 - 304, Level 3
    Biography

    Dr Alexander Schellong has extensive experience in strategic consulting, business development, general management, business unit leadership and mission critical international project and operations management in Europe, Middle East, Africa and Asia for the U.S. government, German government and other commercial clients. His domain expertise covers among others eGovernment, Cybersecurity, Cloud, BPO or digital transformation. As a member of the management board of Infodas, he heads all international business activities of the firm. He has authored one book on CRM in the public sector and over 60 articles on a variety of topics at the intersection of technology, society and organizations. He served in Germany’s mountain infantry and remains active in the reserve. He holds a Masters and Phd. He studied and taught at Goethe-University Frankfurt am Main, Harvard Kennedy School and The University of Tokyo.

    Track

    Enterprise Security and Data Protection: Trends & Technologies

    Presentation Title

    Cross Domain Solutions Quo Vadis?

    Abstract

    As data grows exponetially and organizations become more digitized, protecting and sharing sensitive data and systems remains a challenge for many organizations. In particular, military, government, intelligence and critical infrastructure organizations are looking at or using so called cross domain solutions to address these challenges. The talk will give a primer on core ideas, insights from different use-cases and trends within this rather overlooked topic in Cybersecurity.

  • Michael Sentonas
    Vice President of Technology Strategy
    CrowdStrike
    Date: 2 October 2019
    Time: 1420 - 1500 hrs
    Venue: MR303 - 304, Level 3
    Biography

    Mike Sentonas is Vice President, Technology Strategy at CrowdStrike. Reporting directly to the Co-Founder and CTO, Mike’s focus is on driving CrowdStrike’s APAC go-to-market efforts and overseeing the company’s growing customer and partner network. With over 20 year’s experience in cybersecurity, Mike’s most recent roles prior to joining CrowdStrike were: Chief Technology and Strategy Officer and Vice President and World Wide Chief Technology Officer, both at McAfee (formerly Intel Security).

    Michael is an active public speaker on security issues and provides advice to government and business communities on global and local cyber security threats. He is highly-sought after to provide insights into security issues and solutions by the media including television, technology trade publications and technology centric websites. Michael has spoken around the world at numerous sales conferences, customer and non-customer conferences and contributes to various government and industry associations’ initiatives on security.

    Michael holds a bachelor’s degree in computer science from Edith Cowan University, Western Australia and has an Australian Government security clearance.

    Track

    Cybersecurity Ops Centre: Methodologies & Operations

    Presentation Title

    Building a World Class Threat Hunting Team

    Abstract

    Threat Hunting is the identification of the unknown not covered by passive-monitoring capabilities. Imagine taking every possible scrap of information of every single system in your environment, parsing through that and finding hands on keyboard activity. Sounds painful right? Not if you bring in the right talent, right tools and good processes. With the increasing number of tools populating the Endpoint Detection and Protection space, improving data visibility into core processes, detailed command lines and process trees, Threat Hunting has become a niche career space for Information Security Analysts. The speaker will share experiences about real-world use cases, tools, technology, processes and people.

    The speaker works with one of the worlds largest threat hunting teams in the industry in an environment where over 1 trillion events are analyzed each week. Through the use of visualization tools, tribal knowledge and experience as well as flexibility in operations to allow Hunters to focus on things of interest, the team consistently delivers in rapidly finding adversary activity. Building a team whose mission is to find adversary activity across a global threat landscape is no small feat. It is not just about hiring the right talent, it is also making sure that data is available, and actionable in a way that allows the Hunters to operate at maximum efficiency while still allowing freedom and time for in-depth investigations.

  • Rohit Singh
    Country Manager – Asia Pac & India Region
    Telesoft Technologies
    Date: 1 October 2019
    Time: 1420 – 1500 hrs
    Venue: MR303 – 304, Level 3
    Biography

    Senior business leader with over 15 years’ experience in technology, focused on large organisations and government agencies. Successful in supporting organisations to build cyber security defence strategies and Home Land Security.

    Responsible for managing the India and Asia Pacific Region of Telesoft Technologies, supporting large organisations, governments, CNI providers and data centres to identify, mitigate and respond to the increasing complexities and occurrences of cyber threats due to the exponential growth in data due to IOT, 5G, edge/fog/cloud, super computers, ICS/SCADA.

    Track

    Cybersecurity and 5G

    Presentation Title

    Protecting our National Networks and CNI

    Abstract

    We are all becoming more reliant on connected devices for our personal and business lives and whilst there is end point protection, we need to ensure that the huge scale networks interconnecting our devices remain always on, always available. But sifting through Terabits of data for threats isn’t easy and existing enterprise cyber tools do not work. This becomes increasingly important with 5G, smart everything, IoT and autonomous devices.
    In this session we look at some of the threats to our large scale national networks and the  techniques we can use to massively scale up cyber operations.

  • Ken Soh
    Chief Executive Officer
    Athena Dynamics Pte Ltd
    Date: 3 October 2019
    Time: 1440 – 1515 hrs
    Venue: MR300 - 301, Level 3
    Biography

    Ken Soh holds concurrent appointments as Group CIO of mainboard listed maritime supply chain company BH Global Corporation Limited since 3 Mar 2014 and as the founding CEO of the group subsidiary cyber security company Athena Dynamics Pte Ltd.

    Ken has more than 28 years of working experience in the ICT industry. Prior to joining BH Global, Ken held various senior positions in the public and private sectors at CxO and business leader levels with ICT Master Planning and P&L responsibilities.

    Ken has been an avid industry speaker and writer, contributed to more than 120 speaking and featured articles since 2015. He holds a Master of Science in Computer Studies from the University of Essex, UK; and a Master of Business Administration (eMBA) from the Nanyang Business School, a Nanyang Technological University (NTU) and University of California, Berkeley (UCB) joint programme.

    Track

    Industrial Control Systems (ICS): Vulnerabilities & Resiliency

    Presentation Title

    Cyber Security in Perspective: The Intertwined Disciplines of SecOps, DevOps and ITOps.

    Abstract

    Be it DevSecOps, Security by Design or Defence in Depth, we are not short of such similar “slogans” and standard security frameworks in the industry. While these jargons are often quoted as rule-like references, it is important to re-examine if they truly live up to the rigour and dynamism of today’s IT and cyber security landscapes.

    In this presentation, the speaker will share his opinions with regard to the naturally intertwined disciplines of SecOps, DevOps and ITOps in a highly pragmatic manner from a operation practitioner point of view.

  • Thorsten Stremlau
    Chief Technology Officer
    Lenovo
    Date: 2 October 2019
    Time: 1120 - 1200 hrs
    Venue: Auditorium, Hall 406, Level 4
    Biography

    Thorsten Stremlau is a Senior Engineering Staff Member and CTO within Lenovo’s Intelligent Devices Group PC & Smart Devices business. He is responsible for technical strategies for devices, software and cloud services globally. In this role, Thorsten identifies and drives integration of current and future technologies, integrating them into the product development processes, and specifically drives innovation into the security capabilities of Lenovo’s commercial portfolio.

    Thorsten has been part of TCG (Trusted Computing Group) from its inception and has helped drive acceptance of the TPM products for security in EMEA and many parts of AP.
    Thorsten’s career has been dedicated to identifying solutions and strategic implementations for Lenovo’s customers in all aspects of IT. As an engineer in both IBM and Lenovo for nearly 25 years, his broad experience enabled him to assist thousands of our customers to digitally transform their environments using Lenovo technology.

    Thorsten holds a Bachelor in Industrial Manufacturing/Finance and Electrical Engineering. Thorsten lives in Morrisville, North Carolina with his family.

    Track

    Supply Chain Cyber Security

    Presentation Title

    The Hidden Threat: Compromised Supply Chains

    Abstract

    Supply Chain Cyber Security and the Compromised Supply Chain

    The presentation will share examples of previous compromised supply chains and will discuss how transparent supply chain has changed the game. We'll bring to light the various threat areas, explaining how can a system be compromised prior to receipt.

    Key learnings and takeaways will include, but are not limited to:

    • What is a compromised supply chain and where do breaches happen?
    • Examples of cybersecurity threats that have happened due to a compromised supply chain
    • What is a transparent supply chain and what are the benefits?
    • What do you need to know and look for when making a purchase?
    • What questions should you be asking when making a purchase?
    • How important partnerships are in the transparent supply chain process