agenda - cyfence 2020 - asean | tradepassmoving to devsecops • security in fast moving development...
TRANSCRIPT
AGENDA
24 - 25 NOVEMBER 2020
10:00 – 10:15
(GMT+8)
10:15 – 10:45
(GMT+8)
10:45 – 11:15
(GMT+8)
11:15 – 11:30
(GMT+8)
11:30 – 12:00
(GMT+8)
12:00 – 12:30
(GMT+8)
12:30 – 1:00
Master of Ceremonies
Priyanka Sachidandan, Conference Head and Sr. Producer, Tradepass
Welcome Address
Praveen Venu, Sales Director, Tradepass
Opening speech
Cloud Least Privilege: Reducing Risk Across Cloud Environments
2020 has seen a massive acceleration in the adoption of cloud computing across the globe. While
many companies were already in the process of enabling a remote workforce or digitizing their
business, the global lockdown put these programs into overdrive. At the same time, the adoption of
cloud is increasing the attack surface disproportionately. In this session, CyberArk key expert will
provide guidance in implementing the Principle of Least Privilege across cloud environments, and
you will learn how to reduce risk and improve visibility through continuous, AI-powered detection
and remediation of hidden, misconfigured and unused permissions
Quincy Cheng, DevOps Evangelist, Asia Pacific & Japan, CyberArk
Conquering the Cyber Security Challenges of the Cloud
• Security in the Cloud – How Secure is the Public Cloud?
• Threats, & Vulnerabilities in Moving to the Cloud
• Cloud Assessment Tools and Solutions to Thwart Cloud-security Breaches
• Cloud Computing Challenges and Future Directions
Gary Gardiner, Head of Security Engineering, APAC, Check Point Software
Third Party Governance in the context of Privacy Regulations
• Components of a Privacy Management Framework and aspects relevant to third party engagements
• Addressing Privacy Risks across third party relationships
Venkatesh Subramaniam, Global CISO, Olam International
Zero Trust Security and threat hunting in the Multi-cloud environment
• How Zero Trust Security Framework can be Applied to the Multi-cloud Environment
• Automatically Detect Threats
• Simplifying Complexity with End-To-End Visibility
• Detecting Security Threats across Multi-cloud in Real Time
Paul Pang, Principal Security Strategist, APAC and Japan, Splunk
Synergy = eXtended Detection, Defense & Response
New threats require new defenses. In the past year malware and other APTs have become smarter,
more sophisticated and more dangerous; even more so since the start of the pandemic. Traditional
security solutions cannot keep up judging by how successful most cyber attacks have been this year.
Instead of security products being siloed, there needs to be synergy between them to improve how
your security architecture can detect, defend and respond to these new dangerous cyberattacks.
We will discuss some of these synergies and how they work to extended detection, defense & response.
Guy Rosefelt, Security Product Marketing Director, Sangfor
Networking Break
DAY 1 (24th NOV, 2020)
AGENDA
24 - 25 NOVEMBER 2020
DAY 2 (25th NOV, 2020)
1:00 – 1:30
(GMT+8)
1:30 – 2:15
(GMT+8)
2:15 – 2:45
(GMT+8)
2:45 – 3:30
(GMT+8)
IP Theft: how can we see what was taken?
• Look at some common IP Theft Scenarios
• Investigate artifacts that should be examined in such examination
• Explore reconstructing user activity and indications of what data was exfiltrated
Matthew Simon, Forensics Consultant, Magnet Forensics
Panel Discussion: Rising to the Current Privileged Access Management (PAM) Challenges
• What You Need to Know About Privileged Access in the Cloud
• Ensuring Consistent Security Controls Across Multi-Cloud Environments
• Top Cloud Attacks You Should Worry About
• Cloud Scenarios for Securing Privilege Access and Identities
Moderator: Ashish Gupta, Director, PwC
•B udiman Tsjin, Solutions Engineering Manager, ASEAN, CyberArk
•M el Migrino, CISO, Meralco
•M arlon Sorongon, CISO, Maybank
•H ans Iandy, Head of Compliance and Information Security, Sinar Mas Land
Power-Up Your Threat Hunting with the SOC Triad
Threat hunting requires skills, tools, and data to be successful. The famous SOC triad – Network,
Endpoint, and Logs – can help organizations to properly plan for threat hunting and deploying the
tools and processes required. This session will provide an overview of how the SOC triad supports
threat hunting, as well as discuss examples of this practice leveraging thethree components of the
triad.
• Discussing the requirements for effective threat hunting
• Using the SOC triad to enable threat hunting
• Identifying the tools required to support threat hunting
Augusto Barros, VP of Solutions, Securonix
Panel Discussion: Cybersecurity Effectiveness on Challenging Landscapes
• Challenges Faced by Businesses in the Current IT Landscape
• Strategizing and Re-strategizing BCP for the Ongoing Pandemic
• Cloud vs On-Premises : Perception through the Cybersecurity Lens
• Keeping Up with the Cyberthreat Landscape
Moderator: Santhosh Narasimhamoorthy, Seasoned Technical Evangelist, ManageEngine
•R omanus Prabhu R, Global Head - Technical Support of Endpoint Management and Security,
ManageEngine
•B art Kulach, Head Of Technology, NN Life Insurance
•E dison Dungo, Director of IT, Manila Doctors Hospital
•A ntonius Ruslan, Information Security, AIA
•P hilip Chua, Head of Information Technology, Tele-centre Services Pte Ltd
END OF DAY 1
AGENDA
24 - 25 NOVEMBER 2020
10:00 – 10:15
(GMT+8)
10:15 – 10:45
(GMT+8)
10:45 – 11:15
(GMT+8)
11:15 – 11:45
(GMT+8)
11:45 – 12:30
(GMT+8)
12:30 – 1:00
Moving to DevSecOps
• Security in Fast Moving Development Companies
• Dev and Security Teams Working Together
• The Right SSDLC
Yaron Slutzky, CISO, Agoda
Risk-Based Vulnerability Management – Evolving to a Cyber Resilient Organisation
• Using risk-based prioritisation to improve resilience and become "anti-fragile"
• Practical steps to achieving risk-based vulnerability management and a roadmap for achieving
successful risk prioritisation
• How to align cyber resilience goals with the business and improve management support for your
security programme
Adam Palmer, Chief Cybersecurity Strategist, Tenable
Digital transformation with Zero Trust Security
• With the current trend of digital transformation what are the challenges for network security.
• Enforcing zero trust security policy for you hybrid environment
• How to define and enforce compliance security policies on your security devices
• How automation helps making change task more effective
Henry Pea, Sales Engineering Director, APAC, Tufin
How to build an effective security program with limited resources
Some organizations have a 24x7 security operations center (SOC) with teams of dedicated analysts
monitoring for threats around the clock, while some organizations are deep in the trenches of
building out their security program. Whether you have a formal SOC, are in the weeds of building or
optimizing your security program, the desired outcome to detect and respond to threats fast remains.
• Best Practices for an Effective Security Program
• 7 Steps to Building a Successful Security Program with Limited Resources
• How a NextGen SIEM Solution is the Ideal Technology for Building a SOC
Leonardo Hutabarat, Enterprise Sales Engineer and Solution Architect APAC, LogRhythm
Panel Discussion: Moving Toward a Resilient ASEAN Cybersecurity Regime
• The Need for Greater Collaboration on Cyber-related Challenges Among ASEAN members
• The importance of Developing a Flexible Framework to Ensure Regional Cooperation
• Improving Computer Emergency Response Team Cooperation among ASEAN Members
• Training and Capacity Building
Moderator: Johan Fantenberg, Principal Solutions Architect, ForgeRock
•P hannarith Ou, Director - Department of ICT Security, Ministry of Posts and Telecommunications
(MPTC) - Cambodia
•B ruce Hanadi, CIO, DB Schenker
•W ildan Aliviyarda, Vice President - Head of Information Security, Indosat Ooredoo
•A rivuvel Ramu, CTO, Tonik
Networking Break
DAY 2 (25th NOV, 2020)
AGENDA
24 - 25 NOVEMBER 2020
1:00 – 1:30
(GMT+8)
1:30 – 2:00
(GMT+8)
2:00 - 2:15
(GMT+8)
2:15 - 2:30
(GMT+8)
Rethinking Cybersecurity when your workforce is remote
Lee Dolsen, Chief Architect, Asia Pacific & Japan, Zscaler
Priori�zing Secure Mobile Apps in a Mobile-First World
·What are the most frequent mobile app a�acks?·What's the actual status of mobile app protec�on? ·Why and how to protect your apps against hacking and reverse engineering?Jacques Caers, Director of Sales - Financial markets, Guardsquare
Presentation: Boosting Cyber Skills in Law Enforcement
• Building Collaboration in the Fight Against Cybercrime
• The Changing Remit of Cyber Law Enforcement
Endo Priambodo, Head of Unit IV Sub Directorate III, Directorate of Cybercrime,
BARESKRIM Polri (Criminal Investigation Board, Indonesian National Police)
Respond and Recover: Recovery Plan - Minimizing the Damage
• Creating a Cyber Security Incident Response Plan
• Detecting Threats in a Timely Manner
• Reviewing Technologies to Assist in Threat Detection
• Learning how to Effectively implement these Technologies for the Most Effective Recovery after a
Cyber Threat or Attack
Jason Brasileno, Chief Risk Officer, St. Luke's Medical Center
Closing speech by Tradepass
END OF DAY 2