Recently appointed as the Business Development Director, Asia-Pacific and Japan at One Identity, Serkan Cetin has been with One Identity for over 6 years now. In this time, Serkan has been involved in various functions across One Identity, including sales, marketing, professional services, and R&D. He has been instrumental in assisting clients in solving their complex IAM challenges across a wide range of industries in the APJ region.
Prior to One Identity, Serkan was a senior consultant at a specialist consulting practice in Australia. He was involved in the sales, consulting, architecture and implementation of projects across varying complexities and sizes, focusing mainly on identity management and security, using technologies from Novell, Microsoft and Sun Microsystems.
Today. we are no longer concerned about “if” we will get hacked, but it’s become a question of “when” we will be hacked. And that’s assuming that we haven’t been hacked already. We all know what the attackers want (spoiler: it’s your data). So what measures can one put in place to prevent future breaches? Where to begin with protecting your one of your most valuable assets (your data)? Even if you put breaches to a side, what controls and processes are your auditors expecting from you? (You know, because you might be breached, but you will be audited).
Join our session to hear from our regional One Identity expert on industry trends, and the changes in technology which can assist you to implement safeguards within your enterprise to protect your data, people and organisation.
Shi Chao joined Synopsys 3 years ago as senior sales engineering manager. He possesses 13 years’ experience in software development including expertise with firmware, equipment driver, desktop applications, and web development. He worked in various roles including software engineer, system architect, scrum master, code reviewer, etc. Before joining Synopsys, Shi has worked for IHPC (A*STAR), AMD, LTX-credence, and Xilinx. With Synopsys SIG group, he led the pre-sales engineering team to help customer in the region to understand and manage software quality and security issues using Synopsys solutions, including SAST, DAST, SCA, fuzzing, etc. Shi holds a Master of engineering and Bachelor in Electrical & Electronics Engineering both from Nanyang Technological University, Singapore.
Application security is becoming a "must have" for security teams. High profile breaches, including Equifax and a multitude of other global ransomware attacks dominates discussions at board-level meetings. However, sometimes knowing where to start can be difficult. In this presentation, Synopsys will share insights into the following:
Boonchareon Chong (Boon) has more than 17 years of experience in IT, his earlier years was spent in a System Integrator specializing in the security space, holding diverse portfolio which includes consulting, project management and professional services supporting various Service Providers and Financial Institution.
In the recent 10 years, he specialized in ADC technology and provided consultation specifically to Service Providers globally.
Currently at A10 Networks, besides leading a team of IT consultants in Asean, he also focuses on enabling customers in the adoption of application and data delivery solutions with emphasis on newer trends such as Cloud, Security, SDN, NFV, Monetizing Networks, Migrating to IPv6, holistically building a sustainable growth infrastructure.
As the Chief Solution Strategist, he develops solutions and shares best practices, common approaches and new technology implementation to address real business concerns of the customer striving to move towards a better, faster, more secure, cost effective and efficient IT .
The pursuit of agility, speedier innovation and operational efficiency has fuelled the explosion of apps and the adoption of multi-clouds. In this hyper-connected environment, organizations are increasingly challenged by management complexity, the lack of visibility, limited controls and greater security threats. To overcome these challenges, learn how you can harness secure application solutions that use intelligent automation, machine learning, and data-driven analytics to continuously improve your cyber protection and digital responsiveness. Discover the benefits of centralized visibility and intelligence derived from per-app analytics. See how this approach dramatically shortens troubleshooting times, alerts you on performance or security anomalies, and optimize IT infrastructure and cloud environments – from on-premise data centers to private, public and hybrid clouds.
With over 17 years of experience as Incident Responder, Forensic & Threat Intelligence Analyst, Sachin Deodhar has consulted private and government agencies across the globe on attacker TTPs, gap assessments & compliance audits. Currently, Sachin manages the delivery team at Singtel’s Cyber Security Institute where he develops programme for cyber professionals to management & board members. Sachin is CISSP-certified and a regular speaker and trainer at global cyber security conferences
Cyber attacks’ are increasingly sophisticated and so do cyber security technology and solutions. However to truly stay ahead of the attackers, cyber professionals have to gain the latest intelligence on best practices and attack patterns. What is the new norm today? What will be the new norm tomorrow? Sachin will discuss and share what is emerging and how organisations can stay vigilant.
Stephen is currently the Managing Principal within Micro Focus Consulting Services for the Australia, New Zealand and SE Asia regions where his team delivers professional services across several technologies and security capabilities including SIEM, data encryption, application security and Security Intelligence Operations (people & process).
Prior to joining HPE / Micro Focus, he was CISO Program Manager and Researcher at KPN in Netherlands. He assisted the CISO in the creation of the Chief Information Security Office at KPN. Acts as deputy to the CISO to create, lead and motivate a 35 person team to address cyber security and business continuity issues at KPN, comprising of strategy and policy, ethical hacking, Computer Emergency Response Team (CERT), and business security representatives.
He is a security professional with over 15 years of security industry experience across multiple business sectors including the financial and telecommunications. Specifically, he has extensive knowledge in the areas of security architecture, security assurance/vulnerability assessment, & security technologies; arising from his network engineering, security consultancy and hands on penetration testing background. Stephen’s recent research was focused on the area of GPRS Roaming eXchange network security.
Dev SecOps promises the reduction of vulnerabilities in developed applications through the introduction of security earlier and throughout the lifecycle. Additionally, by integrating development and operations teams, security is inserted at all levels and becomes everyone's responsibility.
In this tech talk, we will use a real use case example to describe the key components of Dev SecOps and illustrate how an enterprise implemented DevOps processes that incorporated security practices from the start in their response to a data breach. We will explain and demystify terms such as Continuous Security, Continuous Assessment and Continuous Collaboration through this practical example to give the audience clear and actionable takeaways.
Kowsik Guruswamy is CTO of Menlo Security. Previously, he was co-founder and CTO at Mu Dynamics, which pioneered a new way to analyze networked products for security vulnerabilities. Prior to Mu, he was a distinguished engineer at Juniper Networks. Kowsik joined Juniper via the NetScreen/OneSecure acquisition where he designed and implemented the industry's first IPS. He has more than 15+ years of experience in diverse technologies like security, cloud, data visualization, and computer graphics. Kowsik has 18 issued patents and holds an MSCS from University of Louisiana.
Recently, a phishing attack was launched against 52 email accounts at four Singapore universities, to harvest sensitive user credentials and use them to gain unauthorized access to library websites to access research articles and papers published by university staff. While no information was stolen, terabytes of sensitive academic information were accessed. Many universities and institutions work hand-in-hand with critical government ministries as research arms, providing insight into delicate matters of state, defense, and more. They also serve as incubators for innovative commercial concepts, products, and services. Should information of that nature be accessed or stolen, and fall or be sold into the wrong hands, it could be a national security risk or corporate espionage. Learn why phishing remains the most successful – and lucrative – attack methodology for attackers looking to abscond with intellectual property, and how best to stop your sensitive IP from being phished.
Ho Chok Chiat brings over 10 years of IT experience to FireEye. In his role as Systems Engineer, he advises the public and private sector organizations about how they can best approach today’s cyber security landscape.
A career spanning multiple roles from engineering through consulting with some of the largest organizations has afforded Chok Chiat with the opportunity to develop unique insights on industry challenges.
He is a holder of the CISSP certification, and has a Bachelor of Computer Science from The University of Western Australia.
Unless you have a security posture that innovates as fast or faster than the threats, you're always going to fall further behind. Eventually, it will catch up with you and the chances of significant business impact increase. Endpoint security needs to evolve and this presentation will show you the what and the how. Learn from the front-line experts because artificial intelligence is no substitute for real threat intelligence.
A staunch advocate of Data Protection and Privacy, Jonathan brings over two decades of tactical experience in the architecture, development and management of secure, scalable systems.
Jonathan has been with BlackBerry for 4 years and was the Head of Security Advisory for ANZ before assuming his current role. Prior to this, he worked with Nokia and Microsoft where he held a number of roles focusing on security and mobile solutions.
Jonathan advises customers looking to navigate the daunting world of enterprise mobility and cyber threats, working with them to develop a mobile strategy that satisfies both the demands of IT and end users now and in the future. He has advised a number of large financial and government institutions on how to leverage the expanding capability of mobile devices in driving end user productivity while protecting corporate data.
As the world of connected devices continues to grow, so do the number of potential ways to attack and exploit sensitive data held by companies and government organisations. It is critical to understand where your data is, both when at rest and in use, but when multiple business systems and users need to interact and share information, it is not always clear. This ambiguity gives attackers the opportunity to exploit weaknesses in your security posture. Even the best defenses are useless if they are in the wrong pace. Join us to hear how BlackBerry works with governments in Australia, America and Europe to understand where their data is, how best to protect it, and how to respond and mitigate any potential breach.
Saleem Javed is a Principal Cybersecurity Advisor for BT Security. Saleem is a technical specialist who evolved into a business leader, integrating business functions, advising customers on organisational risk and has more than 17 years of work experience in APAC region. Saleem has a demonstrated history of work practice in not only understanding the technical challenges but also help customers make good strategic business investment decisions. Saleem acts as vCISO for BT customers, serves as the organizational pivot point between bits/bytes and dollar/cents.
Over the last few years the cyber threat has significantly changed. The capability, determination and sophistication of those behind the threats and attacks has increased beyond recognition with hacktivists, criminals, nation states and terrorists targeting anyone and everyone. But it not just the threats of the cyber criminals we have to keep ahead of, every changing regulations designed to ‘protect’; advancements in technology and how we ‘connect’ to each other makes it challenging to keep pace with this rapid evolution.
Sunny will share his insights and views on how we can all stay ahead and protect our personal and organizational assets.
Faster, cheaper digital technologies are delivering an unprecedented array of social and economic benefits. In order to increase the benefits and minimize the harms in this digital landscape, leaders should be considering cyber resilience as a strategic goal.
Florence Lau, LogRhythm’s Enterprise Sales Engineer and Security technology expert in the ASEAN region has over 16 years of experience in the network & security industry. She has in-depth experience with Firewall, Network Monitoring and SIEM solutions such as Risk Management.
91% of companies say they cannot identify an insider threat. It’s the nightmare of organizations. Today, insider threats potentially pose a bigger risk to cybersecurity than external hackers.
Hear from LogRhythm experts how customers applied user and entity behavior analytics (UEBA) to meet their security needs. They’ll take you through a real case scenario where data worth millions of dollars could have been stolen and share how LogRhythm stopped the attack with the right response and mitigation approach.
Attend this session to:
Join us to better understand the insider threat – and how to combat rogue elements in your organization.
Mr Lee Wee Lee is the Vice President (VP), Local Sales, and concurrently VP, Cybersecurity (Industrial Control Systems), in Cybersecurity Systems Group, ST Electronics. He was previously VP, Business Development and Plans, in ST Electronics, where he oversaw the strategy review of ST Electronics' cybersecurity business. He also led ST Engineering's first and third strategic investments in two cybersecurity start-ups, Janus Technologies and Radiflow. Prior to joining ST Electronics, Wee Lee served in the SAF for more than twenty years. His last appointment was Deputy Director (Protective Security) in the Military Security Department.
We have traditionally not devoted much attention to protecting our Industrial Control Systems (ICS) from cyber-attacks. Recent attacks on ICS have shown that the costs of not addressing this lack of cybersecurity protection has risen drastically. Although there are good reasons why we hesitate to implement cybersecurity protection measures in ICS, there are measures we can take to quickly which can significantly enhance the levels of cybersecurity in our ICS.
Jolene Lim has been a Technology Consultant with RSA for more than 3 years, supporting the NetWitness business unit in the South-East Asia region. Her experience in information security spans between government agencies and commercial customers to provide security consultations required to enhance their IT Security posture.
Jolene also spent a year in the RSA Headquarters in Bedford, Massachusetts, developing the threat intelligence and engine behind the RSA NetWitness Platform.
She holds a Bachelor of Engineering (honours), Computer Engineering from NTU, and is a certified GIAC Certified Forensics Analyst (GCFA).
Organizations face a Catch-22 with technology: The very technologies they need to compete—cloud applications, virtual infrastructure etc.—provide attackers with larger attack surface. While attackers have more resources than ever for launching their attacks, security teams struggle with a talent shortage and an ever-expanding list of alerts.
Minutes. That’s all you and your team have before a cyber threat can compromise your organization. IT’s about time organizations accelerate threat detection and response.
Join us in this session and see how an evolved SIEM approach is a superior way to handle today’s sophisticated threats and automation of threat detection and prevention.
Information Not Available
Network defenders adhere to a vendor-in-depth philosophy that emerged over 20 years ago that has single handedly made the security of our networks more complex and unmanageable. For every tool that we need, the common wisdom says that it should come from a different vendor. Because of that, we all manually manage so many point products that we cannot add one more to our environments. As adversaries continues to automate their attacks, network defenders respond by reading intelligence products and manually installing new blocks to counter the attacks. In other words, we are bringing people to a software fight. We need to jettison that old best practice and adopt a new one: seek vendors that integrate and automate.
Manjim is an Associate Director of the KPMG Cyber Security Practice. He is having 15+ years of rich experience in Identity & Access Management & Cybersecurity Solution. Has played different roles in APAC region as Technical Architect & Solution Designer, Security Consultant, Pre-sales Consultant, Implementations Lead in various national & global projects.
Whether it’s an emerging trend of Digital Transformation, Mobility & IOT or the enterprise adoption of use of Mobile, Cloud and Web based technologies all are accelerating the need of having “Digital identities” and Security around its accesses. This wave of digital disruption is across the industry and its imposing challenges and adding complexities in the current security landscape. Gain insights into the rapidly evolving Consumer Identity & Access Management to enable new business opportunities and also understand the evolution in the Enterprise Identity & Access Management space to strengthen your Governance and Compliance.
Currently holding the role of Cyber Security Strategist in Digital Shadows, Philip is a seasoned security professional with field experience across the Asia Pacific region. Prior to joining Digital Shadows, Philip leads the Pre-sales team in Splunk deploying operation and security analytic solution in South Asia. Past IT experiences cover a wide range of domains which involve big data solutions, networking, security and project management across different industries.
Building and sustaining a robust threat intelligence capability is no easy task. Many organizations rushing to adopt threat intelligence as part of their security strategy found themselves drowning in the information they received and unable to utilise it effectively. Understanding the key challenges in Threat Intelligence helps organisations to plan their security strategy and better prepared before an attack occurs or by quickly identifying and containing existing threats.
Freddy Tan is a Certified Information Systems Security Professional (CISSP) with a MSc in Information Systems Security awarded from the London School of Economics & Political Science (LSE), University of London.
He is currently the Assistant Vice President of Business Development for StarHub Cyber Security and SmartHub. Before joining StarHub, for 3 years he was the Director for Singtel Cyber Security, Business Development and Solution Architect for Strategic Accounts, responsible for building a trusted, strategic and risk-based approach to cyber security consult, advice and planning to address cyber threats.
Prior to joining Singtel, he was the Chief Security Advisor for Microsoft APAC for 6 years, responsible for communicating Microsoft's security strategy. Prior to Microsoft, Freddy served for 25 years with the Ministry of Defense, Singapore (MINDEF) and established the 24x7 Computer Security Monitoring & Investigation Centre (COSMIC) and the Computer Emergency Response Team (SAFCERT).
He also participated as a working committee member on various infocomm security masterplan projects with the Singapore Infocomm Development Authority of Singapore (iDA). He was also a member of the Singapore National Infocomm Competency Framework (NICF) Technical Committee.
He was conferred the The Long Service Medal (Pingat Bakti Setia) at the National Day Award in 2007.
He is a member of the Singapore Computer Society, conferred the Senior Member in 2009 and Fellow Member in 2016.
He was awarded the (ISC)² President's Award in 2003 by (ISC)². He was elected as a board member of the (ISC)² Board in 2008, and served 3 consecutive 3-year terms until 2016. He served as the (ISC)² Vice-Chair of the Board in 2010 and 2011 and Chairman of the Board in 2012 and 2013. He was the Vice-President of the SiTF Security & Governance Chapter in 2013 and 2014 and President in 2014 and 2015. In 2013, he was appointed as the APAC Strategy Advisor for Cloud Security Alliance. Freddy also served as the Vice President and founding member of the Singapore Association of Information Security Professionals (AISP). He was also is a resource person for the UN-ESCAP Academy Training for ICT for Development (ICTD) Capacity-Building program.
He regularly presents at security events and has also been called upon by media for his opinions regarding cyber security.
Today’s cyber ecosystem is a highly complex and dynamic universe consisting of a global set of stakeholders. Cyber criminals are taking advantage of this ecosystem for financial gain through online fraud, disruption of on-line services e.g ransomware and distributed denial-of-service.
Cyber-attacks are here to stay and can only grow more dangerous and sophisticated as the Internet ecosystem evolves. Telecommunications carriers play a role in this diverse and interconnected ecosystem, supporting new ways in which governments deliver citizen services, businesses deliver innovative services to their customers and individuals’ online lifestyle. MSSPs can enhance their network and data defense capabilities by tapping on telcos’ infrastructure and network visibility.
Josiah Winston has over 10 years in the IT Industry, specialising in Infrastructure and Security Domains. He was instrumental in several critical national and large scale projects, covering both design and implementation across Singapore and Malaysia. Currently holding a position as Sales Engineer at CyberArk, he assists Singapore Government bodies in addressing their Privilege Access Security concerns to protect against targeted cyber threats and insider attacks.
Cloud and DevOps are critical technology engines helping to power transformational advances across the public sector, delivering new services with lightning speed and reliability. As the use of Cloud and DevOps technologies proliferate, we know that there are secrets and credentials in Cloud and Development Operation (DevOps) environments that must be protected. Secrets and credentials are the one thing that allows seamless integration of the different technology used across the public sector. Unprotected secrets and credentials are also the one thing that all attackers crave and it present high risks to the public sector. Despite this knowledge of the need to protect secrets and credentials in the cloud, we continue to see incidents that expose private data. Recent breaches recently serves as a timely reminder of the need to protect credentials and the damage that happens when they are not protected. In this session, learn how CyberArk proactively protects your secrets and credentials in the Cloud and DevOps environment with speed, scalability and agility in your environment.
Information Not Available
As organisations seek greater situational awareness and operational efficiency, many are looking to intelligence-led approaches to augment their cyber defences. Specialist fields such as cyber threat intelligence have emerged with both boutique firms as well as traditional players offering solutions to cater for this. Complementary data-driven approaches such as security analytics are also gaining traction. This presentation will describe how organisations can take advantage of these in a strategic way, drawing examples from the experience of the BAE Systems threat intelligence team.